gemcompat 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: e14c0dd99cb943fbea995ea0070135c9635d405c5c7615f18d7bcc76437813b4
+  data.tar.gz: f6d158b81c92c6f866d2cfafbb671977bf2f2c1efb9211e8e150b90ae90ad185
+SHA512:
+  metadata.gz: a27e17ba1ccd0f8cfa79d3e7053dbc124c1315fbe5ecb8954fe65466dc0ec6268c50d47de21a79e37bc0a7e84d05eed5c6673e82b97e16508c770c02c72409ba
+  data.tar.gz: 8d1a8eb3853905de9ac9b97db382f3fef71cf32685c0f4cbb7985c72425317e49f20bd03a93fc007a3e43982e051ebe2b6777241187c97328e70fd4d2a7a6fd6

data/.rspec

@@ -0,0 +1 @@
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,14 @@
+# The behavior of RuboCop can be controlled via the .rubocop.yml
+# configuration file. It makes it possible to enable/disable
+# certain cops (checks) and to alter their behavior if they accept
+# any parameters. The file can be placed either in your home
+# directory or in some project directory.
+#
+# RuboCop will start looking for the configuration file in the directory
+# where the inspected file is and continue its way up to the root directory.
+#
+# See https://docs.rubocop.org/rubocop/configuration
+
+AllCops:
+  NewCops: enable
+  TargetRubyVersion: 2.7

data/.ruby-version

@@ -0,0 +1 @@
+2.7.8

data/Gemfile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+gem 'bundler'
+
+group(:development, :test) do
+  gem 'rspec'
+  gem 'rubocop'
+end
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,61 @@
+PATH
+  remote: .
+  specs:
+    gemcompat (0.1.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.4.2)
+    diff-lcs (1.5.1)
+    json (2.7.1)
+    language_server-protocol (3.17.0.3)
+    parallel (1.24.0)
+    parser (3.3.0.5)
+      ast (~> 2.4.1)
+      racc
+    racc (1.7.3)
+    rainbow (3.1.1)
+    regexp_parser (2.9.0)
+    rexml (3.2.6)
+    rspec (3.13.0)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.0)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.1)
+    rubocop (1.62.1)
+      json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
+      parallel (~> 1.10)
+      parser (>= 3.3.0.2)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 2.4.0, < 3.0)
+    rubocop-ast (1.31.2)
+      parser (>= 3.3.0.4)
+    ruby-progressbar (1.13.0)
+    unicode-display_width (2.5.0)
+
+PLATFORMS
+  ruby
+  x86_64-linux
+
+DEPENDENCIES
+  bundler
+  gemcompat!
+  rspec
+  rubocop
+
+BUNDLED WITH
+   2.3.22

data/README.md

@@ -0,0 +1,84 @@
+This project is maintained by the team at [Infield](https://infield.ai), you can reach us at hello@infield.ai.
+
+# What this project does
+
+## TLDR
+Use this script to check whether your app relies on gems which are
+silently incompatible with a package upgrade. For example, check if
+you're compatible with Rails 7.1 like this:
+
+```
+    gemcompat --package rails --target-version 7.1 --lockfile Gemfile.lock
+```
+
+## Package support
+
+gemcompat supports checking the following upgrades:
+
+|package|target version|
+|------|-------|
+|rails|7.1|
+|rails|6.1|
+
+Please contribute to the database to support more packages and targets!
+
+## Motivation
+Upgrading Rails means first upgrading other dependencies that block
+the way. Some of these will have explicit incompatibilities documented
+in their gemspecs. If you try to run `bundle update rails` without
+upgrading these gems you'll see an error that bundler couldn't resolve
+the upgrade.
+
+Other gems leave an open-ended rails requirement in their
+gemspec. This means bundler will allow a new version of Rails
+alongside your current version of those gems, but there's no guarantee
+from the maintainer that the two are compatible. This can lead to
+subtle bugs that don't get caught until production.
+
+For example, take the popular `data-migrate` gem. Its gemspec requires
+activerecord >= 6.1 with no upper bound. Looking at the changelog,
+though, you'll see that support for Rails 7.1 wasn't added until
+version 9.2.0. Older versions will hit this exception when someone
+tries to run migrations under the latest Rails, even though bundler
+installs the package with no warning.
+
+These "silent" incompatibilities are often documented in the
+maintainer’s changelog even though they’re not available to
+bundler. This project serves as a repository for storing these
+incompatibilities as we discover them, and includes code to
+automatically check your project against the database.
+
+# Installation
+```
+    gem install gemcompat
+```
+
+# Contributing
+
+We welcome contributions, both to the dataset and to the code itself.
+
+## Adding an incompatibility
+Incompatibilities are stored in the `data/` directory, with one folder
+per package and one file per target version of that package.
+
+For instance, gems which are incompatible with Rails 7.1 should be
+documented in `data/rails/7_1.yaml`.
+
+Here's an example from rails/7_1.yaml
+
+```yaml
+  activerecord-import:
+  :first_compatible_version: 1.5.0
+```
+
+This means that the activerecord-import gem needs to be at least
+version 1.5.0 in order to be compatible with Rails 7.1
+
+## Development
+
+Getting started should be easy. You'll need to have Ruby 3.3 installed
+and run bundle to install the developer dependencies. You can run specs with:
+
+```
+bundle exec rspec
+```

data/data/rails/6_1.yaml

@@ -0,0 +1,107 @@
+---
+actionpack-page_caching:
+  :first_compatible_version: 1.2.4
+active_record_extended:
+  :first_compatible_version: 2.0.3
+activerecord-import:
+  :first_compatible_version: 1.0.3
+acts_as_paranoid:
+  :first_compatible_version: 0.7.1
+administrate:
+  :first_compatible_version: 0.18.0
+airbrake:
+  :first_compatible_version: 11.0.3
+ancestry:
+  :first_compatible_version: 4.0.0
+audited:
+  :first_compatible_version: 5.0.0
+blazer:
+  :first_compatible_version: 2.4.1
+bootstrap_form:
+  :first_compatible_version: 5.0.0
+brakeman:
+  :first_compatible_version: 5.1.0
+bullet:
+  :first_compatible_version: 6.1.1
+cancancan:
+  :first_compatible_version: 3.2.0
+cypress-rails:
+  :first_compatible_version: 0.4.2
+data_migrate:
+  :first_compatible_version: 6.7.0
+ddtrace:
+  :first_compatible_version: 0.44.0
+deep_pluck:
+  :first_compatible_version: 1.1.5
+devise:
+  :first_compatible_version: 4.8.0
+enumerize:
+  :first_compatible_version: 2.4.0
+factory_bot:
+  :first_compatible_version: 6.4.5
+factory_bot_rails:
+  :first_compatible_version: 6.4.3
+formtastic:
+  :first_compatible_version: 4.0.0
+globalize:
+  :first_compatible_version: 6.2.1
+grape:
+  :first_compatible_version: 1.5.2
+groupdate:
+  :first_compatible_version: 6.0.1
+haml_coffee_assets:
+  :first_compatible_version: 1.20.0
+has_scope:
+  :first_compatible_version: 0.8.0
+honeybadger:
+  :first_compatible_version: 4.7.0
+identity_cache:
+  :first_compatible_version: 1.1.0
+kt-paperclip:
+  :first_compatible_version: 7.0.1
+lockbox:
+  :first_compatible_version: 0.6.2
+moneta:
+  :first_compatible_version: 1.6.0
+money-rails:
+  :first_compatible_version: 1.13.4
+newrelic_rpm:
+  :first_compatible_version: 6.15.0
+occams-record:
+  :first_compatible_version: 1.2.1
+packs-rails:
+  :first_compatible_version: 0.0.4
+paper_trail:
+  :first_compatible_version: 11.1.0
+parallel_tests:
+  :first_compatible_version: 3.5.1
+protected_attributes_continued:
+  :first_compatible_version: 1.8.2
+ransack:
+  :first_compatible_version: 2.4.0
+responders:
+  :first_compatible_version: 3.1.0
+rspec-rails:
+  :first_compatible_version: 4.1.0
+rubocop-rails:
+  :first_compatible_version: 2.12.3
+sequel:
+  :first_compatible_version: 5.40.0
+shoulda-matchers:
+  :first_compatible_version: 5.0.0
+simple_form:
+  :first_compatible_version: 5.1.0
+sprockets-rails:
+  :first_compatible_version: 3.2.2
+strong_migrations:
+  :first_compatible_version: 0.7.4
+temple:
+  :first_compatible_version: 0.9.0
+test-prof:
+  :first_compatible_version: 0.10.1
+validates_timeliness:
+  :first_compatible_version: 5.0.0
+view_component:
+  :first_compatible_version: 2.2.0
+web-console:
+  :first_compatible_version: 4.1.0

data/data/rails/7_1.yaml

@@ -0,0 +1,49 @@
+---
+activerecord-import:
+  :first_compatible_version: 1.5.0
+anycable-rails:
+  :first_compatible_version: 1.4.1
+blazer:
+  :first_compatible_version: 3.0.1
+bullet:
+  :first_compatible_version: 7.1.2
+data_migrate:
+  :first_compatible_version: 9.2.0
+database_cleaner-active_record:
+  :first_compatible_version: 2.1.0
+devise:
+  :first_compatible_version: 4.9.3
+formtastic:
+  :first_compatible_version: 5.0.0
+grape:
+  :first_compatible_version: 2.0.0
+has_scope:
+  :first_compatible_version: 0.8.2
+honeybadger:
+  :first_compatible_version: 5.1.0
+lockbox:
+  :first_compatible_version: 1.3.1
+paper_trail:
+  :first_compatible_version: 15.1.0
+public_activity:
+  :first_compatible_version: 3.0.0
+ransack:
+  :first_compatible_version: 4.1.0
+responders:
+  :first_compatible_version: 3.1.1
+rollbar:
+  :first_compatible_version: 3.4.1
+rspec-rails:
+  :first_compatible_version: 6.1.0
+rubocop-rails:
+  :first_compatible_version: 2.22.2
+shoulda-matchers:
+  :first_compatible_version: 6.0.0
+sidekiq:
+  :first_compatible_version: 7.1.5
+simple_form:
+  :first_compatible_version: 5.3.0
+slim:
+  :first_compatible_version: 5.2.0
+web-console:
+  :first_compatible_version: 4.2.1

data/exe/gemcompat

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'gemcompat'
+Gemcompat::Runner.new.run!

data/gemcompat.gemspec

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'gemcompat/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'gemcompat'
+  spec.version       = Gemcompat::VERSION
+  spec.authors       = ['Steve Pike']
+  spec.email         = ['steve@infield.ai']
+
+  spec.summary       = 'Check your app for silent incompatibilities with new gem versions'
+  spec.description   = 'Not all gem incompatibilities get reported in gemspecs. This project documents them so you can check ahead of an upgrade.'
+  spec.homepage = 'https://github.com/infieldai/gemcompat'
+  spec.license = 'MIT'
+
+  spec.required_ruby_version = '>= 2.7'
+
+  spec.files = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.metadata['rubygems_mfa_required'] = 'true'
+end

data/lib/gemcompat/compatibility_checker.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module Gemcompat
+  # Check a lockfile for compatibility
+  class CompatibilityChecker
+    attr_reader :package_incompatibilities, :package_name, :target_version, :found_incompatibilities
+    DATA_DIR = Pathname.new(__FILE__).join('../../../data')
+
+    def initialize(package_name:, target_version:)
+      @package_name = package_name
+      @target_version = target_version
+      load_package_data!(package_name: package_name, target_version: target_version)
+    end
+
+    def welcome(package_name:, target_version:)
+      puts "Checking for undocumented incompatibilities with #{package_name} v#{target_version}\n\n"
+    end
+
+    def package_version_to_path_part(version)
+      version&.gsub('.', '_')
+    end
+
+    def incompatibility_datafile(package_name:, target_version:)
+      DATA_DIR.join("#{package_name}/#{package_version_to_path_part(target_version)}.yaml")
+    end
+
+    def load_package_data!(package_name:, target_version:)
+      path = incompatibility_datafile(package_name: package_name, target_version: target_version)
+      @package_incompatibilities = YAML.load_file(path).then do |data|
+        data.transform_values { |entry| Gem::Version.new(entry[:first_compatible_version]) }
+      end
+    rescue Errno::ENOENT
+      puts "#{package_name} v#{target_version} not supported yet"
+      exit(1)
+    end
+
+    def report(found_incompatibilities: @found_incompatibilities)
+      welcome(package_name: package_name, target_version: target_version)
+
+      if found_incompatibilities.empty?
+        puts 'No incompatibilities found'
+      else
+        found_incompatibilities.each do |i|
+          puts "#{i[:name]}: Using #{i[:using_version]}. Upgrade to #{i[:required_version]}"
+        end
+      end
+    end
+
+    def parse_lockfile!(lockfile:)
+      @found_incompatibilities = []
+      Bundler::LockfileParser.new(lockfile).specs.each do |spec|
+        next unless (required_version = package_incompatibilities[spec.name]) && required_version > spec.version
+
+        found_incompatibilities << {
+          name: spec.name,
+          using_version: spec.version.to_s,
+          required_version: required_version.to_s,
+        }
+      end
+    end
+  end
+end

data/lib/gemcompat/runner.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+require 'optparse'
+
+module Gemcompat
+  # This class is the entrypoint for the gem. Initialized from ARGV.
+  class Runner
+    attr_reader :options
+
+    def run!(argv = ARGV)
+      parse_args!(argv)
+      checker = CompatibilityChecker.new(**options.slice(:package_name, :target_version))
+      checker.parse_lockfile!(lockfile: lockfile_contents)
+      checker.report
+    end
+
+    # rubocop:disable Metrics/MethodLength
+    # rubocop:disable Metrics/AbcSize
+    def parse_args!(argv = ARGV)
+      @options = {}
+
+      argv << '-h' if argv.empty?
+      OptionParser.new do |opts|
+        opts.banner = 'Usage: gemcompat --package rails --version 7.0 --lockfile ~/path/to/Gemfile.lock'
+
+        opts.on('-p', '--package PACKAGE_NAME', 'Package to check compatibility for') do |pkg|
+          @options[:package_name] = pkg
+        end
+
+        opts.on('-t', '--target-version VERSION_NUMBER', 'Version to check compatibility for') do |version|
+          @options[:target_version] = version
+        end
+
+        opts.on('-l', '--lockfile LOCKFILE', 'Path to Gemfile.lock') do |lockfile_path|
+          @options[:lockfile_path] = lockfile_path
+        end
+
+        opts.on_tail('-h', '--help', 'Show this message') do
+          puts opts
+          exit
+        end
+      end.parse!(argv)
+
+      validate_args!
+    end
+    # rubocop:enable Metrics/MethodLength
+
+    private
+
+    def fail_with(msg)
+      puts msg
+      exit(1)
+    end
+
+    def validate_args!
+      fail_with 'Must pass --package' unless options.include?(:package_name)
+
+      fail_with 'Must pass --target-version' unless options.include?(:target_version)
+
+      fail_with 'Must pass --lockfile' unless options.include?(:lockfile_path)
+
+      return if lockfile_exists?
+
+      fail_with "#{options[:lockfile_path]} does not exist"
+    end
+
+    def lockfile_exists?
+      File.exist?(options[:lockfile_path])
+    end
+
+    def lockfile_contents
+      File.read(options[:lockfile_path])
+    end
+  end
+end

data/lib/gemcompat/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Gemcompat
+  VERSION = '0.1.0'
+end

data/lib/gemcompat.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require 'bundler'
+require 'yaml'
+
+module Gemcompat
+end
+
+require_relative 'gemcompat/compatibility_checker'
+require_relative 'gemcompat/runner'

metadata

@@ -0,0 +1,60 @@
+--- !ruby/object:Gem::Specification
+name: gemcompat
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Steve Pike
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2024-04-02 00:00:00.000000000 Z
+dependencies: []
+description: Not all gem incompatibilities get reported in gemspecs. This project
+  documents them so you can check ahead of an upgrade.
+email:
+- steve@infield.ai
+executables:
+- gemcompat
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rspec"
+- ".rubocop.yml"
+- ".ruby-version"
+- Gemfile
+- Gemfile.lock
+- README.md
+- data/rails/6_1.yaml
+- data/rails/7_1.yaml
+- exe/gemcompat
+- gemcompat.gemspec
+- lib/gemcompat.rb
+- lib/gemcompat/compatibility_checker.rb
+- lib/gemcompat/runner.rb
+- lib/gemcompat/version.rb
+homepage: https://github.com/infieldai/gemcompat
+licenses:
+- MIT
+metadata:
+  rubygems_mfa_required: 'true'
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.7'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.6
+signing_key:
+specification_version: 4
+summary: Check your app for silent incompatibilities with new gem versions
+test_files: []