rubion 0.3.12 → 0.3.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rubion/scanner.rb +48 -34
  3. data/lib/rubion/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7dc1bfbae3334e5454a9cc24e15284f6ea266e6ae39c0d897e834cdbd4a060b2
4
- data.tar.gz: 99397bc977a084f856a850dbc32401a72d302ce3f55243b4a09f9660224168fd
3
+ metadata.gz: 7e44746a0b8ff53ccdc236e43a182d060ace64e38790450f10c04fb4d09550ed
4
+ data.tar.gz: 9c05871fdf57aef1e1e2ff82bc2c58015eb18865c999afc3ae13b46ccb0c2341
5
5
  SHA512:
6
- metadata.gz: 78c7ccc9ac63d82a38d704d47f626e3ec1ba08976d10e3efbfe6ef35f5fb15d5424c61219d00034d11cee5e25f77b5a7b971406400e6744e5e005e9e9e9cf87a
7
- data.tar.gz: ebda62b7ec502a9e834a41b45953996363289b5c63f3ce3b6da380beaf96dfd47f5476e56f65babca314c3cd01624a5601cf607c4e1bd4884ef704d1be270e99
6
+ metadata.gz: 3bee4acf0c1d91670bd811eb2c01c1e4d2192616ba3ce49a7b27f1e1577b8daed57fb35bb0c9a7f77dce0afe6f0698cadcc64ce2145e1ca38bc583afbadfa5ba
7
+ data.tar.gz: f9092694ecd11f85b03fecd7e3021ae6d0e3904022c7384d0c161f35aaf703887b4162a35162fd39c2af45f912221e981c1c0d91538d979b7cceaf08543794cc
data/lib/rubion/scanner.rb CHANGED
@@ -102,30 +102,37 @@ module Rubion
102
102
  stdout, stderr, status = Open3.capture3('bundle-audit check 2>&1', chdir: @project_path)
103
103
 
104
104
  # bundle-audit returns exit code 1 when vulnerabilities are found, 0 when none found
105
- # Always parse if there's output (vulnerabilities found) or if it succeeded (no vulnerabilities)
106
- if stdout.include?('vulnerabilities found') || stdout.include?('Name:') || status.success?
105
+ # Exit code 1 is expected when vulnerabilities exist, so we still parse the output
106
+ # Exit code 0 means no vulnerabilities found
107
+ # Any other exit code or error means the command failed
108
+ if status.exitstatus == 1 || status.success?
109
+ # Exit code 1 (vulnerabilities found) or 0 (no vulnerabilities) - parse output
107
110
  parse_bundler_audit_output(stdout)
111
+ elsif !stdout.empty? && (stdout.include?('vulnerabilities found') || stdout.include?('Name:'))
112
+ # Try to parse if output looks valid even if exit code is unexpected
113
+ parse_bundler_audit_output(stdout)
114
+ elsif status.exitstatus.nil?
115
+ # Command not found or failed to execute
116
+ raise "bundle-audit command failed or is not installed. Error: #{stderr}"
108
117
  else
109
- # No vulnerabilities found or bundler-audit not available
110
- @result.gem_vulnerabilities = []
118
+ # Unexpected exit code
119
+ raise "bundle-audit failed with exit code #{status.exitstatus}. Output: #{stdout}#{stderr.empty? ? '' : "\nError: #{stderr}"}"
111
120
  end
112
- rescue StandardError => e
113
- puts " ⚠️ Could not run bundle-audit (#{e.message}). Skipping gem vulnerability check."
114
- @result.gem_vulnerabilities = []
115
121
  end
116
122
 
117
123
  def check_gem_versions
118
124
  stdout, stderr, status = Open3.capture3('bundle outdated --parseable', chdir: @project_path)
119
125
 
120
- if status.success? || !stdout.empty?
126
+ if status.success?
127
+ # Command succeeded - parse output (may be empty if all gems are up to date)
121
128
  parse_bundle_outdated_output(stdout)
129
+ elsif status.exitstatus.nil?
130
+ # Command not found or failed to execute
131
+ raise "bundle outdated command failed or is not available. Error: #{stderr}"
122
132
  else
123
- # No outdated gems found
124
- @result.gem_versions = []
133
+ # Command failed with non-zero exit code
134
+ raise "bundle outdated failed with exit code #{status.exitstatus}. Output: #{stdout}#{stderr.empty? ? '' : "\nError: #{stderr}"}"
125
135
  end
126
- rescue StandardError => e
127
- puts " ⚠️ Could not run bundle outdated (#{e.message}). Skipping gem version check."
128
- @result.gem_versions = []
129
136
  end
130
137
 
131
138
  def check_npm_vulnerabilities
@@ -134,15 +141,20 @@ module Rubion
134
141
  command = "#{@package_manager} audit --json 2>&1"
135
142
  stdout, stderr, status = Open3.capture3(command, chdir: @project_path)
136
143
 
144
+ if status.exitstatus.nil?
145
+ # Command not found or failed to execute
146
+ raise "#{@package_manager} audit command failed or is not available. Error: #{stderr}"
147
+ elsif !status.success? && status.exitstatus != 1
148
+ # Exit code 1 is expected when vulnerabilities are found, other non-zero codes are errors
149
+ raise "#{@package_manager} audit failed with exit code #{status.exitstatus}. Output: #{stdout}#{stderr.empty? ? '' : "\nError: #{stderr}"}"
150
+ end
151
+
137
152
  begin
138
153
  data = JSON.parse(stdout)
139
154
  parse_npm_audit_output(data)
140
- rescue JSON::ParserError
141
- @result.package_vulnerabilities = []
155
+ rescue JSON::ParserError => e
156
+ raise "Failed to parse #{@package_manager} audit JSON output: #{e.message}. Raw output: #{stdout}"
142
157
  end
143
- rescue StandardError => e
144
- puts " ⚠️ Could not run #{@package_manager} audit (#{e.message}). Skipping package vulnerability check."
145
- @result.package_vulnerabilities = []
146
158
  end
147
159
 
148
160
  def check_npm_versions
@@ -160,16 +172,20 @@ module Rubion
160
172
  command = 'npm outdated --json 2>&1'
161
173
  stdout, stderr, status = Open3.capture3(command, chdir: @project_path)
162
174
 
175
+ if status.exitstatus.nil?
176
+ # Command not found or failed to execute
177
+ raise "npm outdated command failed or is not available. Error: #{stderr}"
178
+ elsif !status.success? && status.exitstatus != 1
179
+ # Exit code 1 is expected when packages are outdated, other non-zero codes are errors
180
+ raise "npm outdated failed with exit code #{status.exitstatus}. Output: #{stdout}#{stderr.empty? ? '' : "\nError: #{stderr}"}"
181
+ end
182
+
163
183
  begin
164
184
  data = JSON.parse(stdout) unless stdout.empty?
165
185
  parse_npm_outdated_output(data || {})
166
186
  rescue JSON::ParserError => e
167
- puts " ⚠️ Error parsing npm outdated JSON output: #{e.message}"
168
- @result.package_versions = []
187
+ raise "Failed to parse npm outdated JSON output: #{e.message}. Raw output: #{stdout}"
169
188
  end
170
- rescue StandardError => e
171
- puts " ⚠️ Could not run npm outdated (#{e.message}). Skipping package version check."
172
- @result.package_versions = []
173
189
  end
174
190
 
175
191
  def check_yarn_outdated
@@ -177,15 +193,19 @@ module Rubion
177
193
  command = 'yarn outdated 2>&1'
178
194
  stdout, stderr, status = Open3.capture3(command, chdir: @project_path)
179
195
 
196
+ if status.exitstatus.nil?
197
+ # Command not found or failed to execute
198
+ raise "yarn outdated command failed or is not available. Error: #{stderr}"
199
+ elsif !status.success? && status.exitstatus != 1
200
+ # Exit code 1 is expected when packages are outdated, other non-zero codes are errors
201
+ raise "yarn outdated failed with exit code #{status.exitstatus}. Output: #{stdout}#{stderr.empty? ? '' : "\nError: #{stderr}"}"
202
+ end
203
+
180
204
  begin
181
205
  parse_yarn_outdated_output(stdout)
182
206
  rescue StandardError => e
183
- puts " ⚠️ Could not parse yarn outdated output (#{e.message}). Skipping package version check."
184
- @result.package_versions = []
207
+ raise "Failed to parse yarn outdated output: #{e.message}. Raw output: #{stdout}"
185
208
  end
186
- rescue StandardError => e
187
- puts " ⚠️ Could not run yarn outdated (#{e.message}). Skipping package version check."
188
- @result.package_versions = []
189
209
  end
190
210
 
191
211
  # Parsers
@@ -332,9 +352,6 @@ module Rubion
332
352
  end
333
353
 
334
354
  @result.package_vulnerabilities = vulnerabilities
335
- rescue StandardError => e
336
- puts " ⚠️ Error parsing npm audit data: #{e.message}"
337
- @result.package_vulnerabilities = []
338
355
  end
339
356
 
340
357
  def parse_npm_outdated_output(data)
@@ -416,9 +433,6 @@ module Rubion
416
433
  end
417
434
 
418
435
  @result.package_versions = versions
419
- rescue StandardError => e
420
- puts " ⚠️ Error parsing npm outdated data: #{e.message}"
421
- @result.package_versions = []
422
436
  end
423
437
 
424
438
  def parse_yarn_outdated_output(output)
data/lib/rubion/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Rubion
4
- VERSION = "0.3.12"
4
+ VERSION = "0.3.13"
5
5
  end
6
6
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rubion
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.12
4
+ version: 0.3.13
5
5
  platform: ruby
6
6
  authors:
7
7
  - bipashant
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-11-15 00:00:00.000000000 Z
11
+ date: 2025-11-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: terminal-table