class Bundler::Audit::Database
Represents the directory of advisories, grouped by gem name and CVE number.
Constants
- PATH
Path to the user’s copy of the ruby-advisory-db
- URL
Git
URL
of the ruby-advisory-db
Attributes
The path to the advisory database
Public Class Methods
Downloads the database.
@return [Boolean]
Specifies whether the download was successful.
@since 0.4.0
# File lib/bundler/audit/database.rb, line 87 def self.install! system 'git', 'clone', URL, path end
Initializes the Advisory
Database
.
@param [String] path
The path to the advisory database.
@raise [ArgumentError]
The path was not a directory.
# File lib/bundler/audit/database.rb, line 51 def initialize(path=self.class.path) unless File.directory?(path) raise(ArgumentError,"#{path.dump} is not a directory") end @path = path end
The default path for the database.
@return [String]
The path to the database directory. Defaults to {PATH}.
# File lib/bundler/audit/database.rb, line 65 def self.path @@path ||= PATH end
Sets the default path for the database.
@return [String]
The new default path for the database.
# File lib/bundler/audit/database.rb, line 75 def self.path=(new_path) @@path = new_path end
Updates the user’s ruby-advisory-db.
@return [Boolean]
Specifies whether the update was successful.
@see update!
@since 0.3.0
# File lib/bundler/audit/database.rb, line 101 def self.update! if File.directory?(File.join(path, '.git')) new(path).update! else install! end end
Public Instance Methods
Enumerates over every advisory in the database.
@yield [advisory]
If a block is given, it will be passed each advisory.
@yieldparam [Advisory] advisory
An advisory from the database.
@return [Enumerator]
If no block is given, an Enumerator will be returned.
# File lib/bundler/audit/database.rb, line 150 def advisories(&block) return enum_for(__method__) unless block_given? each_advisory_path do |path| yield Advisory.load(path) end end
Enumerates over advisories for the given gem.
@param [String] name
The gem name to lookup.
@yield [advisory]
If a block is given, each advisory for the given gem will be yielded.
@yieldparam [Advisory] advisory
An advisory for the given gem.
@return [Enumerator]
If no block is given, an Enumerator will be returned.
# File lib/bundler/audit/database.rb, line 173 def advisories_for(name) return enum_for(__method__,name) unless block_given? each_advisory_path_for(name) do |path| yield Advisory.load(path) end end
Verifies whether the gem is effected by any advisories.
@param [Gem::Specification] gem
The gem to verify.
@yield [advisory]
If a block is given, it will be passed advisories that effect the gem.
@yieldparam [Advisory] advisory
An advisory that effects the specific version of the gem.
@return [Enumerator]
If no block is given, an Enumerator will be returned.
# File lib/bundler/audit/database.rb, line 197 def check_gem(gem) return enum_for(__method__,gem) unless block_given? advisories_for(gem.name) do |advisory| if advisory.vulnerable?(gem.version) yield advisory end end end
Inspects the database.
@return [String]
The inspected database.
# File lib/bundler/audit/database.rb, line 233 def inspect "#<#{self.class}:#{self}>" end
Determines when the database was last updated.
@return [Time]
The time of the last update.
@since 0.4.0
# File lib/bundler/audit/database.rb, line 134 def last_updated Dir.chdir(@path) { Time.parse(`git log -1 --format=%ad`) } end
The number of advisories within the database.
@return [Integer]
The number of advisories.
# File lib/bundler/audit/database.rb, line 213 def size each_advisory_path.count end
Converts the database to a String.
@return [String]
The path to the database.
# File lib/bundler/audit/database.rb, line 223 def to_s @path end
Updates the database.
@return [Boolean]
Specifies whether the update was successful.
@note
Requires network access.
@see 0.4.0
# File lib/bundler/audit/database.rb, line 120 def update! Dir.chdir(@path) do system 'git', 'pull', 'origin', 'master' end end
Protected Instance Methods
Enumerates over every advisory path in the database.
@yield [path]
The given block will be passed each advisory path.
@yieldparam [String] path
A path to an advisory `.yml` file.
# File lib/bundler/audit/database.rb, line 248 def each_advisory_path(&block) Dir.glob(File.join(@path,'gems','*','*.yml'),&block) end
Enumerates over the advisories for the given gem.
@param [String] name
The gem of the gem.
@yield [path]
The given block will be passed each advisory path.
@yieldparam [String] path
A path to an advisory `.yml` file.
# File lib/bundler/audit/database.rb, line 264 def each_advisory_path_for(name,&block) Dir.glob(File.join(@path,'gems',name,'*.yml'),&block) end