Module: Bundler::Security::Voting

Defined in:

lib/bundler/security/voting.rb,
lib/bundler/security/voting/request.rb,
lib/bundler/security/voting/gem_policy.rb,
lib/bundler/security/voting/build_failure.rb,
lib/bundler/security/voting/build_success.rb,
lib/bundler/security/voting/remote_policy.rb,
lib/bundler/security/voting/versions/local.rb,
lib/bundler/security/voting/versions/remote.rb,
lib/bundler/security/voting/build_unsafe_gem.rb

Overview

Verifies voting verdicts for gems

Defined Under Namespace

Modules: BuildFailure, BuildSuccess, BuildUnsafeGem, Request, Versions Classes: GemPolicy, RemotePolicy

Class Method Summary

• .build_gems(policy, gems) ⇒ Array

  Build gems that don’t have enough approvals.

• .build_remote_policy(policy) ⇒ Voting::RemotePolicy

  Build remote policy based on Coditsu differ settings.

• .build_status(remote_policy_type, command, errors) ⇒ Object

  Build security verdict.

• .call(command, definition) ⇒ Object

  Build verdict.

• .remote_data(command, definition) ⇒ Object

  Fetch data from the differ.

Class Method Details

.build_gems(policy, gems) ⇒ Array

Build gems that don’t have enough approvals

Parameters:

• policy (Voting::RemotePolicy) —

  remote policy settings

• gems (Hash) —

  remote gem statistics

Returns:

• (Array) —

  gems that don’t have enough approvals based on remote policy

# File 'lib/bundler/security/voting.rb', line 24

def build_gems(policy, gems)
  gems.each_with_object([]) do |(name, data), errors|
    gem_policy = GemPolicy.new(name, data, policy)

    next if gem_policy.approved?
    next unless gem_policy.rejected?

    errors << BuildUnsafeGem.call(gem_policy)
  end
end

.build_remote_policy(policy) ⇒ Voting::RemotePolicy

Build remote policy based on Coditsu differ settings

Parameters:

• policy (Hash) —

  remote policy settings

Returns:

• (Voting::RemotePolicy)

# File 'lib/bundler/security/voting.rb', line 50

def build_remote_policy(policy)
  RemotePolicy.new(
    policy['type'], policy['threshold']
  )
end

.build_status(remote_policy_type, command, errors) ⇒ Object

Build security verdict

Parameters:

• remote_policy_type (String)
• command (String) —

  either install or update

• errors (Array) —

  detected security errors

# File 'lib/bundler/security/voting.rb', line 61

def build_status(remote_policy_type, command, errors)
  if errors.empty?
    BuildSuccess.call(remote_policy_type, command)
  else
    BuildFailure.call(remote_policy_type, command, errors)
    exit 1
  end
end

.call(command, definition) ⇒ Object

Build verdict

Parameters:

• command (String) —

  either install or update

• definition (Bundler::Definition) —

  definition for your source

# File 'lib/bundler/security/voting.rb', line 12

def call(command, definition)
  remote_data(command, definition)
    .then { |policy, gems| [policy, build_gems(policy, gems)] }
    .then { |policy, errors| build_status(policy.type, command, errors) }
end

.remote_data(command, definition) ⇒ Object

Fetch data from the differ

Parameters:

• command (String) —

  either install or update

• definition (Bundler::Definition)

# File 'lib/bundler/security/voting.rb', line 39

def remote_data(command, definition)
  Versions::Remote
    .call(command, definition)
    .yield_self { |response| [build_remote_policy(response['policy']), response['gems']] }
end