bundler-patch 0.6.0 → 0.6.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 11622ac1ecc12f9b1357768a9d8548fa5b9d54fd
4
- data.tar.gz: 9f824a7f9b6fe2c3478700d24281ef5006ce2102
3
+ metadata.gz: d81e3f4667e6cb684ba7caf5ff5ab7778712964e
4
+ data.tar.gz: f54482f58a5e12f47b740a9bc4dfe0992daa49ca
5
5
  SHA512:
6
- metadata.gz: 272b7fef46e02020fb40ea6888501c704aaf0e93f428505d43f8b512829b0e383efef0a2e1f6aec6a08f972ee80fa826df6059cb137a3bfbe1a2524bc758e661
7
- data.tar.gz: b71751b264518c672f6fde631f7becc3307874a9ae547437849015438d8842b74cb4548fb85f359ef3d4d1c524e1607749f88e6dd4f80f94b76f7b76f282c6d9
6
+ metadata.gz: 419579e3bbbe1653877d8fe227995bdac95208141804eea933171108851ae317df0d4c5f2a5defbe82aff46342ddb10954c3330f543e0f9e787a805aac37f127
7
+ data.tar.gz: 85f1d8f4b1d2b7cb316a62efb85f84fcf041552db77c97ee15c5adecb967514f9470c660c0c9bf2f76158639236ecb1d1ee36f731427abcf8920dff11b0d4dad
data/README.md CHANGED
@@ -5,9 +5,11 @@
5
5
  ## Goals
6
6
 
7
7
  - Update the Gemfile, .ruby-version and other files to patch an app according to `ruby-advisory-db` content.
8
- - Don't upgrade past the minimum gem version required.
8
+ - Provide conservative update of select or all gems. Conservative meaning to the latest release (default) or minor (optional) version.
9
+ - Don't security patch past the minimum gem version required. (This may change).
9
10
  - Minimal munging to existing version spec.
10
11
  - Support a database of custom advisories for internal gems.
12
+ - Provide reasonable support for keeping a large number of apps and services up-to-date as automatically as possible.
11
13
 
12
14
  ## Installation
13
15
 
@@ -107,6 +109,16 @@ the downloading the full dependency data from remote sources.
107
109
 
108
110
  ## Development
109
111
 
112
+ ### Status
113
+
114
+ 0.x versions are subject to breaking changes, there's a fair amount of experimenting going on and some future plans to
115
+ not only revisit the command names but also investigate making this a proper Bundler plugin.
116
+
117
+ We'd love to get real world scenarios where things don't go as planned to help flesh out varying details of what many
118
+ believe a conservative update should be.
119
+
120
+ ### How To
121
+
110
122
  After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can
111
123
  also run `bin/console` for an interactive prompt that will allow you to experiment.
112
124
 
@@ -122,14 +134,3 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/living
122
134
  ## License
123
135
 
124
136
  The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
125
-
126
-
127
- ## Misc
128
-
129
- None of these do what we need, but may have some code doing some similar work in places.
130
-
131
- - http://www.rubydoc.info/gems/bundler-auto-update/0.1.0 (runs tests after each gem upgrade)
132
- - http://www.rubydoc.info/gems/bundler-updater/0.0.3 (interactive prompt for what's available to upgrade to)
133
- - https://github.com/rosylilly/bundler-add (outputs Gemfile line for adding a gem)
134
-
135
-
@@ -20,9 +20,7 @@ module Bundler::Patch
20
20
  puts # extra line to separate from advisory db update text
21
21
  puts 'Detected vulnerabilities:'
22
22
  puts '-------------------------'
23
- gem_patches.each do |gp|
24
- puts "Need to update #{gp.gem_name}: #{gp.old_version} => #{gp.new_version}" # TODO: Bundler.ui
25
- end
23
+ puts gem_patches.map(&:to_s).uniq.sort.join("\n")
26
24
  end
27
25
  end
28
26
 
@@ -1,5 +1,5 @@
1
1
  module Bundler
2
2
  module Patch
3
- VERSION = '0.6.0'
3
+ VERSION = '0.6.1'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bundler-patch
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.0
4
+ version: 0.6.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - chrismo