rubion 0.3.17 → 0.3.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rubion/scanner.rb +7 -3
  3. data/lib/rubion/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1d382653589bad6b28b68444b231efafa582f375cf1d4c7284d8df5faae04d50
4
- data.tar.gz: 3edfba9269ed3024943544887422101b7512cd4309c5e689fbd6f8a7cf655a60
3
+ metadata.gz: 25866a240d194626328073cc8f0e78b970dd1e8389563f8a2a636a23ccc545e3
4
+ data.tar.gz: bc7061c95fe6a24fd7cc464bf3671f26bc9d1a53eb248512d7b15c1c67efdbf6
5
5
  SHA512:
6
- metadata.gz: a5f3c72e3d1f257c426e0df25efb3b1ae62751527324bd5a8991986dd12aa6652cb0ca81aecd2941c3b00a19a5ceff090d1718ff5d540e59c0ddbc509707dd73
7
- data.tar.gz: bc17b9ebd3c5081cb040deba4358eae42f4a941169fa7a5db919ea9ef92065dfa33fcb11dcc0a2925e58a62ebbb9ea4dad3364c69ff46133b7a2f79447885503
6
+ metadata.gz: aa33bfe89c56497e77cb63b9e518fe4f57673c53440971ee50b3ebe56f82f83ea39af26e74b5bd3e38036ef85270be2a778b900afce56027234e50c80acb7603
7
+ data.tar.gz: 536c26c682881e1516baeeb9833214fb3a761fa0c65df777961d434da28a4e4ba5a39c6e6013251e3b27a6baca3ba9b424e7465282832ed298d061564c859959
data/lib/rubion/scanner.rb CHANGED
@@ -151,12 +151,16 @@ module Rubion
151
151
  if status.exitstatus.nil?
152
152
  # Command not found or failed to execute
153
153
  raise "#{@package_manager} audit command failed or is not available. Error: #{stderr}"
154
- elsif !status.success? && status.exitstatus != 1 && status.exitstatus != 4
155
- # Exit code 1 (npm) or 4 (yarn) is expected when vulnerabilities are found
156
- # Other non-zero codes are errors
154
+ elsif @package_manager == 'npm' && !status.success? && status.exitstatus != 1
155
+ # For npm, exit code 1 means vulnerabilities were found; any other non-zero code is an error
157
156
  raise "#{@package_manager} audit failed with exit code #{status.exitstatus}. Output: #{stdout}#{unless stderr.empty?
158
157
  "\nError: #{stderr}"
159
158
  end}"
159
+ elsif @package_manager == 'yarn' && !status.success?
160
+ # For Yarn (classic), any non-zero exit code is a bitmask of severities:
161
+ # 1=info, 2=low, 4=moderate, 8=high, 16=critical. The exit code is the sum of severities found.
162
+ # Non-zero here indicates vulnerabilities were found; we'll still try to parse the JSON output below.
163
+ # Do not raise here so that vulnerabilities are handled gracefully.
160
164
  end
161
165
 
162
166
  begin
data/lib/rubion/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Rubion
4
- VERSION = "0.3.17"
4
+ VERSION = "0.3.18"
5
5
  end
6
6
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rubion
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.17
4
+ version: 0.3.18
5
5
  platform: ruby
6
6
  authors:
7
7
  - bipashant
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-11-17 00:00:00.000000000 Z
11
+ date: 2025-11-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: terminal-table