git-pkgs 0.6.2 → 0.7.0

data/lib/git/pkgs/commands/diff_driver.rb

@@ -80,10 +80,10 @@ module Git
 
         def install_driver
           # Set up git config for textconv
-          system("git", "config", "diff.pkgs.textconv", "git-pkgs diff-driver")
+          git_config("diff.pkgs.textconv", "git-pkgs diff-driver")
 
           # Add to .gitattributes
-          gitattributes_path = File.join(Dir.pwd, ".gitattributes")
+          gitattributes_path = File.join(work_tree, ".gitattributes")
           existing = File.exist?(gitattributes_path) ? File.read(gitattributes_path) : ""
 
           new_entries = []
@@ -109,9 +109,9 @@ module Git
         end
 
         def uninstall_driver
-          system("git", "config", "--unset", "diff.pkgs.textconv")
+          git_config_unset("diff.pkgs.textconv")
 
-          gitattributes_path = File.join(Dir.pwd, ".gitattributes")
+          gitattributes_path = File.join(work_tree, ".gitattributes")
           if File.exist?(gitattributes_path)
             lines = File.readlines(gitattributes_path)
             lines.reject! { |line| line.include?("diff=pkgs") || line.include?("# git-pkgs") }
@@ -140,6 +140,26 @@ module Git
           {}
         end
 
+        def work_tree
+          Git::Pkgs.work_tree || Dir.pwd
+        end
+
+        def git_cmd
+          if Git::Pkgs.git_dir
+            ["git", "-C", work_tree]
+          else
+            ["git"]
+          end
+        end
+
+        def git_config(key, value)
+          system(*git_cmd, "config", key, value)
+        end
+
+        def git_config_unset(key)
+          system(*git_cmd, "config", "--unset", key)
+        end
+
         def parse_options
           options = {}
 

data/lib/git/pkgs/commands/init.rb

@@ -102,6 +102,7 @@ module Git
                     manifest_id: manifest_ids[c[:manifest_path]],
                     name: c[:name],
                     ecosystem: c[:ecosystem],
+                    purl: c[:purl],
                     change_type: c[:change_type],
                     requirement: c[:requirement],
                     previous_requirement: c[:previous_requirement],
@@ -121,6 +122,7 @@ module Git
                     manifest_id: manifest_ids[s[:manifest_path]],
                     name: s[:name],
                     ecosystem: s[:ecosystem],
+                    purl: s[:purl],
                     requirement: s[:requirement],
                     dependency_type: s[:dependency_type],
                     created_at: now,
@@ -185,6 +187,7 @@ module Git
                   manifest_path: manifest_key,
                   name: change[:name],
                   ecosystem: change[:ecosystem],
+                  purl: change[:purl],
                   change_type: change[:change_type],
                   requirement: change[:requirement],
                   previous_requirement: change[:previous_requirement],
@@ -202,6 +205,7 @@ module Git
                     manifest_path: manifest_path,
                     name: name,
                     ecosystem: dep_info[:ecosystem],
+                    purl: dep_info[:purl],
                     requirement: dep_info[:requirement],
                     dependency_type: dep_info[:dependency_type]
                   }
@@ -222,6 +226,7 @@ module Git
                   manifest_path: manifest_path,
                   name: name,
                   ecosystem: dep_info[:ecosystem],
+                  purl: dep_info[:purl],
                   requirement: dep_info[:requirement],
                   dependency_type: dep_info[:dependency_type]
                 }

data/lib/git/pkgs/commands/list.rb

@@ -13,16 +13,13 @@ module Git
 
         def run
           repo = Repository.new
-          require_database(repo)
+          use_stateless = @options[:stateless] || !Database.exists?(repo.git_dir)
 
-          Database.connect(repo.git_dir)
-
-          commit_sha = @options[:commit] || repo.head_sha
-          target_commit = Models::Commit.first(sha: commit_sha)
-
-          error "Commit #{commit_sha[0, 7]} not in database. Run 'git pkgs update' to index new commits." unless target_commit
-
-          deps = compute_dependencies_at_commit(target_commit, repo)
+          if use_stateless
+            deps = run_stateless(repo)
+          else
+            deps = run_with_database(repo)
+          end
 
           # Apply filters
           if @options[:manifest]
@@ -42,22 +39,64 @@ module Git
             return
           end
 
+          locked_versions = build_locked_versions(deps)
+
           if @options[:format] == "json"
             require "json"
-            puts JSON.pretty_generate(deps)
+            deps_with_locked = deps.map do |dep|
+              if dep[:kind] == "manifest"
+                locked = locked_versions[[dep[:ecosystem], dep[:name]]]
+                locked ? dep.merge(locked_version: locked) : dep
+              else
+                dep
+              end
+            end
+            puts JSON.pretty_generate(deps_with_locked)
           else
-            paginate { output_text(deps) }
+            paginate { output_text(deps, locked_versions) }
           end
         end
 
-        def output_text(deps)
+        def run_stateless(repo)
+          commit_sha = @options[:commit] || repo.head_sha
+          rugged_commit = repo.lookup(repo.rev_parse(commit_sha))
+
+          error "Could not resolve '#{commit_sha}'. Check that the ref exists." unless rugged_commit
+
+          analyzer = Analyzer.new(repo)
+          analyzer.dependencies_at_commit(rugged_commit)
+        end
+
+        def run_with_database(repo)
+          Database.connect(repo.git_dir)
+
+          commit_sha = @options[:commit] || repo.head_sha
+          target_commit = Models::Commit.first(sha: commit_sha)
+
+          error "Commit #{commit_sha[0, 7]} not in database. Run 'git pkgs update' to index new commits." unless target_commit
+
+          compute_dependencies_at_commit(target_commit, repo)
+        end
+
+        def build_locked_versions(deps)
+          locked_versions = {}
+          deps.each do |d|
+            next unless d[:kind] == "lockfile"
+            locked_versions[[d[:ecosystem], d[:name]]] = d[:requirement]
+          end
+          locked_versions
+        end
+
+        def output_text(deps, locked_versions)
           grouped = deps.group_by { |d| [d[:manifest_path], d[:ecosystem]] }
 
           grouped.each do |(path, platform), manifest_deps|
             puts "#{path} (#{platform}):"
             manifest_deps.sort_by { |d| d[:name] }.each do |dep|
-              type_suffix = dep[:dependency_type] ? " [#{dep[:dependency_type]}]" : ""
-              puts "  #{dep[:name]} #{dep[:requirement]}#{type_suffix}"
+              type_suffix = dep[:dependency_type] && dep[:dependency_type] != "runtime" ? " [#{dep[:dependency_type]}]" : ""
+              locked = locked_versions[[dep[:ecosystem], dep[:name]]] if dep[:kind] == "manifest"
+              locked_suffix = locked ? " [#{locked}]" : ""
+              puts "  #{dep[:name]} #{dep[:requirement]}#{locked_suffix}#{type_suffix}"
             end
             puts
           end
@@ -85,6 +124,7 @@ module Git
                 manifest_path: s.manifest.path,
                 name: s.name,
                 ecosystem: s.ecosystem,
+                kind: s.manifest.kind,
                 requirement: s.requirement,
                 dependency_type: s.dependency_type
               }
@@ -93,7 +133,7 @@ module Git
 
           # Replay changes from snapshot to target
           if snapshot_commit && snapshot_commit.id != target_commit.id
-            commit_ids = branch.commits_dataset.select_map(:id)
+            commit_ids = branch.commits_dataset.select_map(Sequel[:commits][:id])
             changes = Models::DependencyChange
               .join(:commits, id: :commit_id)
               .where(Sequel[:commits][:id] => commit_ids)
@@ -111,6 +151,7 @@ module Git
                   manifest_path: change.manifest.path,
                   name: change.name,
                   ecosystem: change.ecosystem,
+                  kind: change.manifest.kind,
                   requirement: change.requirement,
                   dependency_type: change.dependency_type
                 }
@@ -157,6 +198,10 @@ module Git
               options[:no_pager] = true
             end
 
+            opts.on("--stateless", "Parse manifests directly without database") do
+              options[:stateless] = true
+            end
+
             opts.on("-h", "--help", "Show this help") do
               puts opts
               exit

data/lib/git/pkgs/commands/show.rb

@@ -15,13 +15,70 @@ module Git
           ref = @args.shift || "HEAD"
 
           repo = Repository.new
-          require_database(repo)
-
-          Database.connect(repo.git_dir)
+          use_stateless = @options[:stateless] || !Database.exists?(repo.git_dir)
 
           sha = repo.rev_parse(ref)
           error "Could not resolve '#{ref}'. Check that the ref exists with 'git rev-parse #{ref}'." unless sha
 
+          if use_stateless
+            run_stateless(repo, sha)
+          else
+            run_with_database(repo, sha)
+          end
+        end
+
+        def run_stateless(repo, sha)
+          rugged_commit = repo.lookup(sha)
+          analyzer = Analyzer.new(repo)
+
+          if rugged_commit.parents.empty?
+            # First commit - all deps are "added"
+            deps = analyzer.dependencies_at_commit(rugged_commit)
+            changes = deps.map do |dep|
+              {
+                name: dep[:name],
+                change_type: "added",
+                requirement: dep[:requirement],
+                ecosystem: dep[:ecosystem],
+                manifest_path: dep[:manifest_path]
+              }
+            end
+          else
+            diff = analyzer.diff_commits(rugged_commit.parents[0], rugged_commit)
+            changes = []
+            diff[:added].each { |d| changes << d.merge(change_type: "added") }
+            diff[:modified].each { |d| changes << d.merge(change_type: "modified") }
+            diff[:removed].each { |d| changes << d.merge(change_type: "removed") }
+          end
+
+          if @options[:ecosystem]
+            changes = changes.select { |c| c[:ecosystem] == @options[:ecosystem] }
+          end
+
+          commit_info = {
+            sha: sha,
+            short_sha: sha[0..7],
+            message: rugged_commit.message,
+            author_name: rugged_commit.author[:name],
+            author_email: rugged_commit.author[:email],
+            committed_at: rugged_commit.time
+          }
+
+          if changes.empty?
+            empty_result "No dependency changes in #{commit_info[:short_sha]}"
+            return
+          end
+
+          if @options[:format] == "json"
+            output_json_stateless(commit_info, changes)
+          else
+            paginate { output_text_stateless(commit_info, changes) }
+          end
+        end
+
+        def run_with_database(repo, sha)
+          Database.connect(repo.git_dir)
+
           commit = Models::Commit.find_or_create_from_repo(repo, sha)
           error "Commit '#{sha[0..7]}' not in database. Run 'git pkgs update' to index new commits." unless commit
 
@@ -109,6 +166,68 @@ module Git
           puts JSON.pretty_generate(data)
         end
 
+        def output_text_stateless(commit_info, changes)
+          puts "Commit: #{commit_info[:short_sha]} #{commit_info[:message]&.lines&.first&.strip}"
+          puts "Author: #{commit_info[:author_name]} <#{commit_info[:author_email]}>"
+          puts "Date:   #{commit_info[:committed_at].strftime("%Y-%m-%d")}"
+          puts
+
+          added = changes.select { |c| c[:change_type] == "added" }
+          modified = changes.select { |c| c[:change_type] == "modified" }
+          removed = changes.select { |c| c[:change_type] == "removed" }
+
+          if added.any?
+            puts Color.green("Added:")
+            added.each do |change|
+              puts Color.green("  + #{change[:name]} #{change[:requirement]} (#{change[:ecosystem]}, #{change[:manifest_path]})")
+            end
+            puts
+          end
+
+          if modified.any?
+            puts Color.yellow("Modified:")
+            modified.each do |change|
+              puts Color.yellow("  ~ #{change[:name]} #{change[:previous_requirement]} -> #{change[:requirement]} (#{change[:ecosystem]}, #{change[:manifest_path]})")
+            end
+            puts
+          end
+
+          if removed.any?
+            puts Color.red("Removed:")
+            removed.each do |change|
+              puts Color.red("  - #{change[:name]} #{change[:requirement]} (#{change[:ecosystem]}, #{change[:manifest_path]})")
+            end
+            puts
+          end
+        end
+
+        def output_json_stateless(commit_info, changes)
+          require "json"
+
+          data = {
+            commit: {
+              sha: commit_info[:sha],
+              short_sha: commit_info[:short_sha],
+              message: commit_info[:message]&.lines&.first&.strip,
+              author_name: commit_info[:author_name],
+              author_email: commit_info[:author_email],
+              date: commit_info[:committed_at].iso8601
+            },
+            changes: changes.map do |change|
+              {
+                name: change[:name],
+                change_type: change[:change_type],
+                requirement: change[:requirement],
+                previous_requirement: change[:previous_requirement],
+                ecosystem: change[:ecosystem],
+                manifest: change[:manifest_path]
+              }
+            end
+          }
+
+          puts JSON.pretty_generate(data)
+        end
+
         def parse_options
           options = {}
 
@@ -127,6 +246,10 @@ module Git
               options[:no_pager] = true
             end
 
+            opts.on("--stateless", "Parse manifests directly without database") do
+              options[:stateless] = true
+            end
+
             opts.on("-h", "--help", "Show this help") do
               puts opts
               exit

data/lib/git/pkgs/commands/stale.rb

@@ -26,10 +26,14 @@ module Git
 
           return empty_result("No dependencies found") unless current_commit
 
-          snapshots = current_commit.dependency_snapshots_dataset.eager(:manifest)
+          # Only look at lockfile dependencies (actual resolved versions, not constraints)
+          snapshots = current_commit.dependency_snapshots_dataset
+            .eager(:manifest)
+            .join(:manifests, id: :manifest_id)
+            .where(Sequel[:manifests][:kind] => "lockfile")
 
           if @options[:ecosystem]
-            snapshots = snapshots.where(ecosystem: @options[:ecosystem])
+            snapshots = snapshots.where(Sequel[:dependency_snapshots][:ecosystem] => @options[:ecosystem])
           end
 
           snapshots = snapshots.all

data/lib/git/pkgs/commands/update.rb

@@ -41,6 +41,7 @@ module Git
               key = [s.manifest.path, s.name]
               snapshot[key] = {
                 ecosystem: s.ecosystem,
+                purl: s.purl,
                 requirement: s.requirement,
                 dependency_type: s.dependency_type
               }
@@ -88,6 +89,7 @@ module Git
                     manifest: manifest,
                     name: change[:name],
                     ecosystem: change[:ecosystem],
+                    purl: change[:purl],
                     change_type: change[:change_type],
                     requirement: change[:requirement],
                     previous_requirement: change[:previous_requirement],
@@ -105,6 +107,7 @@ module Git
                     name: name
                   ) do |s|
                     s.ecosystem = dep_info[:ecosystem]
+                    s.purl = dep_info[:purl]
                     s.requirement = dep_info[:requirement]
                     s.dependency_type = dep_info[:dependency_type]
                   end