Class: Bundler::Audit::CLI

Inherits:
Thor
  • Object
show all
Defined in:
lib/bundler/audit/cli.rb,
lib/bundler/audit/cli/formats.rb,
lib/bundler/audit/cli/formats/json.rb,
lib/bundler/audit/cli/formats/text.rb,
lib/bundler/audit/cli/formats/junit.rb

Overview

The bundle-audit command.

Defined Under Namespace

Modules: Formats

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.exit_on_failure?Boolean (protected)

Note:

Silence deprecation warnings from Thor.

Returns:

  • (Boolean)


172
173
174
# File 'lib/bundler/audit/cli.rb', line 172

def self.exit_on_failure?
  true
end

Instance Method Details

#check(dir = Dir.pwd) ⇒ Object



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# File 'lib/bundler/audit/cli.rb', line 49

def check(dir=Dir.pwd)
  unless File.directory?(dir)
    say_error "No such file or directory: #{dir}", :red
    exit 1
  end

  begin
    extend Formats.load(options[:format])
  rescue Formats::FormatNotFound
    say_error "Unknown format: #{options[:format]}", :red
    exit 1
  end

  if !Database.exists?(options[:database])
    download(options[:database])
  elsif options[:update]
    update(options[:database])
  end

  database = Database.new(options[:database])
  scanner  = begin
               Scanner.new(dir,options[:gemfile_lock],database,options[:config])
             rescue Bundler::GemfileLockNotFound => exception
               say exception.message, :red
               exit 1
             end

  report = scanner.report(ignore: options.ignore)

  output = if options[:output]
             File.new(options[:output],'w')
           else
             $stdout
           end

  print_report(report,output)

  output.close if options[:output]

  exit(1) if report.vulnerable?
end

#download(path = Database.path) ⇒ Object



109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# File 'lib/bundler/audit/cli.rb', line 109

def download(path=Database.path)
  if Database.exists?(path)
    say "Database already exists", :yellow
    return
  end

  say("Download ruby-advisory-db ...") unless options.quiet?

  begin
    Database.download(path: path, quiet: options.quiet?)
  rescue Database::DownloadFailed => error
    say error.message, :red
    exit 1
  end

  stats(path) unless options.quiet?
end
This method is abstract.

Raises:

  • (NotImplementedError)


179
180
181
# File 'lib/bundler/audit/cli.rb', line 179

def print_report(report)
  raise(NotImplementedError,"#{self.class}##{__method__} not defined")
end

#stats(path = Database.path) ⇒ Object



94
95
96
97
98
99
100
101
102
103
104
# File 'lib/bundler/audit/cli.rb', line 94

def stats(path=Database.path)
  database = Database.new(path)

  puts "ruby-advisory-db:"
  puts "  advisories:\t#{database.size} advisories"
  puts "  last updated:\t#{database.last_updated_at}"

  if (commit_id = database.commit_id)
    puts "  commit:\t#{commit_id}"
  end
end

#update(path = Database.path) ⇒ Object



130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
# File 'lib/bundler/audit/cli.rb', line 130

def update(path=Database.path)
  unless Database.exists?(path)
    download(path)
    return
  end

  say("Updating ruby-advisory-db ...") unless options.quiet?

  database = Database.new(path)

  begin
    case database.update!(quiet: options.quiet?)
    when true
      say("Updated ruby-advisory-db", :green) unless options.quiet?
    when nil
      if Bundler.git_present?
        unless options.quiet?
          say "Skipping update, ruby-advisory-db is not a git repository", :yellow
        end
      else
        say_error "Git is not installed!", :red
        exit 1
      end
    end
  rescue Database::UpdateFailed => error
    say error.message, :red
    exit 1
  end

  stats(path) unless options.quiet?
end

#versionObject



163
164
165
# File 'lib/bundler/audit/cli.rb', line 163

def version
  puts "bundler-audit #{VERSION}"
end