class DependencySpy::Formatters::Text

Public Class Methods

format(manifests, severity_threshold = nil) click to toggle source
# File lib/dependency_spy/formatters/text.rb, line 23
def self.format(manifests, severity_threshold = nil)
  manifests_text = manifests.map do |manifest|
    manifest_header = "#{manifest.platform}: #{manifest.kind} ~> #{manifest.path} "
    manifest_body = manifest.dependencies.map do |package|
      next unless package.vulnerabilities.any?

      package_header = "    Vulnerable: #{package.name}/#{package.type}:#{package.version}"
      package_body = package.vulnerabilities.map do |vuln|
        body = ''
        body += "        Title: #{vuln.title}\n"
        body += "        Severity: #{(vuln.severity || 'unknown').capitalize}\n"
        body += "        Source: #{vuln.source_url}\n"
        body += "        Identifier: #{vuln.id}\n\n"
        if severity_threshold && DependencySpy::Helper.severity_above_threshold?(vuln.severity, severity_threshold)
          body.red
        else
          body
        end
      end

      "#{package_header}\n#{package_body.join("\n")}"
    end

    next unless manifest_body.any?

    "#{manifest_header}\n#{manifest_body.reject(&:nil?).join("\n")}"
  end

  if manifests_text.any?
    manifests_text.join("\n")
  else
    'No known vulnerabilities were found in your dependencies.'
  end
end