Module: BundlerAuditNotifier
- Defined in:
- lib/bundler_audit_notifier.rb,
lib/bundler_audit_notifier/engine.rb,
lib/generators/bundler_audit_notifier/bundler_audit_notifier_generator.rb
Defined Under Namespace
Classes: BundlerAuditNotifierGenerator, Engine
Class Method Summary collapse
Class Method Details
.audit_parse ⇒ Object
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 |
# File 'lib/bundler_audit_notifier.rb', line 6 def self.audit_parse r, w = IO.pipe errors = [] # Spawn executes specified command and return its pid # This line will execute code that runs bundler-audit and then write the output into the IO pipe script_location = "lib/auditer_script.rb" if File.exists?("lib/auditer_script.rb") # use local file lib else gem_file_path = (`bundle show bundler_audit_notifier`).strip gem_location = (File.join(gem_file_path, 'lib', 'auditer_script.rb')) if File.exists?(gem_location) script_location = gem_location else errors << "Error parsing Script file location: Neither #{script_location} nor #{gem_location}" end end if errors.none? pid = spawn(RbConfig.ruby, script_location, :out => w, :err => [:child, :out]) Process.wait2(pid) w.close # At this point, the results of the bundler-audit check command are written in the IO pipe vulnerabilities = []# load quieries from database update_line = r.gets # Parsing bundler-audit update results if update_line.starts_with?("Updating ruby-advisory-db ...") while !update_line.start_with?('ruby-advisory-db:') && !r.eof? update_line = r.gets end else errors << "Error parsing DURING UPDATE: #{update_line}" end while !r.eof? # Parsing the bundler-audit results name_line = r.gets if name = name_line[/Name: (?<name>.+)/, :name] version_line = r.gets advisory_line = r.gets criticality_line = r.gets url_line = r.gets title_line = r.gets solution_line = r.gets space = r.gets if version_line && advisory_line && criticality_line && url_line && title_line && solution_line version = version_line[/Version: (?<version>.+)/, :version] advisory = advisory_line[/Advisory: (?<advisory>.+)/, :advisory] criticality = criticality_line[/Criticality: (?<criticality>.+)/, :criticality] url = url_line[/URL: (?<url>.+)/, :url] title = title_line[/Title: (?<title>.+)/, :title] solution = solution_line[/Solution: (?<solution>.+)/, :solution] # check for valid data # check database table for existing event data = {name: name, version: version, advisory: advisory, criticality: criticality, url: url, title: title, solution: solution} bai = ::BundlerAuditIssue.find_by_advisory(advisory) if bai # if event found, touch event bai.touch # if found event is ignored, remove from vulnerabilites hash if !bai.ignore vulnerabilities << data.merge({token: bai.token}) end else if bai = ::BundlerAuditIssue.create(data) vulnerabilities << data.merge({token: bai.token}) else errors << "Error parsing creating new BundlerAuditIssue with the following #{data}" end end else errors << "ERROR: nil line found #{version_line}, #{advisory_line}, #{criticality_line}, #{url_line}, #{title_line}, #{solution_line}" end elsif name_line.strip == "Vulnerabilities found!" # puts "End of output reached!" else errors << "Error parsing NAME LINE: #{name_line}" end end end # iterate through remaining vulnerabilties and send them in an email if any are remaining if errors.present? BundlerAuditIssuesMailer.error_in_running(errors).deliver_now end if vulnerabilities.present? BundlerAuditIssuesMailer.vulnerability_email(vulnerabilities).deliver_now end return [vulnerabilities, errors] end |