libyear-bundler 0.5.2 → 0.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b928c7b46ecc15833f753d4b5400becf3159bb01f89ce4dfca13f134e85dc214
-  data.tar.gz: 84675a2d07aa5f953a0bb9521390ebf383005bcbf255ddfdac574e5b0a2b6de7
+  metadata.gz: e9b6ae5fa040a91add039ed6d36fd2a6f3084a42efe9adfa1207fdad342ae6b9
+  data.tar.gz: dc93d875dcf16eb18c20bb09bbc8ed38efb1866b49d3b6fe3b721be3d78f009a
 SHA512:
-  metadata.gz: d20b10024dcd680f6a598d889a17a0cf42fd7bd9e531de0badaaab74dd60728b76baa4091e9737cbd7452125f2b9f153349b8381ff6087a860fb52838e2072bb
-  data.tar.gz: 51f690808ed6af0e8f36f84b54b13197873ecd4638948045f496fc1b555e54c4e02942a59279a0b1de1aaf9c332d70a637d50eb5df5cf2ebf29b0c1ba222043e
+  metadata.gz: ef8e98ac272c82f87634523708d44d0e805d571909c4e68b57be3e760780b13b345b6d1fbe09222dc41aedebcfd47105e6cea4baae13555b693a9ba0ec90a3fb
+  data.tar.gz: b06125191e905323a3d43098306899be8e48f7dff79df11b62f8a1d9865311ce6d8048c50706316543b8eb3fcb3b925d55d6ba9e7170019cd0a4894d4fb9af45

data/lib/libyear_bundler/bundle_outdated.rb

@@ -11,8 +11,9 @@ module LibyearBundler
     # Format of `bundle outdated --parseable` (BOP)
     BOP_FMT = /\A(?<name>[^ ]+) \(newest (?<newest>[^,]+), installed (?<installed>[^,)]+)/
 
-    def initialize(gemfile_path)
+    def initialize(gemfile_path, release_date_cache)
       @gemfile_path = gemfile_path
+      @release_date_cache = release_date_cache
     end
 
     def execute
@@ -27,7 +28,8 @@ module LibyearBundler
         gem = ::LibyearBundler::Models::Gem.new(
           match['name'],
           match['installed'],
-          match['newest']
+          match['newest'],
+          @release_date_cache
         )
         gems.push(gem)
       end

data/lib/libyear_bundler/cli.rb

@@ -2,6 +2,7 @@ require "bundler/cli"
 require "bundler/cli/outdated"
 require "libyear_bundler/bundle_outdated"
 require "libyear_bundler/options"
+require "libyear_bundler/release_date_cache"
 require "libyear_bundler/report"
 require 'libyear_bundler/models/ruby'
 
@@ -27,6 +28,12 @@ module LibyearBundler
       else
         print report.to_s
       end
+
+      # Update cache
+      cache_path = @options.cache_path
+      if cache_path && release_date_cache
+        release_date_cache.save(cache_path)
+      end
     end
 
     private
@@ -54,7 +61,15 @@ module LibyearBundler
     end
 
     def bundle_outdated
-      BundleOutdated.new(@gemfile_path).execute
+      BundleOutdated.new(@gemfile_path, release_date_cache).execute
+    end
+
+    def release_date_cache
+      @_release_date_cache ||= begin
+        path = @options.cache_path
+        return if path.nil?
+        ReleaseDateCache.load(path)
+      end
     end
 
     def report
@@ -63,7 +78,7 @@ module LibyearBundler
 
     def ruby
       lockfile = @gemfile_path + '.lock'
-      ::LibyearBundler::Models::Ruby.new(lockfile)
+      ::LibyearBundler::Models::Ruby.new(lockfile, release_date_cache)
     end
 
     def grand_total

data/lib/libyear_bundler/models/gem.rb

@@ -7,10 +7,39 @@ module LibyearBundler
     # Logic and information pertaining to the installed and newest versions of
     # a gem
     class Gem
-      def initialize(name, installed_version, newest_version)
+      def initialize(name, installed_version, newest_version, release_date_cache)
+        unless release_date_cache.nil? || release_date_cache.is_a?(ReleaseDateCache)
+          raise TypeError, 'Invalid release_date_cache'
+        end
         @name = name
         @installed_version = installed_version
         @newest_version = newest_version
+        @release_date_cache = release_date_cache
+      end
+
+      class << self
+        def release_date(gem_name, gem_version)
+          dep = nil
+          begin
+            dep = ::Bundler::Dependency.new(gem_name, gem_version)
+          rescue ::Gem::Requirement::BadRequirementError => e
+            $stderr.puts "Could not find release date for: #{gem_name}"
+            $stderr.puts(e)
+            $stderr.puts(
+              "Maybe you used git in your Gemfile, which libyear doesn't support " \
+              "yet. Contributions welcome."
+            )
+            return nil
+          end
+          tuples, _errors = ::Gem::SpecFetcher.fetcher.search_for_dependency(dep)
+          if tuples.empty?
+            $stderr.puts "Could not find release date for: #{gem_name}"
+            return nil
+          end
+          tup, source = tuples.first # Gem::NameTuple
+          spec = source.fetch_spec(tup) # raises Gem::RemoteFetcher::FetchError
+          spec.date.to_date
+        end
       end
 
       def installed_version
@@ -18,7 +47,11 @@ module LibyearBundler
       end
 
       def installed_version_release_date
-        release_date(name, installed_version)
+        if @release_date_cache.nil?
+          self.class.release_date(name, installed_version)
+        else
+          @release_date_cache[name, installed_version]
+        end
       end
 
       def installed_version_sequence_index
@@ -45,7 +78,11 @@ module LibyearBundler
       end
 
       def newest_version_release_date
-        release_date(name, newest_version)
+        if @release_date_cache.nil?
+          self.class.release_date(name, newest_version)
+        else
+          @release_date_cache[name, newest_version]
+        end
       end
 
       def version_number_delta
@@ -74,31 +111,6 @@ module LibyearBundler
           parsed_response.map { |version| version['number'] }
         end
       end
-
-      # Known issue: Probably performs a network request every time, unless
-      # there's some kind of caching.
-      def release_date(gem_name, gem_version)
-        dep = nil
-        begin
-          dep = ::Bundler::Dependency.new(gem_name, gem_version)
-        rescue ::Gem::Requirement::BadRequirementError => e
-          $stderr.puts "Could not find release date for: #{gem_name}"
-          $stderr.puts(e)
-          $stderr.puts(
-            "Maybe you used git in your Gemfile, which libyear doesn't support " \
-              "yet. Contributions welcome."
-          )
-          return nil
-        end
-        tuples, _errors = ::Gem::SpecFetcher.fetcher.search_for_dependency(dep)
-        if tuples.empty?
-          $stderr.puts "Could not find release date for: #{gem_name}"
-          return nil
-        end
-        tup, source = tuples.first # Gem::NameTuple
-        spec = source.fetch_spec(tup) # raises Gem::RemoteFetcher::FetchError
-        spec.date.to_date
-      end
     end
   end
 end

data/lib/libyear_bundler/models/ruby.rb

@@ -7,6 +7,7 @@ require 'yaml'
 require 'libyear_bundler/calculators/libyear'
 require 'libyear_bundler/calculators/version_number_delta'
 require 'libyear_bundler/calculators/version_sequence_delta'
+require 'libyear_bundler/yaml_loader'
 
 module LibyearBundler
   module Models
@@ -15,8 +16,84 @@ module LibyearBundler
       RUBY_VERSION_DATA_URL = "https://raw.githubusercontent.com/ruby/" \
         "www.ruby-lang.org/master/_data/releases.yml".freeze
 
-      def initialize(lockfile)
+      def initialize(lockfile, release_date_cache)
+        unless release_date_cache.nil? || release_date_cache.is_a?(ReleaseDateCache)
+          raise TypeError, 'Invalid release_date_cache'
+        end
         @lockfile = lockfile
+        @release_date_cache = release_date_cache
+      end
+
+      class << self
+        # We'll only consider non-prerelease versions when analyzing ruby version,
+        # which we also implcitly do for gem versions because that's bundler's
+        # default behavior
+        #
+        # @return [Array<String>]
+        def all_stable_versions
+          all_versions.reject do |version|
+            ::Gem::Version.new(version).prerelease?
+          end
+        end
+
+        def newest_version
+          ::Gem::Version.new(all_stable_versions.first)
+        end
+
+        def newest_version_release_date
+          if @release_date_cache.nil?
+            release_date(newest_version)
+          else
+            @release_date_cache[name, newest_version]
+          end
+        end
+
+        def newest_version_sequence_index
+          all_stable_versions.find_index(newest_version.to_s)
+        end
+
+        def release_date(version_obj)
+          version = version_obj.to_s
+          v = all_stable_versions.detect { |ver| ver == version }
+
+          if v.nil?
+            raise format('Cannot determine release date for ruby %s', version)
+          end
+
+          # YAML#safe_load provides an already-parsed Date object, so the following
+          # is a Date object
+          v['date']
+        end
+
+        private
+
+        # The following URL is the only official, easily-parseable document with
+        # Ruby version information that I'm aware of, but is not supported as such
+        # (https://github.com/ruby/www.ruby-lang.org/pull/1637#issuecomment-344934173).
+        # It's been recommend that ruby-lang.org provide a supported document:
+        # https://github.com/ruby/www.ruby-lang.org/pull/1637#issuecomment-344934173
+        # TODO: Use supported document with version information if it becomes
+        # available.
+        #
+        # @return [Array<String>]
+        def all_versions
+          @_all_versions ||= begin
+            uri = ::URI.parse(RUBY_VERSION_DATA_URL)
+            opt = { open_timeout: 3, read_timeout: 5, use_ssl: true }
+            response = ::Net::HTTP.start(uri.hostname, uri.port, opt) do |con|
+              con.request_get(uri.path)
+            end
+            if response.is_a?(::Net::HTTPSuccess)
+              YAMLLoader.safe_load(response.body).map { |release| release['version'] }
+            else
+              warn format('Unable to get Ruby version list: response code: %s', response.code)
+              []
+            end
+          rescue ::Timeout::Error
+            warn 'Unable to get Ruby version list: network timeout'
+            []
+          end
+        end
       end
 
       def installed_version
@@ -28,13 +105,17 @@ module LibyearBundler
       end
 
       def installed_version_release_date
-        release_date(installed_version.to_s)
+        if @release_date_cache.nil?
+          self.class.release_date(installed_version)
+        else
+          @release_date_cache[name, installed_version]
+        end
       end
 
       def libyears
         ::LibyearBundler::Calculators::Libyear.calculate(
-          release_date(installed_version.to_s),
-          release_date(newest_version.to_s)
+          installed_version_release_date,
+          self.class.newest_version_release_date
         )
       end
 
@@ -42,12 +123,16 @@ module LibyearBundler
         'ruby'
       end
 
+      # Simply delegates to class method, but we still need it to conform to
+      # the interface expected by `Report#meta_line_summary`.
       def newest_version
-        ::Gem::Version.new(all_stable_versions.first['version'])
+        self.class.newest_version
       end
 
+      # Simply delegates to class method, but we still need it to conform to
+      # the interface expected by `Report#meta_line_summary`.
       def newest_version_release_date
-        release_date(newest_version.to_s)
+        self.class.newest_version_release_date
       end
 
       def outdated?
@@ -57,64 +142,21 @@ module LibyearBundler
       def version_number_delta
         ::LibyearBundler::Calculators::VersionNumberDelta.calculate(
           installed_version,
-          newest_version
+          self.class.newest_version
         )
       end
 
       def version_sequence_delta
         ::LibyearBundler::Calculators::VersionSequenceDelta.calculate(
           installed_version_sequence_index,
-          newest_version_sequence_index
+          self.class.newest_version_sequence_index
         )
       end
 
       private
 
-      # The following URL is the only official, easily-parseable document with
-      # Ruby version information that I'm aware of, but is not supported as such
-      # (https://github.com/ruby/www.ruby-lang.org/pull/1637#issuecomment-344934173).
-      # It's been recommend that ruby-lang.org provide a supported document:
-      # https://github.com/ruby/www.ruby-lang.org/pull/1637#issuecomment-344934173
-      # TODO: Use supported document with version information if it becomes
-      # available.
-      def all_versions
-        @_all_versions ||= begin
-          uri = ::URI.parse(RUBY_VERSION_DATA_URL)
-          response = ::Net::HTTP.get_response(uri)
-          # The Date object is passed through here due to a bug in
-          # YAML#safe_load
-          # https://github.com/ruby/psych/issues/262
-          ::YAML.safe_load(response.body, [Date])
-        end
-      end
-
-      # We'll only consider non-prerelease versions when analyzing ruby version,
-      # which we also implcitly do for gem versions because that's bundler's
-      # default behavior
-      def all_stable_versions
-        all_versions.reject do |version|
-          ::Gem::Version.new(version['version']).prerelease?
-        end
-      end
-
       def installed_version_sequence_index
-        all_stable_versions.index(installed_version.to_s)
-      end
-
-      def newest_version_sequence_index
-        all_stable_versions.index(newest_version.to_s)
-      end
-
-      def release_date(version)
-        v = all_stable_versions.detect { |ver| ver['version'] == version }
-
-        if v.nil?
-          raise format('Cannot determine release date for ruby %s', version)
-        end
-
-        # YAML#safe_load provides an already-parsed Date object, so the following
-        # is a Date object
-        v['date']
+        self.class.all_stable_versions.index(installed_version.to_s)
       end
 
       def shell_out_to_ruby
@@ -141,6 +183,8 @@ module LibyearBundler
         ::Bundler::RubyVersion.from_string(ruby_version_string).gem_version
       end
 
+      # TODO: this path should probably be relative to `@lockfile` instead
+      # TODO: of being relative to the current working directory.
       def version_from_ruby_version_file
         return unless ::File.exist?('.ruby-version')
         ::Gem::Version.new(::File.read('.ruby-version').strip)

data/lib/libyear_bundler/options.rb

@@ -31,6 +31,10 @@ https://github.com/jaredbeck/libyear-bundler/
           @options.send('versions?=', true)
         end
 
+        opts.on('--cache=CACHE_PATH', 'Use a cache across runs') do |cache_path|
+          @options.cache_path = cache_path
+        end
+
         opts.on('--libyears', '[default] Calculate libyears out-of-date') do
           @options.send('libyears?=', true)
         end

data/lib/libyear_bundler/release_date_cache.rb

@@ -0,0 +1,59 @@
+require 'yaml'
+require 'libyear_bundler/yaml_loader'
+
+module LibyearBundler
+  # A cache of release dates by name and version, for both gems and rubies.
+  class ReleaseDateCache
+    # @param data [Hash<String,Date>]
+    def initialize(data)
+      raise TypeError unless data.is_a?(Hash)
+      @data = data
+    end
+
+    def [](name, version)
+      key = format('%s-%s', name, version)
+      if @data.key?(key)
+        @data[key]
+      else
+        @data[key] = release_date(name, version)
+      end
+    end
+
+    def empty?
+      @data.empty?
+    end
+
+    def size
+      @data.size
+    end
+
+    class << self
+      def load(path)
+        if File.exist?(path)
+          new(YAMLLoader.safe_load(File.read(path)))
+        else
+          new({})
+        end
+      end
+    end
+
+    def save(path)
+      content = YAML.dump(@data)
+      begin
+        File.write(path, content)
+      rescue StandardError => e
+        warn format('Unable to update cache: %s, %s', path, e.message)
+      end
+    end
+
+    private
+
+    def release_date(name, version)
+      if name == 'ruby'
+        Models::Ruby.release_date(version)
+      else
+        Models::Gem.release_date(name, version)
+      end
+    end
+  end
+end

data/lib/libyear_bundler/report.rb

@@ -93,16 +93,16 @@ module LibyearBundler
     def put_version_delta_summary(sum_major_version, sum_minor_version, sum_patch_version)
       puts format(
         "Major, minor, patch versions behind: %<major>d, %<minor>d, %<patch>d",
-        major: sum_major_version,
-        minor: sum_minor_version,
-        patch: sum_patch_version
+        major: sum_major_version || 0,
+        minor: sum_minor_version || 0,
+        patch: sum_patch_version || 0
       )
     end
 
     def put_sum_seq_delta_summary(sum_seq_delta)
       puts format(
         "Total releases behind: %<seq_delta>d",
-        seq_delta: sum_seq_delta
+        seq_delta: sum_seq_delta || 0
       )
     end
 

data/lib/libyear_bundler/version.rb

@@ -1,3 +1,3 @@
 module LibyearBundler
-  VERSION = "0.5.2".freeze
+  VERSION = "0.6.1".freeze
 end

data/lib/libyear_bundler/yaml_loader.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+module LibyearBundler
+  # Supports different versions of the `YAML` constant. For example,
+  #
+  # > psych 3.0.3 YAML#safe_load expected the permitted/whitelisted classes in
+  # > the second parameter.
+  # >
+  # > psych 3.1.0 YAML#safe_load introduced keyword argument permitted_classes
+  # > in addition to permitted/whitelisted classes in the second parameter.
+  # >
+  # > psych 4.0.0 dropped the second positional parameter of YAML#safe_load, and
+  # > expects the permitted/whitelisted classes only in keyword parameter
+  # > permitted_classes.
+  # > https://github.com/jaredbeck/libyear-bundler/issues/22
+  #
+  # I expect this will only get more complicated over the years, as we try to
+  # support old rubies for as long as possible.
+  #
+  # Other known issues:
+  #
+  # - https://github.com/ruby/psych/issues/262
+  module YAMLLoader
+    class << self
+      def safe_load(yaml, permitted_classes: [::Date])
+        if YAML.method(:safe_load).parameters.include?([:key, :permitted_classes])
+          YAML.safe_load(yaml, permitted_classes: permitted_classes)
+        else
+          YAML.safe_load(yaml, permitted_classes)
+        end
+      end
+    end
+  end
+end

data/libyear-bundler.gemspec

@@ -23,8 +23,16 @@ Gem::Specification.new do |spec|
   spec.bindir = "bin"
   spec.executables = ["libyear-bundler"]
   spec.require_paths = ["lib"]
+
+  # We deliberately support dead rubies, as long as possible. It's important
+  # that people with badly out-of-date systems can still measure how bad they
+  # are.
   spec.required_ruby_version = ">= 2.1"
+
+  # We will support bundler 1 as long as we can. See `required_ruby_version`
+  # above.
   spec.add_dependency "bundler", ">= 1.14", "< 3"
-  spec.add_development_dependency "rspec", "~> 3.7"
-  spec.add_development_dependency "rubocop", "~> 0.52.1"
+
+  # Development dependencies are specified in `/gemfiles`. See CONTRIBUTING.md
+  # for details.
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: libyear-bundler
 version: !ruby/object:Gem::Version
-  version: 0.5.2
+  version: 0.6.1
 platform: ruby
 authors:
 - Jared Beck
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-09 00:00:00.000000000 Z
+date: 2022-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -30,34 +30,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.7'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.7'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.52.1
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.52.1
 description: 
 email:
 - jared@jaredbeck.com
@@ -77,8 +49,10 @@ files:
 - lib/libyear_bundler/models/gem.rb
 - lib/libyear_bundler/models/ruby.rb
 - lib/libyear_bundler/options.rb
+- lib/libyear_bundler/release_date_cache.rb
 - lib/libyear_bundler/report.rb
 - lib/libyear_bundler/version.rb
+- lib/libyear_bundler/yaml_loader.rb
 - libyear-bundler.gemspec
 homepage: https://libyear.com
 licenses:
@@ -99,7 +73,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.2.20
 signing_key: 
 specification_version: 4
 summary: A simple measure of dependency freshness