From e9b833e8dab08ed38bc2e252a6cc0cf5a0ff3e83 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 09:16:11 +1000 Subject: [PATCH 01/12] Move Rubocop LineLength config to Layout namespace --- .rubocop.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 8fead32..d7fcb5e 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -8,12 +8,12 @@ AllCops: Gemspec/RequiredRubyVersion: Enabled: false -Metrics/BlockLength: +Layout/LineLength: Exclude: - 'spec/**/*' - 'test/**/*' -Metrics/LineLength: +Metrics/BlockLength: Exclude: - 'spec/**/*' - 'test/**/*' From 2693e3c680c72ab3637481a3998a28c1e8027431 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 09:19:22 +1000 Subject: [PATCH 02/12] Rubocop: resolve Layout/LineContinuationSpacing --- lib/unwrappr/cli.rb | 3 +-- lib/unwrappr/ruby_gems.rb | 3 +-- lib/unwrappr/writers/security_vulnerabilities.rb | 3 +-- spec/lib/unwrappr/lock_file_annotator_spec.rb | 3 +-- 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/lib/unwrappr/cli.rb b/lib/unwrappr/cli.rb index 17dc280..7b3148b 100644 --- a/lib/unwrappr/cli.rb +++ b/lib/unwrappr/cli.rb @@ -29,8 +29,7 @@ class CLI < Clamp::Command exit(0) end - subcommand 'all', 'run bundle update, push to GitHub, '\ - 'create a pr and annotate changes' do + subcommand 'all', 'run bundle update, push to GitHub, create a pr and annotate changes' do option ['-R', '--recursive'], :flag, 'Recurse into subdirectories', diff --git a/lib/unwrappr/ruby_gems.rb b/lib/unwrappr/ruby_gems.rb index 7935344..5f191a8 100644 --- a/lib/unwrappr/ruby_gems.rb +++ b/lib/unwrappr/ruby_gems.rb @@ -27,8 +27,7 @@ def parse(response, name) end def error_message(response:, name:) - "Rubygems response for #{name}: "\ - "HTTP #{response.status}: #{response.body}" + "Rubygems response for #{name}: HTTP #{response.status}: #{response.body}" end end end diff --git a/lib/unwrappr/writers/security_vulnerabilities.rb b/lib/unwrappr/writers/security_vulnerabilities.rb index 229c807..0b46359 100644 --- a/lib/unwrappr/writers/security_vulnerabilities.rb +++ b/lib/unwrappr/writers/security_vulnerabilities.rb @@ -87,8 +87,7 @@ def cve_url(id) def cvss_v2(advisory) # rubocop:disable Style/GuardClause if advisory.cvss_v2 - "CVSS V2: [#{advisory.cvss_v2} #{advisory.criticality}]"\ - "(#{cvss_v2_url(advisory.cve_id)})" + "CVSS V2: [#{advisory.cvss_v2} #{advisory.criticality}](#{cvss_v2_url(advisory.cve_id)})" end # rubocop:enable Style/GuardClause end diff --git a/spec/lib/unwrappr/lock_file_annotator_spec.rb b/spec/lib/unwrappr/lock_file_annotator_spec.rb index bb07a49..9937ea7 100644 --- a/spec/lib/unwrappr/lock_file_annotator_spec.rb +++ b/spec/lib/unwrappr/lock_file_annotator_spec.rb @@ -20,8 +20,7 @@ module Unwrappr describe '#annotate' do subject(:annotate) { annotator.annotate } - context 'given a Gemfile.lock that changes: '\ - 'rspec-support 3.7.0 -> 3.7.1' do + context 'given a Gemfile.lock that changes: rspec-support 3.7.0 -> 3.7.1' do let(:lock_file_diff_source) { instance_double(Github::PrSource) } let(:annotation_sink) { instance_spy(Github::PrSink) } let(:base_lock_file) { <<~BASE_FILE } From 7b278b0b6b713670b6d4810ca8c2ac40e3b81fa5 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 09:45:10 +1000 Subject: [PATCH 03/12] Rubocop: resolve Gemspec/RequireMFA --- unwrappr.gemspec | 1 + 1 file changed, 1 insertion(+) diff --git a/unwrappr.gemspec b/unwrappr.gemspec index 54a0be4..d0266c6 100644 --- a/unwrappr.gemspec +++ b/unwrappr.gemspec @@ -52,6 +52,7 @@ Gem::Specification.new do |spec| # rubocop:disable Metrics/BlockLength: spec.add_development_dependency 'rubocop', '>= 0.49.0' spec.metadata = { + 'rubygems_mfa_required' => 'true', 'bug_tracker_uri' => "#{GITHUB_URL}/issues", 'changelog_uri' => "#{GITHUB_URL}/blob/HEAD/CHANGELOG.md", 'documentation_uri' => "#{GITHUB_URL}/blob/HEAD/README.md", From 18205ce166f1738181df080b65d76726587d2743 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 09:46:56 +1000 Subject: [PATCH 04/12] Rubocop: resolve Style/IfUnlessModifier --- lib/unwrappr/writers/security_vulnerabilities.rb | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/lib/unwrappr/writers/security_vulnerabilities.rb b/lib/unwrappr/writers/security_vulnerabilities.rb index 0b46359..2c75c7f 100644 --- a/lib/unwrappr/writers/security_vulnerabilities.rb +++ b/lib/unwrappr/writers/security_vulnerabilities.rb @@ -85,11 +85,7 @@ def cve_url(id) end def cvss_v2(advisory) - # rubocop:disable Style/GuardClause - if advisory.cvss_v2 - "CVSS V2: [#{advisory.cvss_v2} #{advisory.criticality}](#{cvss_v2_url(advisory.cve_id)})" - end - # rubocop:enable Style/GuardClause + "CVSS V2: [#{advisory.cvss_v2} #{advisory.criticality}](#{cvss_v2_url(advisory.cve_id)})" if advisory.cvss_v2 end def cvss_v2_url(id) From 02538f38bcb9c0c416cd1f477d7c9ec1b35c710e Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 10:07:32 +1000 Subject: [PATCH 05/12] Rubocop: resolve Style/FetchEnvVar --- lib/unwrappr/github/client.rb | 15 +-------------- lib/unwrappr/octokit.rb | 15 ++++++++++++++- spec/lib/unwrappr/github/client_spec.rb | 6 ------ 3 files changed, 15 insertions(+), 21 deletions(-) diff --git a/lib/unwrappr/github/client.rb b/lib/unwrappr/github/client.rb index 48ff320..8d54277 100644 --- a/lib/unwrappr/github/client.rb +++ b/lib/unwrappr/github/client.rb @@ -60,20 +60,7 @@ def annotate_pull_request(pr_number, lock_files) end def git_client - @git_client ||= Octokit::Client.new(access_token: github_token) - end - - def github_token - @github_token ||= ENV.fetch('GITHUB_TOKEN') - rescue KeyError - raise %( -Missing environment variable GITHUB_TOKEN. -See https://github.com/settings/tokens to set up personal access tokens. -Add to the environment: - - export GITHUB_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - - ) + @git_client ||= Octokit::Client.new(access_token: Octokit.access_token_from_environment) end end end diff --git a/lib/unwrappr/octokit.rb b/lib/unwrappr/octokit.rb index 539be51..1495de5 100644 --- a/lib/unwrappr/octokit.rb +++ b/lib/unwrappr/octokit.rb @@ -3,6 +3,19 @@ # Wrapper around octokit module Octokit def self.client - @client ||= Client.new(access_token: ENV['GITHUB_TOKEN']) + @client ||= Client.new(access_token: access_token_from_environment) + end + + def self.access_token_from_environment + ENV.fetch('GITHUB_TOKEN') do + raise <<~MESSAGE + Missing environment variable GITHUB_TOKEN. + See https://github.com/settings/tokens to set up personal access tokens. + Add to the environment: + + export GITHUB_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + MESSAGE + end end end diff --git a/spec/lib/unwrappr/github/client_spec.rb b/spec/lib/unwrappr/github/client_spec.rb index 4386eda..33c977c 100644 --- a/spec/lib/unwrappr/github/client_spec.rb +++ b/spec/lib/unwrappr/github/client_spec.rb @@ -95,12 +95,6 @@ end context 'without a token' do - before do - expect(ENV).to receive(:fetch) - .with('GITHUB_TOKEN') - .and_raise(KeyError, 'key not found GITHUB_TOKEN') - end - it 'provides useful feedback' do expect { make_pull_request! }.to raise_error(RuntimeError, /^Missing environment variable/) end From e9784dc26a4f07f8c34e14859cd4efd610770b99 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 10:34:30 +1000 Subject: [PATCH 06/12] Rubocop: resolve Style/OpenStructUse --- lib/unwrappr/researchers/github_repo.rb | 4 ++-- lib/unwrappr/ruby_gems.rb | 2 +- lib/unwrappr/writers/project_links.rb | 12 ++++++------ lib/unwrappr/writers/title.rb | 2 +- spec/lib/unwrappr/lock_file_annotator_spec.rb | 6 +++--- .../unwrappr/researchers/github_repo_spec.rb | 4 ++-- spec/lib/unwrappr/ruby_gems_spec.rb | 2 +- .../lib/unwrappr/writers/project_links_spec.rb | 18 ++++++++++++------ spec/lib/unwrappr/writers/title_spec.rb | 2 +- 9 files changed, 29 insertions(+), 23 deletions(-) diff --git a/lib/unwrappr/researchers/github_repo.rb b/lib/unwrappr/researchers/github_repo.rb index 61cc756..7e53822 100644 --- a/lib/unwrappr/researchers/github_repo.rb +++ b/lib/unwrappr/researchers/github_repo.rb @@ -13,8 +13,8 @@ class GithubRepo }ix.freeze def research(_gem_change, gem_change_info) - repo = match_repo(gem_change_info, :source_code_uri) || - match_repo(gem_change_info, :homepage_uri) + repo = match_repo(gem_change_info, 'source_code_uri') || + match_repo(gem_change_info, 'homepage_uri') gem_change_info.merge(github_repo: repo) end diff --git a/lib/unwrappr/ruby_gems.rb b/lib/unwrappr/ruby_gems.rb index 5f191a8..e2c47ff 100644 --- a/lib/unwrappr/ruby_gems.rb +++ b/lib/unwrappr/ruby_gems.rb @@ -18,7 +18,7 @@ def gem_info(name, version) def parse(response, name) case response.status when 200 - JSON.parse(response.body, object_class: OpenStruct) + JSON.parse(response.body) when 404 nil else diff --git a/lib/unwrappr/writers/project_links.rb b/lib/unwrappr/writers/project_links.rb index 20b9f06..dee5e17 100644 --- a/lib/unwrappr/writers/project_links.rb +++ b/lib/unwrappr/writers/project_links.rb @@ -24,13 +24,11 @@ def write private def change_log - link_or_strikethrough('change-log', - ruby_gems_info&.changelog_uri) + link_or_strikethrough('change-log', ruby_gems_info('changelog_uri')) end def source_code - link_or_strikethrough('source-code', - ruby_gems_info&.source_code_uri) + link_or_strikethrough('source-code', ruby_gems_info('source_code_uri')) end GEM_DIFF_URL_TEMPLATE = 'https://my.diffend.io/gems/%s/%s/%s' @@ -46,8 +44,10 @@ def gem_diff link_or_strikethrough('gem-diff', gem_diff_url) end - def ruby_gems_info - @gem_change_info[:ruby_gems] + def ruby_gems_info(*args) + return @gem_change_info[:ruby_gems] if args.empty? + + @gem_change_info.dig(:ruby_gems, *args) end def link_or_strikethrough(text, url) diff --git a/lib/unwrappr/writers/title.rb b/lib/unwrappr/writers/title.rb index b82730d..2c91eaa 100644 --- a/lib/unwrappr/writers/title.rb +++ b/lib/unwrappr/writers/title.rb @@ -12,7 +12,7 @@ class << self def write(gem_change, gem_change_info) embellished_gem_name = maybe_link( gem_change.name, - gem_change_info[:ruby_gems]&.homepage_uri + gem_change_info.dig(:ruby_gems, 'homepage_uri') ) "### #{embellished_gem_name}\n" end diff --git a/spec/lib/unwrappr/lock_file_annotator_spec.rb b/spec/lib/unwrappr/lock_file_annotator_spec.rb index 9937ea7..178ce69 100644 --- a/spec/lib/unwrappr/lock_file_annotator_spec.rb +++ b/spec/lib/unwrappr/lock_file_annotator_spec.rb @@ -96,9 +96,9 @@ module Unwrappr before do allow(::Unwrappr::RubyGems).to receive(:gem_info) .with('rspec-support', GemVersion.new('3.7.1')) - .and_return(spy(homepage_uri: 'home-uri', - source_code_uri: 'source-uri', - changelog_uri: 'changelog-uri')) + .and_return({ 'homepage_uri' => 'home-uri', + 'source_code_uri' => 'source-uri', + 'changelog_uri' => 'changelog-uri' }) allow(lock_file_diff_source).to receive(:each_file) .and_yield(LockFileDiff.new(filename: 'Gemfile.lock', base_file: base_lock_file, diff --git a/spec/lib/unwrappr/researchers/github_repo_spec.rb b/spec/lib/unwrappr/researchers/github_repo_spec.rb index 5feee65..08055c4 100644 --- a/spec/lib/unwrappr/researchers/github_repo_spec.rb +++ b/spec/lib/unwrappr/researchers/github_repo_spec.rb @@ -24,8 +24,8 @@ module Researchers let(:gem_change_info) do { ruby_gems: { - source_code_uri: source_code_uri, - homepage_uri: homepage_uri + 'source_code_uri' => source_code_uri, + 'homepage_uri' => homepage_uri } } end diff --git a/spec/lib/unwrappr/ruby_gems_spec.rb b/spec/lib/unwrappr/ruby_gems_spec.rb index 58265c1..0e15178 100644 --- a/spec/lib/unwrappr/ruby_gems_spec.rb +++ b/spec/lib/unwrappr/ruby_gems_spec.rb @@ -27,7 +27,7 @@ module Unwrappr let(:response_body) { '{"key": "value" }' } it 'returns provided details' do - expect(subject.key).to eql('value') + expect(subject['key']).to eql('value') end end diff --git a/spec/lib/unwrappr/writers/project_links_spec.rb b/spec/lib/unwrappr/writers/project_links_spec.rb index 12bf031..8cf5163 100644 --- a/spec/lib/unwrappr/writers/project_links_spec.rb +++ b/spec/lib/unwrappr/writers/project_links_spec.rb @@ -21,8 +21,10 @@ module Writers context 'given gem change info with urls' do let(:gem_change_info) do { - ruby_gems: spy(source_code_uri: 'source-uri', - changelog_uri: 'changelog-uri') + ruby_gems: { + 'source_code_uri' => 'source-uri', + 'changelog_uri' => 'changelog-uri' + } } end @@ -34,8 +36,10 @@ module Writers context 'given gem change info with urls for an added gem' do let(:gem_change_info) do { - ruby_gems: spy(source_code_uri: 'source-uri', - changelog_uri: 'changelog-uri') + ruby_gems: { + 'source_code_uri' => 'source-uri', + 'changelog_uri' => 'changelog-uri' + } } end let(:base_version) { nil } @@ -48,8 +52,10 @@ module Writers context 'given gem change info with urls for a removed gem' do let(:gem_change_info) do { - ruby_gems: spy(source_code_uri: 'source-uri', - changelog_uri: 'changelog-uri') + ruby_gems: { + 'source_code_uri' => 'source-uri', + 'changelog_uri' => 'changelog-uri' + } } end let(:head_version) { nil } diff --git a/spec/lib/unwrappr/writers/title_spec.rb b/spec/lib/unwrappr/writers/title_spec.rb index 4b030a7..eb99879 100644 --- a/spec/lib/unwrappr/writers/title_spec.rb +++ b/spec/lib/unwrappr/writers/title_spec.rb @@ -8,7 +8,7 @@ context 'given a gem homepage URI' do let(:gem_change_info) { { ruby_gems: ruby_gems } } - let(:ruby_gems) { spy(homepage_uri: 'home-uri') } + let(:ruby_gems) { { 'homepage_uri' => 'home-uri' } } it { should eq "### [test-gem](home-uri)\n" } end From a7af2a9370130e9ab290eda386f19798eb760c50 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 10:52:50 +1000 Subject: [PATCH 07/12] Fix test for Ruby 3 Ruby 3 won't automatically convert keyword args into an options hash. --- spec/lib/unwrappr/lock_file_comparator_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/lib/unwrappr/lock_file_comparator_spec.rb b/spec/lib/unwrappr/lock_file_comparator_spec.rb index 8d5e5e4..234b459 100644 --- a/spec/lib/unwrappr/lock_file_comparator_spec.rb +++ b/spec/lib/unwrappr/lock_file_comparator_spec.rb @@ -27,7 +27,7 @@ module Unwrappr it 'calls the comparator with indexed specs versions' do expect(SpecVersionComparator).to receive(:perform) - .with({ name1: 'version1' }, name2: 'version2') + .with({ name1: 'version1' }, { name2: 'version2' }) perform end From 0b3a6b638d0eef08aff503145b495bd88d2ebc8d Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 10:55:40 +1000 Subject: [PATCH 08/12] CI tests on Ruby 3.1 --- .github/workflows/ci.yml | 2 +- .tool-versions | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) delete mode 100644 .tool-versions diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 661646e..22e2591 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,7 +7,7 @@ jobs: strategy: fail-fast: false matrix: - ruby: ['2.5', '2.6', '2.7', '3.0'] + ruby: ['2.5', '2.6', '2.7', '3.0', '3.1'] runs-on: ubuntu-latest steps: diff --git a/.tool-versions b/.tool-versions deleted file mode 100644 index 2c0c270..0000000 --- a/.tool-versions +++ /dev/null @@ -1 +0,0 @@ -ruby 3.0.0 From b94ec876c7f5aa169e577891dd06b99e36df6434 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 10:56:12 +1000 Subject: [PATCH 09/12] Simplify CI setup --- .github/workflows/ci.yml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 22e2591..1035967 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,15 +9,10 @@ jobs: matrix: ruby: ['2.5', '2.6', '2.7', '3.0', '3.1'] runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - - name: Set up Ruby - uses: ruby/setup-ruby@v1 + - uses: actions/checkout@v2 + - uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} - - name: Install dependencies - run: bundle install - - name: Run tests - run: bundle exec rake + bundler-cache: true + - run: bundle exec rake --trace From 6bc620897e60fad8cbf6f4fa15fc0c00323f2845 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 10:57:05 +1000 Subject: [PATCH 10/12] Rubocop: ignore vendored gems --- .rubocop.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.rubocop.yml b/.rubocop.yml index d7fcb5e..af09931 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -2,6 +2,7 @@ AllCops: Exclude: - 'spike/*.rb' + - 'vendor/**/*' NewCops: enable TargetRubyVersion: 2.5 From bc4787ba4a5852b2f1c83a05dd35394013ae5b33 Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 11:47:55 +1000 Subject: [PATCH 11/12] Guard clause is not required --- lib/unwrappr/writers/project_links.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/unwrappr/writers/project_links.rb b/lib/unwrappr/writers/project_links.rb index dee5e17..ce085ec 100644 --- a/lib/unwrappr/writers/project_links.rb +++ b/lib/unwrappr/writers/project_links.rb @@ -45,8 +45,6 @@ def gem_diff end def ruby_gems_info(*args) - return @gem_change_info[:ruby_gems] if args.empty? - @gem_change_info.dig(:ruby_gems, *args) end From afb566c298752f66d5a7d1d7d80a69fd7d5c5fdb Mon Sep 17 00:00:00 2001 From: Orien Madgwick <_@orien.io> Date: Sat, 6 Aug 2022 15:54:09 +1000 Subject: [PATCH 12/12] Order gemspec metadata alphabetically Co-authored-by: Pete Johns --- unwrappr.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unwrappr.gemspec b/unwrappr.gemspec index d0266c6..7a13bdc 100644 --- a/unwrappr.gemspec +++ b/unwrappr.gemspec @@ -52,11 +52,11 @@ Gem::Specification.new do |spec| # rubocop:disable Metrics/BlockLength: spec.add_development_dependency 'rubocop', '>= 0.49.0' spec.metadata = { - 'rubygems_mfa_required' => 'true', 'bug_tracker_uri' => "#{GITHUB_URL}/issues", 'changelog_uri' => "#{GITHUB_URL}/blob/HEAD/CHANGELOG.md", 'documentation_uri' => "#{GITHUB_URL}/blob/HEAD/README.md", 'homepage_uri' => HOMEPAGE_URL, + 'rubygems_mfa_required' => 'true', 'source_code_uri' => GITHUB_URL } end