module Bundler::Security::Voting::BuildUnsafeGem

Module responsible for building unsafe gem details

Constants

DIFF_URL

Differ url

Public Class Methods

approved(remote_policy, gem_policy) click to toggle source

Builds safe details

@param remote_policy [Voting::RemotePolicy] @param gem_policy [Voting::GemPolicy]

@return [String]

# File lib/bundler/security/voting/build_unsafe_gem.rb, line 35
def approved(remote_policy, gem_policy)
  return if gem_policy.approved?

  array = []
  array << "approved (#{gem_policy.approved} expected #{remote_policy.approved})"
  array << differ_url(gem_policy)
  array.join(' ')
end
call(gem_policy) click to toggle source

Builds details of an unsafe gem

@param gem_policy [Voting::GemPolicy]

@return [String]

# File lib/bundler/security/voting/build_unsafe_gem.rb, line 17
def call(gem_policy)
  [
    gem_policy.name,
    gem_policy.new_version? ? gem_policy.new_version : gem_policy.current_version,
    '-',
    [
      approved(gem_policy.remote_policy, gem_policy),
      rejected(gem_policy.remote_policy, gem_policy)
    ].compact.join(', ')
  ].join(' ')
end
differ_url(gem_policy) click to toggle source

Builds differ url for gem with version details

@param gem_policy [Voting::GemPolicy]

@return [String]

# File lib/bundler/security/voting/build_unsafe_gem.rb, line 64
def differ_url(gem_policy)
  array = [DIFF_URL, gem_policy.name, gem_policy.current_version]
  array << gem_policy.new_version if gem_policy.new_version?
  array.join('/')
end
rejected(remote_policy, gem_policy) click to toggle source

Builds malicious details

@param remote_policy [Voting::RemotePolicy] @param gem_policy [Voting::GemPolicy]

@return [String]

# File lib/bundler/security/voting/build_unsafe_gem.rb, line 50
def rejected(remote_policy, gem_policy)
  return if gem_policy.rejected?

  array = []
  array << "rejected (#{gem_policy.rejected} expected #{remote_policy.rejected})"
  array << differ_url(gem_policy)
  array.join(' ')
end