ruby_dep 1.1.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6162cd8effed647293da60172ca50c44277bc7f1
-  data.tar.gz: 1ca1c7888ea45b1531eae6608f38823bb7d26215
+  metadata.gz: 139539b2a5db649646809eb696ded2cdc83f22de
+  data.tar.gz: 2b0ba1b76e1c066696672d43faff2d77bf841e7c
 SHA512:
-  metadata.gz: ef2e1a10793b65e5a6b785da3af395354f68240617d0f3e8ad739f723bf86efc0703f475991ae20f116eb4ad1c86270103a380e0d4ef3b49e99cd05ad20ed960
-  data.tar.gz: c3c487439cbb6b9dc21aad2573d850a4e2795cb1c774fdac1f0a31716ed6810fa1c2b8941c829c3d36882c6e3ee18a090fe5eb0f617b8cf21ae7d8b74aeae1c4
+  metadata.gz: c7e5f69acb5b96a247fcd7dcab013a54a2141b31241e3e6cbbc047d519189ae7bab7d50a0d1ebdd1c5fa32ccb90753d8ffbdaeae48aefe172ba4fd3504b61dd9
+  data.tar.gz: fc40843fe82fd96af98ea6762134a8c8d31f89b6ab0732bc8f60cb4b2a328fb14ec3176c23221f528e1e4fa1e00280cf46ca60d2e95f591dae24daa25e5834d5

data/.gitignore

@@ -7,3 +7,4 @@
 /pkg/
 /spec/reports/
 /tmp/
+spec/examples.txt

data/.travis.yml

@@ -1,5 +1,7 @@
 sudo: false
 language: ruby
+bundler_args: --without development
 rvm:
   - 2.2.4
-before_install: gem install bundler -v 1.12.0.rc.4
+  - jruby-9.0.5.0
+before_install: gem install bundler -v 1.12.1

data/README.md

@@ -4,24 +4,31 @@
 
 ## The problem
 
-Your gem doesn't support all possible Ruby versions.
+Your gem shouldn't (and likely doesn't) support all possible Ruby versions.
 
-And not all Ruby versions are secure to even have installed.
+(And not all Ruby versions are secure to even be installed).
 
-So, you need to tell users which Ruby versions you support in:
+You need a way to protect users who don't know about this. So, you need to tell users which Ruby versions you support in:
 
 1. Your gemspec
 2. Your README
 3. Your .travis.yml file
 4. Any issues you get about which version of Ruby is supported or not
 
-But maintaning that information in 4 different places breaks the principle of
+But, maintaning that information in 4 different places breaks the principle of
 single responsibility.
 
+And users often don't really "read" a README if they can avoid it.
+
 
 ## The solution
 
-This gems detects which versions of Ruby your project supports.
+This gem helps you and your project users avoid Ruby version problems by:
+
+- warning users if their Ruby is seriously outdated or contains serious vulnerabilities
+- helps you manage which Ruby versions you actually support (and prevents installing other versions)
+
+How? This gems detects which Ruby version users are using and which ones your project supports.
 
 It assumes you are using Travis and the versions listed in your `.travis.yml` are supported.
 
@@ -44,18 +51,17 @@ Also, you it can warn users if they are using an outdated version of Ruby.
     abort "Install 'ruby_dep' gem before building this gem"
   end
 
-  s.add_development_dependency 'ruby_dep', '~> 1.0'
+  s.add_development_dependency 'ruby_dep', '~> 1.1'
 ```
 
 ### In your `README.md`:
 
 Replace your mentions of "supported Ruby versions" to point to the Travis build.
 
-(Or, you can point to the rubygems.org site where the required Ruby version is listed).
+If users see their Ruby version "green" on Travis, it suggests it's supported, right?
 
-If it works on Travis, it's assumed to be supported, right?
+(Or, you can point to the rubygems.org site where the required Ruby version is listed).
 
-If it fails, it isn't, right?
 
 ### In your library:
 
@@ -70,6 +76,17 @@ To disable warnings, just set the following environment variable:
 
 `RUBY_DEP_GEM_SILENCE_WARNINGS=1`
 
+You can follow these rules of thumb:
+
+1. Avoid changing major version numbers, even if you're dropping a major version of Ruby (e.g. 1.9.2)
+2. If you want to support a current version, add it to your `.travis.yml` (e.g. Ruby 2.3.1)
+3. To support an earlier version of Ruby, add it to your `.travis.yml` and release a new gem version.
+4. If you want to support a range of Rubies, include the whole range without gaps in minor version numbers (e.g. 2.0.0, 2.1.0, 2.2.0, 2.3.0)
+5. If you just want to test a Ruby version (but not actually support it), put it into the "allow failures" part of your Travis build matrix.
+6. If you want to drop support for a Ruby, remove it from the `.travis.yml` and just bump your gem's minor number.
+
+When in doubt, open an issue and just ask.
+
 
 ## Roadmap
 

data/lib/ruby_dep/travis.rb

@@ -1,5 +1,7 @@
 require 'yaml'
 
+require 'ruby_dep/travis/ruby_version'
+
 module RubyDep
   class Travis
     def version_constraint(filename = '.travis.yml')
@@ -10,13 +12,15 @@ module RubyDep
       lowest = lowest_supported(selected)
 
       ["~> #{lowest[0..1].join('.')}", ">= #{lowest.join('.')}"]
+    rescue RubyVersion::Error => ex
+      abort("RubyDep Error: #{ex.message}")
     end
 
     private
 
     def versions_for_latest_major(versions)
       by_major = versions.map do |x|
-        Gem::Version.new(x).segments[0..2]
+        RubyVersion.new(x).segments[0..2]
       end.group_by(&:first)
 
       last_supported_major = by_major.keys.sort.last

data/lib/ruby_dep/travis/ruby_version.rb

@@ -0,0 +1,57 @@
+module RubyDep
+  class Travis
+    class RubyVersion
+      REGEXP = /^
+      (?:
+       (?<engine>ruby|jruby)
+      -)?
+        (?<version>\d+\.\d+\.\d+(?:\.\d+)?)
+      (?:-p\d+)?
+      (?:-clang)?
+      $/x
+
+      class Error < RuntimeError
+        class Unrecognized < Error
+          def initialize(invalid_version_string)
+            @invalid_version_string = invalid_version_string
+          end
+
+          def message
+            "Unrecognized Ruby version: #{@invalid_version_string.inspect}"
+          end
+
+          class JRubyVersion < Unrecognized
+            def message
+              "Unrecognized JRuby version: #{@invalid_version_string.inspect}"
+            end
+          end
+        end
+      end
+
+      def initialize(travis_version_string)
+        ruby_version_string = version_for(travis_version_string)
+        @version = Gem::Version.new(ruby_version_string)
+      end
+
+      def segments
+        @version.segments
+      end
+
+      private
+
+      def version_for(travis_version_string)
+        match = REGEXP.match(travis_version_string)
+        raise Error::Unrecognized, travis_version_string unless match
+        return match[:version] unless match[:engine]
+        return jruby_version(match[:version]) if match[:engine] == 'jruby'
+        match[:version] # if match[:engine] == 'ruby'
+      end
+
+      def jruby_version(version)
+        return '2.2.3' if version == '9.0.5.0'
+        return '2.2.2' if version == '9.0.4.0'
+        raise Error::Unrecognized::JRubyVersion, version
+      end
+    end
+  end
+end

data/lib/ruby_dep/version.rb

@@ -1,3 +1,3 @@
 module RubyDep
-  VERSION = '1.1.0'.freeze
+  VERSION = '1.2.0'.freeze
 end

data/lib/ruby_dep/warning.rb

@@ -25,18 +25,26 @@ module RubyDep
     private
 
     VERSION_INFO = {
-      '2.3.1' => :unknown,
-      '2.3.0' => :buggy,
-      '2.2.5' => :unknown,
-      '2.2.4' => :buggy,
-      '2.2.0' => :insecure,
-      '2.1.9' => :buggy,
-      '2.0.0' => :insecure
+      'ruby' => {
+        '2.3.1' => :unknown,
+        '2.3.0' => :buggy,
+        '2.2.5' => :unknown,
+        '2.2.4' => :buggy,
+        '2.2.0' => :insecure,
+        '2.1.9' => :buggy,
+        '2.0.0' => :insecure
+      },
+
+      'jruby' => {
+        '2.2.3' => :unknown, # jruby-9.0.5.0
+        '2.2.0' => :insecure
+      }
     }.freeze
 
     def check_ruby
       version = Gem::Version.new(RUBY_VERSION)
-      VERSION_INFO.each do |ruby, status|
+      info = VERSION_INFO[RUBY_ENGINE] || {}
+      info.each do |ruby, status|
         return status if version >= Gem::Version.new(ruby)
       end
       :insecure

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ruby_dep
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Cezary Baginski
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-04-26 00:00:00.000000000 Z
+date: 2016-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: '1.12'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: '1.12'
 description: Creates a version constraint of supported Rubies,suitable for a gemspec
   file
 email:
@@ -36,18 +36,13 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".travis.yml"
-- Gemfile
-- Guardfile
 - LICENSE.txt
 - README.md
-- Rakefile
-- bin/console
-- bin/setup
 - lib/ruby_dep.rb
 - lib/ruby_dep/travis.rb
+- lib/ruby_dep/travis/ruby_version.rb
 - lib/ruby_dep/version.rb
 - lib/ruby_dep/warning.rb
-- ruby_dep.gemspec
 homepage: https://github.com/e2/ruby_dep
 licenses:
 - MIT
@@ -63,7 +58,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '2.2'
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.2.4
+      version: 2.2.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -71,7 +66,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.3
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: Extracts supported Ruby versions from Travis file

data/Gemfile

@@ -1,16 +0,0 @@
-source 'https://rubygems.org'
-
-# Specify your gem's dependencies in ruby_dep.gemspec
-gemspec
-
-gem 'rake'
-
-group :development do
-  gem 'rubocop', '~> 0.39.0'
-  gem 'guard-rubocop', '~> 1.2'
-  gem 'guard-rspec', '~> 4.6'
-end
-
-group :test do
-  gem 'rspec', '~> 3.4'
-end

data/Guardfile

@@ -1,77 +0,0 @@
-# A sample Guardfile
-# More info at https://github.com/guard/guard#readme
-
-## Uncomment and set this to only include directories you want to watch
-# directories %w(app lib config test spec features) \
-#  .select{|d| Dir.exists?(d) ? d : UI.warning("Directory #{d} does not exist")}
-
-## Note: if you are using the `directories` clause above and you are not
-## watching the project directory ('.'), then you will want to move
-## the Guardfile to a watched dir and symlink it back, e.g.
-#
-#  $ mkdir config
-#  $ mv Guardfile config/
-#  $ ln -s config/Guardfile .
-#
-# and, you'll have to watch "config/Guardfile" instead of "Guardfile"
-
-# Note: The cmd option is now required due to the increasing number of ways
-#       rspec may be run, below are examples of the most common uses.
-#  * bundler: 'bundle exec rspec'
-#  * bundler binstubs: 'bin/rspec'
-#  * spring: 'bin/rspec' (This will use spring if running and you have
-#                          installed the spring binstubs per the docs)
-#  * zeus: 'zeus rspec' (requires the server to be started separately)
-#  * 'just' rspec: 'rspec'
-
-group :specs, halt_on_fail: true do
-  guard :rspec, cmd: 'bundle exec rspec', failed_mode: :keep do
-    require 'guard/rspec/dsl'
-    dsl = Guard::RSpec::Dsl.new(self)
-
-    # Feel free to open issues for suggestions and improvements
-
-    # RSpec files
-    rspec = dsl.rspec
-    watch(rspec.spec_helper) { rspec.spec_dir }
-    watch(rspec.spec_support) { rspec.spec_dir }
-    watch(rspec.spec_files)
-
-    # Ruby files
-    ruby = dsl.ruby
-    dsl.watch_spec_files_for(ruby.lib_files)
-
-    # Rails files
-    rails = dsl.rails(view_extensions: %w(erb haml slim))
-    dsl.watch_spec_files_for(rails.app_files)
-    dsl.watch_spec_files_for(rails.views)
-
-    watch(rails.controllers) do |m|
-      [
-        rspec.spec.call("routing/#{m[1]}_routing"),
-        rspec.spec.call("controllers/#{m[1]}_controller"),
-        rspec.spec.call("acceptance/#{m[1]}")
-      ]
-    end
-
-    # Rails config changes
-    watch(rails.spec_helper)     { rspec.spec_dir }
-    watch(rails.routes)          { "#{rspec.spec_dir}/routing" }
-    watch(rails.app_controller)  { "#{rspec.spec_dir}/controllers" }
-
-    # Capybara features specs
-    watch(rails.view_dirs)     { |m| rspec.spec.call("features/#{m[1]}") }
-    watch(rails.layouts)       { |m| rspec.spec.call("features/#{m[1]}") }
-
-    # Turnip features and steps
-    watch(%r{^spec/acceptance/(.+)\.feature$})
-    watch(%r{^spec/acceptance/steps/(.+)_steps\.rb$}) do |m|
-      Dir[File.join("**/#{m[1]}.feature")][0] || 'spec/acceptance'
-    end
-  end
-
-  guard :rubocop do
-    watch(/.+\.rb$/)
-    watch(%r{(?:.+/)?\.rubocop\.yml$}) { |m| File.dirname(m[0]) }
-  end
-end

data/Rakefile

@@ -1,8 +0,0 @@
-require 'bundler/gem_tasks'
-require 'rspec/core/rake_task'
-
-RSpec::Core::RakeTask.new(:spec) do |task|
-  task.verbose = false
-end
-
-task default: :spec

data/bin/console

@@ -1,14 +0,0 @@
-#!/usr/bin/env ruby
-
-require 'bundler/setup'
-require 'ruby_dep'
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require 'irb'
-IRB.start

data/bin/setup

@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install
-
-# Do any other automated setup that you need to do here

data/ruby_dep.gemspec

@@ -1,32 +0,0 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'ruby_dep/version'
-
-# Yes, inception: we're using this ourselves
-require 'ruby_dep/travis'
-
-Gem::Specification.new do |spec|
-  spec.name          = 'ruby_dep'
-  spec.version       = RubyDep::VERSION
-  spec.authors       = ['Cezary Baginski']
-  spec.email         = ['cezary@chronomantic.net']
-
-  spec.summary       = 'Extracts supported Ruby versions from Travis file'
-  spec.description   = 'Creates a version constraint of supported Rubies,' \
-    'suitable for a gemspec file'
-  spec.homepage      = 'https://github.com/e2/ruby_dep'
-  spec.license       = 'MIT'
-
-  spec.required_ruby_version = RubyDep::Travis.new.version_constraint
-
-  spec.files = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
-  end
-
-  spec.bindir        = 'exe'
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ['lib']
-
-  spec.add_development_dependency 'bundler', '~> 1.11'
-end