gems-status 0.63.0 → 0.64.0

data/VERSION

@@ -1 +1 @@
-0.63.0
+0.64.0

data/bin/gems-status

@@ -20,6 +20,25 @@ if !File::exists?(ARGV[0]) then
   exit
 end
 
+
+def setup_runner(conf)
+  GemsStatus::Utils::known_licenses = conf["licenses"]
+  runner = GemsStatus::Runner.new
+  c = conf["source"]
+  gems = eval("GemsStatus::#{c["classname"]}").new(c)
+  runner.source = gems
+  if conf["checkers"]
+    conf["checkers"].each do |c|
+      checker = eval("GemsStatus::#{c["classname"]}").new(c)
+     runner.add_checker(checker)
+    end
+  end
+  if conf["comments"]
+    runner.add_comments(conf["comments"])
+  end
+  return runner
+end
+
 conf_file = ARGV[0]
 begin
   conf = YAML::load(ERB.new(File::read(conf_file)).result)
@@ -27,9 +46,9 @@ rescue
   GemsStatus::Utils::log_error("?", "There was a problem opening #{conf_file}")
   exit
 end
-gs = GemsStatus::GemStatus.new(conf)
-gs.execute
-gs.print
-checker_r = gs.results[:checker_results]
-exit 1 if checker_r && checker_r.length > 0
+
+runner = setup_runner(conf)
+runner.execute
+runner.print
+exit 1 if runner.checker_results && runner.checker_results.length > 0
 

data/lib/gems-status.rb

@@ -7,42 +7,7 @@ require "yaml"
 
 require "gems-status/gem_simple"
 require "gems-status/sources.rb"
-require "gems-status/gems_composite_command"
+require "gems-status/runner"
 require "gems-status/checkers"
 
-module GemsStatus
-
-  class GemStatus
-    def initialize(conf)
-      @conf = conf
-      Utils::known_licenses = @conf["licenses"]
-      @gems_composite_command = nil
-      @gems_composite_command = GemsCompositeCommand.new
-      c = @conf["source"]
-      gems = eval(c["classname"]).new(c)
-      @gems_composite_command.command = gems
-      if @conf["checkers"]
-        @conf["checkers"].each do |c|
-          checker = eval(c["classname"]).new(c)
-         @gems_composite_command.add_checker(checker)
-        end
-      end
-      if @conf["comments"]
-        @gems_composite_command.add_comments(@conf["comments"])
-      end
-    end
-
-    def execute
-      @gems_composite_command.execute
-    end
-
-    def results
-      {:results => @gems_composite_command.results, :checker_results => @gems_composite_command.checker_results}
-    end
-
-    def print
-      @gems_composite_command.print
-    end
-  end
-end
 

data/lib/gems-status/checkers/not_a_security_alert_checker.rb

@@ -1,13 +1,10 @@
-require "gmail"
 require "json"
 require "open-uri"
 
 require "gems-status/checkers/gem_checker"
 require "gems-status/checkers/security_alert"
-require "gems-status/checkers/git_check_messages"
-require "gems-status/checkers/hg_check_messages"
-require "gems-status/checkers/svn_check_messages"
 require "gems-status/checkers/scm_security_messages"
+require "gems-status/checkers/scm_check_messages_factory"
 
 module GemsStatus
 
@@ -27,6 +24,32 @@ module GemsStatus
       @emails = Utils.download_emails(@email_username, @email_password, @mailing_lists)
     end
 
+    def check?(gem)
+      @gem = gem
+      #ignore upstream checks
+      return true if gem.origin == gem.gems_url
+
+      @security_messages = {}
+      look_in_scm(gem)
+      look_in_emails(gem)
+      filter_security_messages_already_fixed(gem.version, gem.date)
+      send_emails(gem)
+      return @security_messages.length == 0
+    end
+
+   def description
+     if !@gem
+       Utils::log_debug("No gem. That means that check method has not been called in NotASecurityAlertChecker")
+       return
+     end
+     message(@gem)
+   end
+
+   private
+
+    def match_name(str, name)
+      str =~ /[gem|ruby].*\b#{name}\b/ || str =~ /#{name}\b.*[gem|ruby].*\b/
+    end
 
     def message(gem)
       return unless gem
@@ -44,18 +67,12 @@ module GemsStatus
       return if @security_messages.length == 0
       #gems.origin == gems.gems_url if we are looking to an upstream gem, 
       #for example in rubygems.org. We only care about our application gems.
+      #where the origin will be a gemfile.lock file
       return if gem.origin == gem.gems_url
       mssg = message(gem)
       @email_to.each do |email_receiver|
-        Gmail.new(@email_username, @email_password) do |gmail|
-          gmail.deliver do
-            to email_receiver
-            subject "[gems-status] security alerts for #{gem.name}"
-            text_part do
-               body mssg
-             end
-          end
-        end
+        GemsStatus::Utils.send_email(email_receiver, @email_username,
+                                     @email_password, gem.name, mssg)
       end
       Utils::log_debug "Email sent to #{@email_to} "
       Utils::log_debug "with body #{mssg} "
@@ -76,52 +93,21 @@ module GemsStatus
       "email_#{listname}_#{gem.name}_#{gem.origin}_#{email.uid}"
     end
 
-    def match_name(str, name)
-      str =~ /[gem|ruby].*\b#{name}\b/
-    end
-
     def look_in_emails(gem)
       @emails.each do |listname, emails|
         emails.each do |email|
-          if match_name(listname, gem.name)
+          if listname.strip == "rubyonrails-security@googlegroups.com" && gem.name == "rails" 
             @security_messages[key_for_emails(listname, gem, email)] = SecurityAlert.new(email.subject)
             Utils::log_debug "looking for security emails: listname matches gem #{gem.name}: #{listname}"
-            next
-          end
-          if match_name(email.subject, gem.name)
+          elsif match_name(email.subject, gem.name)
             @security_messages[key_for_emails(listname, gem, email)] = SecurityAlert.new(email.subject)
             Utils::log_debug "looking for security emails: subject matches gem #{gem.name}: #{email.subject}"
-            next
           end
         end
       end
     end
 
-    def check?(gem)
-      @gem = gem
-      #ignore upstream checks
-      return true if gem.origin == gem.gems_url
-
-      @security_messages = {}
-      look_in_scm(gem)
-      look_in_emails(gem)
-      filter_security_messages_already_fixed(gem.version, gem.date)
-      send_emails(gem)
-      return @security_messages.length == 0
-    end
-
-   def description
-     if !@gem
-       Utils::log_debug("No gem. That means that check method has not been called in NotASecurityAlertChecker")
-       return
-     end
-     message(@gem)
-   end
-
-   private
-
    def filter_security_messages_already_fixed(version, date)
-     #TODO: let's use a database instead of having the info in yaml file
      @security_messages.delete_if do |k,v|
        @fixed[k] && Gem::Version.new(@fixed[k]) <= version 
      end
@@ -140,20 +126,7 @@ module GemsStatus
        Utils::log_error gem.name, "There was a problem downloading info for #{gem.name} #{e.to_s}"
        return nil
      end
-     uri = nil
-     if gem_version_information["project_uri"] && 
-        gem_version_information["project_uri"].include?("github")
-       uri = gem_version_information["project_uri"]
-     end
-     if gem_version_information["homepage_uri"] && 
-        gem_version_information["homepage_uri"].include?("github")
-       uri = gem_version_information["homepage_uri"]
-     end
-     if gem_version_information["source_code_uri"] && 
-        gem_version_information["source_code_uri"].include?("github")
-       uri = gem_version_information["source_code_uri"]
-     end
-     return uri
+     gem_uri(gem_version_information)
    end
 
    def look_for_security_messages(name, source_repo, origin, counter = 0)
@@ -166,16 +139,8 @@ module GemsStatus
           Dir.mkdir(name)
         end
         Dir.chdir(name) do
-          if source_repo.include?("git")
-            scmCheckMessages = GitCheckMessages.new 
-            Utils::log_debug "git repo"
-          elsif source_repo.include?("svn")
-            scmCheckMessages = SvnCheckMessages.new
-            Utils::log_debug "svn repo"
-          elsif source_repo.include?("bitbucket")
-            scmCheckMessages = HgCheckMessages.new
-            Utils::log_debug "mercurial repo"
-          else
+          scmCheckMessages = ScmCheckMessagesFactory.get_instance(source_repo)
+          if scmCheckMessages == nil
             Utils::log_error name, "Not a valid source repo #{source_repo}"
             return {}
           end
@@ -185,5 +150,20 @@ module GemsStatus
       end
    end
 
+   def gem_uri(gem_version_information)
+     if gem_version_information["project_uri"] && 
+        gem_version_information["project_uri"].include?("github")
+       return gem_version_information["project_uri"]
+     elsif gem_version_information["homepage_uri"] && 
+        gem_version_information["homepage_uri"].include?("github")
+       return gem_version_information["homepage_uri"]
+     elsif gem_version_information["source_code_uri"] && 
+        gem_version_information["source_code_uri"].include?("github")
+       return gem_version_information["source_code_uri"]
+     else
+       return nil
+     end
+   end
+
   end
 end

data/lib/gems-status/checkers/scm_check_messages_factory.rb

@@ -0,0 +1,25 @@
+require "gems-status/checkers/git_check_messages"
+require "gems-status/checkers/hg_check_messages"
+require "gems-status/checkers/svn_check_messages"
+require "gems-status/utils"
+
+module GemsStatus
+
+  class ScmCheckMessagesFactory
+     def self.get_instance(source_repo)
+       if source_repo.include?("git")
+         Utils::log_debug "git repo"
+         GitCheckMessages.new 
+       elsif source_repo.include?("svn")
+         Utils::log_debug "svn repo"
+         SvnCheckMessages.new
+       elsif source_repo.include?("bitbucket")
+         Utils::log_debug "mercurial repo"
+         HgCheckMessages.new
+       else
+         nil
+       end
+     end
+  end
+
+end

data/lib/gems-status/gem_simple.rb

@@ -23,9 +23,16 @@ module GemsStatus
     end
 
     def date
-      Utils::log_error(@name, "I do not know when #{@name} was released")
-      nil
+      Utils::download_date(@name, @version)
     end
 
+    def md5
+      if from_git?
+        return nil
+      end
+      Utils::download_md5(@name, @version, @gems_url)
+    end
+
+
   end
 end

data/lib/gems-status/runner.rb

@@ -0,0 +1,53 @@
+require "gems-status/gem_simple"
+require "gems-status/text_view"
+
+module GemsStatus
+
+  class Runner
+    attr_accessor :gem_list, :checker_results, :source
+
+    def initialize
+      @source = nil
+      @checkers = []
+      @checker_results = {}
+      @comments = {}
+      @gem_list = nil
+    end
+
+    def add_checker(check_object)
+      @checkers << check_object
+    end
+
+    def execute
+      return unless @source
+      @gem_list = @source.gem_list
+      @checkers.each do |check_object|
+        Utils::log_debug "checking #{check_object.class.name}"
+        @gem_list.each do |name, gem|
+          if !check_object.check?(gem)
+            @checker_results[name] = [] unless @checker_results[name]
+            @checker_results[name] << check_object.clone
+          end
+        end
+      end
+    end
+
+    def add_comments(comments)
+      @comments = comments
+    end
+
+    def are_there_gems?
+      return @gem_list && !@gem_list.empty?
+    end
+
+    def print
+      return if !are_there_gems?
+      view = TextView.new
+      view.print_head
+      ids = @source.filename
+      view.print_description(ids)
+      view.print_results(@gem_list, @checker_results, @comments)
+      view.print_tail
+    end
+  end
+end

data/lib/gems-status/sources/lockfile_gems.rb

@@ -4,20 +4,17 @@ require "open-uri"
 require "zlib"
 
 require "bundler"
-require "gems-status/sources/ruby_gems_gems_gem_simple"
-require "gems-status/gems_command"
+require "gems-status/gem_simple"
 require "gems-status/utils"
 
 module GemsStatus
 
-  class LockfileGems < GemsCommand
+  class LockfileGems
     attr_reader :filename
     def initialize(conf)
-      Utils::check_parameters('LockfileGems', conf, ["id", "filename", "gems_url"])
+      Utils::check_parameters('LockfileGems', conf, ["filename", "gems_url"])
       @filename = conf['filename']
       @gems_url = conf['gems_url']
-      @result = {}
-      @ident = conf['id']
     end
 
     def get_data(dirname, filename)
@@ -32,43 +29,36 @@ module GemsStatus
       return data
     end
 
-    def update_gem_dependencies(gem)
-      Utils::log_debug("updating dependencies for #{gem.name}")
-      changes = false
-      @result.each do |k, gems|
-        gems.each do |gem2|
-          if gem.depends?(gem2)
-            changes = gem.merge_deps(gem2) || changes
-          end
-        end
-      end
-      return changes
-    end
-
-    def execute
+    def gem_list
+      gems = {}
       Utils::log_debug "reading #{@filename}"
       Dir.chdir(File.dirname(@filename)) do
         file_data = get_data(File::dirname(@filename), File::basename(@filename))
         if file_data.empty?
           Utils::log_error("?", "file empty #{@filename}")
-          next
+          return
         end
         lockfile = Bundler::LockfileParser.new(file_data)
         lockfile.specs.each do |spec|
-          name = spec.name
           version = Gem::Version.create(spec.version)
-          dependencies = spec.dependencies
-          Utils::log_debug "dependencies for #{name} #{dependencies}"
-          if spec.source.class.name == "Bundler::Source::Git"
-            Utils::log_debug "this comes from git #{name} #{version}"
-            gems_url = spec.source.uri
-          else
-            gems_url = @gems_url
-          end
-          @result[name] = RubyGemsGems_GemSimple.new(name, version , '', @filename,
-                                                     gems_url, dependencies)
+          Utils::log_debug "dependencies for #{spec.name} #{spec.dependencies}"
+          gems[spec.name] = GemSimple.new(spec.name, version , nil, 
+                                             @filename, gems_url(spec), 
+                                             spec.dependencies)
         end
       end
+      gems
+    end
+
+    private
+
+    def gems_url(spec)
+      if spec.source.class.name == "Bundler::Source::Git"
+        Utils::log_debug "this comes from git #{spec.name} #{spec.version}"
+        spec.source.uri
+      else
+        @gems_url
+      end
     end
   end
 end