govuk_security_audit 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/lib/govuk_security_audit/cli.rb +0 -1
  4. data/lib/govuk_security_audit/scanner.rb +4 -0
  5. data/lib/govuk_security_audit/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 0186900431fcb7a64b6fa9b0eeb83217369f4c20
4
- data.tar.gz: 3fbfaf078853329c17b6532d34031508f2f7580e
3
+ metadata.gz: 86bf11c0372c7eb2a116f98469f6f96cd9491433
4
+ data.tar.gz: 5f5b96ff8ac9e804c2e9c17c64f313fc3b4e4859
5
5
  SHA512:
6
- metadata.gz: f29d3a8fbfe483d2a689bd69e11bfbf6fb121aeed5f0661697e07efd9a1ef71173bb594876bf0f6b9d8324d184fcb0eb141bb87bdb338398a7743df82259ba91
7
- data.tar.gz: 9cc2aa8ffe989911c65a8a5a411c6fead2d152a0056f19ef095550cfb1fe4cb3e89146d79edba8be8581c5adebe1896767a92d4a3dc708c7af2a5b2ddc264a8b
6
+ metadata.gz: a5661b9d3067acac6023d4f2379459f137c33a195738c85b6da5c3dd0bbb412bbf08cdc686306f83c1987e1c670cfde986d03c1b4cabeb92ca4dfa4071c8d7c6
7
+ data.tar.gz: 26c1439d574f1e342ac3e62218fb7cab4e7415e9463f0230fb2c35462b703a5747d1831781b15ef384f5ad6d5300455d757a4e7f81be84a5e3e05955a11f929f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## 0.1.2
2
+
3
+ - Support being run from outside a Bundler environment
4
+ - Don't update the advisory DB twice when checking Github repos
5
+
1
6
  ## 0.1.1
2
7
 
3
8
  - Perform an update of the advisory DB before every check by default, disable with `--skip-update`
data/lib/govuk_security_audit/cli.rb CHANGED
@@ -11,7 +11,6 @@ module GovukSecurityAudit
11
11
 
12
12
  desc "github USER REPO [REF]", "check the Github repo USER/REPO at an optional REF. Defaults to master."
13
13
  def github(user, repo, ref="master")
14
- update unless options[:skip_update]
15
14
  uri = URI.parse("https://raw.githubusercontent.com/#{user}/#{repo}/#{ref}/Gemfile.lock")
16
15
  http = Net::HTTP.new(uri.host, uri.port)
17
16
  http.use_ssl = true
data/lib/govuk_security_audit/scanner.rb CHANGED
@@ -12,6 +12,10 @@ module GovukSecurityAudit
12
12
 
13
13
  @root = File.dirname(path)
14
14
  @database = Bundler::Audit::Database.new
15
+
16
+ # Stop Bundler trying to find a Gemfile to accompany our Lockfiles
17
+ ENV["BUNDLE_GEMFILE"] = "Dummy"
18
+
15
19
  @lockfile = Bundler::LockfileParser.new(File.read(path))
16
20
  end
17
21
  end
data/lib/govuk_security_audit/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module GovukSecurityAudit
2
- VERSION = "0.1.1"
2
+ VERSION = "0.1.2"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: govuk_security_audit
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Government Digital Service