Class: Bundler::Audit::CLI

Inherits:

Thor

• Object
• Thor
• Bundler::Audit::CLI

Defined in:

lib/bundler/audit/cli.rb

Constant Summary

CRITICALITY_MAP =

{
  :low    => ["Low"],
  :medium => ["Medium", :yellow],
  :high   => ["High", [:red, :bold]],
}

Instance Method Summary

• #check ⇒ Object
• #print_advisory(gem, advisory) ⇒ Object protected
• #print_advisory_details(advisory) ⇒ Object protected
• #print_advisory_solution(advisory) ⇒ Object protected
• #print_affected_gem(gem) ⇒ Object protected
• #print_warning(message) ⇒ Object protected
• #say(message = "", color = nil) ⇒ Object protected
• #update ⇒ Object
• #version ⇒ Object

Instance Method Details

#check ⇒ Object

# File 'lib/bundler/audit/cli.rb', line 38

def check
  scanner    = Scanner.new
  vulnerable = false

  # attempt update the database before doing a scan
  scanner.database.update!

  scanner.scan(:ignore => options.ignore) do |result|
    vulnerable = true

    case result
    when Scanner::InsecureSource
      print_warning "Insecure Source URI found: #{result.source}"
    when Scanner::UnpatchedGem
      print_advisory result.gem, result.advisory
    end
  end

  if vulnerable
    say "Unpatched versions found!", :red
    exit 1
  else
    say "No unpatched versions found", :green
  end
end

#print_advisory(gem, advisory) ⇒ Object (protected)

# File 'lib/bundler/audit/cli.rb', line 90

def print_advisory(gem, advisory)
  print_affected_gem(gem)

  say "Advisory: ", :red
  say advisory.id

  say "Criticality: ", :red
  say *(CRITICALITY_MAP[advisory.criticality] || "Unknown")

  say "URL: ", :red
  say advisory.url

  print_advisory_details advisory
  print_advisory_solution advisory

  say
end

#print_advisory_details(advisory) ⇒ Object (protected)

# File 'lib/bundler/audit/cli.rb', line 117

def print_advisory_details(advisory)
  if options.verbose?
    say "Description:", :red
    say

    print_wrapped advisory.description, :indent => 2
    say
  else
    say "Title: ", :red
    say advisory.title
  end
end

#print_advisory_solution(advisory) ⇒ Object (protected)

# File 'lib/bundler/audit/cli.rb', line 130

def print_advisory_solution(advisory)
  unless advisory.patched_versions.empty?
    say "Solution: upgrade to ", :red
    say advisory.patched_versions.join(', ')
  else
    say "Solution: ", :red
    say "remove or disable this gem until a patch is available!", [:red, :bold]
  end
end

#print_affected_gem(gem) ⇒ Object (protected)

# File 'lib/bundler/audit/cli.rb', line 109

def print_affected_gem(gem)
  say "Name: ", :red
  say gem.name

  say "Version: ", :red
  say gem.version
end

#print_warning(message) ⇒ Object (protected)

# File 'lib/bundler/audit/cli.rb', line 86

def print_warning(message)
  say message, :yellow
end

#say(message = "", color = nil) ⇒ Object (protected)

# File 'lib/bundler/audit/cli.rb', line 81

def say(message="", color=nil)
  color = nil unless $stdout.tty?
  super(message.to_s, color)
end

#update ⇒ Object

# File 'lib/bundler/audit/cli.rb', line 65

def update
  say "Updating ruby-advisory-db ..."

  Database.update!
  puts "ruby-advisory-db: #{Database.new.size} advisories"
end

#version ⇒ Object

# File 'lib/bundler/audit/cli.rb', line 73

def version
  database = Database.new

  puts "#{File.basename($0)} #{VERSION} (advisories: #{database.size})"
end