chelsea 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7c31a37e1fb1eac86e8eb9c6f25c4a5bda4eff5ed362ac64b8117f954547293f
4
- data.tar.gz: c7e9c8170e2864da8af8b35ddbe9c7e49572e9393236d445aa6e52d7f5dbba61
3
+ metadata.gz: f1778ec5d4e68f4e48180d3ff4d5495bf742eb4b2b36e218b044e67248493c03
4
+ data.tar.gz: b07fd8484642d229301d5636a760cff9c4f205b2deea3f408cdcc92e3dc27f01
5
5
  SHA512:
6
- metadata.gz: 2dd0bfcac2578790ebc122ad866f6cf503a33eb1e46e210ae16ad2c8e23aa11f834344c4e3e29d29335ecdebc8b3846438b2e58a655b3799acd1fc22001684f8
7
- data.tar.gz: 4a4aa14bc7300d9725d7ebad07e7f8b890fd634666ad9f9248afc86b0c759872987bf14265ffb24d0df54518f9b78d15a0c90aa9bfc881239f2db30e70710dc9
6
+ metadata.gz: 90756c847bafc522b3757631a738f334be228c5d042e5e05cb4e61eecfcb518b1c57770b4828e6e9f74f35fb732fde652873b6680904f7d7a0e19ef13f613d71
7
+ data.tar.gz: c74ce61cf769d2f4612ad5a6652efc017ab417a60184a6abd6a13316ddf59dd49795dd341692503a98cf925fe360423442c0ff4ba1fe4a1711f605e93da630bd
data/lib/chelsea/deps.rb CHANGED
@@ -7,13 +7,13 @@ require 'json'
7
7
  require 'rest-client'
8
8
  require 'pstore'
9
9
 
10
-
11
10
  module Chelsea
12
11
  class Deps
13
- attr_reader :server_response, :reverse_dependencies, :coordinates
12
+ attr_reader :server_response, :reverse_dependencies, :coordinates, :dependencies
14
13
 
15
14
  def initialize(path: , quiet: false)
16
15
  @path, @quiet = path, quiet
16
+ ENV['BUNDLE_GEMFILE'] = File.expand_path(path).chomp(".lock")
17
17
 
18
18
  begin
19
19
  @lockfile = Bundler::LockfileParser.new(
@@ -30,14 +30,6 @@ module Chelsea
30
30
  @server_response = []
31
31
  @store = PStore.new(_get_db_store_location())
32
32
  end
33
-
34
- def to_h(reverse: false)
35
- if reverse
36
- @reverse_dependencies
37
- else
38
- @dependencies
39
- end
40
- end
41
33
 
42
34
  def nil?
43
35
  @dependencies.empty?
@@ -51,6 +43,7 @@ module Chelsea
51
43
  "chelsea/#{Chelsea::VERSION}"
52
44
  end
53
45
 
46
+ # Parses specs from lockfile instanct var and inserts into dependenices instance var
54
47
  def get_dependencies
55
48
  @lockfile.specs.each do |gem|\
56
49
  begin
@@ -61,6 +54,7 @@ module Chelsea
61
54
  end
62
55
  end
63
56
 
57
+ # Collects all reverse dependencies in reverse_dependencies instance var
64
58
  def get_reverse_dependencies
65
59
  begin
66
60
  reverse = Gem::Commands::DependencyCommand.new
@@ -71,6 +65,8 @@ module Chelsea
71
65
  end
72
66
  end
73
67
 
68
+ # Iterates over all dependencies and stores them
69
+ # in dependencies_versions and coordinates instance vars
74
70
  def get_dependencies_versions_as_coordinates
75
71
  @dependencies.each do |p, r|
76
72
  o = r[0]
@@ -88,28 +84,22 @@ module Chelsea
88
84
  end
89
85
  end
90
86
 
91
- # Makes multiple REST calls
87
+ # Makes REST calls to OSS for vulnerabilities 128 coordinates at a time
88
+ # Checks cache and stores results in cache
92
89
  def get_vulns()
93
90
  _check_db_for_cached_values()
94
91
 
95
92
  if @coordinates["coordinates"].count() > 0
96
93
  chunked = Hash.new()
97
94
  @coordinates["coordinates"].each_slice(128).to_a.each do |coords|
98
- # Won't this return the first successful slice?
99
95
  chunked["coordinates"] = coords
100
96
  r = RestClient.post "https://ossindex.sonatype.org/api/v3/component-report", chunked.to_json,
101
97
  { content_type: :json, accept: :json, 'User-Agent': user_agent }
102
98
  if r.code == 200
103
99
  @server_response = @server_response.concat(JSON.parse(r.body))
104
100
  _save_values_to_db(JSON.parse(r.body))
105
- @server_response.count()
106
- else
107
- 0
108
101
  end
109
102
  end
110
- else
111
- #IDGI
112
- @server_response.count()
113
103
  end
114
104
  end
115
105
 
data/lib/chelsea/gems.rb CHANGED
@@ -24,7 +24,9 @@ module Chelsea
24
24
  @deps = Chelsea::Deps.new({path: Pathname.new(@file)})
25
25
  end
26
26
 
27
- def execute(input: $stdin, output: $stdout)
27
+ # Audits depenencies using deps library and prints results
28
+ # using formatter library
29
+ def execute(input: $stdin, output: $stdout)
28
30
  audit
29
31
  if @deps.nil?
30
32
  _print_err "No dependencies retrieved. Exiting."
@@ -37,6 +39,8 @@ module Chelsea
37
39
  @formatter.do_print(@formatter.get_results(@deps))
38
40
  end
39
41
 
42
+ # Runs through auditing algorithm, raising exceptions
43
+ # on REST calls made by @deps.get_vulns
40
44
  def audit
41
45
  unless @quiet
42
46
  spinner = _spin_msg "Parsing dependencies"
@@ -1,3 +1,3 @@
1
1
  module Chelsea
2
- VERSION = "0.0.5"
2
+ VERSION = "0.0.6"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: chelsea
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Allister Beharry
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-03 00:00:00.000000000 Z
11
+ date: 2020-04-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: tty-font