bundleup 1.2.0 → 2.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 34d18c6d9e39ccd56bb47b656745a19d022981a7a8c735a277eb2a782b106df8
-  data.tar.gz: 787cba0d2ec134b82de3dbae1819f609ebd55c98bfbdbc9fe58609eb35e861ab
+  metadata.gz: feeb625fa4809af16d2bd8432e0a346dbcc842b513ede9bf5359209d8048eed9
+  data.tar.gz: d7fd509ab3ec67d7edda8e7ae99ceeb7d22e9ec913fddc6f56da554e2faa82a4
 SHA512:
-  metadata.gz: efcf4a177c7dc9b7e774b6f800f811abf6351d5e884858d9d4d2e626dddb28c2d09164485812032b61a8c15161ff809891b1a918c574ab63c46c57e96fe28108
-  data.tar.gz: 2bd482d805cf7f0e0c340d1c5e0c5bf0e12c018e5055533481aa882b792f9fa342ca70fbd57f6b51f13ec21b113bca9f98919b51f8867fb796f91492e35de14c
+  metadata.gz: 4bc171b6589fc4a7c34a7de34e89ac81581d029060323627f36fc8fe863f5fc942a00178c84ab1821f4d4148dcc4ba25d131dec70c52146f50890d7490abc59b
+  data.tar.gz: 1a760272468231a61eccb246111bd42b4e0af8bd6185a3a715fbcc4a4d885d4e754ca11cf50ec5387b03c5ba5347e5211d37d6ad1391095359de5a13965c9418

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2020 Matt Brictson
+Copyright (c) 2021 Matt Brictson
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -1,7 +1,7 @@
 # bundleup
 
 [![Gem Version](https://badge.fury.io/rb/bundleup.svg)](http://badge.fury.io/rb/bundleup)
-[![Build Status](https://travis-ci.org/mattbrictson/bundleup.svg?branch=main)](https://travis-ci.org/mattbrictson/bundleup)
+[![Build Status](https://circleci.com/gh/mattbrictson/bundleup/tree/main.svg?style=shield)](https://app.circleci.com/pipelines/github/mattbrictson/bundleup?branch=main)
 
 **Run `bundleup` on a Ruby project containing a Gemfile to see what gem dependencies need updating.** It is a friendlier command-line interface to [Bundler’s][bundler] `bundle update` and `bundle outdated`.
 
@@ -14,7 +14,7 @@ You might like bundleup because it:
 
 Here it is in action:
 
-<img src="https://raw.github.com/mattbrictson/bundleup/main/sample.png" width="599" height="553" alt="Sample output">
+<img src="./demo.gif" width="682" height="351" alt="Sample output">
 
 ## Requirements
 
@@ -44,9 +44,39 @@ Protip: Any extra command-line arguments will be passed along to `bundle update`
 bundleup --group=development
 ```
 
-## How it works
+### Experimental: `--update-gemfile`
 
-bundleup starts by making a backup copy of your Gemfile.lock. Next it runs `bundle list`, then `bundle update` and `bundle list` again to find what gems versions are being used before and after Bundler does its updating magic. (Since gems are actually being installed into your Ruby environment during these steps, the process may take a few moments to complete, especially if gems with native extensions need to be compiled.)
+> 💡 This is an experimental feature that may be removed or changed in future versions.
+
+Normally bundleup only makes changes to your Gemfile.lock. It honors the version restrictions ("pins") in your Gemfile and will not update your Gemfile.lock to have versions that are not allowed. However with the `--update-gemfile` flag, bundleup can update the version pins in your Gemfile as well. Consider the following Gemfile:
+
+```ruby
+gem 'sidekiq', '~> 5.2'
+gem 'rubocop', '0.89.0'
+```
+
+Normally running `bundleup` will report that these gems are pinned and therefore cannot be updated to the latest versions. However, if you pass the `--update-gemfile` option like this:
+
+```
+$ bundleup --update-gemfile
+```
+
+Now bundleup will automatically edit your Gemfile pins as needed to bring those gems up to date. For example, bundleup would change the Gemfile to look like this:
+
+```ruby
+gem 'sidekiq', '~> 6.1'
+gem 'rubocop', '0.90.0'
+```
+
+Note that `--update-gemfile` will _not_ modify Gemfile entries that contain a comment, like this:
+
+```ruby
+gem 'sidekiq', '~> 5.2' # our monkey patch doesn't work on 6.0+
+```
+
+## How bundleup works
+
+bundleup starts by making a backup copy of your Gemfile.lock. Next it runs `bundle check` (and `bundle install` if any gems are missing in your local environment), `bundle list`, then `bundle update` and `bundle list` again to find what gems versions are being used before and after Bundler does its updating magic. (Since gems are actually being installed into your Ruby environment during these steps, the process may take a few moments to complete, especially if gems with native extensions need to be compiled.)
 
 Finally, bundleup runs `bundle outdated` to see the gems that were _not_ updated due to Gemfile restrictions.
 
@@ -54,7 +84,7 @@ After displaying its findings, bundleup gives you the option of keeping the chan
 
 ## Roadmap
 
-bundleup is a very simple script at this point, but it could be more. Some possibilities:
+bundleup is very simple at this point, but it could be more. Some possibilities:
 
 - Automatically commit the Gemfile.lock changes with a nice commit message
 - Integrate with bundler-audit to mark upgrades that have important security fixes

data/exe/bundleup

@@ -1,4 +1,10 @@
 #!/usr/bin/env ruby
 
 require "bundleup"
-Bundleup::CLI.new.run
+
+begin
+  Bundleup::CLI.new(ARGV).run
+rescue Bundleup::CLI::Error => e
+  Bundleup.logger.error(e.message)
+  exit(false)
+end

data/lib/bundleup.rb

@@ -1,8 +1,22 @@
 require "bundleup/version"
-require "bundleup/console"
-require "bundleup/bundle_commands"
-require "bundleup/gem_status"
-require "bundleup/gemfile"
-require "bundleup/outdated_parser"
-require "bundleup/upgrade"
+require "bundleup/backup"
+require "bundleup/colors"
 require "bundleup/cli"
+require "bundleup/commands"
+require "bundleup/gemfile"
+require "bundleup/logger"
+require "bundleup/report"
+require "bundleup/shell"
+require "bundleup/pin_report"
+require "bundleup/update_report"
+require "bundleup/version_spec"
+
+module Bundleup
+  class << self
+    attr_accessor :commands, :logger, :shell
+  end
+end
+
+Bundleup.commands = Bundleup::Commands.new
+Bundleup.logger = Bundleup::Logger.new
+Bundleup.shell = Bundleup::Shell.new

data/lib/bundleup/backup.rb

@@ -0,0 +1,29 @@
+module Bundleup
+  class Backup
+    def self.restore_on_error(*paths)
+      backup = new(*paths)
+      begin
+        yield(backup)
+      rescue StandardError, Interrupt
+        backup.restore
+        raise
+      end
+    end
+
+    def initialize(*paths)
+      @original_contents = paths.each_with_object({}) do |path, hash|
+        hash[path] = IO.read(path)
+      end
+    end
+
+    def restore
+      original_contents.each do |path, contents|
+        IO.write(path, contents)
+      end
+    end
+
+    private
+
+    attr_reader :original_contents
+  end
+end

data/lib/bundleup/cli.rb

@@ -1,86 +1,148 @@
+require "forwardable"
+
 module Bundleup
   class CLI
-    include Console
-
-    def run
-      puts \
-        "Please wait a moment while I upgrade your Gemfile.lock..."
-
-      committed = false
-      review_upgrades
-      review_pins
-      committed = upgrades.any? && confirm_commit
-      puts "Done!" if committed
-    ensure
-      restore_lockfile unless committed
-    end
+    Error = Class.new(StandardError)
 
-    private
+    include Colors
+    extend Forwardable
+    def_delegators :Bundleup, :commands, :logger
 
-    def review_upgrades
-      if upgrades.any?
-        puts "\nThe following gem(s) will be updated:\n\n"
-        print_upgrades_table
-      else
-        ok("Nothing to update.")
+    def initialize(args)
+      @args = args.dup
+      @update_gemfile = @args.delete("--update-gemfile")
+    end
+
+    def run # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+      print_usage && return if (args & %w[-h --help]).any?
+
+      assert_gemfile_and_lock_exist!
+
+      logger.puts "Please wait a moment while I upgrade your Gemfile.lock..."
+      Backup.restore_on_error("Gemfile", "Gemfile.lock") do |backup|
+        perform_analysis_and_optionally_bump_gemfile_versions do |update_report, pin_report|
+          if update_report.empty?
+            logger.ok "Nothing to update."
+            logger.puts "\n#{pin_report}" unless pin_report.empty?
+            break
+          end
+
+          logger.puts
+          logger.puts update_report
+          logger.puts pin_report unless pin_report.empty?
+
+          if logger.confirm?("Do you want to apply these changes?")
+            logger.ok "Done!"
+          else
+            backup.restore
+            logger.puts "Your original Gemfile.lock has been restored."
+          end
+        end
       end
     end
 
-    def review_pins
-      return if pins.empty?
+    private
 
-      puts "\nNote that the following gem(s) are being held back:\n\n"
-      print_pins_table
-    end
+    attr_reader :args
 
-    def confirm_commit
-      confirm("\nDo you want to apply these changes?")
-    end
+    def print_usage # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+      logger.puts(<<~USAGE.gsub(/^/, "  "))
 
-    def restore_lockfile
-      return unless defined?(@upgrade)
-      return unless upgrade.lockfile_changed?
+        Usage: #{green('bundleup')} #{yellow('[GEMS...] [OPTIONS]')}
 
-      upgrade.undo
-      puts "Your original Gemfile.lock has been restored."
-    end
+        Use #{blue('bundleup')} in place of #{blue('bundle update')} to interactively update your project
+        Gemfile.lock to the latest gem versions. Bundleup will show what gems will
+        be updated, color-code them based on semver, and ask you to confirm the
+        updates before finalizing them. For example:
 
-    def upgrade
-      @upgrade ||= Upgrade.new(ARGV)
-    end
+            The following gems will be updated:
 
-    def upgrades
-      upgrade.upgrades
-    end
+            #{yellow('bundler-audit 0.6.1   → 0.7.0.1')}
+            i18n          1.8.2   → 1.8.5
+            #{red('json          2.2.0   → (removed)')}
+            parser        2.7.1.1 → 2.7.1.4
+            #{red('rails         e063bef → 57a4ead')}
+            #{blue('rubocop-ast   (new)   → 0.3.0')}
+            #{red('thor          0.20.3  → 1.0.1')}
+            #{yellow('zeitwerk      2.3.0   → 2.4.0')}
+
+            #{yellow('Do you want to apply these changes [Yn]?')}
+
+        Bundleup will also let you know if there are gems that can't be updated
+        because they are pinned in the Gemfile. Any relevant comments from the
+        Gemfile will also be included, explaining the pins:
+
+            Note that the following gems are being held back:
 
-    def pins
-      upgrade.pins
+            rake    12.3.3 → 13.0.1 : pinned at ~> 12.0   #{gray('# Not ready for 13 yet')}
+            rubocop 0.89.0 → 0.89.1 : pinned at  = 0.89.0
+
+        You may optionally specify one or more #{yellow('GEMS')} or pass #{yellow('OPTIONS')} to bundleup;
+        these will be passed through to bundler. See #{blue('bundle update --help')} for the
+        full list of the options that bundler supports.
+
+        Finally, bundleup also supports an experimental #{yellow('--update-gemfile')} option.
+        If specified, bundleup with modify the version restrictions specified in
+        your Gemfile so that it can install the latest version of each gem. For
+        instance, if your Gemfile specifies #{yellow('gem "sidekiq", "~> 5.2"')} but an update
+        to version 6.1.2 is available, bundleup will modify the Gemfile entry to
+        be #{yellow('gem "sidekiq", "~> 6.1"')} in order to permit the update.
+
+        Examples:
+
+            #{gray('# Update all gems')}
+            #{blue('$ bundleup')}
+
+            #{gray('# Only update gems in the development group')}
+            #{blue('$ bundleup --group=development')}
+
+            #{gray('# Only update the rake gem')}
+            #{blue('$ bundleup rake')}
+
+            #{gray('# Experimental: modify Gemfile to allow the latest gem versions')}
+            #{blue('$ bundleup --update-gemfile')}
+
+      USAGE
+      true
     end
 
-    def print_upgrades_table
-      rows = tableize(upgrades) do |g|
-        [g.name, g.old_version || "(new)", "→", g.new_version || "(removed)"]
-      end
-      upgrades.zip(rows).each do |g, row|
-        puts color(g.color, row)
-      end
+    def assert_gemfile_and_lock_exist!
+      return if File.exist?("Gemfile") && File.exist?("Gemfile.lock")
+
+      raise Error, "Gemfile and Gemfile.lock must both be present."
     end
 
-    def print_pins_table
-      rows = tableize(pins) do |g|
-        [g.name, g.new_version, "→", g.newest_version, *pin_reason(g)]
+    def perform_analysis_and_optionally_bump_gemfile_versions # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+      gemfile = Gemfile.new
+      lockfile_backup = Backup.new("Gemfile.lock")
+      update_report, pin_report, _, outdated_gems = perform_analysis
+      updatable_gems = gemfile.gem_pins_without_comments.slice(*outdated_gems.keys)
+
+      if updatable_gems.any? && @update_gemfile
+        lockfile_backup.restore
+        orig_gemfile = Gemfile.new
+        gemfile.relax_gem_pins!(updatable_gems.keys)
+        update_report, pin_report, new_versions, = perform_analysis
+        orig_gemfile.shift_gem_pins!(new_versions.slice(*updatable_gems.keys))
+        commands.install
       end
-      puts rows.join("\n")
-    end
 
-    def pin_reason(gem)
-      notes = color(:gray, gemfile.gem_comment(gem.name))
-      pin_operator, pin_version = gem.pin.split(" ", 2)
-      [":", "pinned at", pin_operator.rjust(2), pin_version, notes]
+      logger.clear_line
+      yield(update_report, pin_report)
     end
 
-    def gemfile
-      @gemfile ||= Gemfile.new
+    def perform_analysis # rubocop:disable Metrics/AbcSize
+      gem_comments = Gemfile.new.gem_comments
+      commands.check? || commands.install
+      old_versions = commands.list
+      commands.update(args)
+      new_versions = commands.list
+      outdated_gems = commands.outdated
+
+      update_report = UpdateReport.new(old_versions: old_versions, new_versions: new_versions)
+      pin_report = PinReport.new(gem_versions: new_versions, outdated_gems: outdated_gems, gem_comments: gem_comments)
+
+      [update_report, pin_report, new_versions, outdated_gems]
     end
   end
 end

data/lib/bundleup/colors.rb

@@ -0,0 +1,56 @@
+module Bundleup
+  module Colors
+    ANSI_CODES = {
+      red: 31,
+      green: 32,
+      yellow: 33,
+      blue: 34,
+      gray: 90
+    }.freeze
+    private_constant :ANSI_CODES
+
+    class << self
+      attr_writer :enabled
+
+      def enabled?
+        return @enabled if defined?(@enabled)
+
+        @enabled = determine_color_support
+      end
+
+      private
+
+      def determine_color_support
+        if ENV["CLICOLOR_FORCE"] == "1"
+          true
+        elsif ENV["TERM"] == "dumb"
+          false
+        else
+          tty?($stdout) && tty?($stderr)
+        end
+      end
+
+      def tty?(io)
+        io.respond_to?(:tty?) && io.tty?
+      end
+    end
+
+    module_function
+
+    def plain(str)
+      str
+    end
+
+    def strip(str)
+      str.gsub(/\033\[[0-9;]*m/, "")
+    end
+
+    ANSI_CODES.each do |name, code|
+      define_method(name) do |str|
+        return str if str.to_s.empty?
+
+        Colors.enabled? ? "\e[0;#{code};49m#{str}\e[0m" : str
+      end
+    end
+  end
+end

data/lib/bundleup/commands.rb

@@ -0,0 +1,40 @@
+require "forwardable"
+
+module Bundleup
+  class Commands
+    GEMFILE_ENTRY_REGEXP = /\* (\S+) \((\S+)(?: (\S+))?\)/.freeze
+    OUTDATED_2_1_REGEXP = /\* (\S+) \(newest (\S+),.* requested (.*)\)/.freeze
+    OUTDATED_2_2_REGEXP = /^(\S+)\s\s+\S+\s\s+(\d\S+)\s\s+(\S.*?)(?:$|\s\s)/.freeze
+
+    extend Forwardable
+    def_delegators :Bundleup, :shell
+
+    def check?
+      shell.run?(%w[bundle check])
+    end
+
+    def install
+      shell.run(%w[bundle install])
+    end
+
+    def list
+      output = shell.capture(%w[bundle list])
+      output.scan(GEMFILE_ENTRY_REGEXP).each_with_object({}) do |(name, ver, sha), gems|
+        gems[name] = sha || ver
+      end
+    end
+
+    def outdated
+      output = shell.capture(%w[bundle outdated], raise_on_error: false)
+      expr = output.match?(/^Gem\s+Current\s+Latest/) ? OUTDATED_2_2_REGEXP : OUTDATED_2_1_REGEXP
+
+      output.scan(expr).each_with_object({}) do |(name, newest, pin), gems|
+        gems[name] = { newest: newest, pin: pin }
+      end
+    end
+
+    def update(args=[])
+      shell.run(%w[bundle update] + args)
+    end
+  end
+end