module OssAudit::Managers::Bundler

Public Class Methods

get_info(package, version=nil) click to toggle source
# File lib/oss_audit/managers/bundler.rb, line 18
def self.get_info(package, version=nil)
  data = get_uri("https://rubygems.org/api/v1/gems/#{package}.json")
  
  if data.is_a?(Exception)
    OssAudit.logger.error{"#{package} | #{data}"}
    return
  end

  name          = data['name']
  licenses      = Array(data['license'] || data['licenses'])
  homepage      = data['homepage_uri'] || data.dig('metadata','homepage_uri') || data['project_uri']
  source        = data['source_code_uri'] || data.dig('metadata','source_code_uri')

  dependencies  = data['dependencies']['runtime'].map{|k| k['name']}

  return {
    "name"          => name,
    "licenses"      => licenses,
    "homepage"      => homepage,
    "source"        => source,
    "dependencies"  => dependencies
  }
end
list_dependencies(directory) click to toggle source
# File lib/oss_audit/managers/bundler.rb, line 10
def self.list_dependencies(directory)
  file = File.read(File.join(directory, 'Gemfile'))

  file.gsub!(/\#.*/,'')

  return file.scan(/gem\s["'](\w+)["']/).flatten.uniq
end
used_in?(directory) click to toggle source
# File lib/oss_audit/managers/bundler.rb, line 6
def self.used_in?(directory)
  File.exists?(File.join(directory, 'Gemfile.lock')) || File.exists?(File.join(directory, 'Gemfile'))
end