class Unwrappr::Writers::SecurityVulnerabilities
Present reported security vulnerabilities in the gem change annotation.
Implements the `annotation_writer` interface required by the LockFileAnnotator
.
Public Class Methods
new(gem_change, gem_change_info)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 14 def initialize(gem_change, gem_change_info) @gem_change = gem_change @gem_change_info = gem_change_info end
write(gem_change, gem_change_info)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 10 def self.write(gem_change, gem_change_info) new(gem_change, gem_change_info).write end
Public Instance Methods
write()
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 19 def write return nil if vulnerabilities.nil? <<~MESSAGE #{patched_vulnerabilities} #{introduced_vulnerabilities} #{remaining_vulnerabilities} MESSAGE end
Private Instance Methods
cve_url(id)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 83 def cve_url(id) "https://nvd.nist.gov/vuln/detail/#{id}" end
cvss_v2(advisory)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 87 def cvss_v2(advisory) # rubocop:disable Style/GuardClause if advisory.cvss_v2 "CVSS V2: [#{advisory.cvss_v2} #{advisory.criticality}]"\ "(#{cvss_v2_url(advisory.cve_id)})" end # rubocop:enable Style/GuardClause end
cvss_v2_url(id)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 96 def cvss_v2_url(id) "https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?name=#{id}" end
identifier(advisory)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 75 def identifier(advisory) if advisory.cve_id "[#{advisory.cve_id}](#{cve_url(advisory.cve_id)})" elsif advisory.osvdb_id advisory.osvdb_id end end
introduced_vulnerabilities()
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 38 def introduced_vulnerabilities list_vulnerabilites( ':rotating_light::exclamation: Introduced vulnerabilities:', vulnerabilities.introduced ) end
link(advisory)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 100 def link(advisory) "URL: #{advisory.url}" if advisory.url end
list_vulnerabilites(message, advisories)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 52 def list_vulnerabilites(message, advisories) return nil if advisories.empty? <<~MESSAGE #{message} #{advisories.map(&method(:render_vulnerability)).join("\n")} MESSAGE end
patched_vulnerabilities()
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 31 def patched_vulnerabilities list_vulnerabilites( ':tada: Patched vulnerabilities:', vulnerabilities.patched ) end
remaining_vulnerabilities()
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 45 def remaining_vulnerabilities list_vulnerabilites( ':rotating_light: Remaining vulnerabilities:', vulnerabilities.remaining ) end
render_vulnerability(advisory)
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 62 def render_vulnerability(advisory) <<~MESSAGE - #{identifier(advisory)} **#{advisory.title}** #{cvss_v2(advisory)} #{link(advisory)} #{advisory.description&.gsub("\n", ' ')&.strip} MESSAGE end
vulnerabilities()
click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 104 def vulnerabilities @gem_change_info[:security_vulnerabilities] end