RubyGems - libyear-bundler - Versions diffs - 0.5.0 → 0.5.1 - Mend

libyear-bundler 0.5.0 → 0.5.1

Files changed (13) hide show

checksums.yaml +5 -5
data/.rubocop.yml +6 -6
data/.rubocop_todo.yml +0 -8
data/CHANGELOG.md +20 -1
data/CONTRIBUTING.md +1 -1
data/README.md +32 -25
data/bin/test +6 -0
data/lib/libyear_bundler/bundle_outdated.rb +12 -0
data/lib/libyear_bundler/models/ruby.rb +26 -15
data/lib/libyear_bundler/report.rb +9 -6
data/lib/libyear_bundler/version.rb +1 -1
data/libyear-bundler.gemspec +3 -3
metadata +22 -16

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 8ab149dc302594c069829c10cc93253a4a9165d2
-  data.tar.gz: 8f6a974c411bc9b72d799b137f715cd7c35260a1
+SHA256:
+  metadata.gz: 3b113205ec01de873ddfdb08d3f57bae32d490e7c8507fd1a66a1fb6b3eb908b
+  data.tar.gz: 6d8e7d769640f59408f32d348cbef9c3b0ac05afa4d599d1bf1263e6eb9c236c
 SHA512:
-  metadata.gz: 424dad3f3c7ef8e6f42cb406714ec080193ca59f4c3d55b7e38d631d0d0ac97a670e9db076c993a9a1c976e31dd47cbe08f3ccf32dc7466c20379fcdda6d1acd
-  data.tar.gz: aad230cd11ee0313b1d1bce97fa489b020c92fd15686deb9ecefa4ac96a9a2393cd27aa998edfd9983c66f4dd168c131752aae1d5c53fc4e273d8757c10beec2
+  metadata.gz: e0faaddd13daf54352167af88c80299210f4cdb7bae8509406058f8322e5a0d1eb637d8d75a22cebc0a9384b6c60c2e2b7166561f52c7dee9aa9f43e283ea7af
+  data.tar.gz: cbed8858a0ef38a2ce323354add6bd64035ffe43bd69cd41f0d381f5486c27b9d81d20e7e8e01424bd6eb5d5e5f93054a5ec3f6ed51a8d1581ffbad0eaae4859

data/.rubocop.yml CHANGED Viewed

@@ -3,6 +3,12 @@ inherit_from: .rubocop_todo.yml
 AllCops:
   TargetRubyVersion: 2.1.10
+Layout/IndentArray:
+  EnforcedStyle: consistent
+Layout/MultilineMethodCallIndentation:
+  EnforcedStyle: indented
 Metrics/AbcSize:
   Max: 27
@@ -20,11 +26,5 @@ Metrics/LineLength:
 Metrics/MethodLength:
   Enabled: false
-Style/IndentArray:
-  EnforcedStyle: consistent
-Style/MultilineMethodCallIndentation:
-  EnforcedStyle: indented
 Style/StringLiterals:
   Enabled: false

data/.rubocop_todo.yml CHANGED Viewed

@@ -6,14 +6,6 @@
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: Include, TreatCommentsAsGroupSeparators.
-# Include: **/*.gemspec
-Gemspec/OrderedDependencies:
-  Exclude:
-    - 'libyear-bundler.gemspec'
 # Offense count: 1
 # Cop supports --auto-correct.
 # Configuration parameters: EnforcedStyle, SupportedStyles.

data/CHANGELOG.md CHANGED Viewed

@@ -17,7 +17,26 @@ Fixed:
 - None
-## 0.5.0 (2017-12-12)
+## 0.5.1 (2019-05-09)
+Breaking changes:
+- None
+Added:
+- None
+Fixed:
+- Stable Ruby releases are no longer considered pre-releases (80534fa)
+- Avoid crash due to malformed version strings by skipping those dependencies (7b0b2cf)
+Dependencies:
+- Support bundler 2
+## 0.5.0 (2017-12-27)
 Breaking changes:

data/CONTRIBUTING.md CHANGED Viewed

@@ -12,7 +12,7 @@ bundle exec rspec
 ## Releases
 1. Set the version in `lib/libyear_bundler/version.rb`
-   - Follow SEMVER
+   - Follow SemVer
    - Only use integer-dot-integer-dot-integer format, never "pre-releases"
 1. In the changelog,
    - Replace "Unreleased" with the date in ISO-8601 format

data/README.md CHANGED Viewed

@@ -2,15 +2,16 @@
 A simple measure of dependency freshness for ruby apps.
-Applied to a whole Gemfile, `libyear-bundler` provides a single number for
-determining the maintenance burden of an app’s dependencies. It is a simple
-measure of the time between the release date of the installed dependency and the
-release date of the newest version of the dependency.
+```bash
+$ libyear-bundler Gemfile
+activesupport    4.2.7.1     2016-08-10    5.1.3     2017-08-03       1.0
+         i18n      0.8.0     2017-01-31    0.8.6     2017-07-10       0.4
+         json      1.8.6     2017-01-13    2.1.0     2017-04-18       0.3
+System is 1.7 libyears behind
+```
-The inspiration for libyear comes from the technical report “Measuring
-Dependency Freshness in Software Systems”[1]. Other metrics for determining
-dependency freshness outlined in the paper are available in libyear-bundler. See
-the Usage section for details.
+`libyear-bundler` tells you how out-of-date your Gemfile is, in *a single
+number*.
 # Install
@@ -20,31 +21,30 @@ gem install libyear-bundler
 ## Usage
-Run `libyear-bundler` in a directory with a Gemfile. Verbosity is on by default.
-For simpler output, see the `--grand-total` option.
+Run `libyear-bundler` in a directory with a Gemfile.
-### Options
+### `--libyears` (default)
-#### `--libyears` (default)
 Measures the time between your dependencies' installed and newest versions, in
 years.
 ```bash
 $ libyear-bundler Gemfile
-                 activesupport        4.2.7.1     2016-08-10          5.1.3     2017-08-03       1.0
-                          i18n          0.8.0     2017-01-31          0.8.6     2017-07-10       0.4
-                          json          1.8.6     2017-01-13          2.1.0     2017-04-18       0.3
-                      minitest         5.10.1     2016-12-02         5.10.3     2017-07-21       0.6
-             minitest_to_rspec          0.6.0     2015-06-09          0.8.0     2017-01-02       1.6
-                   ruby_parser          3.8.4     2017-01-13         3.10.1     2017-07-21       0.5
-                sexp_processor          4.8.0     2017-02-01         4.10.0     2017-07-17       0.5
-                   thread_safe          0.3.5     2015-03-11          0.3.6     2017-02-22       2.0
-                        tzinfo          1.2.2     2014-08-08          1.2.3     2017-03-25       2.6
+     activesupport   4.2.7.1     2016-08-10     5.1.3     2017-08-03     1.0
+              i18n     0.8.0     2017-01-31     0.8.6     2017-07-10     0.4
+              json     1.8.6     2017-01-13     2.1.0     2017-04-18     0.3
+          minitest    5.10.1     2016-12-02    5.10.3     2017-07-21     0.6
+ minitest_to_rspec     0.6.0     2015-06-09     0.8.0     2017-01-02     1.6
+       ruby_parser     3.8.4     2017-01-13    3.10.1     2017-07-21     0.5
+    sexp_processor     4.8.0     2017-02-01    4.10.0     2017-07-17     0.5
+       thread_safe     0.3.5     2015-03-11     0.3.6     2017-02-22     2.0
+            tzinfo     1.2.2     2014-08-08     1.2.3     2017-03-25     2.6
 System is 9.4 libyears behind
 ```
-#### `--releases`
+### `--releases`
 Measures the number of releases between your dependencies' installed and newest
 versions
@@ -63,8 +63,8 @@ Total releases behind: 70
 ```
+### `--versions`
-#### `--versions`
 Measures the number of major, minor, and patch versions between your
 dependencies' installed and newest versions
@@ -83,7 +83,8 @@ Major, minor, patch versions behind: 2, 6, 10
 ```
-#### `--all`
+### `--all`
 Returns relevant data for each outdated gem, including 'libyears', 'releases',
 and 'versions' metrics
@@ -103,7 +104,8 @@ Total releases behind: 70
 Major, minor, patch versions behind: 2, 6, 10
 ```
-#### `--grand-total`
+### `--grand-total`
 With no other options, returns the grand-total of libyears. Used with other
 flags, returns the associated grand-total.
@@ -127,6 +129,11 @@ $ libyear-bundler Gemfile --all --grand-total
 See CONTRIBUTING.md
+## Acknowledgements
+The inspiration for libyear comes from the technical report “Measuring
+Dependency Freshness in Software Systems”[1].
 ---
 [1] J. Cox, E. Bouwers, M. van Eekelen and J. Visser, Measuring Dependency
 Freshness in Software Systems. In Proceedings of the 37th International

data/bin/test ADDED Viewed

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -e
+bundle exec rubocop
+bundle exec rspec

data/lib/libyear_bundler/bundle_outdated.rb CHANGED Viewed

@@ -19,6 +19,11 @@ module LibyearBundler
       bundle_outdated.lines.each_with_object([]) do |line, gems|
         match = BOP_FMT.match(line)
         next if match.nil?
+        if malformed_version_strings?(match)
+          warn "Skipping #{match['name']} because of a malformed version string"
+          next
+        end
         gem = ::LibyearBundler::Models::Gem.new(
           match['name'],
           match['installed'],
@@ -47,5 +52,12 @@ module LibyearBundler
       end
       stdout
     end
+    # We rely on Gem::Version to handle version strings. If the string is malformed (usually because
+    # of a gem installed from git), then we won't be able to determine the dependency's freshness
+    def malformed_version_strings?(dependency)
+      !Gem::Version.correct?(dependency['installed']) ||
+        !Gem::Version.correct?(dependency['newest'])
+    end
   end
 end

data/lib/libyear_bundler/models/ruby.rb CHANGED Viewed

@@ -43,7 +43,7 @@ module LibyearBundler
       end
       def newest_version
-        ::Gem::Version.new(all_versions.first['version'])
+        ::Gem::Version.new(all_stable_versions.first)
       end
       def newest_version_release_date
@@ -70,9 +70,6 @@ module LibyearBundler
       private
-      # We'll only consider non-prerelease versions when determining the
-      # newest version
-      #
       # The following URL is the only official, easily-parseable document with
       # Ruby version information that I'm aware of, but is not supported as such
       # (https://github.com/ruby/www.ruby-lang.org/pull/1637#issuecomment-344934173).
@@ -87,29 +84,47 @@ module LibyearBundler
           # The Date object is passed through here due to a bug in
           # YAML#safe_load
           # https://github.com/ruby/psych/issues/262
-          ::YAML.safe_load(response.body, [Date]).reject do |version|
-            ::Gem::Version.new(version['version']).prerelease?
-          end
+          ::YAML.safe_load(response.body, [Date])
         end
       end
+      # We'll only consider non-prerelease versions when analyzing ruby version,
+      # which we also implcitly do for gem versions because that's bundler's
+      # default behavior
+      def all_stable_versions
+        stable_releases = all_versions.reject do |version|
+          ::Gem::Version.new(version['version']).prerelease?
+        end
+        stable_releases.map { |release| release['version'] }
+      end
       def installed_version_sequence_index
-        versions_sequence.index(installed_version.to_s)
+        all_stable_versions.index(installed_version.to_s)
       end
       def newest_version_sequence_index
-        versions_sequence.index(newest_version.to_s)
+        all_stable_versions.index(newest_version.to_s)
       end
       def release_date(version)
-        v = all_versions.detect { |ver| ver['version'] == version }
+        v = all_stable_versions.detect { |ver| ver['version'] == version }
         # YAML#safe_load provides an already-parsed Date object, so the following
         # is a Date object
         v['date']
       end
       def shell_out_to_ruby
-        `ruby --version`.split[1]
+        # ruby appends a 'p' followed by the patch level number
+        # to the version number for stable releases, which returns
+        # a false positive using `::Gem::Version#prerelease?`.
+        # Understandably, because ruby is not a gem, but we'd like
+        # to use `prerelease?`.
+        # Pre-releases are appended with 'dev', and so adhere to
+        # `::Gem::Version`'s definition of a pre-release.
+        # Sources:
+        #   - https://github.com/ruby/ruby/blob/trunk/version.h#L37
+        #   - https://ruby-doc.org/stdlib-1.9.3/libdoc/rubygems/rdoc/Version.html
+        `ruby --version`.split[1].gsub(/p\d/, '')
       end
       def version_from_bundler
@@ -130,10 +145,6 @@ module LibyearBundler
       def version_from_ruby
         ::Gem::Version.new(shell_out_to_ruby)
       end
-      def versions_sequence
-        all_versions.map { |version| version['version'] }
-      end
     end
   end
 end

data/lib/libyear_bundler/report.rb CHANGED Viewed

@@ -82,20 +82,23 @@ module LibyearBundler
     def put_version_delta_summary(sum_major_version, sum_minor_version, sum_patch_version)
       puts format(
-        "Major, minor, patch versions behind: %d, %d, %d",
-        sum_major_version,
-        sum_minor_version,
-        sum_patch_version
+        "Major, minor, patch versions behind: %<major>d, %<minor>d, %<patch>d",
+        major: sum_major_version,
+        minor: sum_minor_version,
+        patch: sum_patch_version
       )
     end
     def put_sum_seq_delta_summary(sum_seq_delta)
-      puts format("Total releases behind: %d", sum_seq_delta)
+      puts format(
+        "Total releases behind: %<seq_delta>d",
+        seq_delta: sum_seq_delta
+      )
     end
     def put_summary(summary)
       if [:libyears?, :releases?, :versions?].all? { |opt| @options.send(opt) }
-        put_libyear_summary(summary[:sum_years])
+        put_libyear_summary(summary[:sum_libyears])
         put_sum_seq_delta_summary(summary[:sum_seq_delta])
         put_version_delta_summary(
           summary[:sum_major_version],

data/lib/libyear_bundler/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module LibyearBundler
-  VERSION = "0.5.0".freeze
+  VERSION = "0.5.1".freeze
 end

data/libyear-bundler.gemspec CHANGED Viewed

@@ -19,7 +19,7 @@ Gem::Specification.new do |spec|
   spec.executables = ["libyear-bundler"]
   spec.require_paths = ["lib"]
   spec.required_ruby_version = ">= 2.1"
-  spec.add_dependency "bundler", "~> 1.14"
-  spec.add_development_dependency "rubocop"
-  spec.add_development_dependency "rspec"
+  spec.add_dependency "bundler", ">= 1.14", "< 3"
+  spec.add_development_dependency "rspec", "~> 3.7"
+  spec.add_development_dependency "rubocop", "~> 0.52.1"
 end

metadata CHANGED Viewed

@@ -1,57 +1,63 @@
 --- !ruby/object:Gem::Specification
 name: libyear-bundler
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.5.1
 platform: ruby
 authors:
 - Jared Beck
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-12-28 00:00:00.000000000 Z
+date: 2019-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.14'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.14'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.7'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.52.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.52.1
 description:
 email:
 - jared@jaredbeck.com
@@ -70,6 +76,7 @@ files:
 - LICENSE.txt
 - README.md
 - bin/libyear-bundler
+- bin/test
 - lib/libyear_bundler.rb
 - lib/libyear_bundler/bundle_outdated.rb
 - lib/libyear_bundler/calculators/libyear.rb
@@ -101,8 +108,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.6.13
+rubygems_version: 3.0.3
 signing_key:
 specification_version: 4
 summary: A simple measure of dependency freshness