dependency_spy 0.2.1 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4fd249e65300f9e7f1e49970446831638f66d54e
|
4
|
+
data.tar.gz: f2f0ebc11c4b96b704d27e13c94a05f0497bd5ac
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ef6365eaa9e9155dce4cd67b61bc9227f2231e39a9a1a7b2c77c38780243bdabd93d9cc84e2621a67dec3cd8b16d83539734e16200781480c6e99c7ef761f91f
|
7
|
+
data.tar.gz: 21277d4f3760c7abe502695be22e3ac7ee7a42b90079c1bab8daf67568a43966bdec6648646c3560fda2397d1b8962b51206ef2f7b69e9ac148ad416ae9bbd8b
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
dependency_spy (0.2.
|
4
|
+
dependency_spy (0.2.2)
|
5
5
|
bibliothecary (~> 6.3)
|
6
6
|
semantic_range (~> 2.1)
|
7
7
|
thor (~> 0.20)
|
@@ -23,15 +23,15 @@ GEM
|
|
23
23
|
citrus (3.0.2)
|
24
24
|
codacy-coverage (2.1.0)
|
25
25
|
simplecov
|
26
|
-
commander (4.4.
|
27
|
-
highline (~>
|
26
|
+
commander (4.4.7)
|
27
|
+
highline (~> 2.0.0)
|
28
28
|
deb_control (0.0.1)
|
29
29
|
diff-lcs (1.3)
|
30
30
|
docile (1.3.1)
|
31
31
|
ethon (0.11.0)
|
32
32
|
ffi (>= 1.3.0)
|
33
33
|
ffi (1.9.25)
|
34
|
-
highline (
|
34
|
+
highline (2.0.0)
|
35
35
|
jaro_winkler (1.5.1)
|
36
36
|
json (2.1.0)
|
37
37
|
kramdown (1.17.0)
|
@@ -61,14 +61,14 @@ GEM
|
|
61
61
|
diff-lcs (>= 1.2.0, < 2.0)
|
62
62
|
rspec-support (~> 3.8.0)
|
63
63
|
rspec-support (3.8.0)
|
64
|
-
rubocop (0.
|
64
|
+
rubocop (0.60.0)
|
65
65
|
jaro_winkler (~> 1.5.1)
|
66
66
|
parallel (~> 1.10)
|
67
67
|
parser (>= 2.5, != 2.5.1.1)
|
68
68
|
powerpack (~> 0.1)
|
69
69
|
rainbow (>= 2.2.2, < 4.0)
|
70
70
|
ruby-progressbar (~> 1.7)
|
71
|
-
unicode-display_width (~> 1.
|
71
|
+
unicode-display_width (~> 1.4.0)
|
72
72
|
rubocop-rspec (1.30.0)
|
73
73
|
rubocop (>= 0.58.0)
|
74
74
|
ruby-ll (2.1.2)
|
@@ -89,7 +89,7 @@ GEM
|
|
89
89
|
typhoeus (1.3.0)
|
90
90
|
ethon (>= 0.9.0)
|
91
91
|
unicode-display_width (1.4.0)
|
92
|
-
yavdb (0.4.
|
92
|
+
yavdb (0.4.1)
|
93
93
|
json (~> 2.1)
|
94
94
|
kramdown (~> 1.17)
|
95
95
|
oga (~> 2.15)
|
data/lib/dependency_spy/cli.rb
CHANGED
@@ -62,7 +62,7 @@ module DependencySpy
|
|
62
62
|
end
|
63
63
|
|
64
64
|
has_vulnerabilities =
|
65
|
-
manifests.any? { |manifest| manifest
|
65
|
+
manifests.any? { |manifest| manifest[:dependencies]&.any? { |dependency| dependency[:vulnerabilities]&.any? } }
|
66
66
|
|
67
67
|
exit(1) if has_vulnerabilities
|
68
68
|
end
|
@@ -26,21 +26,25 @@ module DependencySpy
|
|
26
26
|
def to_map
|
27
27
|
map = {}
|
28
28
|
members.each do |m|
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
29
|
+
if !self[m] ||
|
30
|
+
(self[m].is_a?(String) && self[m].empty?) ||
|
31
|
+
(self[m].is_a?(Array) && self[m].none?)
|
32
|
+
next
|
33
|
+
elsif self[m].is_a?(Struct)
|
34
|
+
map[m.to_s] = self[m].to_map
|
35
|
+
else
|
36
|
+
map[m.to_s] = self[m]
|
37
|
+
end
|
34
38
|
end
|
35
39
|
map
|
36
40
|
end
|
37
41
|
|
38
|
-
def to_json(*
|
39
|
-
to_map.to_json(*
|
42
|
+
def to_json(*args)
|
43
|
+
to_map.to_json(*args)
|
40
44
|
end
|
41
45
|
|
42
|
-
def to_yaml(*
|
43
|
-
to_map.to_yaml(*
|
46
|
+
def to_yaml(*args)
|
47
|
+
to_map.to_yaml(*args)
|
44
48
|
end
|
45
49
|
|
46
50
|
end
|
@@ -55,11 +59,15 @@ module DependencySpy
|
|
55
59
|
def to_map
|
56
60
|
map = {}
|
57
61
|
members.each do |m|
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
62
|
+
if !self[m] ||
|
63
|
+
(self[m].is_a?(String) && self[m].empty?) ||
|
64
|
+
(self[m].is_a?(Array) && self[m].none?)
|
65
|
+
next
|
66
|
+
elsif self[m].is_a?(Struct)
|
67
|
+
map[m.to_s] = self[m].to_map
|
68
|
+
else
|
69
|
+
map[m.to_s] = self[m]
|
70
|
+
end
|
63
71
|
end
|
64
72
|
map
|
65
73
|
end
|
@@ -20,18 +20,15 @@ module DependencySpy
|
|
20
20
|
|
21
21
|
def self.format(manifests)
|
22
22
|
filtered_manifests = manifests.map do |manifest|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
end.reject(&:nil?).map(&:to_map)
|
29
|
-
manifest
|
23
|
+
vulnerable_dependencies = manifest[:dependencies]
|
24
|
+
.select { |dependency| dependency[:vulnerabilities].any? }
|
25
|
+
manifest_copy = Marshal.load(Marshal.dump(manifest))
|
26
|
+
manifest_copy[:dependencies] = vulnerable_dependencies
|
27
|
+
manifest_copy
|
30
28
|
end
|
31
29
|
|
32
30
|
filtered_manifests
|
33
31
|
.reject { |m| m[:dependencies].nil? }
|
34
|
-
.map(&:to_map)
|
35
32
|
.map(&:to_json)
|
36
33
|
end
|
37
34
|
|
@@ -20,19 +20,16 @@ module DependencySpy
|
|
20
20
|
|
21
21
|
def self.format(manifests)
|
22
22
|
filtered_manifests = manifests.map do |manifest|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
end.reject(&:nil?).map(&:to_map)
|
29
|
-
manifest
|
23
|
+
vulnerable_dependencies = manifest[:dependencies]
|
24
|
+
.select { |dependency| dependency[:vulnerabilities].any? }
|
25
|
+
manifest_copy = Marshal.load(Marshal.dump(manifest))
|
26
|
+
manifest_copy[:dependencies] = vulnerable_dependencies
|
27
|
+
manifest_copy
|
30
28
|
end
|
31
29
|
|
32
30
|
filtered_manifests
|
33
31
|
.reject { |m| m[:dependencies].nil? }
|
34
|
-
.map(&:
|
35
|
-
.map(&:to_yaml)
|
32
|
+
.map(&:to_json)
|
36
33
|
end
|
37
34
|
|
38
35
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependency_spy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rodrigo Fernandes
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-10-
|
11
|
+
date: 2018-10-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|