dependabot-linguist 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.rspec +3 -0
- data/.rubocop.yml +193 -0
- data/CODE_OF_CONDUCT.md +84 -0
- data/CONTRIBUTING.md +27 -0
- data/Gemfile +14 -0
- data/Gemfile.lock +67 -0
- data/LICENSE +1 -0
- data/LICENSE.GPL-3.0-only +674 -0
- data/LICENSE.Nonstandard +39 -0
- data/Makefile +45 -0
- data/README.md +38 -0
- data/Rakefile +35 -0
- data/SECURITY.md +9 -0
- data/dependabot-linguist.gemspec +30 -0
- data/lib/dependabot/linguist/version.rb +7 -0
- data/lib/dependabot/linguist.rb +10 -0
- metadata +64 -0
data/LICENSE.Nonstandard
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
The Prosperity Public License 2.0.0
|
2
|
+
|
3
|
+
Contributor: GitHub Inc.
|
4
|
+
|
5
|
+
Source Code: https://github.com/dependabot/dependabot-core
|
6
|
+
|
7
|
+
This license lets you use and share this software for free,
|
8
|
+
with a trial-length time limit on commercial use. Specifically:
|
9
|
+
|
10
|
+
If you follow the rules below, you may do everything with this
|
11
|
+
software that would otherwise infringe either the contributor's
|
12
|
+
copyright in it, any patent claim the contributor can license
|
13
|
+
that covers this software as of the contributor's latest
|
14
|
+
contribution, or both.
|
15
|
+
|
16
|
+
1. You must limit use of this software in any manner primarily
|
17
|
+
intended for or directed toward commercial advantage or
|
18
|
+
private monetary compensation to a trial period of 32
|
19
|
+
consecutive calendar days. This limit does not apply to use in
|
20
|
+
developing feedback, modifications, or extensions that you
|
21
|
+
contribute back to those giving this license.
|
22
|
+
|
23
|
+
2. Ensure everyone who gets a copy of this software from you, in
|
24
|
+
source code or any other form, gets the text of this license
|
25
|
+
and the contributor and source code lines above.
|
26
|
+
|
27
|
+
3. Do not make any legal claim against anyone for infringing any
|
28
|
+
patent claim they would infringe by using this software alone,
|
29
|
+
accusing this software, with or without changes, alone or as
|
30
|
+
part of a larger application.
|
31
|
+
|
32
|
+
You are excused for unknowingly breaking rule 1 if you stop
|
33
|
+
doing anything requiring this license within 30 days of
|
34
|
+
learning you broke the rule.
|
35
|
+
|
36
|
+
**This software comes as is, without any warranty at all. As far
|
37
|
+
as the law allows, the contributor will not be liable for any
|
38
|
+
damages related to this software or this license, for any kind of
|
39
|
+
legal claim.**
|
data/Makefile
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
.PHONY: setup setup_github clean docs test build install push_rubygems push_github
|
2
|
+
SHELL:=/bin/bash
|
3
|
+
|
4
|
+
# Assumes `gem install bundler`
|
5
|
+
setup:
|
6
|
+
bundle install
|
7
|
+
|
8
|
+
setup_github:
|
9
|
+
gem install keycutter
|
10
|
+
|
11
|
+
clean:
|
12
|
+
bundle exec rake clean
|
13
|
+
bundle exec rake clobber
|
14
|
+
rm -f dependabot-linguist-*.gem
|
15
|
+
rm -f pkg/dependabot-linguist-*.gem
|
16
|
+
|
17
|
+
docs: clean
|
18
|
+
bundle exec rake rdoc
|
19
|
+
|
20
|
+
# default (just `rake`) is spec + rubocop, but be pedantic in case this changes.
|
21
|
+
test: clean
|
22
|
+
bundle exec rake spec
|
23
|
+
bundle exec rake rubocop
|
24
|
+
|
25
|
+
# We can choose from `gem build dependabot-linguist.gemspec` or `bundle exec rake build`.
|
26
|
+
# The gem build command creates a ./dependabot-linguist-$VER.gem file, and the rake build
|
27
|
+
# (within bundle context) creates a ./pkg/dependabot-linguist-$VER.gem file.
|
28
|
+
build: test
|
29
|
+
bundle exec rake build
|
30
|
+
|
31
|
+
# --user-install means no need for sudo or expectation of
|
32
|
+
# changing the folder permissions or access but will need
|
33
|
+
# "gem environment"'s "USER INSTALLATION DIRECTORY" (+ "/bin")
|
34
|
+
# in the PATH to then use any gem executables that it may contain.
|
35
|
+
install: build
|
36
|
+
gem install ./pkg/dependabot-linguist-$$(grep lib/dependabot/linguist/version.rb -e "VERSION" | cut -d \" -f 2).gem --user-install
|
37
|
+
|
38
|
+
# Will be run with one "pkg/dependabot-linguist-*.gem" file
|
39
|
+
# rubygems_api_key and the rubygems host are the default
|
40
|
+
push_rubygems:
|
41
|
+
gem push $$(find . | grep pkg/dependabot-linguist-*.gem)
|
42
|
+
|
43
|
+
# Will be run with one "pkg/dependabot-linguist-*.gem" file
|
44
|
+
push_github:
|
45
|
+
gem push --key github --host https://rubygems.pkg.github.com/Skenvy $$(find . | grep pkg/dependabot-linguist-*.gem)
|
data/README.md
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
# [dependabot-linguist](https://github.com/Skenvy/dependabot-linguist)
|
2
|
+
Use [linguist](https://github.com/github/linguist) to check the contents of a repository, and then scan for [dependabot-core](https://github.com/dependabot/dependabot-core) ecosystems relevant to those languages!
|
3
|
+
## Getting Started
|
4
|
+
[To install the latest from RubyGems](https://rubygems.org/gems/dependabot-linguist);
|
5
|
+
```sh
|
6
|
+
gem install dependabot-linguist
|
7
|
+
```
|
8
|
+
[Or to install from GitHub's hosted gems](https://github.com/Skenvy/dependabot-linguist/packages/TODO);
|
9
|
+
```sh
|
10
|
+
gem install dependabot-linguist --source "https://rubygems.pkg.github.com/skenvy"
|
11
|
+
```
|
12
|
+
### Add to the Gemfile
|
13
|
+
[Add the RubyGems hosted gem](https://rubygems.org/gems/dependabot-linguist) with bundler;
|
14
|
+
```sh
|
15
|
+
bundle add dependabot-linguist
|
16
|
+
```
|
17
|
+
Or add the following line to your `Gemfile` manually
|
18
|
+
```ruby
|
19
|
+
gem "dependabot-linguist", ">= 0.212.0
|
20
|
+
```
|
21
|
+
[Add the GitHub hosted gem](https://github.com/Skenvy/dependabot-linguist/packages/TODO);
|
22
|
+
```ruby
|
23
|
+
source "https://rubygems.pkg.github.com/skenvy" do
|
24
|
+
gem "dependabot-linguist", ">= 0.212.0"
|
25
|
+
end
|
26
|
+
```
|
27
|
+
## Usage
|
28
|
+
TODO
|
29
|
+
## [RDoc generated docs](https://skenvy.github.io/dependabot-linguist/)
|
30
|
+
## Developing
|
31
|
+
### The first time setup
|
32
|
+
```sh
|
33
|
+
git clone https://github.com/Skenvy/dependabot-linguist.git && cd dependabot-linguist && make setup
|
34
|
+
```
|
35
|
+
### Iterative development
|
36
|
+
The majority of `make` recipes for this are just wrapping a `bundle` invocation of `rake`.
|
37
|
+
* `make docs` will recreate the RDoc docs
|
38
|
+
* `make test` will run both the RSpec tests and the RuboCop linter.
|
data/Rakefile
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "bundler/gem_tasks"
|
4
|
+
require "rspec/core/rake_task"
|
5
|
+
|
6
|
+
RSpec::Core::RakeTask.new(:spec)
|
7
|
+
|
8
|
+
require "rubocop/rake_task"
|
9
|
+
|
10
|
+
RuboCop::RakeTask.new
|
11
|
+
|
12
|
+
task default: %i[spec rubocop]
|
13
|
+
|
14
|
+
# The below recommended way to add rdoc to rake from rdoc's site has a lot of
|
15
|
+
# things it will compain about, and wont work OotB, so use 'rdoc/task' below.
|
16
|
+
# require 'rdoc/rdoc'
|
17
|
+
# options = RDoc::Options.new
|
18
|
+
# # see RDoc::Options
|
19
|
+
# options.rdoc_include << ["lib/*.rb"]
|
20
|
+
# rdoc = RDoc::RDoc.new
|
21
|
+
# rdoc.document options
|
22
|
+
# # see RDoc::RDoc
|
23
|
+
|
24
|
+
# https://ruby.github.io/rdoc/RDocTask.html
|
25
|
+
# doc is the default output location of the rdoc binary, and is the location
|
26
|
+
# added in the standard ruby gitignore, but the rake task defaults to ./html
|
27
|
+
# and we need to use the rdoc_dir option to change it to doc.
|
28
|
+
|
29
|
+
require "rdoc/task"
|
30
|
+
|
31
|
+
RDoc::Task.new do |rdoc|
|
32
|
+
rdoc.rdoc_dir = "doc"
|
33
|
+
rdoc.main = "README.md" # !? README.rdoc ?!
|
34
|
+
rdoc.rdoc_files.include("README.md", "lib/dependabot/*.rb", "lib/dependabot/linguist/*.rb")
|
35
|
+
end
|
data/SECURITY.md
ADDED
@@ -0,0 +1,9 @@
|
|
1
|
+
# Security Policy
|
2
|
+
## Supported Versions
|
3
|
+
The `<major>.<minor>.*` versions of this are pinned to the **supported** `<major>.<minor>.*` versions of the gems that are published by the [dependabot-core](https://github.com/dependabot/dependabot-core) repository, centric to the [dependabot-common](https://rubygems.org/gems/dependabot-common) gem, with any required patches applied to each supported minor version.
|
4
|
+
* Initially this will support version `0.212.0`, centric to [dependabot-common@0.212.0](https://rubygems.org/gems/dependabot-common/versions/0.212.0)
|
5
|
+
* This is because this is the last version to support a Ruby version of `2.7.0`.
|
6
|
+
|
7
|
+
Bugs present in any supported pinned version may be patched and contribute to successive patch versions. If a bug exists in an older version and no longer exists in a newer version, it is suggested to update to the newer version.
|
8
|
+
## Reporting a Vulnerability
|
9
|
+
Raise a [Security Vulnerability](https://github.com/Skenvy/dependabot-linguist/issues/new?assignees=&labels=security&template=security-vulnerability.yaml) issue.
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative "lib/dependabot/linguist/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = "dependabot-linguist"
|
7
|
+
spec.version = Dependabot::Linguist::VERSION
|
8
|
+
spec.licenses = ["GPL-3.0-only", "Nonstandard"]
|
9
|
+
spec.authors = ["Nathan Levett"]
|
10
|
+
spec.email = ["nathan.a.z.levett@gmail.com"]
|
11
|
+
spec.summary = "Automate generating dependabot config with linguist and dependabot-core!"
|
12
|
+
spec.description = "Use linguist to check the contents of a repository,
|
13
|
+
and then scan for dependabot-core ecosystems relevant to those languages!"
|
14
|
+
spec.homepage = "https://skenvy.github.io/dependabot-linguist"
|
15
|
+
spec.required_ruby_version = ">= 2.7.0"
|
16
|
+
spec.metadata["homepage_uri"] = spec.homepage
|
17
|
+
spec.metadata["source_code_uri"] = "https://github.com/Skenvy/dependabot-linguist/tree/main/"
|
18
|
+
# Specify which files should be added to the gem when it is released.
|
19
|
+
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
20
|
+
spec.files = Dir.chdir(__dir__) do
|
21
|
+
`git ls-files -z`.split("\x0").reject do |f|
|
22
|
+
(f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
|
23
|
+
end
|
24
|
+
end
|
25
|
+
spec.bindir = "exe"
|
26
|
+
spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
|
27
|
+
spec.require_paths = ["lib"]
|
28
|
+
# Uncomment to register a new dependency of your gem
|
29
|
+
# spec.add_dependency "example-gem", "~> 1.0"
|
30
|
+
end
|
metadata
ADDED
@@ -0,0 +1,64 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: dependabot-linguist
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Nathan Levett
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2022-11-07 00:00:00.000000000 Z
|
12
|
+
dependencies: []
|
13
|
+
description: |-
|
14
|
+
Use linguist to check the contents of a repository,
|
15
|
+
and then scan for dependabot-core ecosystems relevant to those languages!
|
16
|
+
email:
|
17
|
+
- nathan.a.z.levett@gmail.com
|
18
|
+
executables: []
|
19
|
+
extensions: []
|
20
|
+
extra_rdoc_files: []
|
21
|
+
files:
|
22
|
+
- ".rspec"
|
23
|
+
- ".rubocop.yml"
|
24
|
+
- CODE_OF_CONDUCT.md
|
25
|
+
- CONTRIBUTING.md
|
26
|
+
- Gemfile
|
27
|
+
- Gemfile.lock
|
28
|
+
- LICENSE
|
29
|
+
- LICENSE.GPL-3.0-only
|
30
|
+
- LICENSE.Nonstandard
|
31
|
+
- Makefile
|
32
|
+
- README.md
|
33
|
+
- Rakefile
|
34
|
+
- SECURITY.md
|
35
|
+
- dependabot-linguist.gemspec
|
36
|
+
- lib/dependabot/linguist.rb
|
37
|
+
- lib/dependabot/linguist/version.rb
|
38
|
+
homepage: https://skenvy.github.io/dependabot-linguist
|
39
|
+
licenses:
|
40
|
+
- GPL-3.0-only
|
41
|
+
- Nonstandard
|
42
|
+
metadata:
|
43
|
+
homepage_uri: https://skenvy.github.io/dependabot-linguist
|
44
|
+
source_code_uri: https://github.com/Skenvy/dependabot-linguist/tree/main/
|
45
|
+
post_install_message:
|
46
|
+
rdoc_options: []
|
47
|
+
require_paths:
|
48
|
+
- lib
|
49
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
50
|
+
requirements:
|
51
|
+
- - ">="
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: 2.7.0
|
54
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
55
|
+
requirements:
|
56
|
+
- - ">="
|
57
|
+
- !ruby/object:Gem::Version
|
58
|
+
version: '0'
|
59
|
+
requirements: []
|
60
|
+
rubygems_version: 3.1.6
|
61
|
+
signing_key:
|
62
|
+
specification_version: 4
|
63
|
+
summary: Automate generating dependabot config with linguist and dependabot-core!
|
64
|
+
test_files: []
|