Class: Bundler::Audit::CLI
- Inherits:
-
Thor
- Object
- Thor
- Bundler::Audit::CLI
- Defined in:
- lib/bundler/audit/cli.rb
Instance Method Summary collapse
- #check ⇒ Object
- #print_advisory(gem, advisory) ⇒ Object protected
- #print_warning(message) ⇒ Object protected
- #say(message = "", color = nil) ⇒ Object protected
- #update ⇒ Object
- #version ⇒ Object
Instance Method Details
#check ⇒ Object
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'lib/bundler/audit/cli.rb', line 38 def check update if [:update] scanner = Scanner.new vulnerable = false scanner.scan(:ignore => .ignore) do |result| vulnerable = true case result when Scanner::InsecureSource print_warning "Insecure Source URI found: #{result.source}" when Scanner::UnpatchedGem print_advisory result.gem, result.advisory end end if vulnerable say "Vulnerabilities found!", :red exit 1 else say("No vulnerabilities found", :green) unless .quiet? end end |
#print_advisory(gem, advisory) ⇒ Object (protected)
106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 |
# File 'lib/bundler/audit/cli.rb', line 106 def print_advisory(gem, advisory) say "Name: ", :red say gem.name say "Version: ", :red say gem.version say "Advisory: ", :red if advisory.cve say advisory.cve_id elsif advisory.osvdb say advisory.osvdb_id elsif advisory.ghsa say advisory.ghsa_id end say "Criticality: ", :red case advisory.criticality when :none then say "None" when :low then say "Low" when :medium then say "Medium", :yellow when :high then say "High", [:red, :bold] when :critical then say "Critical", [:red, :bold] else say "Unknown" end say "URL: ", :red say advisory.url if .verbose? say "Description:", :red say print_wrapped advisory.description, :indent => 2 say else say "Title: ", :red say advisory.title end unless advisory.patched_versions.empty? say "Solution: upgrade to ", :red say advisory.patched_versions.join(', ') else say "Solution: ", :red say "remove or disable this gem until a patch is available!", [:red, :bold] end say end |
#print_warning(message) ⇒ Object (protected)
102 103 104 |
# File 'lib/bundler/audit/cli.rb', line 102 def print_warning() say , :yellow end |
#say(message = "", color = nil) ⇒ Object (protected)
97 98 99 100 |
# File 'lib/bundler/audit/cli.rb', line 97 def say(="", color=nil) color = nil unless $stdout.tty? super(.to_s, color) end |
#update ⇒ Object
66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/bundler/audit/cli.rb', line 66 def update say("Updating ruby-advisory-db ...") unless .quiet? case Database.update!(quiet: .quiet?) when true say("Updated ruby-advisory-db", :green) unless .quiet? when false say "Failed updating ruby-advisory-db!", :red exit 1 when nil unless Bundler.git_present? say "Git is not installed!", :red exit 1 end say "Skipping update", :yellow end unless .quiet? puts("ruby-advisory-db: #{Database.new.size} advisories") end end |