hrw 0.2.3 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 81e42c96aba4df5cd502c91d7a3a25915370f2ae1e8061859f7bd9cc7f53a37c
-  data.tar.gz: 2fd961abdc269078ad76e14cc1ef9eb4394ba326a234c456973461822c340ea3
+  metadata.gz: 8cabda6b327c8534533ce19127ad8ef171b1aa98daafb12d1123285e4c100eef
+  data.tar.gz: 3727dab2676b9412906cfe9606dbd8bb4f77e1ef63d56e2e3ec2b30108927d03
 SHA512:
-  metadata.gz: 2ecb22650fffc06c764530b76aa303adf22e9c2538b0639fc0b6a13bfa641a329efcf3bcd491d4fe8b04ce7b0ab24e612376c10a73818a115474bf9c7447246d
-  data.tar.gz: df63bdc4146b2905a14c722e809ac3542084640ee3d8716a2fed2d3ef4991aac02f77fc7c52aa0a20ee1067bb71ef2cf4cd30ba5602e604fd1b452aa529302dd
+  metadata.gz: 363c6d96c9ea9822f7dd05dd9f577c4e800418150cee5338889080ff9336aa7973fc12856c5967b379855804adceb90377cd644b8ff42676bcfa556d94b36e9b
+  data.tar.gz: f12bc6139b20c57cd485e13bb3298407c881c6162aaaddc2f7e95b3ad206487518f7047a49bd5e21d2203e5d1c62468c1b449468a55afc65b69f67b776f6bf91

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    hrw (0.2.3)
+    hrw (0.3.0)
       http (~> 4.1, >= 4.1.1)
       rainbow (~> 3.0)
 

data/exe/hrw

@@ -1,6 +1,7 @@
 #!/usr/bin/env ruby
 require 'ostruct'
 require 'optparse'
+
 require 'hrw'
 
 ARGV << '--help' if ARGV.empty?
@@ -31,9 +32,8 @@ hash = api.submit(specs, scanner.package_manager)
 result = api.retrieve(hash)
 
 formatter = Hrw::Formatter.new
-vulnerable_deps = formatter.format(result)
-
-unless vulnerable_deps.empty?
-  formatter.print_vulnerable_deps(vulnerable_deps)
+if formatter.pretty_print(result)
   exit(1)
+else
+  exit(0)
 end

data/lib/hrw/formatter.rb

@@ -14,15 +14,22 @@ module Hrw
   # Format result and pretty print it
   #
   class Formatter
-    # Format result
+    # Class constructor
+    #
+    def initialize
+      @count = 0
+    end
+
+    # Filter result
     #
     # @param [Hash] result scan result
-    # @return [Boolean] vulnerable or not
-    def format(result)
+    # @return [Array] vulnerable or not
+    def filter(result)
       deps = []
 
       result['ancestry']['layers'].each do |layer|
         layer['detected_features'].each do |feature|
+          @count += 1
           deps << feature if feature.key?('vulnerabilities')
         end
       end
@@ -32,20 +39,83 @@ module Hrw
 
     # Pretty print result
     #
-    def print_vulnerable_deps(deps)
+    # @param [Hash] result scan result
+    # @return [Boolean] true if has vulnerability
+    def pretty_print(result)
+      high = medium = low = unknown = 0
+
+      puts
+      puts("scanning #{Dir.pwd} ...".foreground(:aliceblue))
+      puts
+
+      deps = filter(result)
       deps.each do |dep|
         dep['vulnerabilities'].each do |vuln|
           patched_version = JSON.parse(vuln['fixed_by'])
 
-          puts "Name: #{dep['name']}"
-          puts "Version: #{dep['version']}"
-          puts "Advisory: #{vuln['name']}"
-          puts "Severity: #{vuln['severity']}"
-          puts "Link: #{vuln['link']}"
-          puts "Patched: #{patched_version['spec'].join(', ')}"
+          case vuln['severity']
+          when 'Defcon1', 'Critical', 'High'
+            color = :red
+            high += 1
+          when 'Medium'
+            color = :yellow
+            medium += 1
+          when 'Unknown'
+            color = :magenta
+            unknown += 1
+          else
+            color = :aliceblue
+            low += 1
+          end
+
+          pkg = "#{dep['name']}@#{dep['version']}"
+          puts "✗ #{vuln['severity']} severity vulnerability found in #{pkg.underline.bright}".foreground(color)
+          puts 'Name:'
+          puts "  #{vuln['name']}"
+          puts
+          puts 'Description:'
+          puts vuln['description'].gsub(/^/, '  ')
+          puts
+          puts 'Severity:'
+          puts "  #{vuln['severity']}"
+          puts
+          puts 'Link:'
+          puts "  #{vuln['link']}"
+          puts
+          puts 'Patched version:'
+          puts "  #{patched_version['spec'].join(', ')}"
+          puts
           puts
         end
       end
+
+      puts "Tested #{@count} dependencies for known vulnerabilities".foreground(:aliceblue)
+      puts
+
+      if deps.empty?
+        puts '✓ no vulnerabilities found.'.foreground(:green)
+        puts
+
+        false
+      else
+        puts "✗ found #{high + medium + low + unknown} vulnerabilities:".foreground(:red)
+        puts
+
+        color = high > 0 ? :red : :aliceblue
+        puts "  high: #{high}".foreground(color)
+
+        color = medium > 0 ? :yellow : :aliceblue
+        puts "  medium: #{medium}".foreground(color)
+
+        puts "  low: #{low}".foreground(:aliceblue)
+
+        color = unknown > 0 ? :magenta : :aliceblue
+        puts "  unknown: #{unknown}".foreground(color)
+
+        puts
+
+        true
+      end
     end
   end
 end

data/lib/hrw/version.rb

@@ -1,3 +1,3 @@
 module Hrw
-  VERSION = '0.2.3'.freeze
+  VERSION = '0.3.0'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hrw
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.3.0
 platform: ruby
 authors:
 - hi_ztz