rubion 0.3.12 → 0.3.14

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7dc1bfbae3334e5454a9cc24e15284f6ea266e6ae39c0d897e834cdbd4a060b2
-  data.tar.gz: 99397bc977a084f856a850dbc32401a72d302ce3f55243b4a09f9660224168fd
+  metadata.gz: f69e93b8534eeaf2045d43f775aec23a72ccf97335ebca9fd8bcb323375dfdca
+  data.tar.gz: 4d96785c60788e1933a566e8483a79c7ae98f93d301f94b97923ec4c80026af1
 SHA512:
-  metadata.gz: 78c7ccc9ac63d82a38d704d47f626e3ec1ba08976d10e3efbfe6ef35f5fb15d5424c61219d00034d11cee5e25f77b5a7b971406400e6744e5e005e9e9e9cf87a
-  data.tar.gz: ebda62b7ec502a9e834a41b45953996363289b5c63f3ce3b6da380beaf96dfd47f5476e56f65babca314c3cd01624a5601cf607c4e1bd4884ef704d1be270e99
+  metadata.gz: b64a88b924fe46d2979c06a520aa8458661ad8d06d374c9fe9fa945730b05d1f93e26073a5ef69779ae87e88c840d617ea016be52df356a4ba7753f2c4d1f5a5
+  data.tar.gz: cccf29d1fe83443774d4b83421edbb086d1f22e1b557f9b413918c90464da4501a95f4f866374d9861cb78fc1e2b4a869ee92f70ddd4666587a0df352dde7f0f

data/README.md

@@ -187,6 +187,9 @@ Package Versions:
 | typescript        | 4.7.0  | 5/24/2022                 | 5.1.0   | 5/25/2023                | 1 year           | 12                |
 +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
 ```
+![aaaScreenshot 2025-11-15 at 2 54 24 pm](https://github.com/user-attachments/assets/9ce27e07-9c95-44ea-a96c-ec9537234d06)
+<img width="1333" height="741" alt="Screenshot 2025-11-15 at 2 54 34 pm" src="https://github.com/user-attachments/assets/22759b64-776f-4c9d-9bbb-3b70adead02e" />
+
 
 ### Direct Dependencies Only (with --exclude-dependencies)
 

data/lib/rubion/scanner.rb

@@ -102,30 +102,59 @@ module Rubion
       stdout, stderr, status = Open3.capture3('bundle-audit check 2>&1', chdir: @project_path)
 
       # bundle-audit returns exit code 1 when vulnerabilities are found, 0 when none found
-      # Always parse if there's output (vulnerabilities found) or if it succeeded (no vulnerabilities)
-      if stdout.include?('vulnerabilities found') || stdout.include?('Name:') || status.success?
+      # Exit code 1 is expected when vulnerabilities exist, so we still parse the output
+      # Exit code 0 means no vulnerabilities found
+      # Any other exit code or error means the command failed
+      if status.exitstatus.nil? || status.exitstatus == 127 || stderr.include?('command not found') || stdout.include?('command not found')
+        # Command not found - try to install bundler-audit automatically
+        install_bundler_audit_and_retry
+      elsif status.exitstatus == 1 || status.success? || (!stdout.empty? && (stdout.include?('vulnerabilities found') || stdout.include?('Name:')))
+        # Exit code 1 (vulnerabilities found) or 0 (no vulnerabilities) - parse output
+        # Also try to parse if output looks valid even if exit code is unexpected
         parse_bundler_audit_output(stdout)
       else
-        # No vulnerabilities found or bundler-audit not available
-        @result.gem_vulnerabilities = []
+        # Unexpected exit code
+        raise "bundle-audit failed with exit code #{status.exitstatus}. Output: #{stdout}#{unless stderr.empty?
+                                                                                             "\nError: #{stderr}"
+                                                                                           end}"
+      end
+    end
+
+    def install_bundler_audit_and_retry
+      puts "\n  ⚠️  bundle-audit is not installed."
+      print '  Attempting to install bundler-audit... '
+      $stdout.flush
+
+      _install_stdout, install_stderr, install_status = Open3.capture3('gem install bundler-audit 2>&1')
+
+      if install_status.success?
+        puts "✓ Successfully installed bundler-audit\n"
+        puts "  Retrying gem vulnerability check...\n\n"
+        # Retry the check after installation
+        check_gem_vulnerabilities
+      else
+        puts '✗ Failed to install bundler-audit'
+        raise "bundle-audit is not installed and automatic installation failed.\n" \
+              "Please install it manually by running: gem install bundler-audit\n" \
+              "Installation error: #{install_stderr}"
       end
-    rescue StandardError => e
-      puts "  ⚠️  Could not run bundle-audit (#{e.message}). Skipping gem vulnerability check."
-      @result.gem_vulnerabilities = []
     end
 
     def check_gem_versions
       stdout, stderr, status = Open3.capture3('bundle outdated --parseable', chdir: @project_path)
 
-      if status.success? || !stdout.empty?
+      if status.success?
+        # Command succeeded - parse output (may be empty if all gems are up to date)
         parse_bundle_outdated_output(stdout)
+      elsif status.exitstatus.nil?
+        # Command not found or failed to execute
+        raise "bundle outdated command failed or is not available. Error: #{stderr}"
       else
-        # No outdated gems found
-        @result.gem_versions = []
+        # Command failed with non-zero exit code
+        raise "bundle outdated failed with exit code #{status.exitstatus}. Output: #{stdout}#{unless stderr.empty?
+                                                                                                "\nError: #{stderr}"
+                                                                                              end}"
       end
-    rescue StandardError => e
-      puts "  ⚠️  Could not run bundle outdated (#{e.message}). Skipping gem version check."
-      @result.gem_versions = []
     end
 
     def check_npm_vulnerabilities
@@ -134,15 +163,22 @@ module Rubion
       command = "#{@package_manager} audit --json 2>&1"
       stdout, stderr, status = Open3.capture3(command, chdir: @project_path)
 
+      if status.exitstatus.nil?
+        # Command not found or failed to execute
+        raise "#{@package_manager} audit command failed or is not available. Error: #{stderr}"
+      elsif !status.success? && status.exitstatus != 1
+        # Exit code 1 is expected when vulnerabilities are found, other non-zero codes are errors
+        raise "#{@package_manager} audit failed with exit code #{status.exitstatus}. Output: #{stdout}#{unless stderr.empty?
+                                                                                                          "\nError: #{stderr}"
+                                                                                                        end}"
+      end
+
       begin
         data = JSON.parse(stdout)
         parse_npm_audit_output(data)
-      rescue JSON::ParserError
-        @result.package_vulnerabilities = []
+      rescue JSON::ParserError => e
+        raise "Failed to parse #{@package_manager} audit JSON output: #{e.message}. Raw output: #{stdout}"
       end
-    rescue StandardError => e
-      puts "  ⚠️  Could not run #{@package_manager} audit (#{e.message}). Skipping package vulnerability check."
-      @result.package_vulnerabilities = []
     end
 
     def check_npm_versions
@@ -160,16 +196,22 @@ module Rubion
       command = 'npm outdated --json 2>&1'
       stdout, stderr, status = Open3.capture3(command, chdir: @project_path)
 
+      if status.exitstatus.nil?
+        # Command not found or failed to execute
+        raise "npm outdated command failed or is not available. Error: #{stderr}"
+      elsif !status.success? && status.exitstatus != 1
+        # Exit code 1 is expected when packages are outdated, other non-zero codes are errors
+        raise "npm outdated failed with exit code #{status.exitstatus}. Output: #{stdout}#{unless stderr.empty?
+                                                                                             "\nError: #{stderr}"
+                                                                                           end}"
+      end
+
       begin
         data = JSON.parse(stdout) unless stdout.empty?
         parse_npm_outdated_output(data || {})
       rescue JSON::ParserError => e
-        puts "  ⚠️  Error parsing npm outdated JSON output: #{e.message}"
-        @result.package_versions = []
+        raise "Failed to parse npm outdated JSON output: #{e.message}. Raw output: #{stdout}"
       end
-    rescue StandardError => e
-      puts "  ⚠️  Could not run npm outdated (#{e.message}). Skipping package version check."
-      @result.package_versions = []
     end
 
     def check_yarn_outdated
@@ -177,15 +219,21 @@ module Rubion
       command = 'yarn outdated 2>&1'
       stdout, stderr, status = Open3.capture3(command, chdir: @project_path)
 
+      if status.exitstatus.nil?
+        # Command not found or failed to execute
+        raise "yarn outdated command failed or is not available. Error: #{stderr}"
+      elsif !status.success? && status.exitstatus != 1
+        # Exit code 1 is expected when packages are outdated, other non-zero codes are errors
+        raise "yarn outdated failed with exit code #{status.exitstatus}. Output: #{stdout}#{unless stderr.empty?
+                                                                                              "\nError: #{stderr}"
+                                                                                            end}"
+      end
+
       begin
         parse_yarn_outdated_output(stdout)
       rescue StandardError => e
-        puts "  ⚠️  Could not parse yarn outdated output (#{e.message}). Skipping package version check."
-        @result.package_versions = []
+        raise "Failed to parse yarn outdated output: #{e.message}. Raw output: #{stdout}"
       end
-    rescue StandardError => e
-      puts "  ⚠️  Could not run yarn outdated (#{e.message}). Skipping package version check."
-      @result.package_versions = []
     end
 
     # Parsers
@@ -332,9 +380,6 @@ module Rubion
       end
 
       @result.package_vulnerabilities = vulnerabilities
-    rescue StandardError => e
-      puts "  ⚠️  Error parsing npm audit data: #{e.message}"
-      @result.package_vulnerabilities = []
     end
 
     def parse_npm_outdated_output(data)
@@ -416,9 +461,6 @@ module Rubion
       end
 
       @result.package_versions = versions
-    rescue StandardError => e
-      puts "  ⚠️  Error parsing npm outdated data: #{e.message}"
-      @result.package_versions = []
     end
 
     def parse_yarn_outdated_output(output)

data/lib/rubion/version.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
 module Rubion
-  VERSION = "0.3.12"
+  VERSION = "0.3.14"
 end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rubion
 version: !ruby/object:Gem::Version
-  version: 0.3.12
+  version: 0.3.14
 platform: ruby
 authors:
 - bipashant
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-11-15 00:00:00.000000000 Z
+date: 2025-11-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: terminal-table