Skip to content

Instantly share code, notes, and snippets.



Last active Apr 20, 2020
What would you like to do?
Ruby script (gemdiffs.rb) to generate Coditsu gem diffing URLs from a Gemfile.lock diff, to help catch hijacked gems, or just to keep on top of changes. Also supports gems sourced straight from GitHub. There's also updategems.rb which updates gems and calls gemdiffs.rb to pre-fill the commit message.
#!/usr/bin/env ruby
# Usage example (in a Terminal):
# bundle update
# script/gemdiffs.rb
# Rubygems version diffs.
puts `git diff Gemfile.lock`.lines.
select { |line| line.match?(/^[+-] \w/) }.
map { |line| line.match(/([\w-]+) \((.+?)\)/).captures }.
group_by(&:first).transform_values { |v| }.
map { |gem_name, (old_v, new_v)| "#{"[NEW!] " unless new_v}{gem_name}/#{old_v}/#{new_v}" }.sort
# GitHub hash diffs.
puts `git diff Gemfile.lock`.
scan(/remote: (.*github.*)\n(?:- revision: (.+)\n)?\+ revision: (.+)/).
map { |github_url, old_h, new_h|
repo_url = github_url.
sub("", "").
sub(/\.git$/, "")
if old_h
# We shorten hashes to make the URL fit better in split windows etc.
"#{repo_url}/compare/#{old_h[0, 8]}..#{new_h[0, 8]}"
"[NEW!] #{repo_url}"
#!/usr/bin/env bash
# Usage example (in a Terminal):
# script/updategems.rb
git pull --rebase
bundle update
# --edit: Open editor
# --verbose: Show diff
# --all: Automatically stage edits
git commit --edit --verbose --all --message "Update gems" --message "Diffs:`script/gemdiff.rb`"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment