bundler-patch 1.0.0 → 1.1.0.pre1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6495ba38818fc8260c56a2e76557c240c915bc1f
-  data.tar.gz: e1bd0b9ad6de5ea1747a55d3d272fbc0844dd6f7
+  metadata.gz: 4d0a7b1ce6bd99140213082d130de098b65c45ce
+  data.tar.gz: f81ba6fbfecf3be917095c265e9cfe38929e49ec
 SHA512:
-  metadata.gz: 9e5c2bab2b14e99942d719bcb95c70719067c7226718a504aa4cbc285dce1c5b34a9c307bbea2b483f0602b8d31f237ef07731677230da77d67f0787eb9515ee
-  data.tar.gz: a1d304cc5094b3d2b1604e5d55777b32f707beeaf80723752c9da000cb65a170b5a43ea7d202757968c9773612d39f604b15612d9df8d17235be4935e5affc1c
+  metadata.gz: 75aaf7bd3c7c80d6cd88c43604071277df983c0716ac4de46094f8aaa1bf41f9161769ab1e2320c99ec00f50b8ef54c75d8cfd68ab868304fda6c20ee5ebbc48
+  data.tar.gz: bbfebaa7bd031e39ab1a5313233e256b2f6d2b3b8f6e0071afe14d15a25abca02ae9976eac90bbbe2656f488495af8df369c0e894ea26cbb933ebee357b3db96

data/.ruby-version

@@ -1 +1 @@
-2.3.3
+2.3.4

data/.travis.yml

@@ -4,26 +4,48 @@ before_install:
   - for dir in $(echo $GEM_PATH | tr ':' ' '); do gem uninstall -i $dir bundler -a -x; done
   - gem install bundler -v $BUNDLER_TEST_VERSION
   - bundle --version
+  - rvm use 2.1.10 --install --binary --fuzzy
+  - gem update --system
+  - rvm use $RVM_VER --install --binary --fuzzy
+  - gem update --system
 
 script: bundle exec rake test:all
 
 matrix:
   include:
-    - rvm: 2.3.4
-      env: BUNDLER_TEST_VERSION=1.9.10
-    - rvm: 2.3.4
-      env: BUNDLER_TEST_VERSION=1.10.5
-    - rvm: 2.3.4
-      env: BUNDLER_TEST_VERSION=1.11.2
-    - rvm: 2.3.4
-      env: BUNDLER_TEST_VERSION=1.12.5
-    - rvm: 2.3.4
-      env: BUNDLER_TEST_VERSION=1.13.6
-    - rvm: 2.3.4
-      env: BUNDLER_TEST_VERSION=1.14.6
-    - rvm: 2.1.10
-      env: BUNDLER_TEST_VERSION=1.15.0
-    - rvm: 2.2.7
-      env: BUNDLER_TEST_VERSION=1.15.0
-    - rvm: 2.3.4
-      env: BUNDLER_TEST_VERSION=1.15.0
+      env:
+        - RVM_VER=2.3.4
+        - BUNDLER_TEST_VERSION=1.9.10
+        - BP_DEBUG=1
+      env:
+        - RVM_VER=2.3.4
+        - BUNDLER_TEST_VERSION=1.10.5
+        - BP_DEBUG=1
+      env:
+        - RVM_VER=2.3.4
+        - BUNDLER_TEST_VERSION=1.11.2
+        - BP_DEBUG=1
+      env:
+        - RVM_VER=2.3.4
+        - BUNDLER_TEST_VERSION=1.12.5
+        - BP_DEBUG=1
+      env:
+        - RVM_VER=2.3.4
+        - BUNDLER_TEST_VERSION=1.13.6
+        - BP_DEBUG=1
+      env:
+        - RVM_VER=2.3.4
+        - BUNDLER_TEST_VERSION=1.14.6
+        - BP_DEBUG=1
+#      env:
+#        - RVM_VER=2.1.10
+#        - BUNDLER_TEST_VERSION=1.15.1
+#        - BP_DEBUG=1
+      env:
+        - RVM_VER=2.2.7
+        - BUNDLER_TEST_VERSION=1.15.1
+        - BP_DEBUG=1
+      env:
+        - RVM_VER=2.3.4
+        - BUNDLER_TEST_VERSION=1.15.1
+        - BP_DEBUG=1

data/bundler-patch.gemspec

@@ -19,11 +19,11 @@ Gem::Specification.new do |spec|
   spec.executables   = ['bundler-patch']
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'bundler-advise', '~> 1.1', '>= 1.1.2'
+  spec.add_dependency 'bundler-advise', '~> 1.1', '>= 1.1.5'
   spec.add_dependency 'slop', '~> 3.0'
   spec.add_dependency 'bundler', '~> 1.7'
 
-  spec.add_development_dependency 'bundler-fixture', '~> 1.3', '>= 1.3.2'
+  spec.add_development_dependency 'bundler-fixture', '~> 1.6'
   spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec', '~> 3.5'

data/lib/bundler/patch.rb

@@ -5,6 +5,7 @@ module Bundler
   end
 end
 
+require 'bundler/patch/target_bundle'
 require 'bundler/patch/updater'
 require 'bundler/patch/gemfile'
 require 'bundler/patch/ruby_version'

data/lib/bundler/patch/advisory_consolidator.rb

@@ -63,7 +63,8 @@ module Bundler::Patch
       end.map do |_, all|
         all.sort.last
       end
-      Gemfile.new(gem_name: all_gem_names.first, patched_versions: highest_minor_patched)
+      Gemfile.new(target_bundle: @options[:target] || TargetBundle.new,
+                  gem_name: all_gem_names.first, patched_versions: highest_minor_patched)
     end
   end
 

data/lib/bundler/patch/cli.rb

@@ -2,10 +2,13 @@ require 'bundler'
 require 'bundler/vendor/thor/lib/thor'
 require 'bundler/advise'
 require 'slop'
+require 'open3'
 
 module Bundler::Patch
   class CLI
     def self.execute
+      original_command = ARGV.join(' ')
+
       opts = Slop.parse! do
         banner "Bundler Patch Version #{Bundler::Patch::VERSION}\nUsage: bundle patch [options] [gems-to-update]\n\nbundler-patch attempts to update gems conservatively.\n"
         on '-m', '--minor', 'Prefer update to the latest minor.patch version.'
@@ -17,8 +20,11 @@ module Bundler::Patch
         on '-d=', '--ruby-advisory-db-path=', 'Optional path for ruby advisory db. `gems` dir will be appended to this path.'
         on '-r', '--ruby', 'Update Ruby version in related files.'
         on '--rubies=', 'Supported Ruby versions. Comma delimited or multiple switches.', as: Array, delimiter: ','
+        on '-g=', '--gemfile=', 'Optional Gemfile to execute against. Defaults to Gemfile in current directory.'
+        on '--use_target_ruby', 'Optionally attempt to use Ruby version of target bundle specified in --gemfile.'
         on '-h', 'Show this help'
         on '--help', 'Show README.md'
+
         # will be stripped in help display and normalized to hyphenated options
         on '--vulnerable_gems_only'
         on '--advisory_db_path='
@@ -30,6 +36,7 @@ module Bundler::Patch
 
       options = opts.to_hash
       options[:gems_to_update] = ARGV
+      options[:original_command] = original_command
       STDERR.puts options.inspect if ENV['DEBUG']
 
       show_help(opts) if options[:h]
@@ -58,11 +65,23 @@ module Bundler::Patch
 
       normalize_options(options)
 
-      return list(options) if options[:list]
+      process_gemfile_option(options)
+
+      if options[:use_target_ruby] # TODO: && different_ruby_found
+        tb = options[:target]
+        ruby = tb.ruby_bin_exe
+        tb.install_bundler_patch_in_target
+        bundler_patch = File.join(tb.ruby_bin, 'bundler-patch') # uses 'latest' bundler-patch, which can work after we've installed ours. 
+        full_command = "#{ruby} #{bundler_patch} #{options[:original_command].gsub(/use_target_ruby/, '')}"
+        result = shell_command(full_command)
+        puts result[:stdout] unless ENV['BP_DEBUG']
+      else
+        return list(options) if options[:list]
 
-      patch_ruby(options[:rubies]) if options[:ruby]
+        patch_ruby(options) if options[:ruby]
 
-      patch_gems(options)
+        patch_gems(options)
+      end
     end
 
     def normalize_options(options)
@@ -78,6 +97,19 @@ module Bundler::Patch
 
     private
 
+    def process_gemfile_option(options)
+      # copy/pasta from Bundler
+      custom_gemfile = options[:gemfile] || Bundler.settings[:gemfile]
+      if custom_gemfile && !custom_gemfile.empty?
+        ENV['BUNDLE_GEMFILE'] = File.expand_path(custom_gemfile)
+        dir, gemfile = [File.dirname(custom_gemfile), File.basename(custom_gemfile)]
+        target_bundle = TargetBundle.new(dir: dir, gemfile: gemfile)
+        options[:target] = target_bundle
+      else
+        options[:target] = TargetBundle.new
+      end
+    end
+
     def list(options)
       gem_patches = AdvisoryConsolidator.new(options).vulnerable_gems
 
@@ -91,8 +123,9 @@ module Bundler::Patch
       end
     end
 
-    def patch_ruby(supported)
-      RubyVersion.new(patched_versions: supported).update
+    def patch_ruby(options)
+      supported = options[:rubies]
+      RubyVersion.new(target_bundle: options[:target], patched_versions: supported).update
     end
 
     def patch_gems(options)
@@ -138,12 +171,28 @@ module Bundler::Patch
       # update => true is very important, otherwise without any Gemfile changes, the installer
       # may end up concluding everything can be resolved locally, nothing is changing,
       # and then nothing is done. lib/bundler/cli/update.rb also hard-codes this.
-      Bundler::Installer.install(Bundler.root, prep.bundler_def, {'update' => true})
+      Bundler::Installer.install(options[:target].dir, prep.bundler_def, {'update' => true})
       Bundler.load.cache if Bundler.app_cache.exist?
     end
   end
 end
 
+def shell_command(command)
+  stdout, stderr, status = Open3.capture3(command)
+  if ENV['BP_DEBUG']
+    puts "-command:  #{command}"
+    puts "--stdout:#{indent(stdout)}"
+    puts "--stderr:#{indent(stderr)}"
+  end
+  {stdout: stdout,
+   stderr: stderr,
+   status: status}
+end
+
+def indent(s)
+  s.split("\n").map { |ln| "  #{ln}" }.join("\n")
+end
+
 if __FILE__ == $0
   Bundler::Patch::CLI.execute
 end

data/lib/bundler/patch/gemfile.rb

@@ -2,11 +2,11 @@ module Bundler::Patch
   class Gemfile < UpdateSpec
     attr_reader :gem_name
 
-    def initialize(target_dir: Dir.pwd,
+    def initialize(target_bundle: TargetBundle.new,
                    gem_name:,
                    patched_versions: [])
-      super(target_file: 'Gemfile',
-            target_dir: target_dir,
+      super(target_file: target_bundle.gemfile,
+            target_dir: target_bundle.dir,
             patched_versions: patched_versions)
       @gem_name = gem_name
     end
@@ -32,7 +32,6 @@ module Bundler::Patch
       #
       # We'll still instance_eval the gem line though, to properly
       # handle the various options and possible multiple reqs.
-      @target_file = 'Gemfile'
       @regexes = /^\s*gem.*['"]\s*#{@gem_name}\s*['"].*$/
       file_replace do |match, re|
         update_to_new_gem_version(match)

data/lib/bundler/patch/ruby_version.rb

@@ -4,21 +4,21 @@ module Bundler::Patch
 
     def self.files
       @files ||= {
-        '.ruby-version' => [/.*/],
-        'Gemfile' => RUBY_VERSION_LINE_REGEXPS,
-        'gems.rb' => RUBY_VERSION_LINE_REGEXPS,
+        '.ruby-version' => [/.*/]
       }
     end
 
-    def initialize(target_dir: Dir.pwd, patched_versions: [])
-      super(target_file: target_file,
-            target_dir: target_dir,
+    def initialize(target_bundle: TargetBundle.new, patched_versions: [])
+      super(target_file: target_bundle.gemfile,
+            target_dir: target_bundle.dir,
             regexes: regexes,
             patched_versions: patched_versions)
     end
 
     def update
-      self.class.files.each_pair do |file, regexes|
+      hash = self.class.files.dup
+      hash[@target_file.dup] = RUBY_VERSION_LINE_REGEXPS
+      hash.each_pair do |file, regexes|
         @target_file = file
         @regexes = regexes
         file_replace

data/lib/bundler/patch/target_bundle.rb

@@ -0,0 +1,108 @@
+class TargetBundle
+  attr_reader :dir, :gemfile
+
+  def self.bundler_version_or_higher(version)
+    version_greater_than_or_equal_to_other(Bundler::VERSION, version)
+  end
+
+  def self.version_greater_than_or_equal_to_other(a, b)
+    Gem::Version.new(a) >= Gem::Version.new(b)
+  end
+
+  # TODO: Make gems.rb default in Bundler 2.0.
+  def initialize(dir: Dir.pwd, gemfile: 'Gemfile')
+    @dir = dir
+    @gemfile = gemfile
+  end
+
+  # First, the version of Ruby itself:
+  # 1. Look in the Gemfile/lockfile for ruby version
+  # 2. Look for a .ruby-version file
+  # 3. (An additional flag so user can specify?)
+  #
+  # Second, look bin path presuming version is in current path.
+  def ruby_version
+    result = if TargetBundle.bundler_version_or_higher('1.12.0') && File.exist?(lockfile_name)
+               lockfile_parser = Bundler::LockfileParser.new(Bundler.read_file(lockfile_name))
+               lockfile_parser.ruby_version
+             end
+
+    result ||= if File.exist?(ruby_version_filename)
+                 File.read('.ruby-version').chomp
+               else
+                 Bundler::Definition.build(gemfile_name, lockfile_name, nil).ruby_version
+               end
+
+    version, patch_level = result.to_s.scan(/(\d+\.\d+\.\d+)(p\d+)*/).first
+    patch_level ? "#{version}-#{patch_level}" : version
+  end
+
+  # This is hairy here. All the possible variants will make this mucky, but ... can
+  # prolly get close enough in many circumstances.
+  def ruby_bin(current_ruby_bin=RbConfig::CONFIG['bindir'], target_ruby_version=self.ruby_version)
+    [
+      target_ruby_version,
+      target_ruby_version.gsub(/-p\d+/, ''),
+      "ruby-#{target_ruby_version}",
+      "ruby-#{target_ruby_version.gsub(/-p\d+/, '')}"
+    ].map do |ruby_ver|
+      build_ruby_bin(current_ruby_bin, ruby_ver)
+    end.detect do |ruby_ver|
+      print "Looking for #{ruby_ver}... " if ENV['BP_DEBUG']
+      File.exist?(ruby_ver).tap { |exist| puts(exist ? 'found' : 'not found') if ENV['BP_DEBUG'] }
+    end
+  end
+
+  def build_ruby_bin(current_ruby_bin, target_ruby_version)
+    current_ruby_bin.split(File::SEPARATOR).reverse.map do |segment|
+      if segment =~ /\d+\.\d+\.\d+/
+        segment.gsub(/(\d+\.\d+\.\d+)-*(p\d+)*/, target_ruby_version)
+      else
+        segment
+      end
+    end.reverse.join(File::SEPARATOR)
+  end
+
+  def ruby_bin_exe
+    File.join(ruby_bin, "#{RbConfig::CONFIG['ruby_install_name']}#{RbConfig::CONFIG['EXEEXT']}")
+  end
+
+  # Have to run a separate process in the other Ruby, because Bundler::Settings#path ultimately
+  # arrives at RbConfig::CONFIG which is all special data derived from the active runtime.
+  # TODO: fix ^^
+  def gem_home
+    result = shell_command "#{ruby_bin_exe} -C#{@dir} -e 'puts Gem.default_dir'"
+    path = result[:stdout].chomp
+    expanded_path = Pathname.new(path).expand_path(@dir).to_s
+    puts expanded_path if ENV['BP_DEBUG']
+    expanded_path
+  end
+
+  # To properly update another bundle, bundler-patch _does_ need to live in the same bundle
+  # location because of its _dependencies_ (it's not a self-contained gem), and it can't both
+  # act on another bundle location AND find its own dependencies in a separate bundle location.
+
+  # TODO: gem_home for this purpose does not need to be the local bundle path, can just
+  # be in the Ruby "global" gem home, right?
+  def install_bundler_patch_in_target
+    # cmd = "#{ruby_bin}#{File::SEPARATOR}gem install -V --install-dir #{gem_home} --conservative --no-document --prerelease bundler-patch"
+    cmd = "#{ruby_bin}#{File::SEPARATOR}gem install -V --install-dir #{gem_home} --no-document --prerelease bundler-patch"
+    shell_command cmd
+
+    shell_command "ls #{ruby_bin}#{File::SEPARATOR}**"
+  end
+
+  private
+
+  def ruby_version_filename
+    File.join(@dir, '.ruby-version')
+  end
+
+  def gemfile_name
+    File.join(@dir, @gemfile)
+  end
+
+  def lockfile_name
+    "#{gemfile_name}.lock"
+  end
+end

data/lib/bundler/patch/updater.rb

@@ -13,7 +13,7 @@ module Bundler::Patch
     end
 
     def target_path_fn
-      File.join(@target_dir, @target_file)
+      File.expand_path(File.join(@target_dir, @target_file))
     end
 
     def calc_new_version(old_version)

data/lib/bundler/patch/version.rb

@@ -1,5 +1,5 @@
 module Bundler
   module Patch
-    VERSION = '1.0.0'
+    VERSION = '1.1.0.pre1'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bundler-patch
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0.pre1
 platform: ruby
 authors:
 - chrismo
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-05-22 00:00:00.000000000 Z
+date: 2017-07-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler-advise
@@ -19,7 +19,7 @@ dependencies:
         version: '1.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.2
+        version: 1.1.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '1.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.2
+        version: 1.1.5
 - !ruby/object:Gem::Dependency
   name: slop
   requirement: !ruby/object:Gem::Requirement
@@ -64,20 +64,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.3.2
+        version: '1.6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.3.2
+        version: '1.6'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -149,6 +143,7 @@ files:
 - lib/bundler/patch/gemfile.rb
 - lib/bundler/patch/gems_to_patch_reconciler.rb
 - lib/bundler/patch/ruby_version.rb
+- lib/bundler/patch/target_bundle.rb
 - lib/bundler/patch/updater.rb
 - lib/bundler/patch/version.rb
 homepage: https://github.com/livingsocial/bundler-patch
@@ -166,12 +161,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 2.6.12
 signing_key: 
 specification_version: 4
 summary: Conservative bundler updates