class DependencySpy::CLI

Constants

FORMATTERS

Public Instance Methods

check() click to toggle source
# File lib/dependency_spy/cli.rb, line 55
def check
  defaults = {
    'verbose' => false,
    'path' => Dir.pwd,
    'formatter' => FORMATTERS.first.name.split('::').last.downcase,
    'database-path' => YAVDB::Constants::DEFAULT_YAVDB_DATABASE_PATH,
    'offline' => false,
    'severity-threshold' => 'low',
    'with-color' => true,
    'ignore' => []
  }
  the_options = defaults.merge(options)

  api_options = the_options.transform_keys(&:to_sym)
  api_options[:database_path] = api_options[:'database-path']
  the_options.freeze
  api_options.freeze
  manifests = API.check(api_options)

  formatted_output = if (the_options['formatter'] == 'text') && !the_options['output-path'] && the_options['with-color']
                       DependencySpy::Formatters::Text.format(manifests, the_options['severity-threshold'])
                     else
                       FORMATTERS
                         .find { |f| f.name.split('::').last.downcase == the_options['formatter'] }
                         .format(manifests)
                     end

  if the_options['output-path']
    DependencySpy::Outputs::FileSystem.write(the_options['output-path'], formatted_output)
  else
    DependencySpy::Outputs::StdOut.write(formatted_output)
  end

  has_vulnerabilities =
    manifests.any? do |manifest|
      manifest[:dependencies]&.any? do |dependency|
        dependency[:vulnerabilities]&.any? do |vuln|
          DependencySpy::Helper.severity_above_threshold?(vuln.severity, the_options['severity-threshold'])
        end
      end
    end

  exit(1) if has_vulnerabilities
end
update() click to toggle source
# File lib/dependency_spy/cli.rb, line 103
def update
  defaults = {
    'verbose' => false,
    'vuln-db-path' => YAVDB::Constants::DEFAULT_YAVDB_PATH
  }
  the_options = defaults.merge(options)
  the_options.freeze
  API.update(the_options['vuln-db-path'])
end

Private Instance Methods

options() click to toggle source
Calls superclass method
# File lib/dependency_spy/cli.rb, line 115
def options
  cli_options = super
  config_file_options = DependencySpy::ConfigFile.get_config(cli_options[:'config-file-path'])
  config_file_options.merge(cli_options)
end