class Bundler::Audit::Database

Represents the directory of advisories, grouped by gem name and CVE number.

Constants

PATH

Path to the user’s copy of the ruby-advisory-db

URL

Git URL of the ruby-advisory-db

Attributes

path[R]

The path to the advisory database

Public Class Methods

install!() click to toggle source

Downloads the database.

@return [Boolean]

Specifies whether the download was successful.

@since 0.4.0

# File lib/bundler/audit/database.rb, line 87
def self.install!
  system 'git', 'clone', URL, path
end
new(path=self.class.path) click to toggle source

Initializes the Advisory Database.

@param [String] path

The path to the advisory database.

@raise [ArgumentError]

The path was not a directory.
# File lib/bundler/audit/database.rb, line 51
def initialize(path=self.class.path)
  unless File.directory?(path)
    raise(ArgumentError,"#{path.dump} is not a directory")
  end

  @path = path
end
path() click to toggle source

The default path for the database.

@return [String]

The path to the database directory. Defaults to {PATH}.
# File lib/bundler/audit/database.rb, line 65
def self.path
  @@path ||= PATH
end
path=(new_path) click to toggle source

Sets the default path for the database.

@return [String]

The new default path for the database.
# File lib/bundler/audit/database.rb, line 75
def self.path=(new_path)
  @@path = new_path
end
update!() click to toggle source

Updates the user’s ruby-advisory-db.

@return [Boolean]

Specifies whether the update was successful.

@see update!

@since 0.3.0

# File lib/bundler/audit/database.rb, line 101
def self.update!
  if File.directory?(File.join(path, '.git'))
    new(path).update!
  else
    install!
  end
end

Public Instance Methods

advisories() { |load| ... } click to toggle source

Enumerates over every advisory in the database.

@yield [advisory]

If a block is given, it will be passed each advisory.

@yieldparam [Advisory] advisory

An advisory from the database.

@return [Enumerator]

If no block is given, an Enumerator will be returned.
# File lib/bundler/audit/database.rb, line 150
def advisories(&block)
  return enum_for(__method__) unless block_given?

  each_advisory_path do |path|
    yield Advisory.load(path)
  end
end
advisories_for(name) { |load| ... } click to toggle source

Enumerates over advisories for the given gem.

@param [String] name

The gem name to lookup.

@yield [advisory]

If a block is given, each advisory for the given gem will be yielded.

@yieldparam [Advisory] advisory

An advisory for the given gem.

@return [Enumerator]

If no block is given, an Enumerator will be returned.
# File lib/bundler/audit/database.rb, line 173
def advisories_for(name)
  return enum_for(__method__,name) unless block_given?

  each_advisory_path_for(name) do |path|
    yield Advisory.load(path)
  end
end
check_gem(gem) { |advisory| ... } click to toggle source

Verifies whether the gem is effected by any advisories.

@param [Gem::Specification] gem

The gem to verify.

@yield [advisory]

If a block is given, it will be passed advisories that effect
the gem.

@yieldparam [Advisory] advisory

An advisory that effects the specific version of the gem.

@return [Enumerator]

If no block is given, an Enumerator will be returned.
# File lib/bundler/audit/database.rb, line 197
def check_gem(gem)
  return enum_for(__method__,gem) unless block_given?

  advisories_for(gem.name) do |advisory|
    if advisory.vulnerable?(gem.version)
      yield advisory
    end
  end
end
inspect() click to toggle source

Inspects the database.

@return [String]

The inspected database.
# File lib/bundler/audit/database.rb, line 233
def inspect
  "#<#{self.class}:#{self}>"
end
last_updated() click to toggle source

Determines when the database was last updated.

@return [Time]

The time of the last update.

@since 0.4.0

# File lib/bundler/audit/database.rb, line 134
def last_updated
  Dir.chdir(@path) { Time.parse(`git log -1 --format=%ad`) }
end
size() click to toggle source

The number of advisories within the database.

@return [Integer]

The number of advisories.
# File lib/bundler/audit/database.rb, line 213
def size
  each_advisory_path.count
end
to_s() click to toggle source

Converts the database to a String.

@return [String]

The path to the database.
# File lib/bundler/audit/database.rb, line 223
def to_s
  @path
end
update!() click to toggle source

Updates the database.

@return [Boolean]

Specifies whether the update was successful.

@note

Requires network access.

@see 0.4.0

# File lib/bundler/audit/database.rb, line 120
def update!
  Dir.chdir(@path) do
    system 'git', 'pull', 'origin', 'master'
  end
end

Protected Instance Methods

each_advisory_path(&block) click to toggle source

Enumerates over every advisory path in the database.

@yield [path]

The given block will be passed each advisory path.

@yieldparam [String] path

A path to an advisory `.yml` file.
# File lib/bundler/audit/database.rb, line 248
def each_advisory_path(&block)
  Dir.glob(File.join(@path,'gems','*','*.yml'),&block)
end
each_advisory_path_for(name,&block) click to toggle source

Enumerates over the advisories for the given gem.

@param [String] name

The gem of the gem.

@yield [path]

The given block will be passed each advisory path.

@yieldparam [String] path

A path to an advisory `.yml` file.
# File lib/bundler/audit/database.rb, line 264
def each_advisory_path_for(name,&block)
  Dir.glob(File.join(@path,'gems',name,'*.yml'),&block)
end