veye 0.2.1 → 0.3.0

data/lib/veye/api/package.rb

@@ -17,11 +17,14 @@ module Veye
       end
 
       # returns package information
-      def self.get_package(api_key, prod_key, language)
+      def self.get_package(api_key, prod_key, language, version = nil)
         lang = encode_language(language)
         safe_prod_key = encode_prod_key(prod_key)
+        
         qparams = {}
         qparams[:api_key] = api_key if api_key.to_s.size > 0
+        qparams[:prod_version] = version.to_s.strip unless version.to_s.empty?
+
         product_api = Resource.new "#{RESOURCE_PATH}/#{lang}/#{safe_prod_key}"
         product_api.resource.get({params: qparams}) do |response, request, result|
           JSONResponse.new(request, result, response)
@@ -46,6 +49,17 @@ module Veye
         end
       end
 
+      def self.get_version_list(api_key, prod_key, language)
+        lang = encode_language(language)
+        safe_prod_key = encode_prod_key(prod_key)
+      
+        qparams = {api_key: api_key}
+        product_api = Resource.new "#{RESOURCE_PATH}/#{lang}/#{safe_prod_key}/versions"
+        product_api.resource.get({params: qparams}) do |response, request, result|
+          JSONResponse.new(request, result, response)
+        end
+      end
+
       def self.get_follow_status(api_key, prod_key, language)
         product_api = Resource.new(RESOURCE_PATH)
         qparams = {api_key: api_key}
@@ -53,7 +67,7 @@ module Veye
         safe_prod_key = encode_prod_key(prod_key)
         path = "#{lang}/#{safe_prod_key}/follow.json"
         product_api.resource[path].get({params: qparams}) do |response, request, result|
-          Veye::API::JSONResponse.new(request, result, response)
+          JSONResponse.new(request, result, response)
         end
       end
 

data/lib/veye/api/project.rb

@@ -24,15 +24,19 @@ module Veye
         file_path
       end
 
-      def self.get_list(api_key)
+      def self.get_list(api_key, org_name, team_name = nil)
         project_api = Resource.new(RESOURCE_PATH)
-        qparams = {:params => {:api_key => api_key}}
-        project_api.resource.get(qparams) do |response, request, result|
+        qparams = {:api_key => api_key}
+        qparams[:orga_name] = org_name.to_s.strip unless org_name.to_s.empty?
+        qparams[:team_name] = team_name.to_s.strip unless team_name.to_s.empty?
+
+        project_api.resource.get({:params => qparams}) do |response, request, result|
           JSONResponse.new(request, result, response)
         end
       end
 
-      def self.upload(api_key, filename)
+      def self.upload(api_key, filename, org_name = nil, team_name = nil, temporary = false, public =true, name = nil)
+        Veye.logger.info("Uploading `#{filename}` under #{org_name}, temporary? #{temporary}, organization? #{public} ")
         project_api = Resource.new(RESOURCE_PATH)
         file_path = check_file(filename)
         return if file_path.nil?
@@ -42,14 +46,19 @@ module Veye
           :upload   => file_obj,
           :api_key  => api_key
         }
+        upload_data[:orga_name] = org_name.to_s.strip unless org_name.to_s.empty?
+        upload_data[:team_name] = team_name.to_s.strip unless team_name.to_s.empty?
+        upload_data[:temporary] = temporary
+        upload_data[:visibility] = (public == true ? 'public' : 'private')
+        upload_data[:name]      = name.to_s.strip unless name.to_s.strip.empty?
 
         project_api.resource.post(upload_data) do |response, request, result, &block|
           JSONResponse.new(request, result, response)
         end
       end
 
-      def self.update(api_key, project_key, filename)
-        project_api = Resource.new("#{RESOURCE_PATH}/#{project_key}")
+      def self.update(api_key, project_id, filename)
+        project_api = Resource.new("#{RESOURCE_PATH}/#{project_id}")
         file_path = check_file(filename)
         return if file_path.nil?
 
@@ -102,6 +111,32 @@ module Veye
         end
       end
 
+
+      def self.merge(api_key, parent_id, child_id)
+        if parent_id.to_s.empty? or child_id.to_s.empty?
+          printf("api.project.merge: neither ParentID or ChildId can not be empty")
+          return
+        end
+
+        project_api = Resource.new("#{RESOURCE_PATH}/#{parent_id}/merge/#{child_id}")
+        qparams = {params: {api_key: api_key}}
+        project_api.resource.get(qparams) do |response, request, result|
+          JSONResponse.new(request, result, response)
+        end
+      end
+
+      def self.unmerge(api_key, parent_id, child_id)
+        if parent_id.to_s.empty? or child_id.to_s.empty?
+          printf("api.project.unmerge: neither ParentID or ChildID can not be empty")
+          return
+        end
+
+        project_api = Resource.new("#{RESOURCE_PATH}/#{parent_id}/unmerge/#{child_id}")
+        qparams = {params: {api_key: api_key}}
+        project_api.resource.get(qparams) do |response, request, result|
+          JSONResponse.new(request, result, response)
+        end
+      end
     end
   end
 end

data/lib/veye/base_executor.rb

@@ -9,13 +9,20 @@ class BaseExecutor
     return if formatter.nil?
 
     formatter.before
-    formatter.format(results)
+
+    #if command uses s.o windowed output aka show only part of the items list
+    if options.has_key?(:n) or options.has_key?(:from)
+      formatter.format(results, options[:n].to_i, options[:from].to_i)
+    else
+      formatter.format(results)
+    end
     formatter.after(paging, options[:pagination])
   end
 
   def self.valid_response?(response, msg)
     if response.nil? || response.success != true
       printf "#{msg.to_s.color(:red)}: #{response.data}\n"
+      Veye.logger.error "API returned error - #{response.code}, #{response.data}"
       return false
     end
 
@@ -27,23 +34,14 @@ class BaseExecutor
     valid_response?(response, msg)
   end
 
-  def self.filter_dependencies(results, options)
-
-    if options[:all]
-      results['dependencies'].to_a.sort_by {|x| x['outdated'] ? -1 : 0}
-    else
-      results['dependencies'].to_a.keep_if {|x| x['outdated']}
-    end
-  end
-  
-  def self.show_dependencies(output_formats, results, options)
+  def self.show_dependencies(output_formats, proj_deps, options)
     formatter = get_formatter(output_formats, options)
     return if formatter.nil?
 
-    deps = filter_dependencies(results, options)     
-
+    sorted_deps = process_dependencies(proj_deps.to_a, options)
+    
     formatter.before
-    formatter.format deps
+    formatter.format sorted_deps.to_a
     formatter.after
   end
 
@@ -52,12 +50,79 @@ class BaseExecutor
     return if formatter.nil?
 
     formatter.before
-    results.each do |filename, deps|
-      formatter.format filter_dependencies(deps, options), filename
+    results.each do |filename, project|
+      sorted_deps = process_dependencies(project['dependencies'].to_a, options)
+
+      formatter.format(sorted_deps.to_a, filename)
     end
 
     formatter.after
   end
+  
+  def self.sort_dependencies_by_upgrade_complexity(deps)
+    deps.to_a.sort {|a, b| b[:upgrade][:dv_score] <=> a[:upgrade][:dv_score]}
+  end
+
+  def self.filter_dependencies(deps, options = {})
+    return deps if ( options[:all] == true )
+
+    deps.keep_if {|d| d['outdated'] == true}
+ 
+    #if any of filter flags are not selected then return only outdated deps
+
+    if (options[:major] or options[:minor] or options[:patch]) == false
+      return deps
+    end
+
+    filtered_deps = []
+    if options.fetch(:major, false) == true
+      deps.each {|d| filtered_deps << d if d[:upgrade][:dv_major] > 0}
+    end
+
+    #add only package which has minor change and may have patch changes
+    if options.fetch(:minor, false) == true
+      deps.each do |d|
+        if d[:upgrade][:dv_minor] > 0 and d[:upgrade][:dv_major] == 0
+          filtered_deps << d
+        end
+      end
+    end
+
+    #add only packages which has only patches, and skip all the minor and major changes
+    if options.fetch(:patch, false)  == true
+      deps.each do |d|
+        if d[:upgrade][:dv_patch] > 0 and d[:upgrade][:dv_minor] == 0 and d[:upgrade][:dv_major] == 0
+          filtered_deps << d
+        end
+      end
+    end
+
+    #remove duplicates if user attached multiple filter flags
+    already_seen_keys = Set.new
+    filtered_deps.reduce([]) do |acc, dep|
+      next unless dep.has_key?('prod_key')
+
+      unless already_seen_keys.include?(dep['prod_key'])
+        acc << dep
+        already_seen_keys << dep['prod_key']
+      end
+
+      acc
+    end
+  end
+
+  def self.process_dependencies(proj_deps, options)
+    proj_deps.to_a.map do |dep|
+      dep[:upgrade] = Veye::Project.calc_upgrade_heuristics(dep['version_requested'], dep['version_current'])
+      dep
+    end
+  
+    proj_deps = filter_dependencies(proj_deps, options)
+    proj_deps = sort_dependencies_by_upgrade_complexity(proj_deps)
+
+    proj_deps.to_a
+  end
+
 
   def self.show_message(results, success_msg, fail_msg)
     if results.success

data/lib/veye/github/delete.rb

@@ -4,10 +4,8 @@ module Veye
   module Github
     # Delete class include methods to cleanup projects imported from Github
     class Delete < BaseExecutor
-      def self.delete_repo(api_key, repo_name, options)
-        response = Veye::API::Github.delete_repo(
-          api_key, repo_name, options[:branch]
-        )
+      def self.delete_repo(api_key, repo_name, branch = 'master', options = {})
+        response = Veye::API::Github.delete_repo(api_key, repo_name, branch)
         show_result(response)
       end
 

data/lib/veye/github/import.rb

@@ -13,10 +13,9 @@ module Veye
         'table'   => Github::InfoTable.new
       }
 
-      def self.import_repo(api_key, repo_name, options)
-        results = Veye::API::Github.import_repo(
-          api_key, repo_name, options[:branch], options[:file]
-        )
+      def self.import_repo(api_key, repo_name, branch = 'master', filename = 'Gemfile', options = {})
+        results = Veye::API::Github.import_repo( api_key, repo_name, branch, filename)
+
         catch_request_error(results, "Can not find repository `#{repo_name}`")
         show_results(@output_formats, results.data, options, nil)
       end

data/lib/veye/package/follow.rb

@@ -14,26 +14,26 @@ module Veye
         )
       end
 
-      def self.get_follow_status(api_key, package_key)
-        prod_key, lang = Package.parse_key(package_key)
+      def self.get_follow_status(api_key, prod_key, lang)
         results = Veye::API::Package.get_follow_status(api_key, prod_key, lang)
-        if valid_response?(results, 'Didnt get any response.')
+        
+        if valid_response?(results, "Failed to follow #{lang} package #{prod_key}.")
           show_result(results)
         end
       end
 
-      def self.follow(api_key, package_key)
-        prod_key, lang = Package.parse_key(package_key)
+      def self.follow(api_key, prod_key, lang)
         results = Veye::API::Package.follow(api_key, prod_key, lang)
-        if valid_response?(results, 'Cant follow.')
+        
+        if valid_response?(results, "Cant follow #{lang} package #{prod_key}.")
           show_result(results)
         end
       end
 
-      def self.unfollow(api_key, package_key)
-        prod_key, lang = Package.parse_key(package_key)
+      def self.unfollow(api_key, prod_key, lang)
         results = Veye::API::Package.unfollow(api_key, prod_key, lang)
-        if valid_response?(results, 'Cant unfollow.')
+        
+        if valid_response?(results, "Cant unfollow #{lang} package #{prod_key} .")
           show_result(results)
         end
       end

data/lib/veye/package/info.rb

@@ -12,10 +12,10 @@ module Veye
         'table'     => Package::InfoTable.new
       }
 
-      def self.get_package(api_key, package_key, options = {})
-        prod_key, lang = Package.parse_key(package_key)
-        results = Veye::API::Package.get_package(api_key, prod_key, lang)
-        err_msg = "Didnt find any package with product_key: `#{package_key}`"
+      def self.get_package(api_key, prod_key, lang = 'ruby', version = nil, options = {})
+        results = Veye::API::Package.get_package(api_key, prod_key, lang, version)
+        err_msg = "Didnt find any #{lang} package with product_key: `#{prod_key}`"
+
         if valid_response?(results, err_msg)
           paging = results.data['paging']
           show_results(@output_formats, results.data, options, paging)

data/lib/veye/package/references.rb

@@ -12,12 +12,10 @@ module Veye
         'table'     => Package::ReferencesTable.new
       }
 
-      def self.get_references(api_key, package_key, options = {})
-        prod_key, lang = Package.parse_key(package_key)
-        results = Veye::API::Package.get_references(
-          api_key, prod_key, lang, options[:page]
-        )
-        if valid_response?(results, "No references for: `#{package_key}`")
+      def self.get_references(api_key, prod_key, language='ruby', options = {})
+        results = Veye::API::Package.get_references(api_key, prod_key, language, options[:page])
+
+        if valid_response?(results, "No references for: `#{prod_key}`, language: #{language}")
           paging = results.data['paging']
           show_results(@output_formats, results.data, options, paging)
         end

data/lib/veye/package/search.rb

@@ -12,7 +12,8 @@ module Veye
         'pretty'    => Package::SearchPretty.new,
         'table'     => Package::SearchTable.new
       }
-
+      
+      #TODO: remove options param and extraxt option map in the bin/veye command
       def self.search(api_key, search_term, options)
         results = Veye::API::Package.search(
           api_key, search_term, options[:language],

data/lib/veye/package/versions.rb

@@ -0,0 +1,37 @@
+require 'naturalsorter'
+
+require_relative '../views/package.rb'
+require_relative '../base_executor.rb'
+
+module Veye
+  module Package
+    class Versions < BaseExecutor
+      @output_formats = {
+        'csv'     => Package::VersionsCSV.new,
+        'json'    => Package::VersionsJSON.new,
+        'pretty'  => Package::VersionsPretty.new,
+        'table'   => Package::VersionsTable.new
+      }
+    
+      def self.get_list(api_key, prod_key, lang = 'ruby', n = 10, from = 0, options = {})
+        results = Veye::API::Package.get_version_list(api_key, prod_key, lang)
+        err_msg = "Found no versions for #{lang} package `#{prod_key}`"
+
+        if valid_response?(results, err_msg)
+          sorted_items = results.data['versions'].to_a.sort do |a, b| 
+            Naturalsorter::Sorter.bigger?(a['version'], b['version']) ? -1 : 1
+          end
+
+          filtered_items =  if options.has_key?('all') and options['all'] == true
+                              sorted_items
+                            else
+                              sorted_items.to_a.drop(from).take(n)
+                            end
+          results.data['versions'] = filtered_items
+
+          show_results(@output_formats, results.data, options)
+        end
+      end
+    end
+  end
+end

data/lib/veye/package.rb

@@ -2,6 +2,7 @@ require_relative 'package/info.rb'
 require_relative 'package/search.rb'
 require_relative 'package/follow.rb'
 require_relative 'package/references.rb'
+require_relative 'package/versions.rb'
 
 # -- define module constants here
 module Veye
@@ -12,6 +13,7 @@ module Veye
       Set.new ["Clojure", "Java", "Javascript", "Node.JS", "PHP", "Python", "Ruby", "R"]
     end
 
+    #TODO remove it
     def self.parse_key(package_key)
       tokens = package_key.to_s.split('/')
       lang = tokens.first

data/lib/veye/project/check.rb

@@ -23,8 +23,9 @@ module Veye
         'md'        => Project::DependencyMarkdown.new
       }
 
-      def self.get_list(api_key, options)
-        results = Veye::API::Project.get_list(api_key)
+      def self.get_list(api_key, org_name = 'private', team_name = nil, options)
+        Veye.logger.info "Fetching a list of project for #{org_name}, team:#{team_name}"
+        results = Veye::API::Project.get_list(api_key, org_name, team_name)
         valid_response?(results, 'Can not read list of projects.')
         show_results(@output_formats, results.data, options)
       end
@@ -33,18 +34,24 @@ module Veye
         results = Veye::API::Project.get_project(api_key, project_key)
         err_msg = "No data for the project: `#{project_key}`"
         valid_response?(results, err_msg)
-        show_results(@output_formats, results.data, options)
+
+        proj_dt = results.data
+        show_results(@output_formats, proj_dt, options)
         if options[:format] != 'json'
-          show_dependencies(@dependency_output_formats, results.data, options)
+          show_dependencies(@dependency_output_formats, proj_dt['dependencies'], options)
         end
       end
 
-      def self.upload(api_key, filename, options)
-        results = Veye::API::Project.upload(api_key, filename)
+      def self.upload(api_key, filename, org_name = 'private', team_name = nil, options)
+
+        results = Veye::API::Project.upload(
+          api_key, filename, org_name, team_name, options[:temporary], options[:public], options[:name]
+        )
+
         valid_response?(results, 'Upload failed.')
         show_results(@output_formats, results.data, options)
         if options[:format] != 'json'
-          show_dependencies(@dependency_output_formats, results.data, options)
+          show_dependencies(@dependency_output_formats, results.data['dependencies'], options)
         end
       end
 
@@ -53,7 +60,7 @@ module Veye
         valid_response?(results, 'Re-upload failed.')
         show_results(@output_formats, results.data, options)
         if options[:format] != 'json'
-          show_dependencies(@dependency_output_formats, results.data, options)
+          show_dependencies(@dependency_output_formats, results.data['dependencies'], options)
         end
       end
 
@@ -78,10 +85,12 @@ module Veye
         project_settings['projects'].each do |filename, project_id|
           filepath = "#{path}/#{filename}"
           results = if project_id.to_s.empty?
-                      Veye::API::Project.upload(api_key, filepath)
+                      Veye::API::Project.upload(api_key, filepath, options[:org], options[:team],
+                                                options[:temporary], options[:public], options[:name])
                     else
                       Veye::API::Project.update(api_key, project_id, filepath)
                     end
+
           error_msg = "Failed to check dependencies for `#{filename.to_s.color(:red)}`"
           if valid_response?(results, error_msg)
             deps[filename] = results.data
@@ -97,6 +106,7 @@ module Veye
           files.to_a.join(', ').to_s.color(:green),
           "veye.json".color(:yellow)
         )
+        options[:all] = true #hack
         show_bulk_dependencies(@dependency_output_formats, deps, options)
       end
 

data/lib/veye/project.rb

@@ -1,3 +1,5 @@
+require 'semverly'
+
 require_relative 'project/check.rb'
 require_relative 'project/license.rb'
 
@@ -6,11 +8,48 @@ module Veye
   # projects on VersionEye and presenting results
   # on command line.
   module Project
+
+    #source: https://raw.githubusercontent.com/versioneye/versioneye-core/master/lib/versioneye/services/project_service.rb
     @supported_files = [
-      'project\.clj', 'bower\.json', 'project\.json', 'gemfile',
-      'gemfile\.lock', '*\.gradle', '*\.sbt', '*\.pom\.xml', 'podfile'
+      'project\.clj\z', 'bower\.json\z', 'project\.json\z', 'gemfile\z',
+      'gemfile\.lock\z', '*\.gradle\z', '*\.sbt\z', '*\.pom\.xml\z', 'podfile\z',
+      '*\.podspec\z', 'Podfile\.lock\z', 'composer\.lock\z', 'composer\.json\z', 
+      'project\.json\z', 'packages\.config\z', 'packages\.json\z', 'requirements\.txt\z',
+      'biicode\.conf\z', 'Berksfile\.lock\z', 'Berksfile\z', 'cpanfile\z', '*\.nuspec\z',
+      'setup\.py\z', '*\.pom\z', 'external_dependencies.xml\z'
     ]
 
+    @default_upgrade_heuristics = {
+      difficulty: 'unknown',
+      is_semver: false,
+      dv_major: 0.0, #absolute major version difference between 2 semver
+      dv_minor: 0.0, 
+      dv_patch: 0.0,
+      dv_score: 0.0 # total dv score on logarithmic scale
+    }
+
+    #-- project commands
+    def self.merge(api_key, parent_id, child_id)
+      if parent_id.to_s.empty? or child_id.to_s.empty?
+        printf("%s\n", "parent_id or child_id was unspecified".color(:red))
+        return
+      end
+
+      res = Veye::API::Project.merge(api_key, parent_id, child_id)
+      printf("success: %s\n", res.data.fetch('success', false))
+    end
+
+    def self.unmerge(api_key, parent_id, child_id)
+      if parent_id.to_s.empty? or child_id.to_s.empty?
+        printf("%s\n", "parent_id or child_id was unspecified".color(:red))
+        return
+      end
+
+      res = Veye::API::Project.unmerge(api_key, parent_id, child_id)
+      printf("success: %s\n", res.data.fetch('success', false) )
+    end
+
+    #-- helper functions
     def self.supported_files
       @supported_files
     end
@@ -32,5 +71,50 @@ module Veye
 
       files
     end
+
+    #estimates how difficult it would be to upgrade to current version
+    def self.calc_upgrade_heuristics(version_requested, version_current)
+      scores = @default_upgrade_heuristics
+      
+      semver_A = SemVer.parse(version_requested)
+      semver_B = SemVer.parse(version_current)
+
+      #if any of versions are not semver, then shortcut execution
+      if ( semver_A.nil? or semver_B.nil? )
+        #hack: float unknown outdated semvers top of up-to-date packages
+        scores[:dv_score] = 0.01 if version_requested != version_current
+        return scores
+      end
+
+      scores = {
+        :is_semver  => true,
+        :dv_major   => (semver_A.major - semver_B.major).abs,
+        :dv_minor   => (semver_A.minor - semver_B.minor).abs,
+        :dv_patch   => (semver_A.patch - semver_B.patch).abs
+      }
+
+      dv_score = Math.log10(scores[:dv_major] * 1e3 + scores[:dv_minor] * 1e2 + scores[:dv_patch] + 1)
+      scores[:dv_score] = dv_score.round(3)
+
+      scores[:difficulty] = humanize_dv_score(scores[:dv_score], scores[:is_semver])
+
+      scores
+    end
+
+    def self.humanize_dv_score(the_score, is_semver)
+      if is_semver == false
+        'unknown'
+      elsif the_score == 0
+        'up-to-date'
+      elsif the_score < 1
+        'low'
+      elsif the_score >= 1 and the_score < 3
+        'medium'
+      elsif the_score >= 3
+        'high'
+      else
+        'unknown'
+      end
+    end
   end
 end

data/lib/veye/version.rb

@@ -1,5 +1,5 @@
 module Veye
-  VERSION = '0.2.1'
+  VERSION = '0.3.0'
   BIGEYE = %q{
 
       _    __                   _                ______

data/lib/veye/views/base_csv.rb

@@ -19,7 +19,7 @@ class BaseCSV
     end
   end
 
-  def format(results)
+  def format(results, n = 0, from = 0)
     raise NotImplementedError
   end
 end

data/lib/veye/views/github/info_csv.rb

@@ -11,7 +11,7 @@ module Veye
         return nil if results.nil?
         repo = results['repo']
         imported_projects = results['imported_projects']
-        imported_project_names = imported_projects.map {|p| p['project_key']}
+        imported_project_names = imported_projects.map {|p| p['id']}
         printf(
           "%s,%s,%s,%s,%s,%s,%s,%s,%s\n",
           repo['fullname'],

data/lib/veye/views/github/info_pretty.rb

@@ -9,7 +9,7 @@ module Veye
         repo = result['repo']
         projects = result['imported_projects']
         if projects
-          project_names = projects.map {|x| x['project_key']}
+          project_names = projects.map {|x| x['id']}
         else
           project_names = []
         end

data/lib/veye/views/github/info_table.rb

@@ -19,7 +19,7 @@ module Veye
 
         projects = result['imported_projects']
         if projects
-          project_names = projects.map {|x| x['project_key']}
+          project_names = projects.map {|x| x['id']}
         else
           project_names = []
         end
@@ -38,4 +38,4 @@ module Veye
       end
     end
   end
-end
+end

data/lib/veye/views/package/info_csv.rb

@@ -4,14 +4,15 @@ module Veye
   module Package
     class InfoCSV < BaseCSV
       def initialize
-        headers = "name,version,language,prod_key,licence,prod_type,description,link"
+        headers = "name,version,language,prod_key,licence,prod_type,description,link,cves"
         super(headers)
       end
       def format(result)
-        printf("%s,%s,%s,%s,%s,%s,%s,%s\n",
+        vulns = result['security_vulnerabilities'].to_a.map {|x| x['name_id']}.join(';')
+        printf("%s,%s,%s,%s,%s,%s,%s,'%s',%s\n",
               result["name"], result["version"], result["language"],
               result["prod_key"], result["license"], result["prod_type"],
-              result["link"], result["description"])
+              result["link"], result["description"], vulns)
       end
     end
   end