dependency_spy 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +6 -6
- data/dependency_spy.gemspec +1 -1
- data/lib/dependency_spy.rb +6 -3
- data/lib/dependency_spy/cli.rb +2 -1
- data/lib/dependency_spy/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9f030500e1a11360c755835f62e47553281b984e
|
4
|
+
data.tar.gz: b0ae90d2d68163339e1ce192bc985ece81c8c7a6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 411c49d84c1cde518b6e4aa16171ab99a8b6fcfc3bd7fb0e225015396df9815217465038ca2fa25eaf2aa0b526fc0614632cf89973228a6b243d99acada45b45
|
7
|
+
data.tar.gz: 92470f0a04d0c663d0126b08123cad76b43c22a8640d8e5372f7897ddc419caa10fb779ed795124304d0b1ded5a4159a16e0504ee8bbd64044c4274fdb1638d7
|
data/Gemfile.lock
CHANGED
@@ -1,11 +1,11 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
dependency_spy (0.2.
|
4
|
+
dependency_spy (0.2.1)
|
5
5
|
bibliothecary (~> 6.3)
|
6
6
|
semantic_range (~> 2.1)
|
7
7
|
thor (~> 0.20)
|
8
|
-
yavdb (~> 0.
|
8
|
+
yavdb (~> 0.4)
|
9
9
|
|
10
10
|
GEM
|
11
11
|
remote: https://rubygems.org/
|
@@ -54,7 +54,7 @@ GEM
|
|
54
54
|
rspec-expectations (>= 2.99.0.beta1)
|
55
55
|
rspec-core (3.8.0)
|
56
56
|
rspec-support (~> 3.8.0)
|
57
|
-
rspec-expectations (3.8.
|
57
|
+
rspec-expectations (3.8.2)
|
58
58
|
diff-lcs (>= 1.2.0, < 2.0)
|
59
59
|
rspec-support (~> 3.8.0)
|
60
60
|
rspec-mocks (3.8.0)
|
@@ -69,7 +69,7 @@ GEM
|
|
69
69
|
rainbow (>= 2.2.2, < 4.0)
|
70
70
|
ruby-progressbar (~> 1.7)
|
71
71
|
unicode-display_width (~> 1.0, >= 1.0.1)
|
72
|
-
rubocop-rspec (1.
|
72
|
+
rubocop-rspec (1.30.0)
|
73
73
|
rubocop (>= 0.58.0)
|
74
74
|
ruby-ll (2.1.2)
|
75
75
|
ansi
|
@@ -89,7 +89,7 @@ GEM
|
|
89
89
|
typhoeus (1.3.0)
|
90
90
|
ethon (>= 0.9.0)
|
91
91
|
unicode-display_width (1.4.0)
|
92
|
-
yavdb (0.
|
92
|
+
yavdb (0.4.0)
|
93
93
|
json (~> 2.1)
|
94
94
|
kramdown (~> 1.17)
|
95
95
|
oga (~> 2.15)
|
@@ -111,4 +111,4 @@ DEPENDENCIES
|
|
111
111
|
simplecov
|
112
112
|
|
113
113
|
BUNDLED WITH
|
114
|
-
1.16.
|
114
|
+
1.16.6
|
data/dependency_spy.gemspec
CHANGED
@@ -38,5 +38,5 @@ Gem::Specification.new do |spec|
|
|
38
38
|
spec.add_runtime_dependency 'bibliothecary', ['~> 6.3']
|
39
39
|
spec.add_runtime_dependency 'semantic_range', ['~> 2.1']
|
40
40
|
spec.add_runtime_dependency 'thor', ['~> 0.20']
|
41
|
-
spec.add_runtime_dependency 'yavdb', ['~> 0.
|
41
|
+
spec.add_runtime_dependency 'yavdb', ['~> 0.4']
|
42
42
|
end
|
data/lib/dependency_spy.rb
CHANGED
@@ -28,9 +28,12 @@ require_relative 'dependency_spy/semver'
|
|
28
28
|
module DependencySpy
|
29
29
|
class API
|
30
30
|
|
31
|
-
def self.check(path = Dir.pwd, files = nil, platform = nil, database_path = YAVDB::Constants::DEFAULT_YAVDB_DATABASE_PATH)
|
32
|
-
|
33
|
-
puts '
|
31
|
+
def self.check(path = Dir.pwd, files = nil, platform = nil, database_path = YAVDB::Constants::DEFAULT_YAVDB_DATABASE_PATH, offline = false)
|
32
|
+
if !File.exist?(database_path) && offline
|
33
|
+
puts 'No local database found. Cannot obtain database since offline mode is enabled.'
|
34
|
+
exit(10)
|
35
|
+
elsif !offline
|
36
|
+
puts 'Going to update the local vulnerability database.'
|
34
37
|
YAVDB::API.download_database(false, YAVDB::Constants::DEFAULT_YAVDB_PATH)
|
35
38
|
end
|
36
39
|
|
data/lib/dependency_spy/cli.rb
CHANGED
@@ -45,9 +45,10 @@ module DependencySpy
|
|
45
45
|
method_option('platform', :aliases => :m, :type => :string, :enum => YAVDB::Constants::POSSIBLE_PACKAGE_MANAGERS.map(&:downcase))
|
46
46
|
method_option('output-path', :aliases => :o, :type => :string)
|
47
47
|
method_option('database-path', :type => :string, :aliases => :p, :default => YAVDB::Constants::DEFAULT_YAVDB_DATABASE_PATH)
|
48
|
+
method_option('offline', :type => :boolean, :default => false)
|
48
49
|
|
49
50
|
def check
|
50
|
-
manifests = API.check(options['path'], options['files'], options['platform'], options['database-path'])
|
51
|
+
manifests = API.check(options['path'], options['files'], options['platform'], options['database-path'], options['offline'])
|
51
52
|
|
52
53
|
formatted_output =
|
53
54
|
FORMATTERS
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependency_spy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rodrigo Fernandes
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-10-
|
11
|
+
date: 2018-10-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -170,14 +170,14 @@ dependencies:
|
|
170
170
|
requirements:
|
171
171
|
- - "~>"
|
172
172
|
- !ruby/object:Gem::Version
|
173
|
-
version: '0.
|
173
|
+
version: '0.4'
|
174
174
|
type: :runtime
|
175
175
|
prerelease: false
|
176
176
|
version_requirements: !ruby/object:Gem::Requirement
|
177
177
|
requirements:
|
178
178
|
- - "~>"
|
179
179
|
- !ruby/object:Gem::Version
|
180
|
-
version: '0.
|
180
|
+
version: '0.4'
|
181
181
|
description: "\n Finds known vulnerabilities in your dependencies\n Using rubysec/ruby-advisory-db,
|
182
182
|
snyk.io, ossindex.net, nodesecurity.io\n "
|
183
183
|
email:
|