recent_ruby 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +3 -3
- data/README.md +5 -5
- data/lib/recent_ruby/version.rb +1 -1
- data/recent_ruby.gemspec +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4d158e1d0a99635459bcb2cf597097b83dd12e590c697bb3972c5c9f061dd31b
|
|
4
|
+
data.tar.gz: ec39ee4066b2dedc34b7f1d2b24978ec99de5f45bc827d65ab8edf48ab3c6ab6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7dad8e25a1a7e4a45ca8dea07e83a37388dba7349a5b160cf0e20bd7495660c520e13b957c2b0a95454596b08da8f7f32c7b2164e44abf416d76c192b2e0d9bd
|
|
7
|
+
data.tar.gz: 5dadcda4128b02701aabae9d5cda1d5e36cba1175e81167894618f8d312b0a9b4abf776280d3d359feb28ddf5a4459eed5f34f22dc8e2964bb05649609177a46
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
recent_ruby (0.1.
|
|
4
|
+
recent_ruby (0.1.2)
|
|
5
5
|
methadone (~> 1.9.5)
|
|
6
6
|
parser
|
|
7
7
|
|
|
@@ -82,7 +82,7 @@ GEM
|
|
|
82
82
|
pry (0.14.1)
|
|
83
83
|
coderay (~> 1.1)
|
|
84
84
|
method_source (~> 1.0)
|
|
85
|
-
rake (
|
|
85
|
+
rake (13.0.3)
|
|
86
86
|
rdoc (6.3.1)
|
|
87
87
|
rspec-expectations (3.10.1)
|
|
88
88
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
@@ -105,7 +105,7 @@ DEPENDENCIES
|
|
|
105
105
|
aruba
|
|
106
106
|
bundler (>= 2.1.0)
|
|
107
107
|
pry
|
|
108
|
-
rake (~>
|
|
108
|
+
rake (~> 13.0)
|
|
109
109
|
rdoc
|
|
110
110
|
recent_ruby!
|
|
111
111
|
test-unit
|
data/README.md
CHANGED
|
@@ -6,7 +6,7 @@ This script takes a Ruby version number, compares it to all available Ruby versi
|
|
|
6
6
|
|
|
7
7
|
Heroku (and other platforms) use the Gemfile to determine which version of Ruby to use. This means, whenever a Ruby vulnerability is found, you need to update your Gemfile in order to be safe. More importantly it means you need to pay close attention to the Ruby security notices. On smaller teams, this is often overlooked.
|
|
8
8
|
|
|
9
|
-
For gems, you can use Brakeman or Hakiri
|
|
9
|
+
For gems, you can use Brakeman or Hakiri to stay up-to-date with security patches. For your Ruby version, use recent_ruby.
|
|
10
10
|
|
|
11
11
|
## Installation
|
|
12
12
|
|
|
@@ -24,7 +24,7 @@ gem 'recent_ruby', require: false
|
|
|
24
24
|
|
|
25
25
|
## Usage
|
|
26
26
|
|
|
27
|
-
Just add Recent Ruby in your CI/CD build process, wherever you would put Rubocop or Brakeman. Recent Ruby can check either your Gemfile, or whatever is supplied as a command line argument, and checks if that version of Ruby is the most recent TEENY/PATCH release for that minor version.
|
|
27
|
+
Just add Recent Ruby in your CI/CD build process, wherever you would put Rubocop or Brakeman. Recent Ruby can check either your Gemfile (`recent_ruby --gemfile Gemfile`), or whatever is supplied as a command line argument (`recent_ruby --version-string 2.3.5`), and checks if that version of Ruby is the most recent TEENY/PATCH release for that minor version.
|
|
28
28
|
|
|
29
29
|
It also makes sure that your minor version is not End-of-Life yet. If your version of Ruby does happen to be out of date and potentially insecure, it exits with status code 1. This means you can simply drop it into your .circle.yml or your Semaphore build step, or wherever you usually put these things.
|
|
30
30
|
|
|
@@ -75,7 +75,7 @@ Comparing version numbers...
|
|
|
75
75
|
Current version is 2.3.3, but the latest patch release for 2.3 is 2.3.7!
|
|
76
76
|
```
|
|
77
77
|
|
|
78
|
-
Build steps I use
|
|
78
|
+
Build steps I use in the project settings on SemaphoreCI:
|
|
79
79
|
|
|
80
80
|
```
|
|
81
81
|
# Setup:
|
|
@@ -87,11 +87,11 @@ recent_ruby --gemfile Gemfile
|
|
|
87
87
|
|
|
88
88
|
## How
|
|
89
89
|
|
|
90
|
-
If `--gemfile` was supplied, we use the parser gem to extract the Ruby version from the Gemfile.
|
|
90
|
+
If `--gemfile` was supplied, we use the parser gem to extract the Ruby version and patchlevel from the Gemfile.
|
|
91
91
|
|
|
92
92
|
First, we check that we’re being supplied an MRI stable release. If not, we immediately stop and error with exit code 1. Next, we grab the list of releases from the ruby-build repository and do some comparison to make sure we’re on the latest TEENY/PATCH release. Then we download the build specification from the ruby-build repository, and make sure an End-of-Life warning is not present.
|
|
93
93
|
|
|
94
|
-
Since the ruby-build repository is well maintained and used in production by many, it’s a reliable source.
|
|
94
|
+
Since the ruby-build repository is well maintained and used in production by many, it’s a reliable source for this purpose.
|
|
95
95
|
|
|
96
96
|
## Contributing
|
|
97
97
|
|
data/lib/recent_ruby/version.rb
CHANGED
data/recent_ruby.gemspec
CHANGED
|
@@ -32,7 +32,7 @@ Gem::Specification.new do |spec|
|
|
|
32
32
|
spec.require_paths = ["lib"]
|
|
33
33
|
|
|
34
34
|
spec.add_development_dependency "bundler", ">= 2.1.0"
|
|
35
|
-
spec.add_development_dependency "rake", "~>
|
|
35
|
+
spec.add_development_dependency "rake", "~> 13.0"
|
|
36
36
|
spec.add_development_dependency('rdoc')
|
|
37
37
|
spec.add_development_dependency('pry')
|
|
38
38
|
spec.add_development_dependency('aruba')
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: recent_ruby
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lucas Luitjes
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '13.0'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '13.0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rdoc
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|