gemfilelint 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/Gemfile.lock +2 -2
  4. data/README.md +17 -2
  5. data/exe/gemfilelint +1 -1
  6. data/lib/gemfilelint/version.rb +1 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed679ee045c3d39a031c54a7bc7b17a5912920975a46fbf4d8919a99c6216008
4
- data.tar.gz: cdfd4a5b93dc1c6c2eee7917b11f3000e82f5604223cde31c067b5b433a33729
3
+ metadata.gz: 7d8e0cfea9a30da826eaea36ddea99897b725ab798c45f997fa1f94ad852cddc
4
+ data.tar.gz: e171f16a27d44cfb344d8a4828b6942e365bc885fe044f5101c9392aad566e63
5
5
  SHA512:
6
- metadata.gz: be1de4b80eee06591d4bd0b85faf0ed50208f5d7f8de04f8dc7a95a339202629ce0bd5b0c81bee750581025bcdbabab1768afc307ac036c8e30c06f04ee2a433
7
- data.tar.gz: 694bf077b0ef17a588bccb615ddce0ce865d6e1131fe01d20589a7098748d41c4fe170b22b83b532b2f3fce453b7eeefc535330c2468f8398c1f4eca8337924d
6
+ metadata.gz: 5e433200176ad6cdf3ca73cc52a2e30d2db5bb5b526531589690bcf26d795a46f18de26149571e8e6ffb1e76ffc7d1d91cde2eec39b633c643250b56896f07cb
7
+ data.tar.gz: 68e78aea3e2b81f07d27cd2f17a792b054df1c88a85d8d4fbeaac92d8d8d325fd54690d68e34c2f063752653e0255cb79b052a45fec4150d51f73a521b0a7f7a
data/CHANGELOG.md CHANGED
@@ -6,6 +6,12 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## [0.2.1] - 2020-02-24
10
+
11
+ ### Changed
12
+
13
+ - Fix invocation when not specifying path to gemfile.
14
+
9
15
  ## [0.2.0] - 2020-02-20
10
16
 
11
17
  ### Added
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- gemfilelint (0.2.0)
4
+ gemfilelint (0.2.1)
5
5
  bundler
6
6
 
7
7
  GEM
@@ -14,7 +14,7 @@ GEM
14
14
  parser (2.7.0.2)
15
15
  ast (~> 2.4.0)
16
16
  rainbow (3.0.0)
17
- rake (12.3.3)
17
+ rake (13.0.1)
18
18
  rexml (3.2.4)
19
19
  rubocop (0.80.0)
20
20
  jaro_winkler (~> 1.5.1)
data/README.md CHANGED
@@ -1,6 +1,21 @@
1
1
  # Gemfile lint
2
2
 
3
- Lint your Gemfile! This will find common spelling mistakes in gems and remote sources so that you don't accidentally download code from places that you don't mean to.
3
+ [![Build Status](https://github.com/kddeisz/gemfilelint/workflows/Main/badge.svg)](https://github.com/kddeisz/gemfilelint/actions)
4
+ [![Gem Version](https://img.shields.io/gem/v/gemfilelint.svg)](https://github.com/kddeisz/gemfilelint)
5
+
6
+ Lint your Gemfile! This will find common spelling mistakes in gems and remote sources so that you don't accidentally download code from places that you don't mean to. For example, if you have a Gemfile with the contents:
7
+
8
+ ```ruby
9
+ source 'https://rubyems.org'
10
+
11
+ gem 'rails'
12
+ gem 'puma'
13
+ gem 'pg'
14
+ ```
15
+
16
+ You might not be able to see the immediate issue, but there's a typo in your source declaration. While this will generally be harmless, as it will likely error, it's also possible that someone could register that domain and provide gems with modified content to execute their own code on your production system.
17
+
18
+ `gemfilelint` is a utility that you can run against your Gemfile that will check all of your listed sources against known trusted sources and all of your listed gems against the most commonly downloaded gems according to rubygems. This can give you some peace of mind that if you make a spelling mistake you won't accidentally open yourself up to RCE without knowing it.
4
19
 
5
20
  ## Installation
6
21
 
@@ -20,7 +35,7 @@ Or install it yourself as:
20
35
 
21
36
  ## Usage
22
37
 
23
- Run the `gemfilelint` executable either in the root of your repository that contains a Gemfile or specify a path to one.
38
+ Run the `gemfilelint` executable either in the root of your repository that contains a Gemfile or specify a path to one or more Gemfile paths.
24
39
 
25
40
  ## Development
26
41
 
data/exe/gemfilelint CHANGED
@@ -4,7 +4,7 @@
4
4
  $LOAD_PATH.unshift(File.expand_path(File.join('..', 'lib'), __dir__))
5
5
  require 'gemfilelint'
6
6
 
7
- gemfiles = ARGV.any? ? ARGV : './Gemfile'
7
+ gemfiles = ARGV.any? ? ARGV : %w[./Gemfile]
8
8
 
9
9
  invalid = gemfiles.reject { |gemfile| File.file?(gemfile) }
10
10
  if invalid.any?
data/lib/gemfilelint/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Gemfilelint
4
- VERSION = '0.2.0'
4
+ VERSION = '0.2.1'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gemfilelint
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kevin Deisz
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-02-20 00:00:00.000000000 Z
11
+ date: 2020-02-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler