module Bundler::Security::Voting
Verifies voting verdicts for gems
Constants
- RemotePolicy
Remote policy settings from Coditsu
Public Class Methods
Build gems that don't have enough approvals
@param policy [Voting::RemotePolicy] remote policy settings @param gems [Hash] remote gem statistics
@return [Array] gems that don't have enough approvals based on remote policy
# File lib/bundler/security/voting.rb, line 24 def build_gems(policy, gems) gems.each_with_object([]) do |(name, data), errors| gem_policy = GemPolicy.new(name, data, policy) next if gem_policy.approved? next unless gem_policy.rejected? errors << BuildUnsafeGem.call(gem_policy) end end
Build remote policy based on Coditsu differ settings
@param policy [Hash] remote policy settings
@return [Voting::RemotePolicy]
# File lib/bundler/security/voting.rb, line 50 def build_remote_policy(policy) RemotePolicy.new( policy['type'], policy['threshold'] ) end
Build security verdict
@param remote_policy_type [String] @param command [String] either install or update @param errors [Array] detected security errors
# File lib/bundler/security/voting.rb, line 61 def build_status(remote_policy_type, command, errors) if errors.empty? BuildSuccess.call(remote_policy_type, command) else BuildFailure.call(remote_policy_type, command, errors) exit 1 end end
Build verdict
@param command [String] either install or update @param definition [Bundler::Definition] definition for your source
# File lib/bundler/security/voting.rb, line 12 def call(command, definition) remote_data(command, definition) .then { |policy, gems| [policy, build_gems(policy, gems)] } .then { |policy, errors| build_status(policy.type, command, errors) } end
Fetch data from the differ
@param command [String] either install or update @param definition [Bundler::Definition]
# File lib/bundler/security/voting.rb, line 39 def remote_data(command, definition) Versions::Remote .call(command, definition) .yield_self { |response| [build_remote_policy(response['policy']), response['gems']] } end