code_quality 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2afbc0c2322e7f45643ed3a0d425f22ebbaa8e896d06500ea34b165f84cfef53
-  data.tar.gz: 39756d04bdd2cc85b20eacf491d8a1aa7bce4dc77b48054e2cf72eff4c689cbd
+  metadata.gz: 3d1ec0ab45b985bd45ba69a55c33bd7a78a3e6013fe04843e0781cb20382d73d
+  data.tar.gz: 95ded3682f07449b74a7370d215f8a043d7019750c20d02906a786036722f187
 SHA512:
-  metadata.gz: bf9c0998638707380a8dc9898180bd0204307101c2d3248ca325d6a8cd9bb08ce6c1a3aa734f1e6c53aac5a160645920b302e28bc31e2205e094199722067e7f
-  data.tar.gz: f61591d92567b47a37e3d4df1d644e076d322025b58ca936ea703c04a5bf289fa3c3249cad7c61954ce0d5cd993cbbb07958251e154ee97f2b94b0c0ff957627
+  metadata.gz: 8bf273d51ec7d30f778838e4fb8d48c4d68c3c061f71af1386406ffc048406de2b727845f6c480070b6fd49cdfc4240ce4cee26d5111c568d3a32c6e926a8997
+  data.tar.gz: c208a678483b37650cd093bed50d68b8076fd212df45005161c59e2cc041443f999d9a4c9a8bac72ba825d9100c78dc60658241b8d6ebebb080128087f40c24f

data/.travis.yml

@@ -21,11 +21,12 @@ stages:
   - code_audit
   - deploy
 
-sudo: false
 language: ruby
 rvm:
-  - 2.4.3
-before_install: gem install bundler -v 1.16.0
+  # - 2.4.4
+  - 2.5.1
+  - 2.6.0
+before_install: gem install bundler
 
 # config GitHub OAuth Token
 env:
@@ -54,9 +55,9 @@ deploy:
 
   # publish generated files to GitHub pages
   - provider: script
-    skip_cleanup: true
+    # skip_cleanup: true
     script: bin/travis-update-gh-pages.sh
     on:
       branch: master
       tags: true
-    condition: $TRAVIS_PULL_REQUEST = "false"
+    # condition: $TRAVIS_PULL_REQUEST = "false"

data/README.md

@@ -90,6 +90,13 @@ output example:
 
 ![](doc/imgs/code_quality_security_audit_failed_example.png)
 
+#### options for security_audit:
+
+```
+# e.g.: code_quality security_audit bundler_audit_options="--ignore CVE-2015-9284"
+# options:
+#   bundler_audit_options: pass extract options, e.g.: bundler_audit_options="--ignore CVE-2015-9284 --verbose"
+```
 
 #### work with CI
 
@@ -119,11 +126,17 @@ Then Gitlab sends notification with the failure info, for example:
 ```
 # bundler audit - checks for vulnerable versions of gems in Gemfile.lock
 code_quality security_audit:bundler_audit
+
+# with bundler_audit cli options
+code_quality security_audit:bundler_audit bundler_audit_options="--ignore CVE-2020-5267 CVE-2020-10663"
 ```
 
 ```
 # brakeman audit - checks Ruby on Rails applications for security vulnerabilities
 code_quality security_audit:brakeman
+
+# with brakeman cli options
+code_quality security_audit:brakeman brakeman_options="--skip-files app/views/"
 ```
 
 ```

data/Rakefile

@@ -1,7 +1,8 @@
 require "bundler/gem_tasks"
 require "rspec/core/rake_task"
 
-RSpec::Core::RakeTask.new(:spec)
+RSpec::Core::RakeTask.new(:spec) # introduce `rake spec` to Run RSpec code examples
 
 task :default => :spec
+task :test => :spec # alias `rake test`
 Rake::Task.send :load, 'tasks/code_quality.rake'

data/code_quality.gemspec

@@ -28,7 +28,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "rubocop-github", "~> 0.12.0"
   spec.add_dependency "code_metric_fu", "~> 4.14.4"
 
-  spec.add_development_dependency "bundler", "~> 1.16"
-  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "bundler", ">= 2.0.2"
+  spec.add_development_dependency "rake", ">= 12.3.3"
   spec.add_development_dependency "rspec", "~> 3.0"
 end

data/config/rubocop-rails.yml

@@ -1,3 +1,3 @@
 # https://github.com/rails/rails/blob/master/.rubocop.yml
 inherit_from:
-  - https://rawgit.com/rails/rails/master/.rubocop.yml
+  - https://cdn.jsdelivr.net/gh/rails/rails/.rubocop.yml

data/lib/code_quality/version.rb

@@ -1,3 +1,3 @@
 module CodeQuality
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

data/lib/tasks/code_quality.rake

@@ -35,10 +35,13 @@ namespace :code_quality do
     end
 
     desc "bundler audit"
+    # Update the ruby-advisory-db and check Gemfile.lock
+    # options:
+    #   bundler_audit_options: pass extract CLI options, e.g.: bundler_audit_options="--ignore CVE-2020-5267 CVE-2020-10663"
     task :bundler_audit => :prepare do |task|
+      options = options_from_env(:bundler_audit_options)
       run_audit task, "bundler audit - checks for vulnerable versions of gems in Gemfile.lock" do
-        # Update the ruby-advisory-db and check Gemfile.lock
-        report = `bundle audit check --update`
+        report = `bundle audit check --update #{options[:bundler_audit_options]}`
         @report_path = "#{report_dir}/bundler-audit-report.txt"
         File.open(@report_path, 'w') {|f| f.write report }
         puts report

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: code_quality
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - RainChen
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-09-21 00:00:00.000000000 Z
+date: 2020-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler-audit
@@ -98,30 +98,30 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: 2.0.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: 2.0.2
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement