Class: Bundler::Advise::Advisory

Inherits:

Object

• Object
• Bundler::Advise::Advisory

Defined in:

lib/bundler/advise/advisory.rb

Instance Attribute Summary

• #gem_spec ⇒ Object readonly

  Not always guaranteed to be set, but will be set by GemAdviser when scanning a lockfile.

Class Method Summary

• .fields ⇒ Object
• .from_yml(yml_filename) ⇒ Object

Instance Method Summary

• #initialize(fields = {}) ⇒ Advisory constructor

  A new instance of Advisory.

• #is_affected?(gem_version) ⇒ Boolean
• #is_not_patched?(gem_version) ⇒ Boolean
• #is_not_unaffected?(gem_version) ⇒ Boolean
• #patched_versions ⇒ Object
• #to_yaml ⇒ Object
• #unaffected_versions ⇒ Object

Constructor Details

#initialize(fields = {}) ⇒ Advisory

Returns a new instance of Advisory.

# File 'lib/bundler/advise/advisory.rb', line 22

def initialize(fields={})
  fields.each do |k, v|
    instance_variable_set("@#{k}", v)
  end
end

Instance Attribute Details

#gem_spec ⇒ Object

Not always guaranteed to be set, but will be set by GemAdviser when scanning a lockfile.

# File 'lib/bundler/advise/advisory.rb', line 18

def gem_spec
  @gem_spec
end

Class Method Details

.fields ⇒ Object

# File 'lib/bundler/advise/advisory.rb', line 10

def self.fields
  [:gem, :cve, :cvss_v2, :date, :description, :framework, :osvdb, :patched_versions,
   :platform, :related, :title, :unaffected_versions, :url, :vendor_patch]
end

.from_yml(yml_filename) ⇒ Object

# File 'lib/bundler/advise/advisory.rb', line 5

def self.from_yml(yml_filename)
  id = File.basename(yml_filename, '.yml')
  new(YAML.load(File.read(yml_filename)).tap { |h| h[:id] = id })
end

Instance Method Details

#is_affected?(gem_version) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/bundler/advise/advisory.rb', line 40

def is_affected?(gem_version)
  is_not_patched?(gem_version) && is_not_unaffected?(gem_version)
end

#is_not_patched?(gem_version) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/bundler/advise/advisory.rb', line 44

def is_not_patched?(gem_version)
  patched_versions.detect do |pv|
    pv.satisfied_by?(Gem::Version.create(gem_version))
  end.nil?
end

#is_not_unaffected?(gem_version) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/bundler/advise/advisory.rb', line 50

def is_not_unaffected?(gem_version)
  unaffected_versions.detect do |pv|
    pv.satisfied_by?(Gem::Version.create(gem_version))
  end.nil?
end

#patched_versions ⇒ Object

# File 'lib/bundler/advise/advisory.rb', line 36

def patched_versions
  Array(@patched_versions).map { |v| Gem::Requirement.create(v.split(",")) }
end

#to_yaml ⇒ Object

# File 'lib/bundler/advise/advisory.rb', line 28

def to_yaml
  self.class.fields.reduce({}) { |h, f| v = instance_variable_get("@#{f}"); h[f.to_s] = v if v; h }.to_yaml
end

#unaffected_versions ⇒ Object

# File 'lib/bundler/advise/advisory.rb', line 32

def unaffected_versions
  Array(@unaffected_versions).map { |v| Gem::Requirement.create(v.split(",")) }
end