dependency_spy 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +6 -6
- data/dependency_spy.gemspec +1 -1
- data/lib/dependency_spy.rb +6 -3
- data/lib/dependency_spy/cli.rb +2 -1
- data/lib/dependency_spy/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9f030500e1a11360c755835f62e47553281b984e
|
|
4
|
+
data.tar.gz: b0ae90d2d68163339e1ce192bc985ece81c8c7a6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 411c49d84c1cde518b6e4aa16171ab99a8b6fcfc3bd7fb0e225015396df9815217465038ca2fa25eaf2aa0b526fc0614632cf89973228a6b243d99acada45b45
|
|
7
|
+
data.tar.gz: 92470f0a04d0c663d0126b08123cad76b43c22a8640d8e5372f7897ddc419caa10fb779ed795124304d0b1ded5a4159a16e0504ee8bbd64044c4274fdb1638d7
|
data/Gemfile.lock
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
dependency_spy (0.2.
|
|
4
|
+
dependency_spy (0.2.1)
|
|
5
5
|
bibliothecary (~> 6.3)
|
|
6
6
|
semantic_range (~> 2.1)
|
|
7
7
|
thor (~> 0.20)
|
|
8
|
-
yavdb (~> 0.
|
|
8
|
+
yavdb (~> 0.4)
|
|
9
9
|
|
|
10
10
|
GEM
|
|
11
11
|
remote: https://rubygems.org/
|
|
@@ -54,7 +54,7 @@ GEM
|
|
|
54
54
|
rspec-expectations (>= 2.99.0.beta1)
|
|
55
55
|
rspec-core (3.8.0)
|
|
56
56
|
rspec-support (~> 3.8.0)
|
|
57
|
-
rspec-expectations (3.8.
|
|
57
|
+
rspec-expectations (3.8.2)
|
|
58
58
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
59
59
|
rspec-support (~> 3.8.0)
|
|
60
60
|
rspec-mocks (3.8.0)
|
|
@@ -69,7 +69,7 @@ GEM
|
|
|
69
69
|
rainbow (>= 2.2.2, < 4.0)
|
|
70
70
|
ruby-progressbar (~> 1.7)
|
|
71
71
|
unicode-display_width (~> 1.0, >= 1.0.1)
|
|
72
|
-
rubocop-rspec (1.
|
|
72
|
+
rubocop-rspec (1.30.0)
|
|
73
73
|
rubocop (>= 0.58.0)
|
|
74
74
|
ruby-ll (2.1.2)
|
|
75
75
|
ansi
|
|
@@ -89,7 +89,7 @@ GEM
|
|
|
89
89
|
typhoeus (1.3.0)
|
|
90
90
|
ethon (>= 0.9.0)
|
|
91
91
|
unicode-display_width (1.4.0)
|
|
92
|
-
yavdb (0.
|
|
92
|
+
yavdb (0.4.0)
|
|
93
93
|
json (~> 2.1)
|
|
94
94
|
kramdown (~> 1.17)
|
|
95
95
|
oga (~> 2.15)
|
|
@@ -111,4 +111,4 @@ DEPENDENCIES
|
|
|
111
111
|
simplecov
|
|
112
112
|
|
|
113
113
|
BUNDLED WITH
|
|
114
|
-
1.16.
|
|
114
|
+
1.16.6
|
data/dependency_spy.gemspec
CHANGED
|
@@ -38,5 +38,5 @@ Gem::Specification.new do |spec|
|
|
|
38
38
|
spec.add_runtime_dependency 'bibliothecary', ['~> 6.3']
|
|
39
39
|
spec.add_runtime_dependency 'semantic_range', ['~> 2.1']
|
|
40
40
|
spec.add_runtime_dependency 'thor', ['~> 0.20']
|
|
41
|
-
spec.add_runtime_dependency 'yavdb', ['~> 0.
|
|
41
|
+
spec.add_runtime_dependency 'yavdb', ['~> 0.4']
|
|
42
42
|
end
|
data/lib/dependency_spy.rb
CHANGED
|
@@ -28,9 +28,12 @@ require_relative 'dependency_spy/semver'
|
|
|
28
28
|
module DependencySpy
|
|
29
29
|
class API
|
|
30
30
|
|
|
31
|
-
def self.check(path = Dir.pwd, files = nil, platform = nil, database_path = YAVDB::Constants::DEFAULT_YAVDB_DATABASE_PATH)
|
|
32
|
-
|
|
33
|
-
puts '
|
|
31
|
+
def self.check(path = Dir.pwd, files = nil, platform = nil, database_path = YAVDB::Constants::DEFAULT_YAVDB_DATABASE_PATH, offline = false)
|
|
32
|
+
if !File.exist?(database_path) && offline
|
|
33
|
+
puts 'No local database found. Cannot obtain database since offline mode is enabled.'
|
|
34
|
+
exit(10)
|
|
35
|
+
elsif !offline
|
|
36
|
+
puts 'Going to update the local vulnerability database.'
|
|
34
37
|
YAVDB::API.download_database(false, YAVDB::Constants::DEFAULT_YAVDB_PATH)
|
|
35
38
|
end
|
|
36
39
|
|
data/lib/dependency_spy/cli.rb
CHANGED
|
@@ -45,9 +45,10 @@ module DependencySpy
|
|
|
45
45
|
method_option('platform', :aliases => :m, :type => :string, :enum => YAVDB::Constants::POSSIBLE_PACKAGE_MANAGERS.map(&:downcase))
|
|
46
46
|
method_option('output-path', :aliases => :o, :type => :string)
|
|
47
47
|
method_option('database-path', :type => :string, :aliases => :p, :default => YAVDB::Constants::DEFAULT_YAVDB_DATABASE_PATH)
|
|
48
|
+
method_option('offline', :type => :boolean, :default => false)
|
|
48
49
|
|
|
49
50
|
def check
|
|
50
|
-
manifests = API.check(options['path'], options['files'], options['platform'], options['database-path'])
|
|
51
|
+
manifests = API.check(options['path'], options['files'], options['platform'], options['database-path'], options['offline'])
|
|
51
52
|
|
|
52
53
|
formatted_output =
|
|
53
54
|
FORMATTERS
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependency_spy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rodrigo Fernandes
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-10-
|
|
11
|
+
date: 2018-10-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -170,14 +170,14 @@ dependencies:
|
|
|
170
170
|
requirements:
|
|
171
171
|
- - "~>"
|
|
172
172
|
- !ruby/object:Gem::Version
|
|
173
|
-
version: '0.
|
|
173
|
+
version: '0.4'
|
|
174
174
|
type: :runtime
|
|
175
175
|
prerelease: false
|
|
176
176
|
version_requirements: !ruby/object:Gem::Requirement
|
|
177
177
|
requirements:
|
|
178
178
|
- - "~>"
|
|
179
179
|
- !ruby/object:Gem::Version
|
|
180
|
-
version: '0.
|
|
180
|
+
version: '0.4'
|
|
181
181
|
description: "\n Finds known vulnerabilities in your dependencies\n Using rubysec/ruby-advisory-db,
|
|
182
182
|
snyk.io, ossindex.net, nodesecurity.io\n "
|
|
183
183
|
email:
|