Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rubymem/bundler-leak

Known-leaky gems verification for bundler: `bundle leak` to check your app and find leaky gems in your Gemfile :gem::droplet:
https://github.com/rubymem/bundler-leak

bundler-leak bundler-plugin hacktoberfest hacktoberfest2020 memory-leaks rubygems

Last synced: 3 months ago
JSON representation

Known-leaky gems verification for bundler: `bundle leak` to check your app and find leaky gems in your Gemfile :gem::droplet:

Host: GitHub
URL: https://github.com/rubymem/bundler-leak
Owner: rubymem
License: gpl-3.0
Created: 2019-08-07T22:42:19.000Z (over 5 years ago)
Default Branch: main
Last Pushed: 2022-04-24T18:00:43.000Z (over 2 years ago)
Last Synced: 2024-07-19T21:31:24.199Z (4 months ago)
Topics: bundler-leak, bundler-plugin, hacktoberfest, hacktoberfest2020, memory-leaks, rubygems
Language: Ruby
Homepage: https://www.rubymem.com
Size: 333 KB
Stars: 286
Watchers: 14
Forks: 11
Open Issues: 4
Metadata Files:
- Readme: README.md
- Changelog: ChangeLog.md
- License: COPYING.txt
- Code of conduct: code-of-conduct.md

Awesome Lists containing this project

README

        # bundler-leak

* [Homepage](https://github.com/rubymem/bundler-leak#readme)

* [Issues](https://github.com/rubymem/bundler-leak/issues)

* [Documentation](http://rubydoc.info/gems/bundler-leak/frames)

* [Email](mailto:oss at ombulabs.com)

* [![CI](https://github.com/rubymem/bundler-leak/actions/workflows/test.yml/badge.svg?branch=main)](https://github.com/rubymem/bundler-leak/actions/workflows/test.yml)

* [![Code Climate](https://codeclimate.com/github/rubymem/bundler-leak.svg)](https://codeclimate.com/github/rubymem/bundler-leak)

## Description

The best tool to find leaky gems in your dependencies. Make sure memory leaks

are not in your gem dependencies.

## Features

* Checks for memory leaks of gems in `Gemfile.lock`

* Prints memory leak information

## Synopsis

Audit a project's `Gemfile.lock`:

```shell

    $ bundle leak

    Name: celluloid

    Version: 0.17.0

    URL: https://github.com/celluloid/celluloid/issues/670

    Title: Memory Leak using Celluloid::Future

    Solution: remove or disable this gem until a patch is available!

    Name: therubyracer

    Version: 0.12.1

    URL: https://github.com/cowboyd/therubyracer/pull/336

    Title: Memory leak in WeakValueMap

    Solution: upgrade to ~> 0.12.3

    Unpatched versions found!

```

Update the [ruby-mem-advisory-db] that `bundle leak` uses:

```shell

    $ bundle leak update

    cd data/ruby-mem-advisory-db

    git pull origin main

    remote: Enumerating objects: 14, done.

    remote: Counting objects: 100% (14/14), done.

    remote: Compressing objects: 100% (4/4), done.

    remote: Total 9 (delta 5), reused 7 (delta 4), pack-reused 0

    Unpacking objects: 100% (9/9), done.

    From github.com:rubymem/ruby-mem-advisory-db

     * branch            main     -> FETCH_HEAD

       3254525..c4fc78e  main     -> origin/main

    Updating 3254525..c4fc78e

    Fast-forward

     README.md                 | 68 ++++++++++++++++++++------------------------------------------------

     gems/therubyracer/336.yml |  4 ++++

     2 files changed, 24 insertions(+), 48 deletions(-)

```

Update the [ruby-mem-advisory-db] and check `Gemfile.lock` (useful for CI runs):

    $ bundle leak check --update

Rake task:

```ruby

require 'bundler/plumber/task'

Bundler::Plumber::Task.new

task default: 'bundle:leak'

```

## Requirements

* [ruby] >= 1.9.3

* [rubygems] >= 1.8

* [thor] ~> 0.18

* [bundler] ~> 1.2

## Install

    $ gem install bundler-leak

## Contributing

1. Clone the repo

1. `./bin/setup` # To populate data dir.

1. `bundle exec rake`

## License

Copyright (c) 2019 OmbuLabs (hello at ombulabs.com)

Copyright (c) 2013-2016 Hal Brodigan (postmodern.mod3 at gmail.com)

bundler-leak is free software: you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation, either version 3 of the License, or

(at your option) any later version.

bundler-leak is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

GNU General Public License for more details.

You should have received a copy of the GNU General Public License

along with bundler-leak.  If not, see .

[ruby]: https://ruby-lang.org

[rubygems]: https://rubygems.org

[thor]: http://whatisthor.com/

[bundler]: https://github.com/carlhuda/bundler#readme

[ruby-mem-advisory-db]: https://github.com/rubymem/ruby-mem-advisory-db

## Code of Conduct

Everyone interacting in the bundler-leak project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/rubymem/bundler-leak/code-of-conduct.md).

## FastRuby.io

![fastruby](https://github.com/rubymem/bundler-leak/raw/main/fastruby-logo.png)

`bundler-leak` is maintained and funded by FastRuby.io, inc. The names and logos for FastRuby.io are trademarks of FastRuby.io, inc.