package-audit 0.3.0 → 0.4.0

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: package-audit
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Vadim Kononov
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-07-05 00:00:00.000000000 Z
+date: 2023-07-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler-audit
@@ -49,64 +49,80 @@ extra_rdoc_files: []
 files:
 - exe/package-audit
 - lib/package/audit/cli.rb
-- lib/package/audit/command_service.rb
 - lib/package/audit/const/cmd.rb
 - lib/package/audit/const/fields.rb
 - lib/package/audit/const/file.rb
 - lib/package/audit/const/time.rb
-- lib/package/audit/duplicate_package_merger.rb
+- lib/package/audit/const/yaml.rb
 - lib/package/audit/enum/environment.rb
+- lib/package/audit/enum/option.rb
+- lib/package/audit/enum/report.rb
 - lib/package/audit/enum/risk_explanation.rb
 - lib/package/audit/enum/risk_type.rb
+- lib/package/audit/enum/technology.rb
 - lib/package/audit/enum/vulnerability_type.rb
 - lib/package/audit/formatter/base.rb
 - lib/package/audit/formatter/risk.rb
 - lib/package/audit/formatter/version.rb
 - lib/package/audit/formatter/version_date.rb
 - lib/package/audit/formatter/vulnerability.rb
+- lib/package/audit/models/package.rb
+- lib/package/audit/models/risk.rb
 - lib/package/audit/npm/node_collection.rb
 - lib/package/audit/npm/npm_meta_data.rb
 - lib/package/audit/npm/vulnerability_finder.rb
 - lib/package/audit/npm/yarn_lock_parser.rb
-- lib/package/audit/package.rb
-- lib/package/audit/printer.rb
-- lib/package/audit/risk.rb
-- lib/package/audit/risk_calculator.rb
 - lib/package/audit/ruby/bundler_specs.rb
 - lib/package/audit/ruby/gem_collection.rb
 - lib/package/audit/ruby/gem_meta_data.rb
 - lib/package/audit/ruby/vulnerability_finder.rb
+- lib/package/audit/services/command_parser.rb
+- lib/package/audit/services/duplicate_package_merger.rb
+- lib/package/audit/services/package_filter.rb
+- lib/package/audit/services/package_finder.rb
+- lib/package/audit/services/package_printer.rb
+- lib/package/audit/services/risk_calculator.rb
+- lib/package/audit/technology/detector.rb
+- lib/package/audit/technology/validator.rb
 - lib/package/audit/util/bash_color.rb
 - lib/package/audit/util/summary_printer.rb
 - lib/package/audit/version.rb
 - sig/package/audit/cli.rbs
-- sig/package/audit/command_service.rbs
 - sig/package/audit/const/cmd.rbs
 - sig/package/audit/const/fields.rbs
 - sig/package/audit/const/file.rbs
 - sig/package/audit/const/time.rbs
-- sig/package/audit/duplicate_package_merger.rbs
+- sig/package/audit/const/yaml.rbs
 - sig/package/audit/enum/environment.rbs
+- sig/package/audit/enum/option.rbs
+- sig/package/audit/enum/report.rbs
 - sig/package/audit/enum/risk_explanation.rbs
 - sig/package/audit/enum/risk_type.rbs
+- sig/package/audit/enum/technology.rbs
 - sig/package/audit/enum/vulnerability_type.rbs
 - sig/package/audit/formatter/base.rbs
 - sig/package/audit/formatter/risk_printer.rbs
 - sig/package/audit/formatter/version_date.rbs
 - sig/package/audit/formatter/version_printer.rbs
 - sig/package/audit/formatter/vulnerability.rbs
+- sig/package/audit/models/package.rbs
+- sig/package/audit/models/risk.rbs
 - sig/package/audit/npm/node_collection.rbs
 - sig/package/audit/npm/npm_meta_data.rbs
 - sig/package/audit/npm/vulnerability_finder.rbs
 - sig/package/audit/npm/yarn_lock_parser.rbs
-- sig/package/audit/package.rbs
-- sig/package/audit/printer.rbs
-- sig/package/audit/risk.rbs
-- sig/package/audit/risk_calculator.rbs
 - sig/package/audit/ruby/bundler_specs.rbs
 - sig/package/audit/ruby/gem_collection.rbs
 - sig/package/audit/ruby/gem_meta_data.rbs
 - sig/package/audit/ruby/vulnerability_finder.rbs
+- sig/package/audit/services/command_parser.rbs
+- sig/package/audit/services/duplicate_package_merger.rbs
+- sig/package/audit/services/package_filter.rbs
+- sig/package/audit/services/package_finder.rbs
+- sig/package/audit/services/package_printer.rbs
+- sig/package/audit/services/risk_calculator.rbs
+- sig/package/audit/technology/detector.rbs
+- sig/package/audit/technology/validator.rbs
 - sig/package/audit/util/bash_color.rbs
 - sig/package/audit/util/summary_printer.rbs
 - sig/package/audit/version.rbs

data/lib/package/audit/command_service.rb

@@ -1,187 +0,0 @@
-require_relative 'const/cmd'
-require_relative 'const/file'
-
-module Package
-  module Audit
-    class CommandService # rubocop:disable Metrics/ClassLength
-      RUBY_GEM = 'ruby gem'
-      NODE_MODULE = 'node module'
-
-      def initialize(dir, options)
-        @dir = dir
-        @options = options
-      end
-
-      def all # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/PerceivedComplexity
-        pkgs = []
-
-        if ruby?
-          gems = Ruby::GemCollection.new(@dir).all
-          pkgs += gems
-          Printer.new(gems, @options).print(Const::Fields::REPORT)
-
-          unless @options[:csv]
-            if gems.any?
-              Util::SummaryPrinter.statistics(RUBY_GEM, gems)
-              Util::SummaryPrinter.vulnerable(RUBY_GEM, Const::Cmd::BUNDLE_AUDIT)
-            else
-              print_success_message "There are no deprecated, outdated or vulnerable #{RUBY_GEM}s!"
-            end
-          end
-        end
-
-        if node?
-          npms = Npm::NodeCollection.new(@dir).all
-          pkgs += npms
-          Printer.new(npms, @options).print(Const::Fields::REPORT)
-
-          unless @options[:csv]
-            if npms.any?
-              Util::SummaryPrinter.statistics(NODE_MODULE, npms)
-              Util::SummaryPrinter.vulnerable(NODE_MODULE, Const::Cmd::YARN_AUDIT)
-            else
-              print_success_message "There are no deprecated, outdated or vulnerable #{NODE_MODULE}s!"
-            end
-          end
-        end
-
-        pkgs.any?
-      end
-
-      def vulnerable # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/PerceivedComplexity
-        pkgs = []
-
-        if ruby?
-          gems = Ruby::GemCollection.new(@dir).vulnerable
-          pkgs += gems
-          Printer.new(gems, @options).print(Const::Fields::VULNERABLE)
-
-          unless @options[:csv]
-            if gems.any?
-              Util::SummaryPrinter.total(RUBY_GEM, gems)
-              Util::SummaryPrinter.vulnerable(RUBY_GEM, Const::Cmd::BUNDLE_AUDIT)
-            else
-              print_success_message "There are no #{RUBY_GEM} vulnerabilities!"
-            end
-          end
-        end
-
-        if node?
-          npms = Npm::NodeCollection.new(@dir).vulnerable
-          pkgs += npms
-          Printer.new(npms, @options).print(Const::Fields::VULNERABLE)
-
-          unless @options[:csv]
-            if npms.any?
-              Util::SummaryPrinter.total(NODE_MODULE, npms)
-              Util::SummaryPrinter.vulnerable(NODE_MODULE, Const::Cmd::YARN_AUDIT)
-            else
-              print_success_message "There are no #{NODE_MODULE} vulnerabilities!"
-            end
-          end
-        end
-
-        pkgs.any?
-      end
-
-      def outdated # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/PerceivedComplexity
-        pkgs = []
-
-        if ruby?
-          gems = Ruby::GemCollection.new(@dir).outdated
-          pkgs += gems
-          Printer.new(gems, @options).print(Const::Fields::OUTDATED)
-
-          unless @options[:csv]
-            if gems.any?
-              Util::SummaryPrinter.total(RUBY_GEM, gems)
-            else
-              print_success_message "There are no outdated #{RUBY_GEM}s!"
-            end
-          end
-        end
-
-        if node?
-          npms = Npm::NodeCollection.new(@dir).outdated
-          pkgs += npms
-          Printer.new(npms, @options).print(Const::Fields::OUTDATED)
-
-          unless @options[:csv]
-            if npms.any?
-              Util::SummaryPrinter.total(NODE_MODULE, npms)
-            else
-              print_success_message "There are no outdated #{NODE_MODULE}s!"
-            end
-          end
-        end
-
-        pkgs.any?
-      end
-
-      def deprecated # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/PerceivedComplexity
-        pkgs = []
-
-        if ruby?
-          gems = Ruby::GemCollection.new(@dir).deprecated
-          pkgs += gems
-          Printer.new(gems, @options).print(Const::Fields::OUTDATED)
-
-          unless @options[:csv]
-            if gems.any?
-              Util::SummaryPrinter.total(RUBY_GEM, gems)
-              Util::SummaryPrinter.deprecated
-            else
-              print_success_message "There are no potentially deprecated #{RUBY_GEM}s!"
-            end
-          end
-        end
-
-        if node?
-          npms = Npm::NodeCollection.new(@dir).deprecated
-          pkgs += npms
-          Printer.new(npms, @options).print(Const::Fields::OUTDATED)
-
-          unless @options[:csv]
-            if npms.any?
-              Util::SummaryPrinter.total(NODE_MODULE, npms)
-              Util::SummaryPrinter.deprecated
-            else
-              print_success_message "There are no potentially deprecated #{NODE_MODULE}s!"
-            end
-          end
-        end
-
-        pkgs.any?
-      end
-
-      private
-
-      def ruby?
-        gemfile_present = File.exist?("#{@dir}/#{Const::File::GEMFILE}")
-        gemfile_lock_present = File.exist?("#{@dir}/#{Const::File::GEMFILE_LOCK}")
-
-        if gemfile_present && gemfile_lock_present
-          true
-        elsif gemfile_present
-          raise "#{Const::File::GEMFILE_LOCK} was not found in #{@dir}/"
-        end
-      end
-
-      def node?
-        package_json_present = File.exist?("#{@dir}/#{Const::File::PACKAGE_JSON}")
-        package_lock_json_present = File.exist?("#{@dir}/#{Const::File::PACKAGE_LOCK_JSON}")
-        yarn_lock_present = File.exist?("#{@dir}/#{Const::File::YARN_LOCK}")
-
-        if package_json_present && (package_lock_json_present || yarn_lock_present)
-          true
-        elsif package_json_present
-          raise "#{Const::File::PACKAGE_LOCK_JSON} or #{Const::File::YARN_LOCK} was not found in #{@dir}/"
-        end
-      end
-
-      def print_success_message(msg)
-        puts Util::BashColor.green msg
-      end
-    end
-  end
-end

data/sig/package/audit/command_service.rbs

@@ -1,29 +0,0 @@
-module Package
-  module Audit
-    class CommandService
-      NODE_MODULE: String
-      RUBY_GEM: String
-
-      @dir: String
-      @options: Hash[Symbol, untyped]
-
-      def initialize: (String, Hash[Symbol, untyped]) -> void
-
-      def all: -> bool
-
-      def deprecated: -> bool
-
-      def outdated: -> bool
-
-      def vulnerable: -> bool
-
-      private
-
-      def node?: -> bool?
-
-      def print_success_message: (String) -> void
-
-      def ruby?: -> bool?
-    end
-  end
-end