repo_analyzer 1.3.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 54ba42a406d9f7d7b89588217709447e77a85619969e38d2ad07b683ef3b7308
-  data.tar.gz: 349ad885453dbfffe666b3968f6a89064094c05635552130e1e2596f94a8219c
+  metadata.gz: 2eebe99c02596c84f2083e7bbbc0caacb0261f702ed21421015f6c9d71e0015d
+  data.tar.gz: db9318ec621fbd332662d7211b86ed581fb40a4d9108c2a465181f39d81feb91
 SHA512:
-  metadata.gz: 1547a6ca87bf7aa12f063019b06eaec47d068390e5706fbcce14ec40da76a42ec67fb88090dd645ebf451332b401d3fc36039a0e21ab0817691197bb3ba40175
-  data.tar.gz: 56b67a96d0fad9e2130d6785e73882731a3cacc927e166bd733ef0e0981154ec523204b59492b9db6470a14cb7aad8610039fee2e2b421ad5658db2d116f01db
+  metadata.gz: c948672842944f02f10a8fafd98628dbf098030fe97b5074e6cbb0ae67d992716c03f5bfe7a306abaf64401cca0b3c6d8dd03fef24824a6ff624c7e454e0525d
+  data.tar.gz: 74a2984c5557c394cfce472533fecff7c5a82a5b6e95b6d2f2074fca9b1ca15004b50a5a4ca6d5e0440717c26968826f50e44fcf760dc03a72cc42c58314a4dd

data/CHANGELOG.md

@@ -2,6 +2,20 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+### v1.5.0
+#### Added
+
+* Run analyze rake task with custom project path.
+#### Fixed
+
+* Remove [fasterer](https://github.com/DamirSvrtan/fasterer) extractor.
+### v1.4.0
+#### Added
+
+* Add [reek](https://github.com/troessner/reek) extractor.
+* Add [fasterer](https://github.com/DamirSvrtan/fasterer) extractor.
+* Add [bundler-audit](https://github.com/rubysec/bundler-audit) extractor.
+* Add [bundler-stats](https://github.com/jmmastey/bundler-stats) extractor.
 
 ### v1.3.0
 

data/Gemfile.lock

@@ -1,11 +1,16 @@
 PATH
   remote: .
   specs:
-    repo_analyzer (1.3.0)
+    repo_analyzer (1.5.0)
       brakeman
+      bundler-audit
+      bundler-stats
+      faraday-retry
+      fasterer
       octokit (~> 4.0)
       rails (>= 6.0)
       rails_best_practices
+      reek
       rubocop (~> 1.9)
       rubocop-performance
       rubocop-platanus (~> 0.2)
@@ -79,9 +84,16 @@ GEM
     ast (2.4.2)
     brakeman (5.3.1)
     builder (3.2.4)
+    bundler-audit (0.9.1)
+      bundler (>= 1.2.0, < 3)
+      thor (~> 1.0)
+    bundler-stats (2.3.0)
+      bundler (>= 1.9, < 3)
+      thor (>= 0.19.0, < 2.0)
     code_analyzer (0.5.5)
       sexp_processor
     coderay (1.1.3)
+    colorize (0.8.1)
     concurrent-ruby (1.1.10)
     coveralls (0.8.23)
       json (>= 1.8, < 3)
@@ -104,6 +116,11 @@ GEM
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
     faraday-net_http (3.0.2)
+    faraday-retry (2.1.0)
+      faraday (~> 2.0)
+    fasterer (0.10.1)
+      colorize (~> 0.7)
+      ruby_parser (>= 3.19.1)
     ffi (1.15.5)
     formatador (1.1.0)
     globalid (1.0.0)
@@ -125,6 +142,7 @@ GEM
     i18n (1.12.0)
       concurrent-ruby (~> 1.0)
     json (2.6.3)
+    kwalify (0.7.2)
     listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
@@ -165,7 +183,7 @@ GEM
       faraday (>= 1, < 3)
       sawyer (~> 0.9)
     parallel (1.22.1)
-    parser (3.1.3.0)
+    parser (3.2.2.1)
       ast (~> 2.4.1)
     pry (0.14.1)
       coderay (~> 1.1)
@@ -216,6 +234,11 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
+    reek (6.1.4)
+      kwalify (~> 0.7.0)
+      parser (~> 3.2.0)
+      rainbow (>= 2.0, < 4.0)
+      rexml (~> 3.1)
     regexp_parser (2.6.1)
     require_all (3.0.0)
     rexml (3.2.5)
@@ -267,6 +290,8 @@ GEM
       rubocop (~> 1.33)
     ruby-progressbar (1.11.0)
     ruby2_keywords (0.0.5)
+    ruby_parser (3.20.1)
+      sexp_processor (~> 4.16)
     sawyer (0.9.2)
       addressable (>= 2.3.5)
       faraday (>= 0.17.3, < 3)
@@ -316,8 +341,6 @@ DEPENDENCIES
   repo_analyzer!
   rspec-rails
   rspec_junit_formatter
-  rubocop (~> 1.9)
-  rubocop-rails
   sqlite3
 
 BUNDLED WITH

data/app/extractors/repo_analyzer/bundler_audit_extractor.rb

@@ -0,0 +1,50 @@
+module RepoAnalyzer
+  class BundlerAuditExtractor < ProjectInfoExtractor
+    KEY_VALUE_REGEXP = /\A(.*):\s(.*)\z/
+
+    private
+
+    def extracted_info
+      { vulnerabilities: audit_info }
+    end
+
+    def audit_info
+      audit_collection.inject({}) do |memo, row|
+        category = nil
+
+        formatted_item = row.split("\n").inject({}) do |item, line|
+          key, value = extract_key_value_form_row(line)
+
+          if key == :criticality
+            category = value
+            memo[category] ||= []
+            next item
+          end
+
+          item[key] = value
+          item
+        end
+
+        memo[category] << formatted_item
+        memo
+      end
+    end
+
+    def audit_collection
+      collection = audit_raw_result.split("\n\n")
+      collection.pop
+      collection
+    end
+
+    def extract_key_value_form_row(line)
+      key, value = line.scan(KEY_VALUE_REGEXP).flatten
+      key = key.gsub(" ", "_").downcase.to_sym
+      [key, value]
+    end
+
+    def audit_raw_result
+      `bundle exec bundle-audit update`
+      `bundle exec bundle-audit check #{project_data_bridge.project_path}`
+    end
+  end
+end

data/app/extractors/repo_analyzer/bundler_stats_extractor.rb

@@ -0,0 +1,10 @@
+module RepoAnalyzer
+  class BundlerStatsExtractor < ProjectInfoExtractor
+    private
+
+    def extracted_info
+      result = `bundle exec bundle-stats stats -f json`
+      JSON.parse(result)
+    end
+  end
+end

data/app/extractors/repo_analyzer/reek_extractor.rb

@@ -0,0 +1,38 @@
+require "reek/cli/application"
+
+module RepoAnalyzer
+  class ReekExtractor < ProjectInfoExtractor
+    private
+
+    def extracted_info
+      { warnings: reek_info }
+    end
+
+    def reek_info
+      @reek_info ||= reek_json.inject({}) do |memo, warning|
+        memo[warning["smell_type"]] ||= []
+        memo[warning["smell_type"]] << {
+          lines: warning["lines"],
+          message: warning["message"],
+          source: relative_file_name(warning["source"]),
+          name: warning["name"],
+          documentation_link: warning["documentation_link"]
+        }
+        memo
+      end
+    end
+
+    def relative_file_name(file_path)
+      file_path.gsub(%r{\A\D*#{project_data_bridge.project_path}/}, "")
+    end
+
+    def reek_json
+      application = Reek::CLI::Application.new(
+        ["--format=json", project_data_bridge.project_path]
+      )
+
+      result = OutputUtils.with_captured_stdout { application.execute }
+      JSON.parse(result)
+    end
+  end
+end

data/app/jobs/repo_analyzer/extract_project_info_job.rb

@@ -1,8 +1,8 @@
 module RepoAnalyzer
   class ExtractProjectInfoJob < ApplicationJob
-    def perform(repo_name)
+    def perform(repo_name, project_path)
       project_info = {}
-      bridge = RepoAnalyzer::ProjectDataBridge.new(repo_name)
+      bridge = RepoAnalyzer::ProjectDataBridge.new(repo_name, project_path)
 
       for_each_extractor do |extractor|
         extracted_data = extractor.new(bridge).extract

data/lib/repo_analyzer/version.rb

@@ -1,3 +1,3 @@
 module RepoAnalyzer
-  VERSION = '1.3.0'
+  VERSION = '1.5.0'
 end

data/lib/repo_analyzer.rb

@@ -1,6 +1,10 @@
+require "bundler/audit"
+require "bundler/stats"
 require "brakeman"
+require "fasterer"
 require "octokit"
 require "rails_best_practices"
+require "reek"
 require "rubocop"
 require "rubocop-performance"
 require "rubocop-platanus"

data/lib/tasks/repo_analyzer_tasks.rake

@@ -1,7 +1,9 @@
 namespace :repo_analyzer  do
   desc "Extract repo info and post to defined endpoint"
-  task :analyze, [:repo_name] => :environment do |_t, args|
-    project_info = RepoAnalyzer::ExtractProjectInfoJob.perform_now(args.repo_name)
+  task :analyze, [:repo_name, :project_path] => :environment do |_t, args|
+    project_info = RepoAnalyzer::ExtractProjectInfoJob.perform_now(
+      args.repo_name, args.project_path
+    )
     RepoAnalyzer::PostExtractedInfoJob.perform_now(args.repo_name, project_info)
   end
 end

data/repo_analyzer.gemspec

@@ -19,10 +19,15 @@ Gem::Specification.new do |s|
   s.executables = s.files.grep(%r{^exe/}) { |f| File.basename(f) }
   s.test_files = Dir["spec/**/*"]
 
+  s.add_dependency "bundler-audit"
+  s.add_dependency "bundler-stats"
   s.add_dependency "brakeman"
+  s.add_dependency "faraday-retry"
+  s.add_dependency "fasterer"
   s.add_dependency "octokit", "~> 4.0"
   s.add_dependency "rails", ">= 6.0"
   s.add_dependency "rails_best_practices"
+  s.add_dependency "reek"
   s.add_dependency "rubocop", "~> 1.9"
   s.add_dependency "rubocop-performance"
   s.add_dependency "rubocop-platanus", "~> 0.2"
@@ -37,6 +42,4 @@ Gem::Specification.new do |s|
   s.add_development_dependency "pry-rails"
   s.add_development_dependency "rspec_junit_formatter"
   s.add_development_dependency "rspec-rails"
-  s.add_development_dependency "rubocop", "~> 1.9"
-  s.add_development_dependency "rubocop-rails"
 end

data/spec/extractors/bundler_audit_extractor_spec.rb

@@ -0,0 +1,141 @@
+require 'rails_helper'
+
+describe RepoAnalyzer::BundlerAuditExtractor, repo_analyzer_extractor_helpers: true do
+  describe "#extract" do
+    let(:audit_result_content) do
+      <<~TEXT
+        Name: actionpack
+        Version: 6.1.7
+        CVE: CVE-2023-22792
+        GHSA: GHSA-p84v-45xj-wwqj
+        Criticality: Unknown
+        URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+        Title: ReDoS based DoS vulnerability in Action Dispatch
+        Solution: upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+        Name: actionpack
+        Version: 6.1.7
+        CVE: CVE-2023-22795
+        GHSA: GHSA-8xww-x3g3-6jcv
+        Criticality: Unknown
+        URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+        Title: ReDoS based DoS vulnerability in Action Dispatch
+        Solution: upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+        Name: activerecord
+        Version: 6.1.7
+        CVE: CVE-2022-44566
+        GHSA: GHSA-579w-22j4-4749
+        Criticality: High
+        URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+        Title: Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
+        Solution: upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+        Name: activerecord
+        Version: 6.1.7
+        CVE: CVE-2023-22794
+        GHSA: GHSA-hq7p-j377-6v63
+        Criticality: High
+        URL: https://github.com/rails/rails/releases/tag/v7.0.4.1
+        Title: SQL Injection Vulnerability via ActiveRecord comments
+        Solution: upgrade to '~> 6.0.6, >= 6.0.6.1', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'
+
+        Name: loofah
+        Version: 2.19.0
+        CVE: CVE-2022-23515
+        GHSA: GHSA-228g-948r-83gx
+        Criticality: Medium
+        URL: https://github.com/flavorjones/loofah/security/advisories/GHSA-228g-948r-83gx
+        Title: Improper neutralization of data URIs may allow XSS in Loofah
+        Solution: upgrade to '>= 2.19.1'
+
+        Name: rails-html-sanitizer
+        Version: 1.4.3
+        CVE: CVE-2022-23520
+        GHSA: GHSA-rrfc-7g8p-99q8
+        Criticality: Medium
+        URL: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-rrfc-7g8p-99q8
+        Title: Possible XSS vulnerability with certain configurations of rails-html-sanitizer
+        Solution: upgrade to '>= 1.4.4'
+
+        Vulnerabilities found!
+      TEXT
+    end
+
+    before do
+      allow(extractor).to receive(:`).with('bundle exec bundle-audit update')
+      allow(extractor).to receive(:`).with(
+        'bundle exec bundle-audit check spec/assets/test_project'
+      ).and_return(audit_result_content)
+    end
+
+    let(:expected) do
+      {
+        "vulnerabilities" => {
+          "Unknown" => [
+            {
+              name: "actionpack",
+              version: "6.1.7",
+              cve: "CVE-2023-22792",
+              ghsa: "GHSA-p84v-45xj-wwqj",
+              url: "https://github.com/rails/rails/releases/tag/v7.0.4.1",
+              title: "ReDoS based DoS vulnerability in Action Dispatch",
+              solution: "upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'"
+            },
+            {
+              name: "actionpack",
+              version: "6.1.7",
+              cve: "CVE-2023-22795",
+              ghsa: "GHSA-8xww-x3g3-6jcv",
+              url: "https://github.com/rails/rails/releases/tag/v7.0.4.1",
+              title: "ReDoS based DoS vulnerability in Action Dispatch",
+              solution: "upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'"
+            }
+          ],
+          "High" => [
+            {
+              name: "activerecord",
+              version: "6.1.7",
+              cve: "CVE-2022-44566",
+              ghsa: "GHSA-579w-22j4-4749",
+              url: "https://github.com/rails/rails/releases/tag/v7.0.4.1",
+              title: "Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter",
+              solution: "upgrade to '~> 5.2.8, >= 5.2.8.15', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'"
+            },
+            {
+              name: "activerecord",
+              version: "6.1.7",
+              cve: "CVE-2023-22794",
+              ghsa: "GHSA-hq7p-j377-6v63",
+              url: "https://github.com/rails/rails/releases/tag/v7.0.4.1",
+              title: "SQL Injection Vulnerability via ActiveRecord comments",
+              solution: "upgrade to '~> 6.0.6, >= 6.0.6.1', '~> 6.1.7, >= 6.1.7.1', '>= 7.0.4.1'"
+            }
+          ],
+          "Medium" => [
+            {
+              name: "loofah",
+              version: "2.19.0",
+              cve: "CVE-2022-23515",
+              ghsa: "GHSA-228g-948r-83gx",
+              url: "https://github.com/flavorjones/loofah/security/advisories/GHSA-228g-948r-83gx",
+              title: "Improper neutralization of data URIs may allow XSS in Loofah",
+              solution: "upgrade to '>= 2.19.1'"
+            },
+            {
+              name: "rails-html-sanitizer",
+              version: "1.4.3",
+              cve: "CVE-2022-23520",
+              ghsa: "GHSA-rrfc-7g8p-99q8",
+              url: "https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-rrfc-7g8p-99q8",
+              title: "Possible XSS vulnerability with certain configurations of rails-html-sanitizer",
+              solution: "upgrade to '>= 1.4.4'"
+            }
+          ]
+        }
+      }.with_indifferent_access
+    end
+
+    it { expect(extract[:bundler_audit_extractor]).to eq(expected) }
+  end
+end

data/spec/extractors/bundler_stats_extractor_spec.rb

@@ -0,0 +1,285 @@
+require 'rails_helper'
+
+describe RepoAnalyzer::BundlerStatsExtractor, repo_analyzer_extractor_helpers: true do
+  describe "#extract" do
+    let(:stats) do
+      {
+        "summary": {
+          "declared": 10,
+          "unpinned": 9,
+          "total": 117,
+          "github": 0
+        },
+        "gems": [
+          {
+            "name": "repo_analyzer",
+            "total_dependencies": 84,
+            "first_level_dependencies": 14,
+            "top_level_dependencies": {},
+            "transitive_dependencies": [
+              "brakeman (>= 0)",
+              "bundler-audit (>= 0)",
+              "bundler-stats (>= 0)",
+              "faraday-retry (>= 0)",
+              "fasterer (>= 0)",
+              "octokit (~> 4.0)",
+              "rails (>= 6.0)",
+              "rails_best_practices (>= 0)",
+              "reek (>= 0)",
+              "rubocop (~> 1.9)",
+              "rubocop-performance (>= 0)",
+              "rubocop-platanus (~> 0.2)",
+              "rubocop-rails (>= 0)",
+              "rubocop-rspec (~> 2.2)",
+              "bundler (>= 1.2.0, < 3)",
+              "thor (~> 1.0)",
+              "faraday (~> 2.0)",
+              "faraday-net_http (>= 2.0, < 3.1)",
+              "ruby2_keywords (>= 0.0.4)",
+              "colorize (~> 0.7)",
+              "ruby_parser (>= 3.19.1)",
+              "sexp_processor (~> 4.16)",
+              "sawyer (~> 0.9)",
+              "addressable (>= 2.3.5)",
+              "public_suffix (>= 2.0.2, < 6.0)",
+              "actioncable (= 6.1.7)",
+              "actionmailbox (= 6.1.7)",
+              "actionmailer (= 6.1.7)",
+              "actionpack (= 6.1.7)",
+              "actiontext (= 6.1.7)",
+              "actionview (= 6.1.7)",
+              "activejob (= 6.1.7)",
+              "activemodel (= 6.1.7)",
+              "activerecord (= 6.1.7)",
+              "activestorage (= 6.1.7)",
+              "activesupport (= 6.1.7)",
+              "railties (= 6.1.7)",
+              "sprockets-rails (>= 2.0.0)",
+              "nio4r (~> 2.0)",
+              "websocket-driver (>= 0.6.1)",
+              "rack (~> 2.0, >= 2.0.9)",
+              "rack-test (>= 0.6.3)",
+              "rails-dom-testing (~> 2.0)",
+              "rails-html-sanitizer (~> 1.0, >= 1.2.0)",
+              "builder (~> 3.1)",
+              "erubi (~> 1.4)",
+              "concurrent-ruby (~> 1.0, >= 1.0.2)",
+              "i18n (>= 1.6, < 2)",
+              "minitest (>= 5.1)",
+              "tzinfo (~> 2.0)",
+              "zeitwerk (~> 2.3)",
+              "nokogiri (>= 1.6)",
+              "mini_portile2 (~> 2.8.0)",
+              "racc (~> 1.4)",
+              "loofah (~> 2.3)",
+              "crass (~> 1.0.2)",
+              "websocket-extensions (>= 0.1.0)",
+              "mail (>= 2.7.1)",
+              "globalid (>= 0.3.6)",
+              "marcel (~> 1.0)",
+              "mini_mime (>= 1.1.0)",
+              "net-imap (>= 0)",
+              "net-pop (>= 0)",
+              "net-smtp (>= 0)",
+              "date (>= 0)",
+              "net-protocol (>= 0)",
+              "timeout (>= 0)",
+              "method_source (>= 0)",
+              "rake (>= 12.2)",
+              "sprockets (>= 3.0.0)",
+              "code_analyzer (~> 0.5.5)",
+              "erubis (>= 0)",
+              "json (>= 0)",
+              "require_all (~> 3.0)",
+              "ruby-progressbar (>= 0)",
+              "kwalify (~> 0.7.0)",
+              "parser (~> 3.2.0)",
+              "rainbow (>= 2.0, < 4.0)",
+              "rexml (~> 3.1)",
+              "ast (~> 2.4.1)",
+              "parallel (~> 1.10)",
+              "regexp_parser (>= 1.8, < 3.0)",
+              "rubocop-ast (>= 1.23.0, < 2.0)",
+              "unicode-display_width (>= 1.4.0, < 3.0)"
+            ]
+          },
+          {
+            "name": "rspec-rails",
+            "total_dependencies": 28,
+            "first_level_dependencies": 7,
+            "top_level_dependencies": {},
+            "transitive_dependencies": [
+              "actionpack (>= 6.1)",
+              "activesupport (>= 6.1)",
+              "railties (>= 6.1)",
+              "rspec-core (~> 3.11)",
+              "rspec-expectations (~> 3.11)",
+              "rspec-mocks (~> 3.11)",
+              "rspec-support (~> 3.11)",
+              "actionview (= 6.1.7)",
+              "rack (~> 2.0, >= 2.0.9)",
+              "rack-test (>= 0.6.3)",
+              "rails-dom-testing (~> 2.0)",
+              "rails-html-sanitizer (~> 1.0, >= 1.2.0)",
+              "builder (~> 3.1)",
+              "erubi (~> 1.4)",
+              "concurrent-ruby (~> 1.0, >= 1.0.2)",
+              "i18n (>= 1.6, < 2)",
+              "minitest (>= 5.1)",
+              "tzinfo (~> 2.0)",
+              "zeitwerk (~> 2.3)",
+              "nokogiri (>= 1.6)",
+              "mini_portile2 (~> 2.8.0)",
+              "racc (~> 1.4)",
+              "loofah (~> 2.3)",
+              "crass (~> 1.0.2)",
+              "method_source (>= 0)",
+              "rake (>= 12.2)",
+              "thor (~> 1.0)",
+              "diff-lcs (>= 1.2.0, < 2.0)"
+            ]
+          },
+          {
+            "name": "factory_bot_rails",
+            "total_dependencies": 24,
+            "first_level_dependencies": 2,
+            "top_level_dependencies": {},
+            "transitive_dependencies": [
+              "factory_bot (~> 6.2.0)",
+              "railties (>= 5.0.0)",
+              "activesupport (>= 5.0.0)",
+              "concurrent-ruby (~> 1.0, >= 1.0.2)",
+              "i18n (>= 1.6, < 2)",
+              "minitest (>= 5.1)",
+              "tzinfo (~> 2.0)",
+              "zeitwerk (~> 2.3)",
+              "actionpack (= 6.1.7)",
+              "method_source (>= 0)",
+              "rake (>= 12.2)",
+              "thor (~> 1.0)",
+              "actionview (= 6.1.7)",
+              "rack (~> 2.0, >= 2.0.9)",
+              "rack-test (>= 0.6.3)",
+              "rails-dom-testing (~> 2.0)",
+              "rails-html-sanitizer (~> 1.0, >= 1.2.0)",
+              "builder (~> 3.1)",
+              "erubi (~> 1.4)",
+              "nokogiri (>= 1.6)",
+              "mini_portile2 (~> 2.8.0)",
+              "racc (~> 1.4)",
+              "loofah (~> 2.3)",
+              "crass (~> 1.0.2)"
+            ]
+          },
+          {
+            "name": "guard-rspec",
+            "total_dependencies": 21,
+            "first_level_dependencies": 3,
+            "top_level_dependencies": {},
+            "transitive_dependencies": [
+              "guard (~> 2.1)",
+              "guard-compat (~> 1.1)",
+              "rspec (>= 2.99.0, < 4.0)",
+              "formatador (>= 0.2.4)",
+              "listen (>= 2.7, < 4.0)",
+              "lumberjack (>= 1.0.12, < 2.0)",
+              "nenv (~> 0.1)",
+              "notiffany (~> 0.0)",
+              "pry (>= 0.13.0)",
+              "shellany (~> 0.0)",
+              "thor (>= 0.18.1)",
+              "rb-fsevent (~> 0.10, >= 0.10.3)",
+              "rb-inotify (~> 0.9, >= 0.9.10)",
+              "ffi (~> 1.0)",
+              "coderay (~> 1.1)",
+              "method_source (~> 1.0)",
+              "rspec-core (~> 3.12.0)",
+              "rspec-expectations (~> 3.12.0)",
+              "rspec-mocks (~> 3.12.0)",
+              "rspec-support (~> 3.12.0)",
+              "diff-lcs (>= 1.2.0, < 2.0)"
+            ]
+          },
+          {
+            "name": "coveralls",
+            "total_dependencies": 8,
+            "first_level_dependencies": 5,
+            "top_level_dependencies": {},
+            "transitive_dependencies": [
+              "json (>= 1.8, < 3)",
+              "simplecov (~> 0.16.1)",
+              "term-ansicolor (~> 1.3)",
+              "thor (>= 0.19.4, < 2.0)",
+              "tins (~> 1.6)",
+              "docile (~> 1.1)",
+              "simplecov-html (~> 0.10.0)",
+              "sync (>= 0)"
+            ]
+          },
+          {
+            "name": "pry-rails",
+            "total_dependencies": 3,
+            "first_level_dependencies": 1,
+            "top_level_dependencies": {},
+            "transitive_dependencies": [
+              "pry (>= 0.10.4)",
+              "coderay (~> 1.1)",
+              "method_source (~> 1.0)"
+            ]
+          },
+          {
+            "name": "pry",
+            "total_dependencies": 2,
+            "first_level_dependencies": 2,
+            "top_level_dependencies": {
+              "guard": "guard (2.18.0)",
+              "guard-rspec": "guard-rspec (4.7.3)",
+              "pry-rails": "pry-rails (0.3.9)"
+            },
+            "transitive_dependencies": [
+              "coderay (~> 1.1)",
+              "method_source (~> 1.0)"
+            ]
+          },
+          {
+            "name": "rspec_junit_formatter",
+            "total_dependencies": 2,
+            "first_level_dependencies": 1,
+            "top_level_dependencies": {},
+            "transitive_dependencies": [
+              "rspec-core (>= 2, < 4, != 2.12.0)",
+              "rspec-support (~> 3.12.0)"
+            ]
+          },
+          {
+            "name": "bundler",
+            "total_dependencies": 0,
+            "first_level_dependencies": 0,
+            "top_level_dependencies": {
+              "bundler-audit": "bundler-audit (0.9.1)",
+              "bundler-stats": "bundler-stats (2.3.0)",
+              "rails": "rails (6.1.7)",
+              "repo_analyzer": "repo_analyzer (1.3.0)"
+            },
+            "transitive_dependencies": []
+          },
+          {
+            "name": "sqlite3",
+            "total_dependencies": 0,
+            "first_level_dependencies": 0,
+            "top_level_dependencies": {},
+            "transitive_dependencies": []
+          }
+        ]
+      }
+    end
+
+    before do
+      allow(extractor).to receive(:`).with(
+        'bundle exec bundle-stats stats -f json'
+      ).and_return(stats.to_json)
+    end
+
+    it { expect(extract[:bundler_stats_extractor]).to eq(stats.with_indifferent_access) }
+  end
+end

data/spec/extractors/reek_extractor_spec.rb

@@ -0,0 +1,76 @@
+require 'rails_helper'
+
+describe RepoAnalyzer::ReekExtractor, repo_analyzer_extractor_helpers: true do
+  describe "#extract" do
+    let(:reek_result_content) do
+      [
+        {
+          "context" => "ApplicationCable::Channel",
+          "lines" => [2],
+          "message" => "has no descriptive comment",
+          "smell_type" => "IrresponsibleModule",
+          "source" => "spec/assets/test_project/app/channels/application_cable/channel.rb",
+          "documentation_link" => "http://gh.com/reek/blob/v6.1.4/docs/Irresponsible-Module.md"
+        },
+        {
+          "context" => "ApplicationCable::Connection",
+          "lines" => [2],
+          "message" => "has no descriptive comment",
+          "smell_type" => "IrresponsibleModule",
+          "source" => "spec/assets/test_project/app/channels/application_cable/connection.rb",
+          "documentation_link" => "http://gh.com/reek/blob/v6.1.4/docs/Irresponsible-Module.md"
+        },
+        {
+          "context" => "AbastibleClient#parse_prices_by_type",
+          "lines" => [189],
+          "message" => "has the variable name 'e'",
+          "smell_type" => "UncommunicativeVariableName",
+          "source" => "spec/assets/test_project/app/clients/abastible_client.rb",
+          "name" => "e",
+          "documentation_link" => "http://gh.com/reek/blob/v6.1.4/docs/Uncommunicative-Variable-Name.md"
+        }
+      ].to_json
+    end
+
+    before do
+      allow(OutputUtils).to receive(:with_captured_stdout).and_return(reek_result_content)
+    end
+
+    let(:expected) do
+      {
+        "warnings" =>
+          {
+            "IrresponsibleModule" =>
+              [
+                {
+                  "lines" => [2],
+                  "message" => "has no descriptive comment",
+                  "source" => "app/channels/application_cable/channel.rb",
+                  "name" => nil,
+                  "documentation_link" => "http://gh.com/reek/blob/v6.1.4/docs/Irresponsible-Module.md"
+                },
+                {
+                  "lines" => [2],
+                  "message" => "has no descriptive comment",
+                  "source" => "app/channels/application_cable/connection.rb",
+                  "name" => nil,
+                  "documentation_link" => "http://gh.com/reek/blob/v6.1.4/docs/Irresponsible-Module.md"
+                }
+              ],
+            "UncommunicativeVariableName" =>
+              [
+                {
+                  "lines" => [189],
+                  "message" => "has the variable name 'e'",
+                  "source" => "app/clients/abastible_client.rb",
+                  "name" => "e",
+                  "documentation_link" => "http://gh.com/reek/blob/v6.1.4/docs/Uncommunicative-Variable-Name.md"
+                }
+              ]
+          }
+      }
+    end
+
+    it { expect(extract[:reek_extractor]).to eq(expected) }
+  end
+end

data/spec/jobs/repo_analyzer/extract_project_info_job_spec.rb

@@ -2,6 +2,7 @@ require 'rails_helper'
 
 describe RepoAnalyzer::ExtractProjectInfoJob, type: :job do
   let(:repo_name) { "platanus/alisur-formulator" }
+  let(:project_path) { "spec/assets/test_project" }
 
   let(:files_list) do
     "app/extractors/repo_analyzer/project_versions_extractor.rb"
@@ -31,7 +32,7 @@ describe RepoAnalyzer::ExtractProjectInfoJob, type: :job do
   let(:engine_root) { instance_double("Pathname", join: files_list) }
 
   def perform_now
-    described_class.perform_now(repo_name)
+    described_class.perform_now(repo_name, project_path)
   end
 
   before do
@@ -44,7 +45,7 @@ describe RepoAnalyzer::ExtractProjectInfoJob, type: :job do
 
   it do
     perform_now
-    expect(RepoAnalyzer::ProjectDataBridge).to have_received(:new).with(repo_name).once
+    expect(RepoAnalyzer::ProjectDataBridge).to have_received(:new).with(repo_name, project_path).once
     expect(RepoAnalyzer::ProjectVersionsExtractor).to have_received(:new).with(bridge).once
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: repo_analyzer
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.5.0
 platform: ruby
 authors:
 - Platanus
@@ -9,8 +9,36 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-04-04 00:00:00.000000000 Z
+date: 2023-06-06 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler-audit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler-stats
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: brakeman
   requirement: !ruby/object:Gem::Requirement
@@ -25,6 +53,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: faraday-retry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: fasterer
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: octokit
   requirement: !ruby/object:Gem::Requirement
@@ -67,6 +123,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: reek
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
@@ -249,34 +319,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.9'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.9'
-- !ruby/object:Gem::Dependency
-  name: rubocop-rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: Rails engine to extract technical debt
 email:
 - rubygems@platan.us
@@ -305,6 +347,8 @@ files:
 - app/clients/repo_analyzer/github_client.rb
 - app/controllers/repo_analyzer/application_controller.rb
 - app/extractors/repo_analyzer/brakeman_extractor.rb
+- app/extractors/repo_analyzer/bundler_audit_extractor.rb
+- app/extractors/repo_analyzer/bundler_stats_extractor.rb
 - app/extractors/repo_analyzer/circleci_extractor.rb
 - app/extractors/repo_analyzer/github_extractor.rb
 - app/extractors/repo_analyzer/power_types_extractor.rb
@@ -312,6 +356,7 @@ files:
 - app/extractors/repo_analyzer/project_info_extractor.rb
 - app/extractors/repo_analyzer/project_versions_extractor.rb
 - app/extractors/repo_analyzer/rails_best_practices_extractor.rb
+- app/extractors/repo_analyzer/reek_extractor.rb
 - app/extractors/repo_analyzer/rubocop_extractor.rb
 - app/extractors/repo_analyzer/tests_info_extractor.rb
 - app/helpers/repo_analyzer/application_helper.rb
@@ -399,12 +444,15 @@ files:
 - spec/dummy/public/apple-touch-icon.png
 - spec/dummy/public/favicon.ico
 - spec/extractors/brakeman_extractor_spec.rb
+- spec/extractors/bundler_audit_extractor_spec.rb
+- spec/extractors/bundler_stats_extractor_spec.rb
 - spec/extractors/circleci_extractor_spec.rb
 - spec/extractors/github_extractor_spec.rb
 - spec/extractors/power_types_extractor_spec.rb
 - spec/extractors/project_config_extractor_spec.rb
 - spec/extractors/project_versions_extractor_spec.rb
 - spec/extractors/rails_best_practices_extractor_spec.rb
+- spec/extractors/reek_extractor_spec.rb
 - spec/extractors/rubocop_extractor_spec.rb
 - spec/extractors/tests_info_extractor_spec.rb
 - spec/fixtures/files/image.png
@@ -503,12 +551,15 @@ test_files:
 - spec/dummy/public/apple-touch-icon.png
 - spec/dummy/public/favicon.ico
 - spec/extractors/brakeman_extractor_spec.rb
+- spec/extractors/bundler_audit_extractor_spec.rb
+- spec/extractors/bundler_stats_extractor_spec.rb
 - spec/extractors/circleci_extractor_spec.rb
 - spec/extractors/github_extractor_spec.rb
 - spec/extractors/power_types_extractor_spec.rb
 - spec/extractors/project_config_extractor_spec.rb
 - spec/extractors/project_versions_extractor_spec.rb
 - spec/extractors/rails_best_practices_extractor_spec.rb
+- spec/extractors/reek_extractor_spec.rb
 - spec/extractors/rubocop_extractor_spec.rb
 - spec/extractors/tests_info_extractor_spec.rb
 - spec/fixtures/files/image.png