rubion 0.3.15 → 0.3.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rubion/scanner.rb +4 -22
- data/lib/rubion/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1749851afa6f0075dc159a4f4d406a6c1900d8404eaf61fc4737d9d350deb3d7
|
|
4
|
+
data.tar.gz: c59e82269f8e505a62c9fdd54141547ccd67d0ee72ceb139a47d65fb02627293
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b842fac77f18bfbbd548a2a7ae43f6f98022a47c2c2ad4678e755349c712ffb4ec6c27404b7b7b6c4ed6719e4b65d3bd9f66aa44f4adefb9b3f8681b387cb2ca
|
|
7
|
+
data.tar.gz: 1fcc0c42ca646da4ecd88b178969663a4b45b79d1c95657dfe0f5948e293b49fb4042b9e0b710e42a62b8832050266e662b7366c02b433ca8aeeb80c8a5cb746
|
data/lib/rubion/scanner.rb
CHANGED
|
@@ -106,8 +106,10 @@ module Rubion
|
|
|
106
106
|
# Exit code 0 means no vulnerabilities found
|
|
107
107
|
# Any other exit code or error means the command failed
|
|
108
108
|
if status.exitstatus.nil? || status.exitstatus == 127 || stderr.include?('command not found') || stdout.include?('command not found')
|
|
109
|
-
# Command not found -
|
|
110
|
-
|
|
109
|
+
# Command not found - show friendly message and skip vulnerability check
|
|
110
|
+
puts "\n ℹ️ bundle-audit is not installed. Skipping gem vulnerability check."
|
|
111
|
+
puts " To enable vulnerability scanning, install it with: gem install bundler-audit\n"
|
|
112
|
+
@result.gem_vulnerabilities = []
|
|
111
113
|
elsif status.exitstatus == 1 || status.success? || (!stdout.empty? && (stdout.include?('vulnerabilities found') || stdout.include?('Name:')))
|
|
112
114
|
# Exit code 1 (vulnerabilities found) or 0 (no vulnerabilities) - parse output
|
|
113
115
|
# Also try to parse if output looks valid even if exit code is unexpected
|
|
@@ -120,26 +122,6 @@ module Rubion
|
|
|
120
122
|
end
|
|
121
123
|
end
|
|
122
124
|
|
|
123
|
-
def install_bundler_audit_and_retry
|
|
124
|
-
puts "\n ⚠️ bundle-audit is not installed."
|
|
125
|
-
print ' Attempting to install bundler-audit... '
|
|
126
|
-
$stdout.flush
|
|
127
|
-
|
|
128
|
-
_install_stdout, install_stderr, install_status = Open3.capture3('gem install bundler-audit 2>&1')
|
|
129
|
-
|
|
130
|
-
if install_status.success?
|
|
131
|
-
puts "✓ Successfully installed bundler-audit\n"
|
|
132
|
-
puts " Retrying gem vulnerability check...\n\n"
|
|
133
|
-
# Retry the check after installation
|
|
134
|
-
check_gem_vulnerabilities
|
|
135
|
-
else
|
|
136
|
-
puts '✗ Failed to install bundler-audit'
|
|
137
|
-
raise "bundle-audit is not installed and automatic installation failed.\n" \
|
|
138
|
-
"Please install it manually by running: gem install bundler-audit\n" \
|
|
139
|
-
"Installation error: #{install_stderr}"
|
|
140
|
-
end
|
|
141
|
-
end
|
|
142
|
-
|
|
143
125
|
def check_gem_versions
|
|
144
126
|
stdout, stderr, status = Open3.capture3('bundle outdated --parseable', chdir: @project_path)
|
|
145
127
|
|
data/lib/rubion/version.rb
CHANGED