Class: GemGuard::Config

Inherits:
Object
  • Object
show all
Defined in:
lib/gem_guard/config.rb

Constant Summary collapse

DEFAULT_CONFIG = 
{
  "lockfile" => "Gemfile.lock",
  "format" => "table",
  "fail_on_vulnerabilities" => true,
  "severity_threshold" => "low",
  "ignore_vulnerabilities" => [],
  "ignore_gems" => [],
  "output_file" => nil,
  "project_name" => nil,
  "sbom" => {
    "format" => "spdx",
    "include_dev_dependencies" => false
  },
  "scan" => {
    "sources" => ["osv", "ruby_advisory_db", "ghsa", "nvd", "cu_advisory_db"],
    "timeout" => 30
  }
}.freeze
SEVERITY_LEVELS = 
%w[low medium high critical].freeze

Instance Method Summary collapse

Constructor Details

#initialize(config_path = ".gemguard.yml") ⇒ Config

Returns a new instance of Config.



26
27
28
29
 
# File 'lib/gem_guard/config.rb', line 26

def initialize(config_path = ".gemguard.yml")
  @config_path = config_path
  @config = load_config
end

Instance Method Details

#exists?Boolean

Returns:

  • (Boolean) 


58
59
60
 
# File 'lib/gem_guard/config.rb', line 58

def exists?
  File.exist?(@config_path)
end

#fail_on_vulnerabilities?Boolean

Returns:

  • (Boolean) 


70
71
72
 
# File 'lib/gem_guard/config.rb', line 70

def fail_on_vulnerabilities?
  get("fail_on_vulnerabilities")
end

#get(key) ⇒ Object 



31
32
33
34
35
36
37
38
39
40
 
# File 'lib/gem_guard/config.rb', line 31

def get(key)
  keys = key.split(".")
  value = @config

  keys.each do |k|
    value = value[k] if value.is_a?(Hash)
  end

  value
end

#ignored_gemsObject 



82
83
84
 
# File 'lib/gem_guard/config.rb', line 82

def ignored_gems
  get("ignore_gems") || []
end

#ignored_vulnerabilitiesObject 



78
79
80
 
# File 'lib/gem_guard/config.rb', line 78

def ignored_vulnerabilities
  get("ignore_vulnerabilities") || []
end

#include_dev_dependencies?Boolean

Returns:

  • (Boolean) 


98
99
100
 
# File 'lib/gem_guard/config.rb', line 98

def include_dev_dependencies?
  get("sbom.include_dev_dependencies")
end

#lockfile_pathObject 



62
63
64
 
# File 'lib/gem_guard/config.rb', line 62

def lockfile_path
  get("lockfile")
end

#meets_severity_threshold?(severity) ⇒ Boolean

Returns:

  • (Boolean) 


118
119
120
121
122
123
124
125
126
127
 
# File 'lib/gem_guard/config.rb', line 118

def meets_severity_threshold?(severity)
  return true if severity.nil? || severity.empty?

  severity_index = SEVERITY_LEVELS.index(severity.downcase)
  threshold_index = SEVERITY_LEVELS.index(severity_threshold.downcase)

  return true if severity_index.nil? || threshold_index.nil?

  severity_index >= threshold_index
end

#output_fileObject 



86
87
88
 
# File 'lib/gem_guard/config.rb', line 86

def output_file
  get("output_file")
end

#output_formatObject 



66
67
68
 
# File 'lib/gem_guard/config.rb', line 66

def output_format
  get("format")
end

#project_nameObject 



90
91
92
 
# File 'lib/gem_guard/config.rb', line 90

def project_name
  get("project_name") || detect_project_name
end

#saveObject 



54
55
56
 
# File 'lib/gem_guard/config.rb', line 54

def save
  File.write(@config_path, YAML.dump(@config))
end

#sbom_formatObject 



94
95
96
 
# File 'lib/gem_guard/config.rb', line 94

def sbom_format
  get("sbom.format")
end

#scan_timeoutObject 



106
107
108
 
# File 'lib/gem_guard/config.rb', line 106

def scan_timeout
  get("scan.timeout")
end

#set(key, value) ⇒ Object 



42
43
44
45
46
47
48
49
50
51
52
 
# File 'lib/gem_guard/config.rb', line 42

def set(key, value)
  keys = key.split(".")
  target = @config

  keys[0..-2].each do |k|
    target[k] ||= {}
    target = target[k]
  end

  target[keys.last] = value
end

#severity_thresholdObject 



74
75
76
 
# File 'lib/gem_guard/config.rb', line 74

def severity_threshold
  get("severity_threshold")
end

#should_ignore_gem?(gem_name) ⇒ Boolean

Returns:

  • (Boolean) 


114
115
116
 
# File 'lib/gem_guard/config.rb', line 114

def should_ignore_gem?(gem_name)
  ignored_gems.include?(gem_name)
end

#should_ignore_vulnerability?(vulnerability_id) ⇒ Boolean

Returns:

  • (Boolean) 


110
111
112
 
# File 'lib/gem_guard/config.rb', line 110

def should_ignore_vulnerability?(vulnerability_id)
  ignored_vulnerabilities.include?(vulnerability_id)
end

#vulnerability_sourcesObject 



102
103
104
 
# File 'lib/gem_guard/config.rb', line 102

def vulnerability_sources
  get("scan.sources")
end