Class: GemGuard::Analyzer

Inherits:
Object
  • Object
show all
Defined in:
lib/gem_guard/analyzer.rb

Instance Method Summary collapse

Instance Method Details

#analyze(dependencies, vulnerabilities) ⇒ Object 



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'lib/gem_guard/analyzer.rb', line 3

def analyze(dependencies, vulnerabilities)
  vulnerable_dependencies = []

  dependencies.each do |dependency|
    matching_vulns = vulnerabilities.select { |vuln| vuln.gem_name == dependency.name }

    next if matching_vulns.empty?

    # Deduplicate vulnerabilities by ID to avoid duplicate entries for the same vulnerability
    unique_vulns = matching_vulns.uniq { |vuln| vuln.id }

    unique_vulns.each do |vulnerability|
      if version_affected?(dependency.version, vulnerability)
        vulnerable_dependencies << VulnerableDependency.new(
          dependency: dependency,
          vulnerability: vulnerability,
          recommended_fix: suggest_fix(dependency, vulnerability)
        )
      end
    end
  end

  Analysis.new(vulnerable_dependencies)
end