dependanot 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 903577dd56009cdee245614d973c80cced1d51989293b5d32d0d2c3f4c7fb44a
4
+ data.tar.gz: 1c7fcc29caf4195e7e6987ca829e64469388de8220011a94e9dad59e8a194e65
5
+ SHA512:
6
+ metadata.gz: 9ad22a5b055398e49eecca1fa2e5756a725da82ea733d1fd15d0693a087e0e4130320389e964032106112b0701cb42b021016c276d9d25e4e94095f259e82705
7
+ data.tar.gz: 04e15bdb15a22cac8106b278f6909e23ed937d1bbceb7ccadc8dc75cfb7618f62c497edf7cfb6bdb635541b6be20eecf7e19e52a3adf0c46f4ca1ac3cf3e576f
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2021 mo khan
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,39 @@
1
+ # Dependabot
2
+
3
+ Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/dependabot`. To experiment with that code, run `bin/console` for an interactive prompt.
4
+
5
+ TODO: Delete this and the text above, and describe your gem
6
+
7
+ ## Installation
8
+
9
+ Add this line to your application's Gemfile:
10
+
11
+ ```ruby
12
+ gem 'dependabot'
13
+ ```
14
+
15
+ And then execute:
16
+
17
+ $ bundle install
18
+
19
+ Or install it yourself as:
20
+
21
+ $ gem install dependabot
22
+
23
+ ## Usage
24
+
25
+ TODO: Write usage instructions here
26
+
27
+ ## Development
28
+
29
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
30
+
31
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
32
+
33
+ ## Contributing
34
+
35
+ Bug reports and pull requests are welcome on GitHub at https://github.com/xlgmokha/dependabot.
36
+
37
+ ## License
38
+
39
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "lib/dependabot/version"
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.authors = ["mo khan"]
7
+ spec.bindir = "exe"
8
+ spec.description = "The Dependabot CLI"
9
+ spec.email = ["xlgmokha@github.com"]
10
+ spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
11
+ spec.files = Dir.glob("lib/**/*.rb") + Dir.glob("exe/*") + Dir.glob("*.gemspec") + ["LICENSE.txt", "README.md"]
12
+ spec.homepage = "https://github.com/dependanot/dependanot"
13
+ spec.license = "MIT"
14
+ spec.metadata["homepage_uri"] = spec.homepage
15
+ spec.name = "dependanot"
16
+ spec.require_paths = ["lib"]
17
+ spec.required_ruby_version = ">= 3.0.0"
18
+ spec.summary = "The Dependabot CLI"
19
+ spec.version = Dependabot::VERSION
20
+ spec.add_dependency "spandx", "~> 0.1"
21
+ spec.add_dependency "thor", "~> 1.1"
22
+ end
data/exe/dependabot ADDED
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require "dependabot/cli"
5
+
6
+ Signal.trap("INT") do
7
+ exit(1)
8
+ end
9
+
10
+ begin
11
+ Dependabot::CLI::Application.start
12
+ rescue StandardError => boom
13
+ warn (["ERROR (#{boom.class}): #{boom.message}"] + boom.backtrace).join("\n")
14
+ exit 1
15
+ end
@@ -0,0 +1,17 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Dependabot
4
+ module Bundler
5
+ class Update < Spandx::Core::Plugin
6
+ def enhance(dependency)
7
+ return unless dependency.package_manager == :rubygems
8
+
9
+ Dir.chdir(dependency.path.parent) do
10
+ ::Bundler.with_unbundled_env do
11
+ system "bundle update #{dependency.name} --conservative --quiet --full-index"
12
+ end
13
+ end
14
+ end
15
+ end
16
+ end
17
+ end
@@ -0,0 +1,42 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Dependabot
4
+
5
+ module CLI
6
+ class Scan
7
+ attr_reader :path
8
+
9
+ def initialize(path, options)
10
+ @path = ::Pathname.new(path)
11
+ @options = options
12
+ end
13
+
14
+ def run
15
+ each_dependency do |dependency|
16
+ Dir.chdir(dependency.path.parent) do
17
+ puts "Updating... #{dependency.name}"
18
+ ::Spandx::Core::Plugin.enhance(dependency)
19
+ system "git diff --patch --no-color"
20
+ system "git checkout ."
21
+ end
22
+ end
23
+ end
24
+
25
+ private
26
+
27
+ def each_file
28
+ ::Spandx::Core::PathTraversal
29
+ .new(path, recursive: false)
30
+ .each { |file| yield file }
31
+ end
32
+
33
+ def each_dependency
34
+ each_file do |file|
35
+ ::Spandx::Core::Parser.parse(file).each do |dependency|
36
+ yield dependency
37
+ end
38
+ end
39
+ end
40
+ end
41
+ end
42
+ end
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "thor"
4
+ require "spandx"
5
+ require "dependabot"
6
+ require "dependabot/cli/scan"
7
+
8
+ module Dependabot
9
+ module CLI
10
+ class Application < Thor
11
+ desc "scan [DIRECTORY]", "Scan a directory"
12
+ def scan(path = Pathname.pwd)
13
+ ::Dependabot::CLI::Scan.new(path, options).run
14
+ end
15
+
16
+ desc "version", "Print the current version"
17
+ def version
18
+ $stdout.puts "v#{Dependabot::VERSION}"
19
+ end
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Dependabot
4
+ class Tracer
5
+ def initialize(logger)
6
+ @logger = logger
7
+ end
8
+
9
+ def trace(defaults = {})
10
+ tracer = TracePoint.new(:call) do |x|
11
+ @logger.debug(defaults.merge({ path: x.path, lineno: x.lineno, clazz: x.defined_class, method: x.method_id, args: args_from(x), locals: locals_from(x) }))
12
+ rescue StandardError => boom
13
+ @logger.error(defaults.merge({ message: boom.message, stacktrace: boom.backtrace }))
14
+ end
15
+ tracer.enable
16
+ yield
17
+ ensure
18
+ tracer.disable
19
+ end
20
+
21
+ private
22
+
23
+ def args_from(trace)
24
+ trace.parameters.map(&:last).map { |x| [x, trace.binding.eval(x.to_s)] }.to_h
25
+ end
26
+
27
+ def locals_from(trace)
28
+ trace.binding.local_variables.map { |x| [x, trace.binding.local_variable_get(x)] }.to_h
29
+ end
30
+ end
31
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Dependabot
4
+ VERSION = "0.1.0"
5
+ end
data/lib/dependabot.rb ADDED
@@ -0,0 +1,19 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "logger"
4
+
5
+ require_relative "dependabot/bundler/update"
6
+ require_relative "dependabot/tracer"
7
+ require_relative "dependabot/version"
8
+
9
+ module Dependabot
10
+ class Error < StandardError; end
11
+
12
+ def self.logger
13
+ @logger ||= Logger.new(&stdout)
14
+ end
15
+
16
+ def self.tracer
17
+ @tracer ||= Tracer.new(logger)
18
+ end
19
+ end
metadata ADDED
@@ -0,0 +1,82 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: dependanot
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - mo khan
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2021-12-13 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: spandx
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '0.1'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '0.1'
27
+ - !ruby/object:Gem::Dependency
28
+ name: thor
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.1'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.1'
41
+ description: The Dependabot CLI
42
+ email:
43
+ - xlgmokha@github.com
44
+ executables: []
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - LICENSE.txt
49
+ - README.md
50
+ - dependabot.gemspec
51
+ - exe/dependabot
52
+ - lib/dependabot.rb
53
+ - lib/dependabot/bundler/update.rb
54
+ - lib/dependabot/cli.rb
55
+ - lib/dependabot/cli/scan.rb
56
+ - lib/dependabot/tracer.rb
57
+ - lib/dependabot/version.rb
58
+ homepage: https://github.com/dependanot/dependanot
59
+ licenses:
60
+ - MIT
61
+ metadata:
62
+ homepage_uri: https://github.com/dependanot/dependanot
63
+ post_install_message:
64
+ rdoc_options: []
65
+ require_paths:
66
+ - lib
67
+ required_ruby_version: !ruby/object:Gem::Requirement
68
+ requirements:
69
+ - - ">="
70
+ - !ruby/object:Gem::Version
71
+ version: 3.0.0
72
+ required_rubygems_version: !ruby/object:Gem::Requirement
73
+ requirements:
74
+ - - ">="
75
+ - !ruby/object:Gem::Version
76
+ version: '0'
77
+ requirements: []
78
+ rubygems_version: 3.2.33
79
+ signing_key:
80
+ specification_version: 4
81
+ summary: The Dependabot CLI
82
+ test_files: []