Ruby script (gemdiffs.rb) to generate Coditsu gem diffing URLs from a Gemfile.lock diff, to help catch hijacked gems, or just to keep on top of changes. Also supports gems sourced straight from GitHub. There's also updategems.rb which updates gems and calls gemdiffs.rb to pre-fill the commit message.

gemdiffs.rb

#!/usr/bin/env ruby

# Usage example (in a Terminal):
#
# bundle update
# script/gemdiffs.rb

# Rubygems version diffs.
puts `git diff Gemfile.lock`.lines.
  select { |line| line.match?(/^[+-]    \w/) }.
  map { |line| line.match(/([\w-]+) \((.+?)\)/).captures }.
  group_by(&:first).transform_values { |v| v.map(&:last) }.
  map { |gem_name, (old_v, new_v)| "#{"[NEW!] " unless new_v}https://diff.coditsu.io/gems/#{gem_name}/#{old_v}/#{new_v}" }.sort

puts

# GitHub hash diffs.
puts `git diff Gemfile.lock`.
  scan(/remote: (.*github.*)\n(?:-  revision: (.+)\n)?\+  revision: (.+)/).
  sort_by(&:first).
  map { |github_url, old_h, new_h|
    repo_url = github_url.
      sub("git@github.com:", "https://github.com/").
      sub(/\.git$/, "")

    if old_h
      # We shorten hashes to make the URL fit better in split windows etc.
      "#{repo_url}/compare/#{old_h[0, 8]}..#{new_h[0, 8]}"
    else
      "[NEW!] #{repo_url}"
    end
  }

puts

updategems.rb

#!/usr/bin/env bash

# Usage example (in a Terminal):
#
# script/updategems.rb

git pull --rebase
bundle update

# --edit: Open editor
# --verbose: Show diff
# --all: Automatically stage edits
git commit --edit --verbose --all --message "Update gems" --message "Diffs:`script/gemdiff.rb`"