class Bundler::Audit::Scanner
Constants
- InsecureSource
Represents a plain-text source
- UnpatchedGem
Represents a gem that is covered by an
Advisory
Attributes
database[R]
The advisory database
@return [Database]
lockfile[R]
The parsed ‘Gemfile.lock` from the project
@return [Bundler::LockfileParser]
root[R]
Project root directory
Public Class Methods
new(root=Dir.pwd)
click to toggle source
Initializes a scanner.
@param [String] root
The path to the project root.
# File lib/bundler/audit/scanner.rb, line 36 def initialize(root=Dir.pwd) @root = File.expand_path(root) @database = Database.new @lockfile = LockfileParser.new( File.read(File.join(@root,'Gemfile.lock')) ) end
Public Instance Methods
scan(options={}) { |source| ... }
click to toggle source
Scans the project for issues.
@param [Hash] options
Additional options.
@option options [Array<String>] :ignore
The advisories to ignore.
@yield [result]
The given block will be passed the results of the scan.
@yieldparam [InsecureSource, UnpatchedGem] result
A result from the scan.
@return [Enumerator]
If no block is given, an Enumerator will be returned.
# File lib/bundler/audit/scanner.rb, line 62 def scan(options={}) return enum_for(__method__,options) unless block_given? get_insecure_sources.each { |source| yield source } get_unpatched_gems(options[:ignore]).each { |gem| yield gem } return self end
Protected Instance Methods
get_insecure_sources()
click to toggle source
# File lib/bundler/audit/scanner.rb, line 73 def get_insecure_sources insecure = [] @lockfile.sources.each do |source| case source when Source::Git next unless(source.uri =~ /^(git|http):/) insecure << InsecureSource.new(source.uri) when Source::Rubygems source.remotes.map do |uri| next unless uri.scheme == 'http' insecure << InsecureSource.new(uri.to_s) end end end return insecure end
get_unpatched_gems(ignore)
click to toggle source
# File lib/bundler/audit/scanner.rb, line 93 def get_unpatched_gems(ignore) ignore = Set.new(ignore) # If ignore is empty the Set will contain nil, # but since we should never have a nil version # that's a non-issue. unpatched = [] @lockfile.specs.each do |gem| @database.check_gem(gem) do |advisory| next if ignore.include?(advisory.id) unpatched << UnpatchedGem.new(gem,advisory) end end return unpatched end