Class: Bundler::Audit::CLI

Inherits:

Thor

• Object
• Thor
• Bundler::Audit::CLI

Defined in:

lib/bundler/audit/cli.rb,
lib/bundler/audit/cli/formats.rb,
lib/bundler/audit/cli/formats/json.rb,
lib/bundler/audit/cli/formats/text.rb,
lib/bundler/audit/cli/formats/junit.rb

Overview

The bundle-audit command.

Defined Under Namespace

Modules: Formats

Class Method Summary

• .exit_on_failure? ⇒ Boolean protected

Instance Method Summary

• #check(dir = Dir.pwd) ⇒ Object
• #download(path = Database.path) ⇒ Object
• #print_report(report) ⇒ Object protected abstract
• #stats(path = Database.path) ⇒ Object
• #update(path = Database.path) ⇒ Object
• #version ⇒ Object

Class Method Details

.exit_on_failure? ⇒ Boolean (protected)

Note:

Silence deprecation warnings from Thor.

Returns:

• (Boolean)

# File 'lib/bundler/audit/cli.rb', line 172

def self.exit_on_failure?
  true
end

Instance Method Details

#check(dir = Dir.pwd) ⇒ Object

# File 'lib/bundler/audit/cli.rb', line 49

def check(dir=Dir.pwd)
  unless File.directory?(dir)
    say_error "No such file or directory: #{dir}", :red
    exit 1
  end

  begin
    extend Formats.load(options[:format])
  rescue Formats::FormatNotFound
    say_error "Unknown format: #{options[:format]}", :red
    exit 1
  end

  if !Database.exists?(options[:database])
    download(options[:database])
  elsif options[:update]
    update(options[:database])
  end

  database = Database.new(options[:database])
  scanner  = begin
               Scanner.new(dir,options[:gemfile_lock],database,options[:config])
             rescue Bundler::GemfileLockNotFound => exception
               say exception.message, :red
               exit 1
             end

  report = scanner.report(ignore: options.ignore)

  output = if options[:output]
             File.new(options[:output],'w')
           else
             $stdout
           end

  print_report(report,output)

  output.close if options[:output]

  exit(1) if report.vulnerable?
end

#download(path = Database.path) ⇒ Object

# File 'lib/bundler/audit/cli.rb', line 109

def download(path=Database.path)
  if Database.exists?(path)
    say "Database already exists", :yellow
    return
  end

  say("Download ruby-advisory-db ...") unless options.quiet?

  begin
    Database.download(path: path, quiet: options.quiet?)
  rescue Database::DownloadFailed => error
    say error.message, :red
    exit 1
  end

  stats(path) unless options.quiet?
end

#print_report(report) ⇒ Object (protected)

This method is abstract.

Raises:

• (NotImplementedError)

# File 'lib/bundler/audit/cli.rb', line 179

def print_report(report)
  raise(NotImplementedError,"#{self.class}##{__method__} not defined")
end

#stats(path = Database.path) ⇒ Object

# File 'lib/bundler/audit/cli.rb', line 94

def stats(path=Database.path)
  database = Database.new(path)

  puts "ruby-advisory-db:"
  puts "  advisories:\t#{database.size} advisories"
  puts "  last updated:\t#{database.last_updated_at}"

  if (commit_id = database.commit_id)
    puts "  commit:\t#{commit_id}"
  end
end

#update(path = Database.path) ⇒ Object

# File 'lib/bundler/audit/cli.rb', line 130

def update(path=Database.path)
  unless Database.exists?(path)
    download(path)
    return
  end

  say("Updating ruby-advisory-db ...") unless options.quiet?

  database = Database.new(path)

  begin
    case database.update!(quiet: options.quiet?)
    when true
      say("Updated ruby-advisory-db", :green) unless options.quiet?
    when nil
      if Bundler.git_present?
        unless options.quiet?
          say "Skipping update, ruby-advisory-db is not a git repository", :yellow
        end
      else
        say_error "Git is not installed!", :red
        exit 1
      end
    end
  rescue Database::UpdateFailed => error
    say error.message, :red
    exit 1
  end

  stats(path) unless options.quiet?
end

#version ⇒ Object

# File 'lib/bundler/audit/cli.rb', line 163

def version
  puts "bundler-audit #{VERSION}"
end