add interactive fix command with dry-run and TTY prompts

Author: wilburhimself

CHANGELOG.md

@@ -7,6 +7,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.2.0] - 2025-08-17
+
+### Added
+- Interactive fix flow: `gem_guard fix --interactive` prompts per gem (via `tty-prompt`).
+
+### Changed
+- Dry-run output refined to: `✅ Would update <gem> <from> → <to>` for clarity.
+
+### Dependencies
+- Add runtime dependency: `tty-prompt ~> 0.23`.
+
 ## [1.1.2] - 2025-08-11
 
 ### Added

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    gem_guard (1.1.2)
+    gem_guard (1.2.0)
       json (~> 2.0)
       thor (~> 1.0)
       tty-prompt (~> 0.23)

README.md

@@ -122,6 +122,38 @@ Details:
    🔧 Fix: bundle update thor --to 1.4.0
 ```
 
+### 🛠 Auto-fix Vulnerable Dependencies
+
+Use `fix` to apply recommended upgrades. Start with a dry run to preview changes.
+
+```bash
+# Preview only — shows what would change, does not modify files
+gem_guard fix --dry-run
+
+# Interactively confirm each upgrade (uses tty-prompt)
+gem_guard fix --interactive
+
+# Apply fixes non-interactively
+gem_guard fix
+```
+
+Dry run output example:
+
+```
+🔍 Dry run — no files will be modified.
+========================================
+✅ Would update nokogiri 1.12.0 → 1.14.3
+
+Dry run completed. 1 fixes planned.
+Run without --dry-run to apply these fixes.
+```
+
+Behavior notes:
+
+- **Interactive**: You’ll be asked per gem: `Upgrade nokogiri 1.12.0 → 1.14.3?` Answering “no” skips that gem.
+- **Backups**: A `Gemfile.lock.backup.YYYYMMDD_HHMMSS` is created only if at least one fix is approved/applied.
+- **Requirements**: `Gemfile` and `Gemfile.lock` must exist. Interactive prompts require a TTY-capable environment.
+
 ### 🎯 Typosquat Detection
 
 **Basic typosquat check:**

lib/gem_guard/version.rb

@@ -1,3 +1,3 @@
 module GemGuard
-  VERSION = "1.1.2"
+  VERSION = "1.2.0"
 end