class Bundler::Security::Voting::GemPolicy

Gem policy with statistics from Coditsu differ

Attributes

current_version[R]
name[R]
new_version[R]
remote_policy[R]

Public Class Methods

new(name, gem_data, remote_policy) click to toggle source

Build gem policy

@param name [String] gem name @param gem_data [Array] gem version and statistics from Coditsu @param remote_policy [Voting::RemotePolicy]

# File lib/bundler/security/voting/gem_policy.rb, line 15
def initialize(name, gem_data, remote_policy)
  @name = name
  @new_version = nil

  versions = gem_data.first

  raise Errors::InvalidRemoteVersionsType, versions.class unless versions.is_a?(Array)

  @current_version = versions.first.empty? ? versions.last : versions.first
  @new_version = versions.last if @current_version != versions.last

  @remote_policy = remote_policy
  @threshold = gem_data.last[remote_policy.type]
end

Public Instance Methods

approved() click to toggle source

How many time gem was marked as safe

@return [Integer]

# File lib/bundler/security/voting/gem_policy.rb, line 33
def approved
  @threshold['up'].to_i
end
approved?() click to toggle source

Checks if a gem is safe based on a remote policy

@return [Boolean] true if it's safe, false otherwise

# File lib/bundler/security/voting/gem_policy.rb, line 47
def approved?
  approved >= @remote_policy.approved
end
new_version?() click to toggle source

Check if a new version was requested

@return [Boolean] true if new version was requested, false otherwise

# File lib/bundler/security/voting/gem_policy.rb, line 61
def new_version?
  !@new_version.nil?
end
rejected() click to toggle source

How many time gem was marked as malicious

@return [Integer]

# File lib/bundler/security/voting/gem_policy.rb, line 40
def rejected
  @threshold['down'].to_i
end
rejected?() click to toggle source

Checks if a gem is malicious based on a remote policy

@return [Boolean] true if it's malicious, false otherwise

# File lib/bundler/security/voting/gem_policy.rb, line 54
def rejected?
  @remote_policy.rejected >= rejected
end