gems-status 0.38.0 → 0.39.0

data/lib/gems-status/checkers/not_native_gem_checker.rb

@@ -3,39 +3,42 @@ require 'rubygems/old_format'
 require 'open-uri'
 require 'gems-status/checkers/gem_checker'
 
-class NotNativeGemChecker < GemChecker
-  def check?(gem)
-    result = nil
-    gem_uri = URI.parse("#{gem.gems_url}/#{gem.name}-#{gem.version}.gem" )
-    uri_debug = gem_uri.clone
-    uri_debug.password = "********" if uri_debug.password
-    Utils::log_debug "download #{@name} from #{uri_debug}"
-    begin
-      if gem_uri.user && gem_uri.password
-        source = open(gem_uri.scheme + "://" + gem_uri.host + "/" + gem_uri.path, 
-                      Gem.binary_mode,
-                      :http_basic_authentication=>[gem_uri.user, gem_uri.password]) do |io|
-          result = Gem::Format.from_io io
-        end
-      else
-        source = open(gem_uri, Gem.binary_mode) do |io|
-          result = Gem::Format.from_io io
+module GemsStatus
+
+  class NotNativeGemChecker < GemChecker
+    def check?(gem)
+      result = nil
+      gem_uri = URI.parse("#{gem.gems_url}/#{gem.name}-#{gem.version}.gem" )
+      uri_debug = gem_uri.clone
+      uri_debug.password = "********" if uri_debug.password
+      Utils::log_debug "download #{@name} from #{uri_debug}"
+      begin
+        if gem_uri.user && gem_uri.password
+          source = open(gem_uri.scheme + "://" + gem_uri.host + "/" + gem_uri.path, 
+                        Gem.binary_mode,
+                        :http_basic_authentication=>[gem_uri.user, gem_uri.password]) do |io|
+            result = Gem::Format.from_io io
+          end
+        else
+          source = open(gem_uri, Gem.binary_mode) do |io|
+            result = Gem::Format.from_io io
+          end
         end
+      rescue IOError
+        #bug on open-uri:137 on closing strings
+        #it should be
+        #io.close if io && !io.closed? 
+        #or is a bug on rubygems???
+      rescue => e
+        Utils::log_error(gem.name, "There was a problem opening #{gem_uri} #{e.class} #{e.message}")
       end
-    rescue IOError
-      #bug on open-uri:137 on closing strings
-      #it should be
-      #io.close if io && !io.closed? 
-      #or is a bug on rubygems???
-    rescue => e
-      Utils::log_error(gem.name, "There was a problem opening #{gem_uri} #{e.class} #{e.message}")
+      return false unless result 
+      return result.spec.extensions.empty?
     end
-    return false unless result 
-    return result.spec.extensions.empty?
-  end
 
-  def description
-    "This gem is a native gem or could not get specs: "
+    def description
+      "This gem is a native gem or could not get specs: "
+    end
   end
-end
 
+end

data/lib/gems-status/checkers/not_rails_checker.rb

@@ -3,20 +3,23 @@ require 'rubygems/old_format'
 require 'open-uri'
 require 'gems-status/checkers/gem_checker'
 
-class NotRailsChecker < GemChecker
-  RAILS_GEMS = ["rails", "railties","activesupport"]
-  def check?(gem)
-    return false if !gem.dependencies 
-    gem.dependencies.each do |dep|
-      if RAILS_GEMS.include?(dep.name)
-        return false
+module GemsStatus
+
+  class NotRailsChecker < GemChecker
+    RAILS_GEMS = ["rails", "railties","activesupport"]
+    def check?(gem)
+      return false if !gem.dependencies 
+      gem.dependencies.each do |dep|
+        if RAILS_GEMS.include?(dep.name)
+          return false
+        end
+      end
+      return true
       end
-    end
-    return true
-    end
 
-  def description
-    "This gem depends on rails or could not get spec: "
+    def description
+      "This gem depends on rails or could not get spec: "
+    end
   end
-end
 
+end

data/lib/gems-status/checkers/print_gem_versions.rb

@@ -1,32 +1,36 @@
-class PrintGemVersions
-  def initialize(conf)
-    Utils::check_parameters('PrintGemVersions', conf, ["licenses"])
-    begin
-      @licenses = YAML::load(File::open(conf["licenses"]))
-    rescue
-      Utils::log_error("?", "There was a problem opening #{conf["licenses"]}")
-      @licenses = []
+module GemsStatus
+
+  class PrintGemVersions
+    def initialize(conf)
+      Utils::check_parameters('PrintGemVersions', conf, ["licenses"])
+      begin
+        @licenses = YAML::load(File::open(conf["licenses"]))
+      rescue
+        Utils::log_error("?", "There was a problem opening #{conf["licenses"]}")
+        @licenses = []
+      end
     end
-  end
 
-  def check?(gem)
-    #ignore upstream gems
-    return true if gem.origin == gem.gems_url 
-    open("gemversions.txt", "a") do |f|
-      if ! (license = gem.license)
-        license = get_license_string( gem.name, gem.version.to_s)
+    def check?(gem)
+      #ignore upstream gems
+      return true if gem.origin == gem.gems_url 
+      open("gemversions.txt", "a") do |f|
+        if ! (license = gem.license)
+          license = get_license_string( gem.name, gem.version.to_s)
+        end
+        f.puts "#{gem.name} #{gem.version} #{license}"
       end
-      f.puts "#{gem.name} #{gem.version} #{license}"
+      return true
     end
-    return true
-  end
 
-  private
+    private
+
+    def get_license_string(name, version)
+      return "" if ! @licenses[name]
+      return "#{@licenses[name][version]}*" if @licenses[name][version]
+      return "#{@licenses[name].sort.last.join("->")}**"
+    end
 
-  def get_license_string(name, version)
-    return "" if ! @licenses[name]
-    return "#{@licenses[name][version]}*" if @licenses[name][version]
-    return "#{@licenses[name].sort.last.join("->")}**"
   end
 
 end

data/lib/gems-status/checkers/scm_check_messages.rb

@@ -1,53 +1,56 @@
-class ScmCheckMessages
-  MAX_RETRIES = 3
-
-  def check_messages(name, source_repo, message_checker, origin, counter = 0)
-    begin
-      messages = messages(name, source_repo)
-      return security_alerts(name, messages, message_checker, origin)
-    rescue => e
-      if counter == MAX_RETRIES
-        Utils::log_error name, "There was a problem checking out #{source_repo} #{e}"
-        return {}
-      else
-        Utils::log_debug "There was a problem checking out  #{source_repo} #{e}: Trying it again..."
-        return check_messages(name, source_repo, message_checker, origin, counter + 1)
+module GemsStatus
+
+  class ScmCheckMessages
+    MAX_RETRIES = 3
+
+    def check_messages(name, source_repo, message_checker, origin, counter = 0)
+      begin
+        messages = messages(name, source_repo)
+        return security_alerts(name, messages, message_checker, origin)
+      rescue => e
+        if counter == MAX_RETRIES
+          Utils::log_error name, "There was a problem checking out #{source_repo} #{e}"
+          return {}
+        else
+          Utils::log_debug "There was a problem checking out  #{source_repo} #{e}: Trying it again..."
+          return check_messages(name, source_repo, message_checker, origin, counter + 1)
+        end
       end
     end
-  end
 
-private
-
-  def security_alerts(name, commits, message_checker, origin)
-    results = {}
-    commits.each do |commit|
-      if message_checker.check_message?(message(commit))
-        Utils::log_debug "#{message(commit)}"
-        key = "#{name}_#{origin}_#{commit_key(commit)}"
-        if !key
-          Utils::log_error "no key for #{name}"
-          next
+  private
+
+    def security_alerts(name, commits, message_checker, origin)
+      results = {}
+      commits.each do |commit|
+        if message_checker.check_message?(message(commit))
+          Utils::log_debug "#{message(commit)}"
+          key = "#{name}_#{origin}_#{commit_key(commit)}"
+          if !key
+            Utils::log_error "no key for #{name}"
+            next
+          end
+          Utils::log_debug "security key: #{key}"
+          results[key] = SecurityAlert.new(message(commit), date(commit))
         end
-        Utils::log_debug "security key: #{key}"
-        results[key] = SecurityAlert.new(message(commit), date(commit))
       end
+      return results
     end
-    return results
-  end
 
-  def commit_key(commit)
-    raise NotImplementedError
-  end
+    def commit_key(commit)
+      raise NotImplementedError
+    end
 
-  def message(commit)
-    raise NotImplementedError 
-  end
+    def message(commit)
+      raise NotImplementedError 
+    end
 
-  def messages(name, source_repo)
-    raise NotImplementedError 
-  end
+    def messages(name, source_repo)
+      raise NotImplementedError 
+    end
 
-  def date(commit)
-    raise NotImplementedError
+    def date(commit)
+      raise NotImplementedError
+    end
   end
 end

data/lib/gems-status/checkers/scm_security_messages.rb

@@ -1,5 +1,7 @@
-class ScmSecurityMessages
-  def check_message?(msg)
-    return msg =~ /\b(XSS|CSRF|cross-site|cross site|crosssite|injection|forgery|traversal|CVE|unsafe|vulnerab|risk|security|Malicious|DoS)\b/i 
+module GemsStatus
+  class ScmSecurityMessages
+    def check_message?(msg)
+      return msg =~ /\b(XSS|CSRF|cross-site|cross site|crosssite|injection|forgery|traversal|CVE|unsafe|vulnerab|risk|security|Malicious|DoS)\b/i 
+    end
   end
 end

data/lib/gems-status/checkers/security_alert.rb

@@ -1,7 +1,9 @@
-class SecurityAlert
-  attr_accessor :desc, :date
-  def initialize(desc, date = nil)
-    @desc = desc
-    @date = date
+module GemsStatus
+  class SecurityAlert
+    attr_accessor :desc, :date
+    def initialize(desc, date = nil)
+      @desc = desc
+      @date = date
+    end
   end
 end

data/lib/gems-status/checkers/svn_check_messages.rb

@@ -1,39 +1,42 @@
 require "gems-status/checkers/scm_check_messages"
 
-class SvnCheckMessages < ScmCheckMessages
+module GemsStatus
 
-private
+  class SvnCheckMessages < ScmCheckMessages
 
-  def message(commit)
-    return commit
-  end
+  private
 
-  def messages(name, source_repo)
-    if ! File.exists?(svn_dir(source_repo))
-      `svn checkout #{source_repo}`
+    def message(commit)
+      return commit
     end
-    Dir.chdir(svn_dir(source_repo)) do
-      `svn update`
-      log_messages = `svn log`
-      return log_messages.split("------------------------------------------------------------------------")
+
+    def messages(name, source_repo)
+      if ! File.exists?(svn_dir(source_repo))
+        `svn checkout #{source_repo}`
+      end
+      Dir.chdir(svn_dir(source_repo)) do
+        `svn update`
+        log_messages = `svn log`
+        return log_messages.split("------------------------------------------------------------------------")
+      end
     end
-  end
 
-  def commit_key(commit)
-    if commit.split("|").length == 0
-      Utils::log_error("no key for commit #{commit}")
-      return nil
+    def commit_key(commit)
+      if commit.split("|").length == 0
+        Utils::log_error("no key for commit #{commit}")
+        return nil
+      end
+      return commit.split("|")[0].strip
     end
-    return commit.split("|")[0].strip
-  end
 
-  def svn_dir(source_repo)
-    source_repo_splitted = URI.parse(source_repo).path.split("/")
-    return source_repo_splitted[-1]
-  end
+    def svn_dir(source_repo)
+      source_repo_splitted = URI.parse(source_repo).path.split("/")
+      return source_repo_splitted[-1]
+    end
 
- def date(commit)
-   nil
- end
+   def date(commit)
+     nil
+   end
 
+  end
 end

data/lib/gems-status/gem_simple.rb

@@ -1,51 +1,53 @@
-class GemSimple
-  attr_reader :name, :version, :md5, :origin, :gems_url, :dependencies
-  def initialize(name, version, md5, origin, gems_url=nil, dependencies = nil )
-    @name = name
-    @version = version
-    @md5 = md5
-    @origin = origin
-    @gems_url = gems_url
-    @dependencies = dependencies
-  end
+module GemsStatus
 
-  #TODO: write a test for this
-  def depends?(gem)
-    if !@dependencies
-      Utils::log_error(@name, "trying to get depends on a gem that has no info on dependencies #{@name} depends #{gem.name}")
-      return false
+  class GemSimple
+    attr_reader :name, :version, :md5, :origin, :gems_url, :dependencies
+    def initialize(name, version, md5, origin, gems_url=nil, dependencies = nil )
+      @name = name
+      @version = version
+      @md5 = md5
+      @origin = origin
+      @gems_url = gems_url
+      @dependencies = dependencies
     end
-    @dependencies.each do |dep|
-      return true if dep.name == gem.name
-    end
-    return false
-  end
 
-  #TODO: write a test for this
-  def merge_deps(gem)
-    if !@dependencies || !gem.dependencies
-      Utils::log_error(@name, "trying to merge depends on a gem that has no info on dependencies #{@name} merge #{gem.name}")
+    #TODO: write a test for this
+    def depends?(gem)
+      if !@dependencies
+        Utils::log_error(@name, "trying to get depends on a gem that has no info on dependencies #{@name} depends #{gem.name}")
+        return false
+      end
+      @dependencies.each do |dep|
+        return true if dep.name == gem.name
+      end
       return false
     end
-    changes = false
-    gem.dependencies.each do |dep|
-      if !@dependencies.include?(dep)
-        changes = true
-        @dependencies << dep
-        Utils::log_debug("adding #{dep} to dependencies")
+
+    #TODO: write a test for this
+    def merge_deps(gem)
+      if !@dependencies || !gem.dependencies
+        Utils::log_error(@name, "trying to merge depends on a gem that has no info on dependencies #{@name} merge #{gem.name}")
+        return false
+      end
+      changes = false
+      gem.dependencies.each do |dep|
+        if !@dependencies.include?(dep)
+          changes = true
+          @dependencies << dep
+          Utils::log_debug("adding #{dep} to dependencies")
+        end
       end
+      return changes
     end
-    return changes
-  end
 
-  def from_git?
-    return @gems_url && @gems_url.start_with?("git://")
-  end
+    def from_git?
+      return @gems_url && @gems_url.start_with?("git://")
+    end
 
-  def date
-    Utils::log_error(@name, "I do not know when #{@name} was released")
-    nil
-  end
+    def date
+      Utils::log_error(@name, "I do not know when #{@name} was released")
+      nil
+    end
 
+  end
 end
-