Class: Overcommit::Hook::PreCommit::BundleAudit

Inherits:
Base
  • Object
show all
Defined in:
lib/overcommit/hook/pre_commit/bundle_audit.rb

Overview

Checks for vulnerable versions of gems in Gemfile.lock.

Constant Summary collapse

LOCK_FILE =
'Gemfile.lock'.freeze

Instance Attribute Summary

Attributes inherited from Base

#config

Instance Method Summary collapse

Methods inherited from Base

#applicable_files, #command, #description, #enabled?, #execute, #execute_in_background, #flags, #in_path?, #included_files, #initialize, #name, #parallelize?, #processors, #quiet?, #required?, #required_executable, #required_libraries, #run?, #run_and_transform, #skip?

Constructor Details

This class inherits a constructor from Overcommit::Hook::Base

Instance Method Details

#runObject



10
11
12
13
14
15
16
17
18
19
20
21
22
# File 'lib/overcommit/hook/pre_commit/bundle_audit.rb', line 10

def run
  # Ignore if Gemfile.lock is not tracked by git
  ignored_files = execute(%W[git ls-files -o -i --exclude-standard -- #{LOCK_FILE}]).
                  stdout.split("\n")
  return :pass if ignored_files.include?(LOCK_FILE)

  result = execute(command)
  if result.success?
    :pass
  else
    return [:warn, result.stdout]
  end
end