class RubyAudit::CLI
Public Instance Methods
check()
click to toggle source
# File lib/ruby_audit/cli.rb, line 12 def check update unless options[:no_update] scanner = Scanner.new vulnerable = false scanner.scan(ignore: options[:ignore]) do |result| vulnerable = true print_advisory result.gem, result.advisory end if vulnerable say 'Vulnerabilities found!', :red exit 1 else say 'No vulnerabilities found', :green end end
update()
click to toggle source
# File lib/ruby_audit/cli.rb, line 32 def update say 'Updating ruby-advisory-db ...' case Database.update! when true say 'Updated ruby-advisory-db', :green when false say 'Failed updating ruby-advisory-db!', :red exit 1 when nil say 'Skipping update', :yellow end database = Database.new puts "ruby-advisory-db: #{database.size} advisories, " \ "last updated #{database.last_updated_at.utc}" end
version()
click to toggle source
# File lib/ruby_audit/cli.rb, line 51 def version database = Database.new puts "#{File.basename($PROGRAM_NAME)} #{VERSION} " \ "(advisories: #{database.size}, last updated: #{database.last_updated_at.utc})" end
Private Instance Methods
print_advisory(gem, advisory)
click to toggle source
rubocop:disable Metrics/AbcSize rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/MethodLength rubocop:disable Metrics/PerceivedComplexity
# File lib/ruby_audit/cli.rb, line 68 def print_advisory(gem, advisory) say 'Name: ', :red say gem.name say 'Version: ', :red say gem.version say 'Advisory: ', :red if advisory.cve say advisory.cve_id elsif advisory.osvdb say advisory.osvdb_id elsif advisory.ghsa say advisory.ghsa_id end say 'Criticality: ', :red case advisory.criticality when :none then say 'None' when :low then say 'Low' when :medium then say 'Medium', :yellow when :high then say 'High', %i[red bold] when :critical then say 'Critical', %i[red bold] else say 'Unknown' end say 'URL: ', :red say advisory.url if options.verbose? say 'Description:', :red say print_wrapped advisory.description, indent: 2 say else say 'Title: ', :red say advisory.title end if advisory.patched_versions.empty? say 'Solution: ', :red say 'remove or disable this gem until a patch is available!', %i[red bold] else say 'Solution: upgrade to ', :red say advisory.patched_versions.join(', ') end say end
say(message = '', color = nil)
click to toggle source
Calls superclass method
# File lib/ruby_audit/cli.rb, line 59 def say(message = '', color = nil) color = nil unless $stdout.tty? super(message.to_s, color) end