Class: Dev::Node::Audit

Inherits:

Object

Object
Dev::Node::Audit

show all

Defined in:: lib/firespring_dev_commands/node/audit.rb

Overview

Class which contains commands and customizations for node security audit reports

Instance Attribute Summary collapse

#data ⇒ Object

Returns the value of attribute data.

Instance Method Summary collapse

#initialize(data) ⇒ Audit constructor

A new instance of Audit.
#to_report ⇒ Object

Convert the node audit data to the standardized audit report object.

Constructor Details

#initialize(data) ⇒ `Audit`

Returns a new instance of Audit.



7
8
9

# File 'lib/firespring_dev_commands/node/audit.rb', line 7

def initialize(data)
  @data = JSON.parse(Dev::Common.new.strip_non_json(data))
end

Instance Attribute Details

#data ⇒ `Object`

Returns the value of attribute data.



5
6
7

# File 'lib/firespring_dev_commands/node/audit.rb', line 5

def data
  @data
end

Instance Method Details

#to_report ⇒ `Object`

Convert the node audit data to the standardized audit report object

# File 'lib/firespring_dev_commands/node/audit.rb', line 12

def to_report
  ids = Set.new

  Dev::Audit::Report.new(
    data['vulnerabilities'].map do |_, vulnerability|
      # If the via ia a hash and the id is not already recorded, add the item to our report
      vulnerability['via'].map do |it|
        next unless it.is_a?(Hash)

        id = it['url']&.split('/')&.last
        next if ids.include?(id)

        ids << id
        Dev::Audit::Report::Item.new(
          id:,
          name: vulnerability['name'],
          title: it['title'],
          url: it['url'],
          severity: vulnerability['severity'],
          version: it['range']
        )
      end
    end.flatten.compact
  )
end