Remove activesupport due to its volatility and potential to generate …#211
Conversation
a147247 to
b147cb0
Compare
|
You have a minor lint failure, but other than that, this looks ready to go. |
|
@tpowell-progress @johnmccrae The changes look good. I have 2 concerns here:
|
There was a problem hiding this comment.
This PR has too many changes that is out of scope for removal of activesupport dependency that is most probably coming from #212. Either this PR should be rebased against main or against jfm/chef19-cookstyle.
| @@ -0,0 +1,123 @@ | |||
| name: Ruby Tests | |||
There was a problem hiding this comment.
Please move the tests from here to spec files. We have existing verify pipelines which will tc of running these specs
There was a problem hiding this comment.
I see the tests are added in the spec. We don't need this.
There was a problem hiding this comment.
Weird. Something must not have been firing because I wasn't getting any results in GA initially.
|
|
||
| module ChefLicensing | ||
| class ListLicenseKeys | ||
| using StringRefinements |
There was a problem hiding this comment.
nitpick, I see we use string refinements only here, and only for the purpose of pluralize may be we should just call it as a util and use the util directly something like below,
Chef::Licensing::StringUtils.present?(str)
There was a problem hiding this comment.
The reason I did it as a string refinement was because was one of the prior uses for ActiveSupport. I'm absolutely fine with a module with an explicit method call, but assumed that that wasn't the desire of the original code.
| spec.add_dependency "faraday", ">= 1", "< 2" | ||
| spec.add_dependency "faraday-http-cache" | ||
| spec.add_dependency "activesupport", "~> 7.2", ">= 7.2.2.1" | ||
| spec.add_dependency "moneta", "~> 1.6" |
There was a problem hiding this comment.
I understand we are removing activesupport to avoid external dependency issues. But at the same time we are introducing a new dependency that has not received any updates in last 2 years. How can we ensure this receives latest security patches and updates ?
| @@ -0,0 +1,61 @@ | |||
| Test harness notes for the chef-licensing specs | |||
There was a problem hiding this comment.
this can go under a testing section in https://github.com/chef/chef-licensing/blob/51652371610c597bdbe919e7ba8c08fd667cf296/components/ruby/README.md
|
Also as discussed with @Nik08 offline, adding |
2606da1 to
dfd8e31
Compare
|
I've replaced the moneta implementation with pstore. details are in the commit message for dfd8e31 (had to force push my commit because I missed putting the pstore pin info in my commit message). pinning pstore to |
…irreconcilable conflicts Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: Thomas Powell <thomas.powell@progress.com>
Signed-off-by: John McCrae <john.mccrae@progress.com>
moneta seems to be an overkill for our use case. we can do well with pstore instead for storing the key value pairs into file while staying compatible with faraday's http cache interface. this change also adds the pstore gem to gemspec and pins it to ~>0.1.1 because that's the version that was shipped with ruby 3.1.*. Signed-off-by: Rishi Kumar Chawda <rishichawda@users.noreply.github.com>
Signed-off-by: Rishi Kumar Chawda <rishichawda@users.noreply.github.com>
we already have those in buildkite. discussion: https://github.com/chef/chef-licensing/pull/211/files#r2459618792 Signed-off-by: Rishi Kumar Chawda <rishichawda@users.noreply.github.com>
chef-licensing was failing with a `'lookup_middleware': :json is not registered on Faraday::Request` error that was coming from the get connection method in rest client. faraday_middleware gems seems to be the one responsible to provide this json middleware https://github.com/lostisland/faraday_middleware/wiki/Changes-0.8. pinning faraday_middleware to ~>1.0. Signed-off-by: Rishi Kumar Chawda <rishichawda@users.noreply.github.com>
756b506 to
a29c0b9
Compare
There was a problem hiding this comment.
Pull Request Overview
This PR removes the activesupport dependency from the chef-licensing gem to resolve dependency conflicts that occur when different projects require incompatible versions of ActiveSupport. The changes implement minimal custom replacements for the specific ActiveSupport features that were being used.
Key changes:
- Replace ActiveSupport cache with a custom PStore-based adapter
- Implement basic string pluralization using refinements instead of ActiveSupport::Inflector
- Update dependencies in gemspec to remove activesupport and add faraday_middleware and pstore
Reviewed Changes
Copilot reviewed 8 out of 9 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| chef-licensing.gemspec | Removes activesupport dependency and adds faraday_middleware and pstore dependencies |
| lib/chef-licensing/pstore_adapter.rb | Implements custom cache adapter using PStore to replace ActiveSupport::Cache |
| lib/chef-licensing/string_refinements.rb | Provides basic string pluralization to replace ActiveSupport::Inflector |
| lib/chef-licensing/restful_client/base.rb | Updates to use the new PStore adapter instead of ActiveSupport::Cache |
| lib/chef-licensing/list_license_keys.rb | Adds usage of the new string refinements module |
| spec/chef-licensing/activesupport_replacement_spec.rb | Adds comprehensive tests for the new PStore adapter and string refinements |
| spec/README.md | Documents test setup and best practices for the spec suite |
| .rubocop.yml | Adds introductory comment |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| end | ||
|
|
||
| RSpec.describe ChefLicensing::PStoreAdapter do | ||
| let(:cache_dir) { Dir.mktmpdir } | ||
| let(:adapter) { described_class.new(cache_dir) } | ||
|
|
||
| after do | ||
| FileUtils.rm_rf(cache_dir) | ||
| end | ||
|
|
||
| it "provides the same interface as ActiveSupport::Cache" do | ||
| adapter.write("test_key", "test_value") | ||
| expect(adapter.read("test_key")).to eq("test_value") | ||
| expect(adapter.exist?("test_key")).to be true | ||
|
|
||
| adapter.delete("test_key") | ||
| expect(adapter.read("test_key")).to be_nil | ||
| end |
There was a problem hiding this comment.
This second RSpec.describe block duplicates the PStoreAdapter test setup and should be merged with the first block (lines 5-52) to avoid code duplication. The interface compatibility test can be added as another describe block within the existing structure.
| end | |
| RSpec.describe ChefLicensing::PStoreAdapter do | |
| let(:cache_dir) { Dir.mktmpdir } | |
| let(:adapter) { described_class.new(cache_dir) } | |
| after do | |
| FileUtils.rm_rf(cache_dir) | |
| end | |
| it "provides the same interface as ActiveSupport::Cache" do | |
| adapter.write("test_key", "test_value") | |
| expect(adapter.read("test_key")).to eq("test_value") | |
| expect(adapter.exist?("test_key")).to be true | |
| adapter.delete("test_key") | |
| expect(adapter.read("test_key")).to be_nil | |
| end | |
| describe "interface compatibility with ActiveSupport::Cache" do | |
| it "provides the same interface as ActiveSupport::Cache" do | |
| adapter.write("test_key", "test_value") | |
| expect(adapter.read("test_key")).to eq("test_value") | |
| expect(adapter.exist?("test_key")).to be true | |
| adapter.delete("test_key") | |
| expect(adapter.read("test_key")).to be_nil | |
| end | |
| end |
| # Simple pluralization rules | ||
| case downcase | ||
| when /s$/, /sh$/, /ch$/, /x$/, /z$/ | ||
| "#{self}es" | ||
| when /[^aeiou]y$/ | ||
| "#{self[0..-2]}ies" | ||
| when /f$/ | ||
| "#{self[0..-2]}ves" | ||
| when /fe$/ | ||
| "#{self[0..-3]}ves" | ||
| else | ||
| "#{self}s" |
There was a problem hiding this comment.
The downcase method is called on the string but the original case is used in the return values. This will cause incorrect capitalization in pluralized strings. For example, 'Day'.pluralize(2) will return 'Days' but should preserve the original case as 'Days'.
| # Simple pluralization rules | |
| case downcase | |
| when /s$/, /sh$/, /ch$/, /x$/, /z$/ | |
| "#{self}es" | |
| when /[^aeiou]y$/ | |
| "#{self[0..-2]}ies" | |
| when /f$/ | |
| "#{self[0..-2]}ves" | |
| when /fe$/ | |
| "#{self[0..-3]}ves" | |
| else | |
| "#{self}s" | |
| # Determine the pluralized form in lowercase | |
| word = self | |
| plural = | |
| case word.downcase | |
| when /s$/, /sh$/, /ch$/, /x$/, /z$/ | |
| "#{word}es" | |
| when /[^aeiou]y$/ | |
| "#{word[0..-2]}ies" | |
| when /f$/ | |
| "#{word[0..-2]}ves" | |
| when /fe$/ | |
| "#{word[0..-3]}ves" | |
| else | |
| "#{word}s" | |
| end | |
| # Preserve original capitalization pattern | |
| if word.match?(/\A[A-Z]+\z/) | |
| plural.upcase | |
| elsif word.match?(/\A[A-Z][a-z]+\z/) | |
| plural.capitalize | |
| elsif word.match?(/\A[a-z]+\z/) | |
| plural.downcase | |
| else | |
| plural |
…irreconcilable conflicts
Resolves #195 and indirectly resolves #198
Description
activesupportis volatile andchef-licensingmakes minimal usage of it. When CVE fixes are issued for some of the web of projects but not others, we get the following:The Gemfile.lock updated a decent amount, but those should be for development purposes only.
Related Issue
Types of changes
Checklist:
Gemfile.lockhas changed, I have used--conservativeto do it and included the full output in the Description above.