Class: Bundler::Audit::Presenter::Junit

Inherits:

Base

• Object
• Base
• Bundler::Audit::Presenter::Junit

Defined in:

lib/bundler/audit/presenter/junit.rb

Instance Attribute Summary

Attributes inherited from Base

#options, #shell

Instance Method Summary

• #advisory_criticality(advisory) ⇒ Object protected
• #advisory_ref(advisory) ⇒ Object protected
• #advisory_solution(advisory) ⇒ Object protected
• #bundle_title(bundle) ⇒ Object protected
• #print_report ⇒ Object
• #template_string ⇒ Object protected
• #xml_escape(string) ⇒ Object protected

Methods inherited from Base

#exit_code, #initialize, #problematic?, #push_advisory, #push_warning

Constructor Details

This class inherits a constructor from Bundler::Audit::Presenter::Base

Instance Method Details

#advisory_criticality(advisory) ⇒ Object (protected)

# File 'lib/bundler/audit/presenter/junit.rb', line 21

def advisory_criticality(advisory)
  case advisory.criticality
  when :low    then "Low"
  when :medium then "Medium"
  when :high   then "High"
  else              "Unknown"
  end
end

#advisory_ref(advisory) ⇒ Object (protected)

# File 'lib/bundler/audit/presenter/junit.rb', line 13

def advisory_ref(advisory)
  if advisory.cve
    xml_escape "CVE-#{advisory.cve}"
  elsif advisory.osvdb
    xml_escape advisory.osvdb
  end
end

#advisory_solution(advisory) ⇒ Object (protected)

# File 'lib/bundler/audit/presenter/junit.rb', line 30

def advisory_solution(advisory)
  unless advisory.patched_versions.empty?
    xml_escape "upgrade to #{advisory.patched_versions.join(', ')}"
  else
    "remove or disable this gem until a patch is available!"
  end
end

#bundle_title(bundle) ⇒ Object (protected)

# File 'lib/bundler/audit/presenter/junit.rb', line 38

def bundle_title(bundle)
  xml_escape "#{advisory_criticality(bundle.advisory).upcase} #{bundle.gem.name}(#{bundle.gem.version}) #{bundle.advisory.title}"
end

#print_report ⇒ Object

# File 'lib/bundler/audit/presenter/junit.rb', line 7

def print_report
  puts ERB.new(template_string, nil, '-').result(binding)
end

#template_string ⇒ Object (protected)

# File 'lib/bundler/audit/presenter/junit.rb', line 53

def template_string
  <<-HERE.strip
<?xml version="1.0" encoding="UTF-8" ?>
<testsuites id="<%= Time.now.to_i %>" name="Bundle Audit" tests="225" failures="1262">
  <testsuite id="Gemfile" name="Ruby Gemfile" failures="<%= @advisory_bundles.size %>">
    <%- @advisory_bundles.each do |bundle| -%>
    <testcase id="<%= xml_escape(bundle.gem.name) %>" name="<%= bundle_title(bundle) %>">
      <failure message="<%= xml_escape(bundle.advisory.title) %>" type="<%= xml_escape(bundle.advisory.criticality) %>">
Name: <%= xml_escape(bundle.gem.name) %>
Version: <%= xml_escape(bundle.gem.version) %>
Advisory: <%= advisory_ref(bundle.advisory) %>
Criticality: <%= advisory_criticality(bundle.advisory) %>
URL: <%= xml_escape(bundle.advisory.url) %>
Title: <%= xml_escape(bundle.advisory.title) %>
Solution: <%= advisory_solution(bundle.advisory) %>
      </failure>
    </testcase>
    <%- end -%>
  </testsuite>
</testsuites>
  HERE
end

#xml_escape(string) ⇒ Object (protected)

# File 'lib/bundler/audit/presenter/junit.rb', line 42

def xml_escape(string)
  string.to_s.gsub(
    /[<>"'&]/,
    '<' => '&lt;',
    '>' => '&gt;',
    '"' => '&quot;',
    '\'' => '&apos;',
    '&' => '&amp;',
  )
end