pinner 0.0.11

Secure CI/CD workflows by pinning mutable tags to immutable SHA-1 hashes. A high-performance Rust CLI that preserves YAML formatting and comments. Supports GitHub, GitLab, Bitbucket, Forgejo, and Docker image pinning.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179

use colored::Colorize;
use dialoguer::Confirm;
use std::path::Path;

/// Trait for user interactions during the patching process.
///
/// This abstraction allows for different interaction styles (e.g., interactive console,
/// non-interactive CI, or automated testing).
pub trait UserInterface: Send + Sync {
    /// Asks the user for confirmation before applying a patch to a file.
    fn confirm_patch(&self, path: &Path) -> bool;
    /// Reports success after updating a file.
    fn report_success(&self, path: &Path);
    /// Reports that a file was skipped (user declined confirmation).
    fn report_skipped(&self, path: &Path);
    /// Interactively prompts the user to select which upgrades to apply.
    fn prompt_upgrade(
        &self,
        results: Vec<crate::core::UpdateResult>,
    ) -> Result<Vec<crate::core::UpdateResult>, crate::error::PinnerError>;
}

/// A [`UserInterface`] implementation for the console using `dialoguer`.
pub struct ConsoleUi {
    /// If true, automatically confirms all patches without prompting.
    pub yes: bool,
}

impl ConsoleUi {
    /// Creates a new `ConsoleUi`.
    pub fn new(yes: bool) -> Self {
        Self { yes }
    }
}

impl UserInterface for ConsoleUi {
    fn confirm_patch(&self, path: &Path) -> bool {
        if self.yes {
            return true;
        }

        Confirm::new()
            .with_prompt(format!(
                "{} {}?",
                "Apply changes to".bold(),
                path.display().to_string().cyan()
            ))
            .default(false)
            .interact()
            .unwrap_or(false)
    }

    fn report_success(&self, _path: &Path) {
        println!("{}", "✔ Updated successfully".green());
    }

    fn report_skipped(&self, _path: &Path) {
        println!("{}", "✘ Skipped".yellow());
    }

    fn prompt_upgrade(
        &self,
        mut results: Vec<crate::core::UpdateResult>,
    ) -> Result<Vec<crate::core::UpdateResult>, crate::error::PinnerError> {
        if results.is_empty() {
            println!("{}", "✔ No upgrades found.".green().bold());
            return Ok(results);
        }

        // Filter out results where new_tag is None (no upgrade available)
        // or new_tag matches old_tag
        results.retain(|r| r.new_tag.is_some() && r.new_tag != r.old_tag);

        if results.is_empty() {
            println!(
                "{}",
                "✔ All dependencies are already up to date.".green().bold()
            );
            return Ok(results);
        }

        let mut items = Vec::new();
        for r in &results {
            let old = r.old_tag.as_deref().unwrap_or("latest");
            let new = r.new_tag.as_deref().unwrap_or("unknown");
            items.push(format!(
                "{}@{} -> {} ({})",
                r.action.to_string().yellow(),
                old.magenta(),
                new.green(),
                r.path.display().to_string().cyan()
            ));
        }

        let chosen = dialoguer::MultiSelect::new()
            .with_prompt("Select dependencies to upgrade (Space to toggle, Enter to confirm)")
            .items(&items)
            .defaults(&vec![true; items.len()])
            .interact()
            .map_err(|e| crate::error::PinnerError::Config(e.to_string()))?;

        let mut final_results = Vec::new();
        for idx in chosen {
            final_results.push(results[idx].clone());
        }

        Ok(final_results)
    }
}

/// A [`UserInterface`] implementation for testing that always returns a fixed value.
#[cfg(test)]
pub struct TestUi {
    pub response: bool,
}

#[cfg(test)]
impl UserInterface for TestUi {
    fn confirm_patch(&self, _path: &Path) -> bool {
        self.response
    }

    fn report_success(&self, _path: &Path) {}
    fn report_skipped(&self, _path: &Path) {}
    fn prompt_upgrade(
        &self,
        results: Vec<crate::core::UpdateResult>,
    ) -> Result<Vec<crate::core::UpdateResult>, crate::error::PinnerError> {
        Ok(results)
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::core::{DependencyName, DependencyRef, UpdateResult, UpdateTask};
    use std::path::PathBuf;

    #[test]
    fn test_console_ui_confirm_patch_yes() {
        let ui = ConsoleUi::new(true);
        assert!(ui.confirm_patch(Path::new("dummy.yaml")));
    }

    #[test]
    fn test_console_ui_report_success() {
        let ui = ConsoleUi::new(true);
        ui.report_success(Path::new("dummy.yaml"));
    }

    #[test]
    fn test_console_ui_report_skipped() {
        let ui = ConsoleUi::new(true);
        ui.report_skipped(Path::new("dummy.yaml"));
    }

    #[test]
    fn test_console_ui_prompt_upgrade_empty() {
        let ui = ConsoleUi::new(true);
        let results = vec![];
        let res = ui.prompt_upgrade(results).unwrap();
        assert!(res.is_empty());
    }

    #[test]
    fn test_console_ui_prompt_upgrade_no_updates() {
        let ui = ConsoleUi::new(true);
        let results = vec![UpdateResult {
            task: UpdateTask::default(),
            action: DependencyName::from("actions/checkout"),
            path: PathBuf::from("dummy.yaml"),
            old_tag: Some("v3".to_string()),
            new_sha: DependencyRef::GitSha("hash1".to_string()),
            new_tag: Some("v3".to_string()), // same tag
        }];
        let res = ui.prompt_upgrade(results).unwrap();
        assert!(res.is_empty());
    }
}