Class: BundleUpdateInteractive::Report

Inherits:
Object
  • Object
show all
Defined in:
lib/bundle_update_interactive/report.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(current_lockfile:, withheld_gems:, updatable_gems:) ⇒ Report

Returns a new instance of Report.



12
13
14
15
16
 
# File 'lib/bundle_update_interactive/report.rb', line 12

def initialize(current_lockfile:, withheld_gems:, updatable_gems:)
  @current_lockfile = current_lockfile
  @withheld_gems = withheld_gems.freeze
  @updatable_gems = updatable_gems.freeze
end

Instance Attribute Details

#updatable_gemsObject (readonly)

Returns the value of attribute updatable_gems.



10
11
12
 
# File 'lib/bundle_update_interactive/report.rb', line 10

def updatable_gems
  @updatable_gems
end

#withheld_gemsObject (readonly)

Returns the value of attribute withheld_gems.



10
11
12
 
# File 'lib/bundle_update_interactive/report.rb', line 10

def withheld_gems
  @withheld_gems
end

Instance Method Details

#all_gemsObject 



22
23
24
 
# File 'lib/bundle_update_interactive/report.rb', line 22

def all_gems
  @all_gems ||= withheld_gems.merge(updatable_gems)
end

#empty?Boolean

Returns:

  • (Boolean) 


18
19
20
 
# File 'lib/bundle_update_interactive/report.rb', line 18

def empty?
  withheld_gems.empty? && updatable_gems.empty?
end

#scan_for_vulnerabilities!Object 



26
27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'lib/bundle_update_interactive/report.rb', line 26

def scan_for_vulnerabilities!
  return false if all_gems.empty?

  Bundler::Audit::Database.update!(quiet: true)
  audit_report = Bundler::Audit::Scanner.new.report
  vulnerable_gem_names = Set.new(audit_report.vulnerable_gems.map(&:name))

  all_gems.each do |name, gem|
    exact_deps = current_lockfile && current_lockfile[name].exact_dependencies
    gem.vulnerable = (vulnerable_gem_names & [name, *Array(exact_deps)]).any?
  end
  true
end