gemsurance 0.8.0 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/gemsurance.rb +1 -0
- data/lib/gemsurance/cli.rb +5 -1
- data/lib/gemsurance/formatters/csv.rb +19 -0
- data/lib/gemsurance/formatters/yml.rb +7 -1
- data/lib/gemsurance/gem_info_retriever.rb +73 -11
- data/lib/gemsurance/version.rb +2 -2
- data/lib/gemsurance/vulnerability.rb +1 -1
- metadata +4 -4
- data/lib/gemsurance/templates/output.yml.erb +0 -25
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: aa51dc5f780639e4388b6ddfc33b02adeca0e908
|
|
4
|
+
data.tar.gz: 8bc1c39a9ee890b4216cff7e8e744a0b56b215e9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1e53ef6dec18e7fffecf5858aefae5e326565837d7118575b587d38088859f23925168a38b8b5842680b52a4d6f9ef6c3742ef24b2659d5f8a3cbc53974dfaf6
|
|
7
|
+
data.tar.gz: c27a12763856711c38c225ddda3bdf57732ce8e68a9178a4c3b0e921b2a71f156f38fc5bb023028b02eed6b86323f2f5ff68a57441c4daa6b2fedd0812acead6
|
data/lib/gemsurance.rb
CHANGED
data/lib/gemsurance/cli.rb
CHANGED
|
@@ -29,8 +29,12 @@ module Gemsurance
|
|
|
29
29
|
options[:whitelist_file] = file
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
-
opts.on("--format FORMAT", "Output report to given format (html
|
|
32
|
+
opts.on("--format FORMAT", "Output report to given format (html, csv, and yml available). html by default.") do |format|
|
|
33
33
|
options[:formatter] = format
|
|
34
|
+
unless %w(html csv yml).include?(options[:formatter])
|
|
35
|
+
puts "Invalid formatter. Possible values are html, csv, and yml."
|
|
36
|
+
exit 1
|
|
37
|
+
end
|
|
34
38
|
end
|
|
35
39
|
|
|
36
40
|
opts.on_tail("-h", "--help", "Show this help") do
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'csv'
|
|
2
|
+
module Gemsurance
|
|
3
|
+
module Formatters
|
|
4
|
+
class Csv < Base
|
|
5
|
+
def format
|
|
6
|
+
@extension = "csv"
|
|
7
|
+
|
|
8
|
+
file = ""
|
|
9
|
+
title_attributes = GemInfoRetriever::GemInfo::GEM_ATTRIBUTES.map {|attr| attr.to_s }
|
|
10
|
+
file << CSV.generate_line(title_attributes)
|
|
11
|
+
|
|
12
|
+
sorted_gems.each do |gem|
|
|
13
|
+
file << gem.to_csv
|
|
14
|
+
end
|
|
15
|
+
file
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
@@ -3,7 +3,13 @@ module Gemsurance
|
|
|
3
3
|
class Yml < Base
|
|
4
4
|
def format
|
|
5
5
|
@extension = "yml"
|
|
6
|
-
|
|
6
|
+
gem_hash = {}
|
|
7
|
+
|
|
8
|
+
sorted_gems.each do |gem_info|
|
|
9
|
+
gem_hash[gem_info.name] = gem_info.to_hash
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
gem_hash.to_yaml
|
|
7
13
|
end
|
|
8
14
|
end
|
|
9
15
|
end
|
|
@@ -1,13 +1,16 @@
|
|
|
1
|
+
require 'json'
|
|
2
|
+
|
|
1
3
|
module Gemsurance
|
|
2
4
|
class GemInfoRetriever
|
|
3
5
|
class GemInfo
|
|
6
|
+
GEM_ATTRIBUTES = [:name, :current_version, :newest_version, :in_gem_file, :homepage_uri, :source_code_uri, :documentation_uri, :status, :vulnerabilities]
|
|
4
7
|
STATUS_OUTDATED = 'outdated'
|
|
5
8
|
STATUS_CURRENT = 'current'
|
|
6
9
|
STATUS_VULNERABLE = 'vulnerable'
|
|
7
|
-
|
|
10
|
+
|
|
8
11
|
attr_reader :name, :current_version, :newest_version, :in_gem_file, :vulnerabilities,
|
|
9
|
-
:homepage_uri, :source_code_uri, :documentation_uri
|
|
10
|
-
|
|
12
|
+
:homepage_uri, :source_code_uri, :documentation_uri, :status
|
|
13
|
+
|
|
11
14
|
def initialize(name, current_version, newest_version, in_gem_file, homepage_uri, source_code_uri, documentation_uri, status = STATUS_CURRENT)
|
|
12
15
|
@name = name
|
|
13
16
|
@current_version = current_version
|
|
@@ -18,22 +21,21 @@ module Gemsurance
|
|
|
18
21
|
@source_code_uri = source_code_uri
|
|
19
22
|
@status = status
|
|
20
23
|
@vulnerabilities = []
|
|
21
|
-
|
|
22
24
|
end
|
|
23
|
-
|
|
25
|
+
|
|
24
26
|
def add_vulnerability!(vulnerability)
|
|
25
27
|
@status = STATUS_VULNERABLE
|
|
26
28
|
@vulnerabilities << vulnerability
|
|
27
29
|
end
|
|
28
|
-
|
|
30
|
+
|
|
29
31
|
def outdated?
|
|
30
32
|
@status == STATUS_OUTDATED
|
|
31
33
|
end
|
|
32
|
-
|
|
34
|
+
|
|
33
35
|
def current?
|
|
34
36
|
@status == STATUS_CURRENT
|
|
35
37
|
end
|
|
36
|
-
|
|
38
|
+
|
|
37
39
|
def vulnerable?
|
|
38
40
|
@status == STATUS_VULNERABLE
|
|
39
41
|
end
|
|
@@ -45,17 +47,77 @@ module Gemsurance
|
|
|
45
47
|
@status == other.instance_variable_get(:@status) &&
|
|
46
48
|
@vulnerabilities == other.vulnerabilities
|
|
47
49
|
end
|
|
50
|
+
|
|
51
|
+
def to_csv
|
|
52
|
+
formatted_values.to_csv
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def to_hash
|
|
56
|
+
{
|
|
57
|
+
'in_gem_file' => in_gem_file,
|
|
58
|
+
'bundle_version' => current_version.to_s,
|
|
59
|
+
'newest_version' => newest_version.to_s,
|
|
60
|
+
'status' => human_status,
|
|
61
|
+
'homepage_url' => homepage_uri,
|
|
62
|
+
'source_code_url' => source_code_uri,
|
|
63
|
+
'documentation_url' => documentation_uri,
|
|
64
|
+
'vulnerabilities' => vulns_to_hash
|
|
65
|
+
}
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
private
|
|
69
|
+
|
|
70
|
+
def formatted_values
|
|
71
|
+
GEM_ATTRIBUTES.map do |attr|
|
|
72
|
+
if attr == :vulnerabilities
|
|
73
|
+
if @vulnerabilities.empty?
|
|
74
|
+
''
|
|
75
|
+
else
|
|
76
|
+
@vulnerabilities.map { |vuln| vuln.attributes }.to_json
|
|
77
|
+
end
|
|
78
|
+
elsif attr == :status
|
|
79
|
+
human_status
|
|
80
|
+
else
|
|
81
|
+
self.send(attr).to_s
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def human_status
|
|
87
|
+
if vulnerable?
|
|
88
|
+
return 'vulnerable'
|
|
89
|
+
elsif outdated?
|
|
90
|
+
return 'outofdate'
|
|
91
|
+
elsif current?
|
|
92
|
+
return 'uptodate'
|
|
93
|
+
else
|
|
94
|
+
return 'unknown'
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
def vulns_to_hash
|
|
99
|
+
return nil if vulnerabilities.empty?
|
|
100
|
+
|
|
101
|
+
vulnerabilities.map do |vulnerability|
|
|
102
|
+
{
|
|
103
|
+
'title' => vulnerability.title,
|
|
104
|
+
'cve' => vulnerability.cve,
|
|
105
|
+
'url' => vulnerability.url,
|
|
106
|
+
'patched_versions' => (vulnerability.patched_versions || []).join(', ')
|
|
107
|
+
}
|
|
108
|
+
end
|
|
109
|
+
end
|
|
48
110
|
end
|
|
49
|
-
|
|
111
|
+
|
|
50
112
|
def initialize(specs, dependencies, bundle_definition)
|
|
51
113
|
@specs = specs
|
|
52
114
|
@dependencies = dependencies
|
|
53
115
|
@bundle_definition = bundle_definition
|
|
54
116
|
end
|
|
55
|
-
|
|
117
|
+
|
|
56
118
|
def retrieve(options = {})
|
|
57
119
|
gem_infos = []
|
|
58
|
-
|
|
120
|
+
|
|
59
121
|
@specs.each do |current_spec|
|
|
60
122
|
active_spec = @bundle_definition.index[current_spec.name].sort_by { |b| b.version }
|
|
61
123
|
|
data/lib/gemsurance/version.rb
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
module Gemsurance
|
|
2
|
-
VERSION = '0.
|
|
3
|
-
end
|
|
2
|
+
VERSION = '0.9.0'
|
|
3
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gemsurance
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jon Kessler
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-06-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -119,12 +119,12 @@ files:
|
|
|
119
119
|
- lib/gemsurance.rb
|
|
120
120
|
- lib/gemsurance/cli.rb
|
|
121
121
|
- lib/gemsurance/formatters/base.rb
|
|
122
|
+
- lib/gemsurance/formatters/csv.rb
|
|
122
123
|
- lib/gemsurance/formatters/html.rb
|
|
123
124
|
- lib/gemsurance/formatters/yml.rb
|
|
124
125
|
- lib/gemsurance/gem_info_retriever.rb
|
|
125
126
|
- lib/gemsurance/runner.rb
|
|
126
127
|
- lib/gemsurance/templates/output.html.erb
|
|
127
|
-
- lib/gemsurance/templates/output.yml.erb
|
|
128
128
|
- lib/gemsurance/version.rb
|
|
129
129
|
- lib/gemsurance/vulnerability.rb
|
|
130
130
|
homepage: http://github.com/appfolio/gemsurance
|
|
@@ -147,7 +147,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
147
147
|
version: 1.8.11
|
|
148
148
|
requirements: []
|
|
149
149
|
rubyforge_project:
|
|
150
|
-
rubygems_version: 2.
|
|
150
|
+
rubygems_version: 2.6.12
|
|
151
151
|
signing_key:
|
|
152
152
|
specification_version: 4
|
|
153
153
|
summary: Your Gem Insurance Policy
|
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
<%- sorted_gems.each do |gem_info| -%>
|
|
2
|
-
<%= gem_info.name %>:
|
|
3
|
-
in_gem_file: <%= gem_info.in_gem_file %>
|
|
4
|
-
bundle_version: <%= gem_info.current_version %>
|
|
5
|
-
newest_version: <%= gem_info.newest_version %>
|
|
6
|
-
<%- if gem_info.vulnerable? -%>
|
|
7
|
-
status: vulnerable
|
|
8
|
-
<%- elsif gem_info.outdated? -%>
|
|
9
|
-
status: outofdate
|
|
10
|
-
<%- elsif gem_info.current? -%>
|
|
11
|
-
status: uptodate
|
|
12
|
-
<%- else -%>
|
|
13
|
-
status: unknown
|
|
14
|
-
<%- end -%>
|
|
15
|
-
vulnerabilities:
|
|
16
|
-
<%- gem_info.vulnerabilities.each do |vulnerability| -%>
|
|
17
|
-
- title: '<%= vulnerability.title %>'
|
|
18
|
-
cve: <%= vulnerability.cve %>
|
|
19
|
-
url: <%= vulnerability.url %>
|
|
20
|
-
patched_versions: <%= (vulnerability.patched_versions || []).join(', ') %>
|
|
21
|
-
<%- end -%>
|
|
22
|
-
homepage_url: <%= gem_info.homepage_uri %>
|
|
23
|
-
source_code_url: <%= gem_info.source_code_uri %>
|
|
24
|
-
documentation_url: <%= gem_info.documentation_uri %>
|
|
25
|
-
<%- end -%>
|