Lock::Gemfile
Lock::Gemfile is a Ruby library that provides functionality to update a Gemfile with locked versions - typically, from a corresponding Gemfile.lock file, but you can also provide arbitrary versions as well.
Installation
Install using RubyGems:
$ gem install lock-gemfile
Alternatively, if you intend to use this as a library, you can add this to your Gemfile:
$ bundle add lock-gemfile
Usage
Command-line Interface
Lock::Gemfile provides a command-line interface (CLI) through the bin/lock-gemfile
script. You can run the script with the following command:
$ lock-gemfile update GEMFILE [options]
Replace GEMFILE
with the path to your Gemfile.
Options
-w
, --[no-]write
: Write the updated Gemfile back to disk (default: false
).-p
, --[no-]pessimistic
: Use pessimistic version constraints (~>
) (default: true
).
Examples
Update a Gemfile and print the result to the console:
$ lock-gemfile update Gemfile
Update a Gemfile and write the changes back to the file:
$ lock-gemfile update Gemfile --write
Update a Gemfile using exact version constraints:
$ lock-gemfile update Gemfile --no-pessimistic
Library API
You can also use Lock::Gemfile as a library in your own Ruby code.
require 'lock/gemfile'
gemfile_content = File.read('Gemfile')
lockfile = Bundler::LockfileParser.new(Bundler.read_file('Gemfile.lock'))
desired_versions = {}
lockfile.specs.each do |spec|
desired_versions[spec.name] = spec.version
end
buffer = Parser::Source::Buffer.new('(gemfile)')
buffer.source = gemfile_content
parser = Parser::CurrentRuby.new
ast = parser.parse(buffer)
rewriter = Lock::Gemfile::Rewriter.new
rewriter.lockfile = desired_versions
rewriter.pessimistic = true
transformed_code = rewriter.rewrite(buffer, ast)
puts transformed_code
How It Works
Lock::Gemfile uses the following steps to update a Gemfile with locked versions:
- Read the content of the specified Gemfile.
- Parse the corresponding Gemfile.lock using Bundler's LockfileParser.
- Create a hash to store the desired versions of each gem based on the lockfile.
- Create a buffer to hold the Gemfile content and parse it into an AST using the Parser gem.
- Create an instance of the Lock::Gemfile::Rewriter and set the desired versions and pessimistic option.
- Rewrite the Gemfile AST with the locked versions using the rewriter.
- Transform the modified AST back into source code.
- Print the transformed Gemfile content to the console or write it back to the file, depending on the options.
The core of the library is the Lock::Gemfile::Rewriter class, which is a subclass of Parser::TreeRewriter. It traverses the AST and looks for gem
method calls. For each gem
call found, it checks if a version specifier is already present. If not, it retrieves the locked version from the provided lockfile hash and inserts a version specifier string after the gem name. The version specifier can be either pessimistic or exact, depending on the value of the pessimistic
attribute.
Development
After checking out the repo, run bin/setup
to install dependencies. Then, run rake test
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
License
The gem is available as open source under the terms of the MIT License.
Commercial Support
Commercial support for lock-gemfile and related tools is available from Durable Programming, LLC. You can contact us at durableprogramming.com.