From a script to a gem

So, I’m gonna start from this ruby script quickly hacked up and pasted in a gist :).

Create a .gemspec, e.g. safe-bundle-update.gemspec:

Gem::Specification.new do |s|
  s.name        = 'safe-bundle-update'
  s.version     = '0.0.1'
  s.date        = '2017-02-28'
  s.summary     = 'Update gems one by one, running tests and commiting changes'
  s.description = '`bundle update` updates all your gems, this safely updates yours gems one by one'
  s.authors     = ['Dorian Marié']
  s.email       = [email protected]'
  s.files       = ['lib/safe-bundle-update.rb', 'bin/safe-bundle-update']
  s.homepage    = 'https://github.com/Dorian/safe-bundle-update'
  s.license     = 'MIT'
end

Make some lib/safe-bundle-update.rb with just enough to make it work (short version):

class SafeBundleUpdate
  def self.start(*commands)
    puts commands.join(' ')
  end
end

Make a bin directory with your executable script:

mkdir bin
touch bin/safe-bundle-update
chmod +x bin/safe-bundle-update

Use your gem in this executable:

#!/usr/bin/env ruby

require 'safe-bundle-update'
SafeBundleUpdate.start(*ARGV)

Some manual testing for now:

cp Gemfile.lock.old Gemfile.lock; bundle install; ruby -Ilib bin/safe-bundle-update "echo 1"

Some actual testing :) :

# Rakefile
require 'rake/testtask'

Rake::TestTask.new do |t|
  t.libs << 'test'
end

desc 'Run tests'
task default: :test
# test/test_safe-bundle-update.rb

require 'minitest/autorun'
require 'safe-bundle-update'

class SafeBundleUpdateTest < Minitest::Test
  def test_empty
    assert_nil(SafeBundleUpdate.start("echo 1"))
  end
end

And then rake to run it.

Pushing that to rubygems:

gem build safe-bundle-update.gemspec
gem install safe-bundle-update-0.0.1.gem
gem push safe-bundle-update-0.0.1.gem

And that’s it:

Sources


The story behind safe-bundle-update

Context

So, I’m there with my Rails app, a lot of gems are outdated (like ~50% of them) and of course everybody on the internet is like: “Just run bundle install you fool”. Except that running bundle install updates every single outdated gems and breaks my build in many ways. And I’m not the kind of person who want to keep outdated fixed versions around.

So, why not just update the gems one by one:

Sounds simple right? And yes it works very well.

So I hacked together a small script I called safe-bundle-install, and it worked well:

safe updating gems

Then this happens:

rake task?

So, let’s do something even better, an open-source gem ;)


List of affected Cloudbleed domains

if ( ++p == pe ) // ☁️ 💔

Technically any Cloudflare-controlled domain could be affected but those are the ones that had public leaked data even after the disclosure:

Found in the wild: 29

Found in the wild by other people: 1

Sources

Sources’s sources

Sweet karma

Contributing


Verified commits

verified commit
gpg tools
gpg tools - change password


Want moar? @bydorian or


Not happy about something? Any ideas of improvements? Create an issue