Class: BundleUpdateInteractive::Report

Inherits:

Object

Object
BundleUpdateInteractive::Report

show all

Defined in:: lib/bundle_update_interactive/report.rb

Instance Attribute Summary collapse

#updatable_gems ⇒ Object readonly

Returns the value of attribute updatable_gems.
#withheld_gems ⇒ Object readonly

Returns the value of attribute withheld_gems.

Instance Method Summary collapse

#all_gems ⇒ Object
#empty? ⇒ Boolean
#initialize(current_lockfile:, withheld_gems:, updatable_gems:) ⇒ Report constructor

A new instance of Report.
#scan_for_vulnerabilities! ⇒ Object

rubocop:disable Metrics/AbcSize.

Constructor Details

#initialize(current_lockfile:, withheld_gems:, updatable_gems:) ⇒ `Report`

Returns a new instance of Report.

# File 'lib/bundle_update_interactive/report.rb', line 10

def initialize(current_lockfile:, withheld_gems:, updatable_gems:)
  @current_lockfile = current_lockfile
  @withheld_gems = withheld_gems.freeze
  @updatable_gems = updatable_gems.freeze
end

Instance Attribute Details

#updatable_gems ⇒ `Object` (readonly)

Returns the value of attribute updatable_gems.



8
9
10

# File 'lib/bundle_update_interactive/report.rb', line 8

def updatable_gems
  @updatable_gems
end

#withheld_gems ⇒ `Object` (readonly)

Returns the value of attribute withheld_gems.



8
9
10

# File 'lib/bundle_update_interactive/report.rb', line 8

def withheld_gems
  @withheld_gems
end

Instance Method Details

#all_gems ⇒ `Object`



20
21
22

# File 'lib/bundle_update_interactive/report.rb', line 20

def all_gems
  @all_gems ||= withheld_gems.merge(updatable_gems)
end

#empty? ⇒ `Boolean`

Returns:

(Boolean)



16
17
18

# File 'lib/bundle_update_interactive/report.rb', line 16

def empty?
  withheld_gems.empty? && updatable_gems.empty?
end

#scan_for_vulnerabilities! ⇒ `Object`

rubocop:disable Metrics/AbcSize

# File 'lib/bundle_update_interactive/report.rb', line 24

def scan_for_vulnerabilities! # rubocop:disable Metrics/AbcSize
  return false if all_gems.empty?
  return false unless try_load_bundler_audit

  Bundler::Audit::Database.update!(quiet: true)
  audit_report = Bundler::Audit::Scanner.new.report
  vulnerable_gem_names = Set.new(audit_report.vulnerable_gems.map(&:name))

  all_gems.each do |name, gem|
    exact_deps = current_lockfile && current_lockfile[name].exact_dependencies
    gem.vulnerable = (vulnerable_gem_names & [name, *Array(exact_deps)]).any?
  end
  true
end

Class: BundleUpdateInteractive::Report

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(current_lockfile:, withheld_gems:, updatable_gems:) ⇒ Report

Instance Attribute Details

#updatable_gems ⇒ Object (readonly)

#withheld_gems ⇒ Object (readonly)

Instance Method Details

#all_gems ⇒ Object

#empty? ⇒ Boolean

#scan_for_vulnerabilities! ⇒ Object

#initialize(current_lockfile:, withheld_gems:, updatable_gems:) ⇒ `Report`

#updatable_gems ⇒ `Object` (readonly)

#withheld_gems ⇒ `Object` (readonly)

#all_gems ⇒ `Object`

#empty? ⇒ `Boolean`

#scan_for_vulnerabilities! ⇒ `Object`