chelsea 0.0.23 → 0.0.28

data/lib/chelsea/bom.rb

@@ -40,7 +40,7 @@ module Chelsea
     end
 
     def random_urn_uuid
-      'urn:uuid:' + SecureRandom.uuid
+      "urn:uuid:#{SecureRandom.uuid}"
     end
 
     private
@@ -87,8 +87,8 @@ module Chelsea
       component
     end
 
-    def _show_logo
-      logo = %Q(
+    def _show_logo # rubocop:disable Metrics/MethodLength
+      logo = %(
                           -o/
                       -+hNmNN-
     .:+osyhddddyso/-``ody+-  .NN.

data/lib/chelsea/cli.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -26,7 +28,7 @@ require_relative 'config'
 module Chelsea
   ##
   # This class provides an interface to the oss index, gems and deps
-  class CLI
+  class CLI # rubocop:disable Metrics/ClassLength
     def initialize(opts)
       @opts = opts
       @pastel = Pastel.new
@@ -34,22 +36,28 @@ module Chelsea
       _show_logo # Move to formatter
     end
 
-    def process!
+    # rubocop:disable Metrics/CyclomaticComplexity
+    def process! # rubocop:disable Metrics/AbcSize, Metrics/MethodLength,  Metrics/PerceivedComplexity
       if @opts.config?
         _set_config # move to init
       elsif @opts.clear?
         require_relative 'db'
-        Chelsea::DB.new().clear_cache
-        puts "OSS Index cache cleared"
+        Chelsea::DB.new.clear_cache
+        puts 'OSS Index cache cleared'
       elsif @opts.file? && @opts.iq?
         dependencies = _process_file_iq
         _submit_sbom(dependencies)
+      elsif !@opts.file? && @opts.iq?
+        abort 'Missing the --file argument. It is required with the --iq argument.'
       elsif @opts.file?
         _process_file
       elsif @opts.help? # quit on opts.help earlier
         puts _cli_flags # this doesn't exist
+      else
+        abort 'Missing arguments! Chelsea did nothing. Try providing the --file <Gemfile.lock> argument.'
       end
     end
+    # rubocop:enable Metrics/CyclomaticComplexity
 
     def self.version
       Chelsea::VERSION
@@ -57,7 +65,7 @@ module Chelsea
 
     private
 
-    def _submit_sbom(gems)
+    def _submit_sbom(gems) # rubocop:disable Metrics/MethodLength
       iq = Chelsea::IQClient.new(
         options: {
           public_application_id: @opts[:application],
@@ -70,10 +78,29 @@ module Chelsea
       bom = Chelsea::Bom.new(gems.deps.dependencies).collect
 
       status_url = iq.post_sbom(bom)
-      
+
       return unless status_url
 
-      iq.poll_status(status_url)
+      msg, color, exit_code = iq.poll_status(status_url)
+      show_status(msg, color)
+      # this may not be very ruby-esque, but `return exit_code` and `exit_code` didn't result in the desired exit status
+      exit exit_code
+    end
+
+    def show_status(msg, color)
+      case color
+      when Chelsea::IQClient::COLOR_FAILURE
+        puts @pastel.red.bold(msg)
+      when Chelsea::IQClient::COLOR_WARNING
+        # want yellow, but that doesn't print
+        # puts @pastel.color.bold(msg, color)
+        puts @pastel.blue.blue(msg)
+      when Chelsea::IQClient::COLOR_NONE
+        # want yellow, but that doesn't print
+        puts @pastel.green.bold(msg)
+      else
+        puts @pastel.bold(msg)
+      end
     end
 
     def _process_file
@@ -108,7 +135,7 @@ module Chelsea
 
     def _flags_set?
       # I'm still unsure what this is trying to express
-      valid_flags = _flags.collect {|arg| @opts[arg] }.compact
+      valid_flags = _flags.collect { |arg| @opts[arg] }.compact
       valid_flags.count > 1
     end
 
@@ -120,7 +147,7 @@ module Chelsea
     def _show_logo
       font = TTY::Font.new(:doom)
       puts @pastel.green(font.write('Chelsea'))
-      puts @pastel.green('Version: ' + CLI.version)
+      puts @pastel.green("Version: #{CLI.version}")
     end
 
     def _load_config

data/lib/chelsea/config.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -17,6 +19,7 @@
 require 'yaml'
 require_relative 'oss_index'
 
+# Saved credentials
 module Chelsea
   @oss_index_config_location = File.join(Dir.home.to_s, '.ossindex')
   @oss_index_config_filename = '.oss-index-config'
@@ -43,10 +46,8 @@ module Chelsea
     @client
   end
 
-  def self.oss_index_config
-    if !File.exist? File.join(@oss_index_config_location, @oss_index_config_filename)
-      { oss_index_user_name: '', oss_index_user_token: '' }
-    else
+  def self.oss_index_config # rubocop:disable Metrics/MethodLength
+    if File.exist? File.join(@oss_index_config_location, @oss_index_config_filename)
       conf_hash = YAML.safe_load(
         File.read(
           File.join(@oss_index_config_location, @oss_index_config_filename)
@@ -56,6 +57,8 @@ module Chelsea
         oss_index_user_name: conf_hash['Username'],
         oss_index_user_token: conf_hash['Token']
       }
+    else
+      { oss_index_user_name: '', oss_index_user_token: '' }
     end
   end
 
@@ -71,20 +74,18 @@ module Chelsea
     config = {}
 
     puts 'What username do you want to authenticate as (ex: your email address)? '
-    config['Username'] = STDIN.gets.chomp
+    config['Username'] = $stdin.gets.chomp
 
     puts 'What token do you want to use? '
-    config['Token'] = STDIN.gets.chomp
+    config['Token'] = $stdin.gets.chomp
 
     _write_oss_index_config_file(config)
   end
 
   def self._write_oss_index_config_file(config)
-    unless File.exist? @oss_index_config_location
-      Dir.mkdir(@oss_index_config_location)
-    end
-    File.open(File.join(@oss_index_config_location, @oss_index_config_filename), "w") do |file|
+    Dir.mkdir(@oss_index_config_location) unless File.exist? @oss_index_config_location
+    File.open(File.join(@oss_index_config_location, @oss_index_config_filename), 'w') do |file|
       file.write config.to_yaml
     end
   end
-end
+end

data/lib/chelsea/db.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -17,6 +19,7 @@
 require 'pstore'
 
 module Chelsea
+  # OSS Index data cache
   class DB
     def initialize
       @store = PStore.new(_get_db_store_location)
@@ -45,7 +48,7 @@ module Chelsea
       end
     end
 
-    def _get_db_store_location()
+    def _get_db_store_location
       initial_path = File.join(Dir.home.to_s, '.ossindex')
       Dir.mkdir(initial_path) unless File.exist? initial_path
       File.join(initial_path, 'chelsea.pstore')

data/lib/chelsea/dependency_exception.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -15,8 +17,9 @@
 #
 
 module Chelsea
+  # Project dependency exception
   class DependencyException < StandardError
-    def initialize(msg="This is a custom exception", exception_type="custom")
+    def initialize(msg = 'This is a custom exception', exception_type = 'custom')
       @exception_type = exception_type
       super(msg)
     end

data/lib/chelsea/deps.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -22,6 +24,7 @@ require 'json'
 require 'rest-client'
 
 module Chelsea
+  # Project dependencies
   class Deps
     def initialize(path:, verbose: false)
       @verbose = verbose
@@ -47,7 +50,7 @@ module Chelsea
 
     # Collects all reverse dependencies in reverse_dependencies instance var
     # this rescue block honks
-    def reverse_dependencies
+    def reverse_dependencies # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
       reverse = Gem::Commands::DependencyCommand.new
       reverse.options[:reverse_dependencies] = true
       # We want to filter the reverses dependencies by specs in lockfile
@@ -68,7 +71,7 @@ module Chelsea
     # in dependencies_versions and coordinates instance vars
     def coordinates
       dependencies.each_with_object({ 'coordinates' => [] }) do |(name, v), coords|
-        coords['coordinates'] << self.class.to_purl(name, v[1]);
+        coords['coordinates'] << self.class.to_purl(name, v[1])
       end
     end
   end

data/lib/chelsea/formatters/factory.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -20,7 +22,7 @@ require_relative 'text'
 
 # Factory for formatting dependencies
 class FormatterFactory
-  def get_formatter(format: 'text', verbose:)
+  def get_formatter(verbose:, format: 'text')
     case format
     when 'text'
       Chelsea::TextFormatter.new verbose: verbose
@@ -28,7 +30,7 @@ class FormatterFactory
       Chelsea::JsonFormatter.new verbose: verbose
     when 'xml'
       Chelsea::XMLFormatter.new verbose: verbose
-    else
+    else # rubocop:disable Lint/DuplicateBranch
       Chelsea::TextFormatter.new verbose: verbose
     end
   end

data/lib/chelsea/formatters/formatter.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -14,15 +16,17 @@
 # limitations under the License.
 #
 
+# Base formatter class
 class Formatter
-    def initialize
-        @pastel = Pastel.new
-    end
-    def get_results
-        raise 'must implement get_results method in subclass'
-    end
-    
-    def do_print
-        raise 'must implement do_print method in subclass'
-    end
-end
+  def initialize
+    @pastel = Pastel.new
+  end
+
+  def fetch_results
+    raise 'must implement get_results method in subclass'
+  end
+
+  def do_print
+    raise 'must implement do_print method in subclass'
+  end
+end

data/lib/chelsea/formatters/json.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -18,12 +20,14 @@ require 'json'
 require_relative 'formatter'
 
 module Chelsea
+  # Produce output in json format
   class JsonFormatter < Formatter
     def initialize(options)
+      super()
       @options = options
     end
 
-    def get_results(server_response, reverse_deps)
+    def fetch_results(server_response, _reverse_deps)
       server_response.to_json
     end
 

data/lib/chelsea/formatters/text.rb

@@ -1,3 +1,6 @@
+# rubocop:disable Style/FrozenStringLiteralComment
+# rubocop:enable Style/FrozenStringLiteralComment
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -19,13 +22,16 @@ require 'tty-table'
 require_relative 'formatter'
 
 module Chelsea
+  # Produce output in text format
   class TextFormatter < Formatter
     def initialize(options)
+      super()
       @options = options
       @pastel = Pastel.new
     end
 
-    def get_results(server_response, reverse_dependencies)
+    # rubocop:disable Metrics/PerceivedComplexity, Metrics/CyclomaticComplexity, Metrics/AbcSize
+    def fetch_results(server_response, reverse_dependencies) # rubocop:disable Metrics/MethodLength
       response = ''
       if @options[:verbose]
         response += "\n"\
@@ -65,6 +71,7 @@ module Chelsea
       response += table.render(:unicode)
       response
     end
+    # rubocop:enable Metrics/PerceivedComplexity, Metrics/CyclomaticComplexity, Metrics/AbcSize
 
     def do_print(results)
       puts results
@@ -109,9 +116,7 @@ module Chelsea
     def _get_reverse_deps(coords, name)
       coords.each_with_object('') do |dep, s|
         dep.each do |gran|
-          if gran.class == String && !gran.include?(name)
-            s << "\tRequired by: #{gran}\n"
-          end
+          s << "\tRequired by: #{gran}\n" if gran.instance_of?(String) && !gran.include?(name)
         end
       end
     end

data/lib/chelsea/formatters/xml.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #
 # Copyright 2019-Present Sonatype Inc.
 #
@@ -17,12 +19,14 @@
 require 'ox'
 require_relative 'formatter'
 module Chelsea
+  # Produce output in xml format
   class XMLFormatter < Formatter
     def initialize(options)
+      super()
       @options = options
     end
 
-    def get_results(server_response, reverse_deps)
+    def fetch_results(server_response, _reverse_deps) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
       doc = Ox::Document.new
       instruct = Ox::Instruct.new(:xml)
       instruct[:version] = '1.0'
@@ -37,13 +41,13 @@ module Chelsea
 
       server_response.each do |coord|
         testcase = Ox::Element.new('testcase')
-        testcase[:classname] = coord["coordinates"]
-        testcase[:name] = coord["coordinates"]
+        testcase[:classname] = coord['coordinates']
+        testcase[:name] = coord['coordinates']
 
         if coord['vulnerabilities'].length.positive?
           failure = Ox::Element.new('failure')
-          failure[:type] = "Vulnerable Dependency"
-          failure << get_vulnerability_block(coord["vulnerabilities"])
+          failure[:type] = 'Vulnerable Dependency'
+          failure << get_vulnerability_block(coord['vulnerabilities'])
           testcase << failure
           testsuite << testcase
         elsif @options[:verbose]
@@ -58,20 +62,20 @@ module Chelsea
       puts Ox.dump(results)
     end
 
-    def get_vulnerability_block(vulnerabilities)
-      vulnBlock = String.new
+    def get_vulnerability_block(vulnerabilities) # rubocop:disable Metrics/MethodLength
+      vuln_block = ''
       vulnerabilities.each do |vuln|
-        vulnBlock += "Vulnerability Title: #{vuln["title"]}\n"\
-                    "ID: #{vuln["id"]}\n"\
-                    "Description: #{vuln["description"]}\n"\
-                    "CVSS Score: #{vuln["cvssScore"]}\n"\
-                    "CVSS Vector: #{vuln["cvssVector"]}\n"\
-                    "CVE: #{vuln["cve"]}\n"\
-                    "Reference: #{vuln["reference"]}"\
+        vuln_block += "Vulnerability Title: #{vuln['title']}\n"\
+                    "ID: #{vuln['id']}\n"\
+                    "Description: #{vuln['description']}\n"\
+                    "CVSS Score: #{vuln['cvssScore']}\n"\
+                    "CVSS Vector: #{vuln['cvssVector']}\n"\
+                    "CVE: #{vuln['cve']}\n"\
+                    "Reference: #{vuln['reference']}"\
                     "\n"
       end
-      
-      vulnBlock
+
+      vuln_block
     end
   end
 end