kettle-dev 1.0.6 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/CHANGELOG.md +12 -1
- data/CONTRIBUTING.md +2 -1
- data/README.md +1 -1
- data/checksums/kettle-dev-1.0.7.gem.sha256 +1 -0
- data/checksums/kettle-dev-1.0.7.gem.sha512 +1 -0
- data/exe/kettle-release +22 -16
- data/lib/kettle/dev/version.rb +1 -1
- data.tar.gz.sig +0 -0
- metadata +8 -8
- metadata.gz.sig +0 -0
- data/checksums/kettle-dev-1.0.6.gem.sha256 +0 -1
- data/checksums/kettle-dev-1.0.6.gem.sha512 +0 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 757457767d7c4dce99cfbb226f4c8a2a0f94b9a9aadd601b55f21c48a53cda30
|
|
4
|
+
data.tar.gz: e06421edd27c37161d6438f47809828914b2abd6c1b09722d0f7154eaacf078c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 16c04f9745823ca90d1c22e0e471942fc81469fc8022cb6bdf3c064eee5c1f656d077e54ea283906f117d31f0101daf3057f18d7ef472c4373bbe1441c4b4672
|
|
7
|
+
data.tar.gz: 4a6ca6d6fe40cd1c694d73b6527e62d4dc44f97fe72a9b41a796f920b8a1c42a78e2c49f2040dae22d5c277b545b356a592f1ee54c1e28fca4ff6173a4ed1c78
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data/CHANGELOG.md
CHANGED
|
@@ -12,6 +12,15 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
|
|
|
12
12
|
### Fixed
|
|
13
13
|
### Security
|
|
14
14
|
|
|
15
|
+
## [1.0.7] - 2025-08-24
|
|
16
|
+
- TAG: [v1.0.7][1.0.7t]
|
|
17
|
+
- COVERAGE: 100.00% -- 130/130 lines in 7 files
|
|
18
|
+
- BRANCH COVERAGE: 96.00% -- 48/50 branches in 7 files
|
|
19
|
+
- 95.35% documented
|
|
20
|
+
### Fixed
|
|
21
|
+
- Reproducible builds, with consistent checksums, by *not* using SOURCE_DATE_EPOCH.
|
|
22
|
+
- Since bundler v2.7.0 builds are reproducible by default.
|
|
23
|
+
|
|
15
24
|
## [1.0.6] - 2025-08-24
|
|
16
25
|
- TAG: [v1.0.6][1.0.6t]
|
|
17
26
|
- COVERAGE: 100.00% -- 130/130 lines in 7 files
|
|
@@ -99,7 +108,9 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
|
|
|
99
108
|
- Selecting will run the selected workflow via `act`
|
|
100
109
|
- This may move to its own gem in the future.
|
|
101
110
|
|
|
102
|
-
[Unreleased]: https://gitlab.com/kettle-rb/kettle-dev/-/compare/v1.0.
|
|
111
|
+
[Unreleased]: https://gitlab.com/kettle-rb/kettle-dev/-/compare/v1.0.7...HEAD
|
|
112
|
+
[1.0.7]: https://gitlab.com/kettle-rb/kettle-dev/-/compare/v1.0.6...v1.0.7
|
|
113
|
+
[1.0.7t]: https://gitlab.com/kettle-rb/kettle-dev/-/tags/v1.0.7
|
|
103
114
|
[1.0.6]: https://gitlab.com/kettle-rb/kettle-dev/-/compare/v1.0.5...v1.0.6
|
|
104
115
|
[1.0.6t]: https://gitlab.com/kettle-rb/kettle-dev/-/tags/v1.0.6
|
|
105
116
|
[1.0.5]: https://gitlab.com/kettle-rb/kettle-dev/-/compare/v1.0.4...v1.0.5
|
data/CONTRIBUTING.md
CHANGED
|
@@ -117,7 +117,8 @@ Run `kettle-release`.
|
|
|
117
117
|
6. Run `export GIT_TRUNK_BRANCH_NAME="$(git remote show origin | grep 'HEAD branch' | cut -d ' ' -f5)" && echo $GIT_TRUNK_BRANCH_NAME`
|
|
118
118
|
7. Run `git checkout $GIT_TRUNK_BRANCH_NAME`
|
|
119
119
|
8. Run `git pull origin $GIT_TRUNK_BRANCH_NAME` to ensure latest trunk code
|
|
120
|
-
9. Set `SOURCE_DATE_EPOCH` so `rake build` and `rake release` use same timestamp
|
|
120
|
+
9. Optional for older Bundler (< 2.7.0): Set `SOURCE_DATE_EPOCH` so `rake build` and `rake release` use the same timestamp and generate the same checksums
|
|
121
|
+
- If your Bundler is >= 2.7.0, you can skip this; builds are reproducible by default.
|
|
121
122
|
- Run `export SOURCE_DATE_EPOCH=$EPOCHSECONDS && echo $SOURCE_DATE_EPOCH`
|
|
122
123
|
- If the echo above has no output, then it didn't work.
|
|
123
124
|
- Note: `zsh/datetime` module is needed, if running `zsh`.
|
data/README.md
CHANGED
|
@@ -641,7 +641,7 @@ Thanks for RTFM. ☺️
|
|
|
641
641
|
[📌gitmoji]:https://gitmoji.dev
|
|
642
642
|
[📌gitmoji-img]:https://img.shields.io/badge/gitmoji_commits-%20😜%20😍-34495e.svg?style=flat-square
|
|
643
643
|
[🧮kloc]: https://www.youtube.com/watch?v=dQw4w9WgXcQ
|
|
644
|
-
[🧮kloc-img]: https://img.shields.io/badge/KLOC-0.
|
|
644
|
+
[🧮kloc-img]: https://img.shields.io/badge/KLOC-0.130-FFDD67.svg?style=for-the-badge&logo=YouTube&logoColor=blue
|
|
645
645
|
[🔐security]: SECURITY.md
|
|
646
646
|
[🔐security-img]: https://img.shields.io/badge/security-policy-259D6C.svg?style=flat
|
|
647
647
|
[📄copyright-notice-explainer]: https://opensource.stackexchange.com/questions/5778/why-do-licenses-such-as-the-mit-license-specify-a-single-year
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
f5a4e19daf87b88e9f61c4bfec481ea915f5f734cf665dbcbd34be6979718c89
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
7b99485e9d4411f2766d7cf53121923e26284f455146a7ba281982634cc534384d91739d83113618852f8abd5093dbc465362afff62e5da041f996bed2bd3a4b
|
data/exe/kettle-release
CHANGED
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
# - Ensures version/changelog updated (with confirmation)
|
|
7
7
|
# - Commits and pushes a release prep commit
|
|
8
8
|
# - Ensures on trunk, up-to-date
|
|
9
|
-
# -
|
|
9
|
+
# - Builds and releases using Bundler/Rake (reproducible by default in Bundler 2.7+)
|
|
10
10
|
# - Runs `bundle exec rake build` (expects PEM password unless SKIP_GEM_SIGNING)
|
|
11
11
|
# - If signing not skipped and no public cert in certs/<user>.pem, aborts with guidance
|
|
12
12
|
# - Runs bin/gem_checksums
|
|
@@ -49,6 +49,8 @@ module Kettle
|
|
|
49
49
|
def run
|
|
50
50
|
puts "== kettle-release =="
|
|
51
51
|
|
|
52
|
+
ensure_bundler_2_7_plus!
|
|
53
|
+
|
|
52
54
|
run_cmd!("bin/setup")
|
|
53
55
|
run_cmd!("bin/rake")
|
|
54
56
|
|
|
@@ -92,12 +94,10 @@ module Kettle
|
|
|
92
94
|
checkout!(trunk)
|
|
93
95
|
pull!(trunk)
|
|
94
96
|
|
|
95
|
-
epoch = export_source_date_epoch!
|
|
96
|
-
|
|
97
97
|
ensure_signing_setup_or_skip!
|
|
98
98
|
# Build: expect PEM password prompt unless SKIP_GEM_SIGNING
|
|
99
99
|
puts "Running build (you may be prompted for the signing key password)..."
|
|
100
|
-
run_cmd!("
|
|
100
|
+
run_cmd!("bundle exec rake build")
|
|
101
101
|
|
|
102
102
|
# Checksums (commits, but does not push)
|
|
103
103
|
run_cmd!("bin/gem_checksums")
|
|
@@ -105,7 +105,7 @@ module Kettle
|
|
|
105
105
|
|
|
106
106
|
# Release: expect PEM password + RubyGems MFA OTP
|
|
107
107
|
puts "Running release (you may be prompted for signing key password and RubyGems MFA OTP)..."
|
|
108
|
-
run_cmd!("
|
|
108
|
+
run_cmd!("bundle exec rake release")
|
|
109
109
|
# Some release tasks rebuild the gem; re-validate to ensure reproducibility
|
|
110
110
|
validate_checksums!(version, stage: "after release")
|
|
111
111
|
|
|
@@ -200,7 +200,7 @@ module Kettle
|
|
|
200
200
|
|
|
201
201
|
def run_cmd!(cmd)
|
|
202
202
|
puts "$ #{cmd}"
|
|
203
|
-
#
|
|
203
|
+
# Execute commands with the current environment
|
|
204
204
|
success = system(ENV, cmd)
|
|
205
205
|
abort("Command failed: #{cmd}") unless success
|
|
206
206
|
end
|
|
@@ -221,6 +221,19 @@ module Kettle
|
|
|
221
221
|
abort("Git user.name or user.email not configured.") unless ok1 && ok2 && !name.empty? && !email.empty?
|
|
222
222
|
end
|
|
223
223
|
|
|
224
|
+
def ensure_bundler_2_7_plus!
|
|
225
|
+
begin
|
|
226
|
+
require "bundler"
|
|
227
|
+
rescue LoadError
|
|
228
|
+
abort("Bundler is required. Please install bundler >= 2.7.0 and try again.")
|
|
229
|
+
end
|
|
230
|
+
ver = Gem::Version.new(Bundler::VERSION)
|
|
231
|
+
min = Gem::Version.new("2.7.0")
|
|
232
|
+
if ver < min
|
|
233
|
+
abort("kettle-release requires Bundler >= 2.7.0 for reproducible builds by default. Current: #{Bundler::VERSION}. Please upgrade bundler.")
|
|
234
|
+
end
|
|
235
|
+
end
|
|
236
|
+
|
|
224
237
|
def detect_version
|
|
225
238
|
# Look for lib/**/version.rb and extract VERSION constant string
|
|
226
239
|
candidates = Dir[File.join(@root, "lib", "**", "version.rb")]
|
|
@@ -482,13 +495,6 @@ module Kettle
|
|
|
482
495
|
puts "Merged #{feature} into #{trunk} and pushed. The PR (if any) should auto-close."
|
|
483
496
|
end
|
|
484
497
|
|
|
485
|
-
def export_source_date_epoch!
|
|
486
|
-
epoch = Time.now.to_i
|
|
487
|
-
ENV["SOURCE_DATE_EPOCH"] = epoch.to_s
|
|
488
|
-
puts "Exported SOURCE_DATE_EPOCH=#{epoch}"
|
|
489
|
-
epoch
|
|
490
|
-
end
|
|
491
|
-
|
|
492
498
|
def ensure_signing_setup_or_skip!
|
|
493
499
|
return if ENV.key?("SKIP_GEM_SIGNING")
|
|
494
500
|
|
|
@@ -528,8 +534,8 @@ module Kettle
|
|
|
528
534
|
sha256sum: #{actual}
|
|
529
535
|
file: #{checks_path}
|
|
530
536
|
file: #{expected}
|
|
531
|
-
|
|
532
|
-
|
|
537
|
+
The artifact being released must match the checksummed artifact exactly.
|
|
538
|
+
Retry locally: bundle exec rake build && bin/gem_checksums && bundle exec rake release
|
|
533
539
|
MSG
|
|
534
540
|
else
|
|
535
541
|
puts "Checksum OK #{stage}: #{File.basename(gem_path)}"
|
|
@@ -574,7 +580,7 @@ if ARGV.include?("-h") || ARGV.include?("--help")
|
|
|
574
580
|
- Commits a release prep change
|
|
575
581
|
- Ensures trunk is up-to-date, pushes branch, and monitors CI (GitHub/GitLab)
|
|
576
582
|
- Merges feature into trunk upon CI success
|
|
577
|
-
-
|
|
583
|
+
- Builds, records checksums, and releases (requires Bundler >= 2.7.0)
|
|
578
584
|
|
|
579
585
|
Environment:
|
|
580
586
|
SKIP_GEM_SIGNING=true # skip gem signing during build/release
|
data/lib/kettle/dev/version.rb
CHANGED
data.tar.gz.sig
CHANGED
|
Binary file
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kettle-dev
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Peter H. Boling
|
|
@@ -203,8 +203,8 @@ extra_rdoc_files:
|
|
|
203
203
|
- REEK
|
|
204
204
|
- RUBOCOP.md
|
|
205
205
|
- SECURITY.md
|
|
206
|
-
- checksums/kettle-dev-1.0.
|
|
207
|
-
- checksums/kettle-dev-1.0.
|
|
206
|
+
- checksums/kettle-dev-1.0.7.gem.sha256
|
|
207
|
+
- checksums/kettle-dev-1.0.7.gem.sha512
|
|
208
208
|
files:
|
|
209
209
|
- ".devcontainer/devcontainer.json"
|
|
210
210
|
- ".envrc"
|
|
@@ -256,8 +256,8 @@ files:
|
|
|
256
256
|
- RUBOCOP.md
|
|
257
257
|
- Rakefile
|
|
258
258
|
- SECURITY.md
|
|
259
|
-
- checksums/kettle-dev-1.0.
|
|
260
|
-
- checksums/kettle-dev-1.0.
|
|
259
|
+
- checksums/kettle-dev-1.0.7.gem.sha256
|
|
260
|
+
- checksums/kettle-dev-1.0.7.gem.sha512
|
|
261
261
|
- exe/kettle-commit-msg
|
|
262
262
|
- exe/kettle-readme-backers
|
|
263
263
|
- exe/kettle-release
|
|
@@ -290,10 +290,10 @@ licenses:
|
|
|
290
290
|
- MIT
|
|
291
291
|
metadata:
|
|
292
292
|
homepage_uri: https://kettle-dev.galtzo.com/
|
|
293
|
-
source_code_uri: https://github.com/galtzo-floss/kettle-dev/tree/v1.0.
|
|
294
|
-
changelog_uri: https://github.com/galtzo-floss/kettle-dev/blob/v1.0.
|
|
293
|
+
source_code_uri: https://github.com/galtzo-floss/kettle-dev/tree/v1.0.7
|
|
294
|
+
changelog_uri: https://github.com/galtzo-floss/kettle-dev/blob/v1.0.7/CHANGELOG.md
|
|
295
295
|
bug_tracker_uri: https://github.com/galtzo-floss/kettle-dev/issues
|
|
296
|
-
documentation_uri: https://www.rubydoc.info/gems/kettle-dev/1.0.
|
|
296
|
+
documentation_uri: https://www.rubydoc.info/gems/kettle-dev/1.0.7
|
|
297
297
|
funding_uri: https://github.com/sponsors/pboling
|
|
298
298
|
wiki_uri: https://github.com/galtzo-floss/kettle-dev/wiki
|
|
299
299
|
news_uri: https://www.railsbling.com/tags/kettle-dev
|
metadata.gz.sig
CHANGED
|
Binary file
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
57458ade85e8ec3c36087f4ffd6f07b2efa3e139a6787017387772014b6fc620
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
668add6ecffd144af422608ea3b072b5feecc82a93fc387d356d25fac02367ab73edf44e3c72bb17c8f8b1bbe153d1d01673d44df9d84b46ab83761b85e2665f
|