bundler-audit 0.8.0 → 0.9.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/ISSUE_TEMPLATE/bug-report.md +44 -0
- data/.github/ISSUE_TEMPLATE/feature-request.md +14 -0
- data/.github/workflows/ruby.yml +16 -2
- data/.rubocop.yml +86 -0
- data/COPYING.txt +4 -4
- data/ChangeLog.md +51 -0
- data/Gemfile +8 -3
- data/README.md +58 -26
- data/Rakefile +7 -3
- data/bundler-audit.gemspec +2 -3
- data/gemspec.yml +7 -0
- data/lib/bundler/audit/advisory.rb +25 -3
- data/lib/bundler/audit/cli/formats/json.rb +17 -3
- data/lib/bundler/audit/cli/formats/junit.rb +127 -0
- data/lib/bundler/audit/cli/formats/text.rb +13 -9
- data/lib/bundler/audit/cli/formats.rb +8 -4
- data/lib/bundler/audit/cli.rb +37 -18
- data/lib/bundler/audit/configuration.rb +8 -5
- data/lib/bundler/audit/database.rb +28 -10
- data/lib/bundler/audit/results/insecure_source.rb +5 -2
- data/lib/bundler/audit/results/unpatched_gem.rb +7 -3
- data/lib/bundler/audit/results.rb +2 -2
- data/lib/bundler/audit/scanner.rb +17 -8
- data/lib/bundler/audit/task.rb +50 -5
- data/lib/bundler/audit/version.rb +3 -3
- data/lib/bundler/audit.rb +2 -2
- data/spec/advisory_spec.rb +19 -2
- data/spec/bundle/insecure_sources/Gemfile.lock +71 -73
- data/spec/bundle/secure/Gemfile.lock +60 -62
- data/spec/cli/formats/json_spec.rb +1 -0
- data/spec/cli/formats/junit_spec.rb +284 -0
- data/spec/cli/formats/text_spec.rb +88 -18
- data/spec/cli_spec.rb +57 -17
- data/spec/database_spec.rb +26 -2
- data/spec/fixtures/advisory/CVE-2020-1234.yml +1 -0
- data/spec/fixtures/lib/bundler/audit/cli/formats/bad.rb +0 -2
- data/spec/fixtures/lib/bundler/audit/cli/formats/good.rb +0 -2
- data/spec/results/unpatched_gem_spec.rb +2 -2
- data/spec/scanner_spec.rb +25 -1
- data/spec/spec_helper.rb +5 -1
- metadata +29 -8
data/spec/spec_helper.rb
CHANGED
|
@@ -33,7 +33,11 @@ end
|
|
|
33
33
|
module Helpers
|
|
34
34
|
def sh(command, options={})
|
|
35
35
|
result = `#{command} 2>&1`
|
|
36
|
-
|
|
36
|
+
|
|
37
|
+
if $?.success? == !!options[:fail]
|
|
38
|
+
raise "FAILED #{command}\n#{result}"
|
|
39
|
+
end
|
|
40
|
+
|
|
37
41
|
result
|
|
38
42
|
end
|
|
39
43
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bundler-audit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.9.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Postmodern
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-05-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thor
|
|
@@ -57,9 +57,12 @@ extra_rdoc_files:
|
|
|
57
57
|
files:
|
|
58
58
|
- ".document"
|
|
59
59
|
- ".github/FUNDING.yml"
|
|
60
|
+
- ".github/ISSUE_TEMPLATE/bug-report.md"
|
|
61
|
+
- ".github/ISSUE_TEMPLATE/feature-request.md"
|
|
60
62
|
- ".github/workflows/ruby.yml"
|
|
61
63
|
- ".gitignore"
|
|
62
64
|
- ".rspec"
|
|
65
|
+
- ".rubocop.yml"
|
|
63
66
|
- ".yardopts"
|
|
64
67
|
- COPYING.txt
|
|
65
68
|
- ChangeLog.md
|
|
@@ -75,6 +78,7 @@ files:
|
|
|
75
78
|
- lib/bundler/audit/cli.rb
|
|
76
79
|
- lib/bundler/audit/cli/formats.rb
|
|
77
80
|
- lib/bundler/audit/cli/formats/json.rb
|
|
81
|
+
- lib/bundler/audit/cli/formats/junit.rb
|
|
78
82
|
- lib/bundler/audit/cli/formats/text.rb
|
|
79
83
|
- lib/bundler/audit/cli/thor_ext/shell/basic/say_error.rb
|
|
80
84
|
- lib/bundler/audit/configuration.rb
|
|
@@ -99,6 +103,7 @@ files:
|
|
|
99
103
|
- spec/bundle/unpatched_gems_with_dot_configuration/Gemfile
|
|
100
104
|
- spec/bundle/unpatched_gems_with_dot_configuration/Gemfile.lock
|
|
101
105
|
- spec/cli/formats/json_spec.rb
|
|
106
|
+
- spec/cli/formats/junit_spec.rb
|
|
102
107
|
- spec/cli/formats/text_spec.rb
|
|
103
108
|
- spec/cli/formats_spec.rb
|
|
104
109
|
- spec/cli_spec.rb
|
|
@@ -122,8 +127,9 @@ files:
|
|
|
122
127
|
homepage: https://github.com/rubysec/bundler-audit#readme
|
|
123
128
|
licenses:
|
|
124
129
|
- GPL-3.0+
|
|
125
|
-
metadata:
|
|
126
|
-
|
|
130
|
+
metadata:
|
|
131
|
+
rubygems_mfa_required: 'true'
|
|
132
|
+
post_install_message:
|
|
127
133
|
rdoc_options: []
|
|
128
134
|
require_paths:
|
|
129
135
|
- lib
|
|
@@ -138,8 +144,23 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
138
144
|
- !ruby/object:Gem::Version
|
|
139
145
|
version: 1.8.0
|
|
140
146
|
requirements: []
|
|
141
|
-
rubygems_version: 3.
|
|
142
|
-
signing_key:
|
|
147
|
+
rubygems_version: 3.2.33
|
|
148
|
+
signing_key:
|
|
143
149
|
specification_version: 4
|
|
144
150
|
summary: Patch-level verification for Bundler
|
|
145
|
-
test_files:
|
|
151
|
+
test_files:
|
|
152
|
+
- spec/advisory_spec.rb
|
|
153
|
+
- spec/audit_spec.rb
|
|
154
|
+
- spec/cli/formats/json_spec.rb
|
|
155
|
+
- spec/cli/formats/junit_spec.rb
|
|
156
|
+
- spec/cli/formats/text_spec.rb
|
|
157
|
+
- spec/cli/formats_spec.rb
|
|
158
|
+
- spec/cli_spec.rb
|
|
159
|
+
- spec/configuration_spec.rb
|
|
160
|
+
- spec/database_spec.rb
|
|
161
|
+
- spec/integration_spec.rb
|
|
162
|
+
- spec/report_spec.rb
|
|
163
|
+
- spec/results/insecure_source_spec.rb
|
|
164
|
+
- spec/results/result_spec.rb
|
|
165
|
+
- spec/results/unpatched_gem_spec.rb
|
|
166
|
+
- spec/scanner_spec.rb
|