solidstats 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f9d5cde522de317145141315b74583eab36c12dfa77587a1c1271647ffe2dc34
+  data.tar.gz: 74aace50f49490af9b00f410bf96385ed7eecd728001cb45bc9b836c02999a51
+SHA512:
+  metadata.gz: 8105421d981e6b919c47ce9fa09490cbb1b2638c1f8dde567a2ebd609da7b72066fa34df7af5c04b8d3f4a088e7480dfd5832f818d4a8fe8cda7f6d429e5928e
+  data.tar.gz: '09fe1f31b0a6cce1bf003ff769ded70682273ebe326da32e6ab1bf2b48d08e0cc0d35cddf0bbe39b3e5395e590b67c96def52c5f3a802c262022ac4df648e53c'

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright MezbahAlam
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,26 @@
+
+Solidstats is a local-only Rails engine that shows your project's health at `/solidstats`.
+
+## Features
+- Bundler Audit scan
+- Rubocop offense count
+- TODO/FIXME tracker
+- Test coverage summary
+
+## Installation
+
+```ruby
+# Gemfile (dev only)
+group :development do
+  gem 'solidstats', path: '../solidstats'
+end
+```
+
+Then mount in `config/routes.rb`:
+
+```ruby
+mount Solidstats::Engine => '/solidstats' if Rails.env.development?
+```
+
+## License
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,5 @@
+require "bundler/setup"
+
+load "rails/tasks/statistics.rake"
+
+require "bundler/gem_tasks"

data/app/assets/stylesheets/solidstats/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
+ * files in this directory. Styles in this file should be added after the last require_* statement.
+ * It is generally better to create a new file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/app/controllers/solidstats/application_controller.rb

@@ -0,0 +1,4 @@
+module Solidstats
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/controllers/solidstats/dashboard_controller.rb

@@ -0,0 +1,55 @@
+module Solidstats
+  class DashboardController < ApplicationController
+    AUDIT_CACHE_FILE = Rails.root.join("tmp", "solidstats_audit.json")
+    AUDIT_CACHE_HOURS = 12 # Configure how many hours before refreshing
+
+    def index
+      @audit_output = fetch_audit_output
+      @rubocop_output = "JSON.parse(`rubocop --format json`)"
+      @todo_count = `grep -r -E \"TODO|FIXME|HACK\" app lib | wc -l`.to_i
+      @coverage = "read_coverage_percent"
+    end
+
+    private
+
+    def fetch_audit_output
+      # Check if cache file exists and is recent enough
+      if File.exist?(AUDIT_CACHE_FILE)
+        cached_data = JSON.parse(File.read(AUDIT_CACHE_FILE))
+        last_run_time = Time.parse(cached_data["timestamp"])
+
+        # Use cached data if it's less than AUDIT_CACHE_HOURS old
+        if Time.now - last_run_time < AUDIT_CACHE_HOURS.hours
+          return cached_data["output"]
+        end
+      end
+
+      # Cache expired or doesn't exist, run the audit
+      raw_output = `bundle audit check --update --format json`
+      json_part = raw_output[/\{.*\}/m] # extract JSON starting from first '{'
+      audit_output = JSON.parse(json_part) rescue { error: "Failed to parse JSON" }
+
+      # Save to cache file with timestamp
+      cache_data = {
+        "output" => audit_output,
+        "timestamp" => Time.now.iso8601
+      }
+
+      # Ensure the tmp directory exists
+      FileUtils.mkdir_p(File.dirname(AUDIT_CACHE_FILE))
+
+      # Write the cache file
+      File.write(AUDIT_CACHE_FILE, JSON.generate(cache_data))
+
+      audit_output
+    end
+
+    def read_coverage_percent
+      file = Rails.root.join("coverage", ".last_run.json")
+      return 0 unless File.exist?(file)
+
+      data = JSON.parse(File.read(file))
+      data.dig("result", "covered_percent").to_f.round(2)
+    end
+  end
+end

data/app/helpers/solidstats/application_helper.rb

@@ -0,0 +1,4 @@
+module Solidstats
+  module ApplicationHelper
+  end
+end

data/app/jobs/solidstats/application_job.rb

@@ -0,0 +1,4 @@
+module Solidstats
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/solidstats/application_mailer.rb

@@ -0,0 +1,6 @@
+module Solidstats
+  class ApplicationMailer < ActionMailer::Base
+    default from: "from@example.com"
+    layout "mailer"
+  end
+end

data/app/models/solidstats/application_record.rb

@@ -0,0 +1,5 @@
+module Solidstats
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/app/views/layouts/solidstats/application.html.erb

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Solidstats</title>
+  <%= csrf_meta_tags %>
+  <%= csp_meta_tag %>
+
+  <%= yield :head %>
+
+  <%= stylesheet_link_tag    "solidstats/application", media: "all" %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/app/views/solidstats/dashboard/audit/_audit_badge.html.erb

@@ -0,0 +1,5 @@
+<% if @audit_output.include?('No vulnerabilities found') %>
+  <p class="status-badge success">All Clear</p>
+<% else %>
+  <p class="status-badge warning">Issues Found</p>
+<% end %>

data/app/views/solidstats/dashboard/audit/_audit_details.html.erb

@@ -0,0 +1,506 @@
+<div id="audit-details" class="details-panel hidden">
+  <%= render partial: 'solidstats/dashboard/audit/audit_summary' %>
+  
+  <% results = @audit_output.dig("results") || [] %>
+  <% if results.empty? %>
+    <%= render partial: 'solidstats/dashboard/audit/no_vulnerabilities' %>
+  <% else %>
+    <%= render partial: 'solidstats/dashboard/audit/audit_filters' %>
+    <%= render partial: 'solidstats/dashboard/audit/vulnerabilities_table', locals: { results: results } %>
+    <%= render partial: 'solidstats/dashboard/audit/vulnerability_details', locals: { results: results } %>
+  <% end %>
+</div>
+
+<style>
+  /* Audit details specific styles */
+  .audit-summary {
+    margin-bottom: 2rem;
+  }
+  
+  .audit-summary-header {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    border-bottom: 1px solid #dee2e6;
+    padding-bottom: 1rem;
+    margin-bottom: 1rem;
+  }
+  
+  .audit-summary-header h3 {
+    margin: 0;
+    font-size: 1.2rem;
+    font-weight: 600;
+  }
+  
+  .audit-stats {
+    display: flex;
+    gap: 2rem;
+    margin-bottom: 1rem;
+  }
+  
+  .audit-stat {
+    text-align: center;
+  }
+  
+  .audit-stat .stat-value {
+    display: block;
+    font-size: 1.8rem;
+    font-weight: 700;
+    color: #333;
+  }
+  
+  .audit-stat .stat-label {
+    font-size: 0.9rem;
+    color: #666;
+  }
+  
+  .audit-filters {
+    display: flex;
+    gap: 0.5rem;
+    margin-bottom: 1rem;
+  }
+  
+  .filter-btn {
+    background: #f1f1f1;
+    border: none;
+    padding: 0.4rem 0.8rem;
+    border-radius: 4px;
+    font-size: 0.85rem;
+    cursor: pointer;
+  }
+  
+  .filter-btn.active {
+    background: #007bff;
+    color: white;
+  }
+  
+  .vulnerability-row.high-severity {
+    background-color: #fff8f8;
+  }
+  
+  .solution {
+    display: flex;
+    align-items: center;
+    gap: 0.5rem;
+  }
+  
+  .copy-btn {
+    background: #e9ecef;
+    border: none;
+    border-radius: 4px;
+    padding: 0.3rem 0.5rem;
+    font-size: 0.8rem;
+    cursor: pointer;
+    display: flex;
+    align-items: center;
+    gap: 0.25rem;
+  }
+  
+  .copy-btn:hover {
+    background: #dee2e6;
+  }
+  
+  .copy-btn.copied {
+    background: #d4edda;
+    color: #155724;
+  }
+  
+  .no-vulnerabilities {
+    text-align: center;
+    padding: 2rem;
+    color: #155724;
+  }
+  
+  /* Styling for details section */
+  .vulnerabilities-details-section {
+    margin-top: 3rem;
+    border-top: 1px solid #dee2e6;
+    padding-top: 1.5rem;
+  }
+  
+  .vulnerabilities-details-section.hidden .md-container {
+    display: none;
+  }
+  
+  .vulnerabilities-details-section h3 {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+  }
+  
+  .toggle-details-btn {
+    background: #f1f1f1;
+    border: none;
+    padding: 0.4rem 0.8rem;
+    border-radius: 4px;
+    font-size: 0.85rem;
+    cursor: pointer;
+    transition: background-color 0.2s;
+  }
+  
+  .toggle-details-btn:hover {
+    background: #e2e6ea;
+  }
+  
+  .toggle-details-btn[aria-expanded="true"] {
+    background: #007bff;
+    color: white;
+  }
+  
+  .vulnerability-detail {
+    margin-bottom: 2rem;
+    padding: 1.5rem;
+    border-radius: 8px;
+    background-color: #f8f9fa;
+    border: 1px solid #dee2e6;
+  }
+  
+  .vulnerability-detail.high-severity {
+    border-left: 4px solid #dc3545;
+  }
+  
+  .vulnerability-title {
+    margin-top: 0;
+    margin-bottom: 0.75rem;
+    font-size: 1.1rem;
+    font-weight: 600;
+  }
+  
+  .vulnerability-meta {
+    display: flex;
+    gap: 1rem;
+    margin-bottom: 1rem;
+    font-size: 0.85rem;
+  }
+  
+  .cve, .date {
+    color: #666;
+  }
+  
+  .description {
+    font-size: 0.9rem;
+    line-height: 1.5;
+    white-space: pre-line;
+  }
+  
+  .advisory-link {
+    margin-top: 1rem;
+  }
+  
+  .advisory-link a {
+    color: #007bff;
+    text-decoration: none;
+  }
+  
+  .advisory-link a:hover {
+    text-decoration: underline;
+  }
+  
+  .view-details-link {
+    margin-left: 0.5rem;
+    font-size: 0.85rem;
+    color: #007bff;
+    text-decoration: none;
+  }
+  
+  .view-details-link:hover {
+    text-decoration: underline;
+  }
+  
+  /* Markdown-style container */
+  .md-container {
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, Cantarell, "Open Sans", "Helvetica Neue", sans-serif;
+    color: #24292e;
+    background-color: #f6f8fa;
+    border: 1px solid #e1e4e8;
+    border-radius: 6px;
+    padding: 0;
+    overflow: hidden;
+    transition: all 0.3s ease;
+  }
+  
+  /* Each vulnerability as a markdown entry */
+  .md-entry {
+    border-bottom: 1px solid #e1e4e8;
+    padding: 24px;
+    background-color: #ffffff;
+  }
+  
+  .md-entry:last-child {
+    border-bottom: none;
+  }
+  
+  .md-entry.high-severity {
+    border-left: 4px solid #d73a49;
+  }
+  
+  /* Markdown heading style */
+  .md-heading {
+    font-size: 1.5rem;
+    font-weight: 600;
+    margin: 0 0 16px 0;
+    color: #24292e;
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", sans-serif;
+  }
+  
+  /* Metadata tags */
+  .md-metadata {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 8px;
+    margin-bottom: 16px;
+  }
+  
+  .md-tag {
+    display: inline-block;
+    padding: 2px 8px;
+    border-radius: 12px;
+    font-size: 12px;
+    font-weight: 500;
+    background-color: #e1e4e8;
+  }
+  
+  .md-tag.cve {
+    background-color: #0366d6;
+    color: white;
+  }
+  
+  .md-tag.ghsa {
+    background-color: #6f42c1;
+    color: white;
+  }
+  
+  .md-tag.severity.high, .md-tag.severity.critical {
+    background-color: #d73a49;
+    color: white;
+  }
+  
+  .md-tag.severity.medium {
+    background-color: #f6a33e;
+    color: white;
+  }
+  
+  .md-tag.severity.low {
+    background-color: #1b7c83;
+    color: white;
+  }
+  
+  .md-tag.severity.unknown {
+    background-color: #6a737d;
+    color: white;
+  }
+  
+  .md-date {
+    font-size: 12px;
+    color: #6a737d;
+  }
+  
+  /* Markdown divider */
+  .md-divider {
+    height: 1px;
+    background-color: #e1e4e8;
+    margin: 16px 0;
+  }
+  
+  /* Markdown content */
+  .md-content {
+    font-size: 14px;
+    line-height: 1.6;
+    color: #24292e;
+    margin-bottom: 16px;
+  }
+  
+  .md-content p {
+    margin-bottom: 16px;
+  }
+  
+  .md-content p:last-child {
+    margin-bottom: 0;
+  }
+  
+  /* Code block style */
+  .md-code-block {
+    margin: 16px 0;
+    background-color: #f6f8fa;
+    border-radius: 6px;
+    overflow: hidden;
+  }
+  
+  .md-code-header {
+    padding: 8px 16px;
+    background-color: #f1f8ff;
+    border-bottom: 1px solid #d0d7de;
+    color: #57606a;
+    font-size: 12px;
+    font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, monospace;
+  }
+  
+  .md-code {
+    margin: 0;
+    padding: 16px;
+    overflow-x: auto;
+    font-size: 13px;
+    line-height: 1.45;
+    color: #24292e;
+    font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, monospace;
+  }
+  
+  /* Link style */
+  .md-link {
+    display: flex;
+    align-items: center;
+    margin-top: 16px;
+  }
+  
+  .md-link-icon {
+    margin-right: 4px;
+    font-size: 14px;
+  }
+  
+  .md-link a {
+    color: #0366d6;
+    text-decoration: none;
+    font-size: 14px;
+  }
+  
+  .md-link a:hover {
+    text-decoration: underline;
+  }
+  
+  /* Back to top link */
+  .md-back {
+    margin-top: 24px;
+    font-size: 14px;
+    text-align: right;
+  }
+  
+  .back-to-top {
+    color: #586069;
+    text-decoration: none;
+  }
+  
+  .back-to-top:hover {
+    color: #0366d6;
+    text-decoration: underline;
+  }
+  
+  .vulnerabilities-details-section h3 {
+    margin-bottom: 16px;
+    font-size: 1.2rem;
+    font-weight: 600;
+    color: #24292e;
+  }
+</style>
+
+<script>
+  document.addEventListener('DOMContentLoaded', function() {
+    // Copy functionality for solution buttons
+    document.querySelectorAll('.copy-btn').forEach(function(button) {
+      button.addEventListener('click', function() {
+        const solution = this.getAttribute('data-solution');
+        navigator.clipboard.writeText(solution).then(() => {
+          // Change button appearance temporarily
+          const originalText = this.innerHTML;
+          this.innerHTML = '<span class="copy-icon">✓</span> Copied!';
+          this.classList.add('copied');
+          
+          setTimeout(() => {
+            this.innerHTML = originalText;
+            this.classList.remove('copied');
+          }, 2000);
+        });
+      });
+    });
+    
+    // Toggle details section functionality
+    const toggleBtn = document.querySelector('.toggle-details-btn');
+    if (toggleBtn) {
+      toggleBtn.addEventListener('click', function() {
+        const detailsSection = document.querySelector('.vulnerabilities-details-section');
+        const isHidden = detailsSection.classList.contains('hidden');
+        
+        if (isHidden) {
+          // Show the details
+          detailsSection.classList.remove('hidden');
+          this.textContent = 'Hide Details';
+          this.setAttribute('aria-expanded', 'true');
+          
+          // Scroll to the details section
+          detailsSection.scrollIntoView({
+            behavior: 'smooth',
+            block: 'start'
+          });
+        } else {
+          // Hide the details
+          detailsSection.classList.add('hidden');
+          this.textContent = 'Show Details';
+          this.setAttribute('aria-expanded', 'false');
+        }
+      });
+    }
+    
+    // View details link functionality - simplified to avoid duplication
+    document.querySelectorAll('.view-details-link').forEach(function(link) {
+      link.addEventListener('click', function(e) {
+        e.preventDefault();
+        const target = this.getAttribute('href');
+        const detailsSection = document.querySelector('.vulnerabilities-details-section');
+        
+        // Show the details section if it's hidden
+        if (detailsSection.classList.contains('hidden')) {
+          detailsSection.classList.remove('hidden');
+          const toggleBtn = document.querySelector('.toggle-details-btn');
+          toggleBtn.textContent = 'Hide Details';
+          toggleBtn.setAttribute('aria-expanded', 'true');
+        }
+        
+        // Scroll to the specific vulnerability
+        setTimeout(() => {
+          document.querySelector(target).scrollIntoView({
+            behavior: 'smooth',
+            block: 'start'
+          });
+        }, 100);
+      });
+    });
+    
+    // Filter functionality
+    document.querySelectorAll('.filter-btn').forEach(function(button) {
+      button.addEventListener('click', function() {
+        const filter = this.getAttribute('data-filter');
+        
+        // Update active button
+        document.querySelectorAll('.filter-btn').forEach(btn => btn.classList.remove('active'));
+        this.classList.add('active');
+        
+        // Handle special case for copy-solutions
+        if (filter === 'copy-solutions') {
+          const solutions = [];
+          document.querySelectorAll('.vulnerability-row').forEach(function(row) {
+            const gem = row.cells[0].textContent.trim();
+            const solution = row.querySelector('.solution code')?.textContent.trim() || "No patch available";
+            solutions.push(`${gem}: ${solution}`);
+          });
+          
+          // Copy all solutions to clipboard
+          navigator.clipboard.writeText(solutions.join('\n')).then(() => {
+            alert('All solutions copied to clipboard!');
+          });
+          
+          return;
+        }
+        
+        // Filter the vulnerability rows
+        document.querySelectorAll('.vulnerability-row').forEach(function(row) {
+          const isHigh = row.classList.contains('high-severity');
+          
+          if (filter === 'all') {
+            row.style.display = '';
+          } else if (filter === 'high') {
+            row.style.display = isHigh ? '' : 'none';
+          }
+        });
+      });
+    });
+  });
+</script>

data/app/views/solidstats/dashboard/audit/_audit_filters.html.erb

@@ -0,0 +1,5 @@
+<div class="audit-filters">
+  <button class="filter-btn active" data-filter="all">All</button>
+  <button class="filter-btn" data-filter="high">High Severity</button>
+  <button class="filter-btn" data-filter="copy-solutions">Copy All Solutions</button>
+</div>