ruby_dep 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +54 -26
- data/lib/ruby_dep/version.rb +1 -1
- data/lib/ruby_dep/warning.rb +50 -0
- data/ruby_dep.gemspec +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6162cd8effed647293da60172ca50c44277bc7f1
|
|
4
|
+
data.tar.gz: 1ca1c7888ea45b1531eae6608f38823bb7d26215
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ef2e1a10793b65e5a6b785da3af395354f68240617d0f3e8ad739f723bf86efc0703f475991ae20f116eb4ad1c86270103a380e0d4ef3b49e99cd05ad20ed960
|
|
7
|
+
data.tar.gz: c3c487439cbb6b9dc21aad2573d850a4e2795cb1c774fdac1f0a31716ed6810fa1c2b8941c829c3d36882c6e3ee18a090fe5eb0f617b8cf21ae7d8b74aeae1c4
|
data/README.md
CHANGED
|
@@ -1,54 +1,82 @@
|
|
|
1
1
|
# RubyDep
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
[](https://rubygems.org/gems/ruby_dep) [](https://travis-ci.org/e2/ruby_dep)
|
|
4
4
|
|
|
5
|
-
|
|
6
|
-
2. More stuff planned (reading TargetRubyVersion from .rubocop.yml file?)
|
|
5
|
+
## The problem
|
|
7
6
|
|
|
8
|
-
|
|
7
|
+
Your gem doesn't support all possible Ruby versions.
|
|
9
8
|
|
|
10
|
-
|
|
9
|
+
And not all Ruby versions are secure to even have installed.
|
|
11
10
|
|
|
12
|
-
|
|
13
|
-
2. your README
|
|
14
|
-
3. your .travis.yml file
|
|
11
|
+
So, you need to tell users which Ruby versions you support in:
|
|
15
12
|
|
|
16
|
-
|
|
13
|
+
1. Your gemspec
|
|
14
|
+
2. Your README
|
|
15
|
+
3. Your .travis.yml file
|
|
16
|
+
4. Any issues you get about which version of Ruby is supported or not
|
|
17
17
|
|
|
18
|
-
|
|
18
|
+
But maintaning that information in 4 different places breaks the principle of
|
|
19
|
+
single responsibility.
|
|
19
20
|
|
|
20
|
-
- point to the Travis build in your README (or your gem home page on rubygems.org)
|
|
21
|
-
- extract the supported versions from your .travis.yml
|
|
22
|
-
- set the versions automatically in your Gemspec
|
|
23
21
|
|
|
22
|
+
## The solution
|
|
24
23
|
|
|
25
|
-
|
|
24
|
+
This gems detects which versions of Ruby your project supports.
|
|
26
25
|
|
|
27
|
-
|
|
26
|
+
It assumes you are using Travis and the versions listed in your `.travis.yml` are supported.
|
|
27
|
+
|
|
28
|
+
This helps you limit the Ruby versions you support - just by adding/removing entries in your Travis configuration file.
|
|
29
|
+
|
|
30
|
+
Also, you it can warn users if they are using an outdated version of Ruby.
|
|
31
|
+
|
|
32
|
+
(Or one with security vulnerabilities).
|
|
33
|
+
|
|
34
|
+
|
|
35
|
+
## Usage
|
|
36
|
+
|
|
37
|
+
### E.g. in your gemspec file:
|
|
28
38
|
|
|
29
39
|
```ruby
|
|
30
|
-
|
|
40
|
+
begin
|
|
41
|
+
require "ruby_dep/travis"
|
|
42
|
+
s.required_ruby_version = RubyDep::Travis.new.version_constraint
|
|
43
|
+
rescue LoadError
|
|
44
|
+
abort "Install 'ruby_dep' gem before building this gem"
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
s.add_development_dependency 'ruby_dep', '~> 1.0'
|
|
31
48
|
```
|
|
32
49
|
|
|
33
|
-
|
|
50
|
+
### In your `README.md`:
|
|
34
51
|
|
|
35
|
-
|
|
52
|
+
Replace your mentions of "supported Ruby versions" to point to the Travis build.
|
|
36
53
|
|
|
37
|
-
Or
|
|
54
|
+
(Or, you can point to the rubygems.org site where the required Ruby version is listed).
|
|
38
55
|
|
|
39
|
-
|
|
56
|
+
If it works on Travis, it's assumed to be supported, right?
|
|
40
57
|
|
|
41
|
-
|
|
58
|
+
If it fails, it isn't, right?
|
|
42
59
|
|
|
43
|
-
|
|
60
|
+
### In your library:
|
|
44
61
|
|
|
45
62
|
```ruby
|
|
46
|
-
require 'ruby_dep'
|
|
63
|
+
require 'ruby_dep/warnings'
|
|
64
|
+
RubyDep::Warning.show_warnings
|
|
65
|
+
```
|
|
47
66
|
|
|
48
|
-
|
|
67
|
+
## Tips
|
|
68
|
+
|
|
69
|
+
To disable warnings, just set the following environment variable:
|
|
70
|
+
|
|
71
|
+
`RUBY_DEP_GEM_SILENCE_WARNINGS=1`
|
|
72
|
+
|
|
73
|
+
|
|
74
|
+
## Roadmap
|
|
75
|
+
|
|
76
|
+
Pull Requests are welcome.
|
|
77
|
+
|
|
78
|
+
Plans include: reading supported Ruby from `.rubocop.yml` (`TargetRubyVersion` field).
|
|
49
79
|
|
|
50
|
-
spec.required_ruby_version = RubyDep::Travis.new.version_constraint
|
|
51
|
-
```
|
|
52
80
|
|
|
53
81
|
## Development
|
|
54
82
|
|
data/lib/ruby_dep/version.rb
CHANGED
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
module RubyDep
|
|
2
|
+
class Warning
|
|
3
|
+
MSG_BUGGY = 'RubyDep: WARNING: your Ruby is outdated/buggy.'\
|
|
4
|
+
' Please upgrade.'.freeze
|
|
5
|
+
|
|
6
|
+
MSG_INSECURE = 'RubyDep: WARNING: your Ruby has security vulnerabilities!'\
|
|
7
|
+
' Please upgrade!'.freeze
|
|
8
|
+
|
|
9
|
+
MSG_HOW_TO_DISABLE = ' (To disable warnings, set'\
|
|
10
|
+
' RUBY_DEP_GEM_SILENCE_WARNINGS=1)'.freeze
|
|
11
|
+
|
|
12
|
+
def show_warnings
|
|
13
|
+
return if silenced?
|
|
14
|
+
case check_ruby
|
|
15
|
+
when :insecure
|
|
16
|
+
STDERR.puts MSG_INSECURE + MSG_HOW_TO_DISABLE
|
|
17
|
+
when :buggy
|
|
18
|
+
STDERR.puts MSG_BUGGY + MSG_HOW_TO_DISABLE
|
|
19
|
+
when :unknown
|
|
20
|
+
else
|
|
21
|
+
raise "Unknown problem type: #{problem.inspect}"
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
private
|
|
26
|
+
|
|
27
|
+
VERSION_INFO = {
|
|
28
|
+
'2.3.1' => :unknown,
|
|
29
|
+
'2.3.0' => :buggy,
|
|
30
|
+
'2.2.5' => :unknown,
|
|
31
|
+
'2.2.4' => :buggy,
|
|
32
|
+
'2.2.0' => :insecure,
|
|
33
|
+
'2.1.9' => :buggy,
|
|
34
|
+
'2.0.0' => :insecure
|
|
35
|
+
}.freeze
|
|
36
|
+
|
|
37
|
+
def check_ruby
|
|
38
|
+
version = Gem::Version.new(RUBY_VERSION)
|
|
39
|
+
VERSION_INFO.each do |ruby, status|
|
|
40
|
+
return status if version >= Gem::Version.new(ruby)
|
|
41
|
+
end
|
|
42
|
+
:insecure
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def silenced?
|
|
46
|
+
value = ENV['RUBY_DEP_GEM_SILENCE_WARNINGS']
|
|
47
|
+
(value || '0') !~ /^0|false|no|n$/
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
data/ruby_dep.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby_dep
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cezary Baginski
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 1.
|
|
19
|
+
version: '1.11'
|
|
20
20
|
type: :development
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 1.
|
|
26
|
+
version: '1.11'
|
|
27
27
|
description: Creates a version constraint of supported Rubies,suitable for a gemspec
|
|
28
28
|
file
|
|
29
29
|
email:
|
|
@@ -46,6 +46,7 @@ files:
|
|
|
46
46
|
- lib/ruby_dep.rb
|
|
47
47
|
- lib/ruby_dep/travis.rb
|
|
48
48
|
- lib/ruby_dep/version.rb
|
|
49
|
+
- lib/ruby_dep/warning.rb
|
|
49
50
|
- ruby_dep.gemspec
|
|
50
51
|
homepage: https://github.com/e2/ruby_dep
|
|
51
52
|
licenses:
|