class Bundler::Audit::CLI
Constants
- CRITICALITY_MAP
Public Instance Methods
check()
click to toggle source
# File lib/bundler/audit/cli.rb, line 38 def check begin scanner = Scanner.new rescue ArgumentError print_setup_instructions exit 1 end # attempt update the database before doing a scan scanner.database.update! unpatched_versions = false insecure_sources = false scanner.scan(:ignore => options.ignore) do |result| case result when Scanner::InsecureSource insecure_sources = true print_warning "Insecure Source URI found: #{result.source}" when Scanner::UnpatchedGem unpatched_versions = true print_advisory result.gem, result.advisory end end if unpatched_versions say "Unpatched versions found!", :red else say "No unpatched versions found", :green end if insecure_sources say "Insecure sources found!", :red else say "No insecure sources found", :green end if unpatched_versions || insecure_sources exit 1 end end
update()
click to toggle source
# File lib/bundler/audit/cli.rb, line 81 def update say "Updating ruby-advisory-db ..." Database.update! puts "ruby-advisory-db: #{Database.new.size} advisories" end
version()
click to toggle source
# File lib/bundler/audit/cli.rb, line 89 def version cmd = File.basename($0) advisories = nil begin database = Database.new advisories = " (advisories: #{database.size})" rescue ArgumentError # Don't have a database yet. end say "#{cmd} #{VERSION}#{advisories}", :bold if advisories.nil? print_setup_instructions exit 1 end end
Protected Instance Methods
print_advisory(gem, advisory)
click to toggle source
# File lib/bundler/audit/cli.rb, line 117 def print_advisory(gem, advisory) print_affected_gem(gem) say "Advisory: ", :red say advisory.id say "Criticality: ", :red say *(CRITICALITY_MAP[advisory.criticality] || "Unknown") say "URL: ", :red say advisory.url print_advisory_details advisory print_advisory_solution advisory say end
print_advisory_details(advisory)
click to toggle source
# File lib/bundler/audit/cli.rb, line 154 def print_advisory_details(advisory) if options.verbose? say "Description:", :red say print_wrapped advisory.description, :indent => 2 say else say "Title: ", :red say advisory.title end end
print_advisory_solution(advisory)
click to toggle source
# File lib/bundler/audit/cli.rb, line 167 def print_advisory_solution(advisory) unless advisory.patched_versions.empty? say "Solution: upgrade to ", :red say advisory.patched_versions.join(', ') else say "Solution: ", :red say "remove or disable this gem until a patch is available!", [:red, :bold] end end
print_affected_gem(gem)
click to toggle source
# File lib/bundler/audit/cli.rb, line 146 def print_affected_gem(gem) say "Name: ", :red say gem.name say "Version: ", :red say gem.version end
print_setup_instructions()
click to toggle source
# File lib/bundler/audit/cli.rb, line 137 def print_setup_instructions say "" print_warning "You don't have a copy of the Ruby vulnerabilities database yet." print_warning "To get the database, please run:" say "" print_warning " #{$0} update" say "" end
print_warning(message)
click to toggle source
# File lib/bundler/audit/cli.rb, line 113 def print_warning(message) say message, :yellow end
say(message="", color=nil)
click to toggle source
Calls superclass method
# File lib/bundler/audit/cli.rb, line 108 def say(message="", color=nil) color = nil unless $stdout.tty? super(message.to_s, color) end