Class: Pipeline::NodeSecurityProject
- Includes:
- Util
- Defined in:
- lib/pipeline/tasks/nsp.rb
Instance Attribute Summary
Attributes inherited from BaseTask
#appname, #description, #findings, #labels, #name, #stage, #trigger, #warnings
Instance Method Summary collapse
- #analyze ⇒ Object
-
#initialize(trigger, tracker) ⇒ NodeSecurityProject
constructor
A new instance of NodeSecurityProject.
- #run ⇒ Object
- #supported? ⇒ Boolean
Methods included from Util
#fingerprint, #relative_path, #runsystem, #strip_archive_path
Methods inherited from BaseTask
Constructor Details
#initialize(trigger, tracker) ⇒ NodeSecurityProject
Returns a new instance of NodeSecurityProject.
9 10 11 12 13 14 15 |
# File 'lib/pipeline/tasks/nsp.rb', line 9 def initialize(trigger, tracker) super(trigger, tracker) @name = "NodeSecurityProject" @description = "Node Security Project" @stage = :code @labels << "code" end |
Instance Method Details
#analyze ⇒ Object
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'lib/pipeline/tasks/nsp.rb', line 25 def analyze begin # This block iterates through each package name found and selects the unique nsp advisories # regardless of version, and builds a pipeline finding hash for each unique package/advisory combo. @results.uniq {|finding| finding['module']}.each do |package| @results.select {|f| f['module'] == package['module']}.uniq {|m| m['advisory']}.each do |unique_finding| description = "#{unique_finding['module']} - #{unique_finding['title']}" detail = "Upgrade to versions: #{unique_finding['patched_versions']}\n#{unique_finding['advisory']}" source = { :scanner => 'NodeSecurityProject', :file => "#{unique_finding['module']} - #{unique_finding['vulnerable_versions']}", :line => nil, :code => nil } report description, detail, source, 'medium', fingerprint("#{description}#{detail}#{source}") end end rescue Exception => e Pipeline.warn e. Pipeline.warn e.backtrace end end |