class Unwrappr::Writers::SecurityVulnerabilities

Present reported security vulnerabilities in the gem change annotation.

Implements the `annotation_writer` interface required by the LockFileAnnotator.

Public Class Methods

new(gem_change, gem_change_info) click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 14
def initialize(gem_change, gem_change_info)
  @gem_change = gem_change
  @gem_change_info = gem_change_info
end
write(gem_change, gem_change_info) click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 10
def self.write(gem_change, gem_change_info)
  new(gem_change, gem_change_info).write
end

Public Instance Methods

write() click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 19
      def write
        return nil if vulnerabilities.nil?

        <<~MESSAGE
          #{patched_vulnerabilities}
          #{introduced_vulnerabilities}
          #{remaining_vulnerabilities}
        MESSAGE
      end

Private Instance Methods

cve_url(id) click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 83
def cve_url(id)
  "https://nvd.nist.gov/vuln/detail/#{id}"
end
cvss_v2(advisory) click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 87
def cvss_v2(advisory)
  # rubocop:disable Style/GuardClause
  if advisory.cvss_v2
    "CVSS V2: [#{advisory.cvss_v2} #{advisory.criticality}]"\
      "(#{cvss_v2_url(advisory.cve_id)})"
  end
  # rubocop:enable Style/GuardClause
end
cvss_v2_url(id) click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 96
def cvss_v2_url(id)
  "https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?name=#{id}"
end
identifier(advisory) click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 75
def identifier(advisory)
  if advisory.cve_id
    "[#{advisory.cve_id}](#{cve_url(advisory.cve_id)})"
  elsif advisory.osvdb_id
    advisory.osvdb_id
  end
end
introduced_vulnerabilities() click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 38
def introduced_vulnerabilities
  list_vulnerabilites(
    ':rotating_light::exclamation: Introduced vulnerabilities:',
    vulnerabilities.introduced
  )
end
list_vulnerabilites(message, advisories) click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 52
      def list_vulnerabilites(message, advisories)
        return nil if advisories.empty?

        <<~MESSAGE
          #{message}

          #{advisories.map(&method(:render_vulnerability)).join("\n")}
        MESSAGE
      end
patched_vulnerabilities() click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 31
def patched_vulnerabilities
  list_vulnerabilites(
    ':tada: Patched vulnerabilities:',
    vulnerabilities.patched
  )
end
remaining_vulnerabilities() click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 45
def remaining_vulnerabilities
  list_vulnerabilites(
    ':rotating_light: Remaining vulnerabilities:',
    vulnerabilities.remaining
  )
end
render_vulnerability(advisory) click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 62
      def render_vulnerability(advisory)
        <<~MESSAGE
          - #{identifier(advisory)}
            **#{advisory.title}**

            #{cvss_v2(advisory)}
            #{link(advisory)}

            #{advisory.description&.gsub("\n", ' ')&.strip}

        MESSAGE
      end
vulnerabilities() click to toggle source
# File lib/unwrappr/writers/security_vulnerabilities.rb, line 104
def vulnerabilities
  @gem_change_info[:security_vulnerabilities]
end