module Bundler::Security::Voting::Versions::Remote

Module responsible for fetching safe/malicious votes for current or current/new versions of gems

Constants

ENDPOINT_URL

Differ bundler url

Public Class Methods

call(command, definition) click to toggle source

@param command [String] either install or update @param definition [Bundler::Definition] definition for your source

# File lib/bundler/security/voting/versions/remote.rb, line 21
def call(command, definition)
  config = fetch_config

  Request
    .call(config, payload(command, config&.repository_id, definition))
    .then { |response| JSON.parse(response.body) }
end
fetch_config() click to toggle source

Fetch coditsu config file

@return [OpenStruct, nil] configuration object

@raise [Errors::MissingConfigurationFile] when no config file

# File lib/bundler/security/voting/versions/remote.rb, line 48
def fetch_config
  Config::Fetcher.call(
    File.expand_path('..', Bundler.bin_path)
  )
rescue Errors::MissingConfigurationFile
  nil
end
payload(command, repository_id, definition) click to toggle source

@param command [String] either install or update @param repository_id [String] coditsu repository_id @param definition [Bundler::Definition] definition for your source

@return [Hash] payload for differ bundler endpoint

# File lib/bundler/security/voting/versions/remote.rb, line 34
def payload(command, repository_id, definition)
  Local.call(command, definition).each_with_object({}) do |(name, versions), hash|
    hash[:data] ||= {}
    hash[:data][:repository_id] = repository_id if repository_id
    hash[:data][:gems] ||= {}
    hash[:data][:gems][name] = versions
  end
end