govuk_security_audit 0.1.2 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +6 -0
- data/lib/govuk_security_audit/cli.rb +3 -2
- data/lib/govuk_security_audit/scanner.rb +2 -1
- data/lib/govuk_security_audit/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0b7e6d77a6393213e0cb776cafe449efefe01410
|
|
4
|
+
data.tar.gz: 744e8dbc7dd3fe1e6059fcd9c3aefb17c2b8b564
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9706a3c39945973936b9b0e68ad2a89f74dffe2e081da9827b2b1e5e56fb11046693b2a19d1de57db65e035f9626cb55f5a3005de2a12d5efc7ed79ea14fcb0d
|
|
7
|
+
data.tar.gz: 7cf083233908fa00ed5d45b14a8799fecb5a14b42120d32f2402830607fd5ebafe60909bb270c3b28f58a24ababcd509ec90e9b64948ebb598b2fead89c6513d
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -8,6 +8,7 @@ require "govuk_security_audit/scanner"
|
|
|
8
8
|
module GovukSecurityAudit
|
|
9
9
|
class CLI < Thor
|
|
10
10
|
class_option :skip_update, type: :boolean, default: false
|
|
11
|
+
class_option :ignore, type: :array, default: []
|
|
11
12
|
|
|
12
13
|
desc "github USER REPO [REF]", "check the Github repo USER/REPO at an optional REF. Defaults to master."
|
|
13
14
|
def github(user, repo, ref="master")
|
|
@@ -30,12 +31,12 @@ module GovukSecurityAudit
|
|
|
30
31
|
end
|
|
31
32
|
|
|
32
33
|
desc "check [PATH]", "check the Gemfile at PATH, or the current directory."
|
|
33
|
-
def check(path=Dir.pwd)
|
|
34
|
+
def check(path = Dir.pwd)
|
|
34
35
|
update unless options[:skip_update]
|
|
35
36
|
scanner = Scanner.new(path)
|
|
36
37
|
vulnerable = false
|
|
37
38
|
|
|
38
|
-
scanner.scan do |result|
|
|
39
|
+
scanner.scan(:ignore => options[:ignore]) do |result|
|
|
39
40
|
vulnerable = true
|
|
40
41
|
|
|
41
42
|
case result
|
|
@@ -4,8 +4,9 @@ require "bundler/lockfile_parser"
|
|
|
4
4
|
|
|
5
5
|
module GovukSecurityAudit
|
|
6
6
|
class Scanner < Bundler::Audit::Scanner
|
|
7
|
-
def initialize(path=Dir.pwd)
|
|
7
|
+
def initialize(path = Dir.pwd)
|
|
8
8
|
path = File.expand_path(path)
|
|
9
|
+
|
|
9
10
|
if File.directory?(path)
|
|
10
11
|
path = File.join(path, "Gemfile.lock")
|
|
11
12
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: govuk_security_audit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Government Digital Service
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2016-02-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -123,7 +123,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
123
123
|
version: '0'
|
|
124
124
|
requirements: []
|
|
125
125
|
rubyforge_project:
|
|
126
|
-
rubygems_version: 2.4.5
|
|
126
|
+
rubygems_version: 2.4.5.1
|
|
127
127
|
signing_key:
|
|
128
128
|
specification_version: 4
|
|
129
129
|
summary: Check repos for gem vulnerabilities
|