rubion 0.3.19 → 0.3.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +12 -0
- data/lib/rubion/scanner.rb +9 -2
- data/lib/rubion/version.rb +1 -1
- data/lib/rubion.rb +25 -11
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6a1749bac065245df6d22c47b114e27ec661e16be0d814a58b189b8c03962ba3
|
|
4
|
+
data.tar.gz: 9d66043ccda8cc36d608798144a009f0dc2cc5672bf7f34d7fe87c5d584e996f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ac3763e3bdad56356013230a39654581e7a94613343019a68a9e38a038a849c4f48d434f42f1d35e13c81d7f2c5157d38a0cb6449fd3cdbf9ba6823499eaea74
|
|
7
|
+
data.tar.gz: '083e44af51b763b583c40d02645d2ef70e6657f1a51aa078566c49b0f6e0de734b465d5d5cf228f8beddb29da75183288635f77054ffdefc616b708fc0de172d'
|
data/README.md
CHANGED
|
@@ -12,6 +12,7 @@
|
|
|
12
12
|
- 📦 **Package Versions**: Identifies outdated NPM/JavaScript packages with release dates and version counts
|
|
13
13
|
- 🎯 **Direct Dependencies**: Highlights direct dependencies (from `Gemfile`/`package.json`) in bold text
|
|
14
14
|
- 🔍 **Filtering**: Option to show only direct dependencies with `--exclude-dependencies` flag
|
|
15
|
+
- 🛡️ **Vulnerabilities Only Mode**: Option to show only vulnerability tables (and skip version/outdated checks) with `--vulnerabilities-only`
|
|
15
16
|
- 📊 **Sorting**: Sort results by any column (Name, Current, Date, Latest, Behind By(Time), Behind By(Versions))
|
|
16
17
|
- 📊 **Beautiful Reports**: Organized table output with severity icons (🔴 Critical, 🟠 High, 🟡 Medium, 🟢 Low, ⚪ Unknown)
|
|
17
18
|
- 🚀 **Fast & Efficient**: Parallel API processing (10 concurrent threads) for quick results
|
|
@@ -112,6 +113,17 @@ rubion scan --exclude-dependencies
|
|
|
112
113
|
|
|
113
114
|
Direct dependencies are automatically highlighted in **bold text** in the output.
|
|
114
115
|
|
|
116
|
+
### Vulnerabilities-Only Mode
|
|
117
|
+
|
|
118
|
+
```bash
|
|
119
|
+
# Show only vulnerability tables (no version/outdated sections)
|
|
120
|
+
rubion scan --vulnerabilities-only
|
|
121
|
+
|
|
122
|
+
# Combine with other filters
|
|
123
|
+
rubion scan --gems-only --vulnerabilities-only
|
|
124
|
+
rubion scan --packages-only --vulnerabilities-only
|
|
125
|
+
```
|
|
126
|
+
|
|
115
127
|
### View Help
|
|
116
128
|
|
|
117
129
|
```bash
|
data/lib/rubion/scanner.rb
CHANGED
|
@@ -20,13 +20,14 @@ module Rubion
|
|
|
20
20
|
end
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
def initialize(project_path: Dir.pwd, package_manager: nil)
|
|
23
|
+
def initialize(project_path: Dir.pwd, package_manager: nil, vulnerabilities_only: false)
|
|
24
24
|
@project_path = project_path
|
|
25
25
|
@result = ScanResult.new
|
|
26
26
|
@package_manager = package_manager
|
|
27
27
|
@package_manager_detected = false
|
|
28
28
|
@direct_gems = nil
|
|
29
29
|
@direct_packages = nil
|
|
30
|
+
@vulnerabilities_only = vulnerabilities_only
|
|
30
31
|
end
|
|
31
32
|
|
|
32
33
|
def scan
|
|
@@ -51,7 +52,7 @@ module Rubion
|
|
|
51
52
|
reporter = Reporter.new(@result, sort_by: options[:sort_by], sort_desc: options[:sort_desc],
|
|
52
53
|
exclude_dependencies: options[:exclude_dependencies])
|
|
53
54
|
reporter.print_gem_vulnerabilities
|
|
54
|
-
reporter.print_gem_versions
|
|
55
|
+
reporter.print_gem_versions unless options[:vulnerabilities_only]
|
|
55
56
|
end
|
|
56
57
|
|
|
57
58
|
# Then scan NPM packages (if enabled)
|
|
@@ -71,6 +72,9 @@ module Rubion
|
|
|
71
72
|
# Check for vulnerabilities using bundler-audit
|
|
72
73
|
check_gem_vulnerabilities
|
|
73
74
|
|
|
75
|
+
# Skip version/outdated checks when only vulnerabilities are requested
|
|
76
|
+
return if @vulnerabilities_only
|
|
77
|
+
|
|
74
78
|
# Check for outdated versions using bundle outdated (will show progress)
|
|
75
79
|
check_gem_versions
|
|
76
80
|
end
|
|
@@ -93,6 +97,9 @@ module Rubion
|
|
|
93
97
|
# Check for vulnerabilities using package manager audit
|
|
94
98
|
check_npm_vulnerabilities
|
|
95
99
|
|
|
100
|
+
# Skip version/outdated checks when only vulnerabilities are requested
|
|
101
|
+
return if @vulnerabilities_only
|
|
102
|
+
|
|
96
103
|
# Check for outdated versions using package manager outdated (will show progress)
|
|
97
104
|
check_npm_versions
|
|
98
105
|
end
|
data/lib/rubion/version.rb
CHANGED
data/lib/rubion.rb
CHANGED
|
@@ -29,7 +29,14 @@ module Rubion
|
|
|
29
29
|
|
|
30
30
|
def self.parse_scan_options(args)
|
|
31
31
|
# Default to sorting by "Behind By(Time)" in descending order
|
|
32
|
-
options = {
|
|
32
|
+
options = {
|
|
33
|
+
gems: true,
|
|
34
|
+
packages: true,
|
|
35
|
+
sort_by: 'Behind By(Time)',
|
|
36
|
+
sort_desc: true,
|
|
37
|
+
exclude_dependencies: false,
|
|
38
|
+
vulnerabilities_only: false
|
|
39
|
+
}
|
|
33
40
|
|
|
34
41
|
# Check for --gems-only or --packages-only flags
|
|
35
42
|
if args.include?('--gems-only') || args.include?('-g')
|
|
@@ -58,6 +65,9 @@ module Rubion
|
|
|
58
65
|
# Parse --exclude-dependencies flag
|
|
59
66
|
options[:exclude_dependencies] = true if args.include?('--exclude-dependencies')
|
|
60
67
|
|
|
68
|
+
# Parse --vulnerabilities-only flag
|
|
69
|
+
options[:vulnerabilities_only] = true if args.include?('--vulnerabilities-only') || args.include?('--vulns-only')
|
|
70
|
+
|
|
61
71
|
options
|
|
62
72
|
end
|
|
63
73
|
|
|
@@ -65,7 +75,7 @@ module Rubion
|
|
|
65
75
|
exclude_dependencies: false })
|
|
66
76
|
project_path = Dir.pwd
|
|
67
77
|
|
|
68
|
-
scanner = Scanner.new(project_path: project_path)
|
|
78
|
+
scanner = Scanner.new(project_path: project_path, vulnerabilities_only: options[:vulnerabilities_only])
|
|
69
79
|
result = scanner.scan_incremental(options)
|
|
70
80
|
|
|
71
81
|
# Results are already printed incrementally based on options
|
|
@@ -78,7 +88,7 @@ module Rubion
|
|
|
78
88
|
reporter = Reporter.new(result, sort_by: options[:sort_by], sort_desc: options[:sort_desc],
|
|
79
89
|
exclude_dependencies: options[:exclude_dependencies])
|
|
80
90
|
reporter.print_package_vulnerabilities
|
|
81
|
-
reporter.print_package_versions
|
|
91
|
+
reporter.print_package_versions unless options[:vulnerabilities_only]
|
|
82
92
|
end
|
|
83
93
|
|
|
84
94
|
def self.print_help
|
|
@@ -92,14 +102,15 @@ module Rubion
|
|
|
92
102
|
rubion help Display this help message
|
|
93
103
|
|
|
94
104
|
SCAN OPTIONS:
|
|
95
|
-
--gems, --gem, -g
|
|
96
|
-
--packages, --npm, -p
|
|
97
|
-
--all, -a
|
|
98
|
-
--sort-by COLUMN, -s COLUMN
|
|
99
|
-
|
|
100
|
-
--asc, --ascending
|
|
101
|
-
--desc, --descending
|
|
102
|
-
--exclude-dependencies
|
|
105
|
+
--gems, --gem, -g Scan only Ruby gems (skip NPM packages)
|
|
106
|
+
--packages, --npm, -p Scan only NPM packages (skip Ruby gems)
|
|
107
|
+
--all, -a Scan both gems and packages (default)
|
|
108
|
+
--sort-by COLUMN, -s COLUMN Sort results by column (Name, Current, Date, Latest, Behind By(Time), Behind By(Versions))
|
|
109
|
+
(default: "Behind By(Time)" in descending order)
|
|
110
|
+
--asc, --ascending Sort in ascending order (use with --sort-by)
|
|
111
|
+
--desc, --descending Sort in descending order (use with --sort-by, default)
|
|
112
|
+
--exclude-dependencies Show only direct dependencies (from Gemfile/package.json)
|
|
113
|
+
--vulnerabilities-only Show only vulnerability tables (hide version/outdated sections)
|
|
103
114
|
|
|
104
115
|
DESCRIPTION:
|
|
105
116
|
Rubion scans your project for:
|
|
@@ -142,6 +153,9 @@ module Rubion
|
|
|
142
153
|
#{' '}
|
|
143
154
|
# Show only direct dependencies
|
|
144
155
|
rubion scan --exclude-dependencies
|
|
156
|
+
#{' '}
|
|
157
|
+
# Show only vulnerabilities (no version/outdated tables)
|
|
158
|
+
rubion scan --vulnerabilities-only
|
|
145
159
|
#{' '}
|
|
146
160
|
# Get help
|
|
147
161
|
rubion help
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rubion
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.21
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- bipashant
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-
|
|
11
|
+
date: 2025-12-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: terminal-table
|