class RubygemsCheckReplacementVulnerability::Rubygems

Constants

VULNERABLE_TERMS

Attributes

gem_name[R]

Public Class Methods

get(url) click to toggle source
# File lib/rubygems_check_replacement_vulnerability/rubygems.rb, line 42
def self.get(url)
  JSON.parse(open(url).read)
end
new(gem_name) click to toggle source
# File lib/rubygems_check_replacement_vulnerability/rubygems.rb, line 10
def initialize(gem_name)
  @gem_name = gem_name
end
owner_gems(user_id) click to toggle source
# File lib/rubygems_check_replacement_vulnerability/rubygems.rb, line 37
def self.owner_gems(user_id)
  gems = get("https://rubygems.org/api/v1/owners/#{user_id}/gems.json")
  gems.map { |gem| gem["name"] }
end

Public Instance Methods

download_gem(version, dist_dir) click to toggle source

@return [String] path to downloaded gem file

# File lib/rubygems_check_replacement_vulnerability/rubygems.rb, line 29
def download_gem(version, dist_dir)
  gem_path = File.join(dist_dir, "#{@gem_name}-#{version}.gem")
  File.open(gem_path, "wb") do |f|
    f.write(open(gem_uri(version)).read)
  end
  gem_path
end
gem_uri(version) click to toggle source
# File lib/rubygems_check_replacement_vulnerability/rubygems.rb, line 24
def gem_uri(version)
  "https://rubygems.org/gems/#{@gem_name}-#{version}.gem"
end
vulnerable_versions() click to toggle source
# File lib/rubygems_check_replacement_vulnerability/rubygems.rb, line 14
def vulnerable_versions
  all_gems = self.class.get("https://rubygems.org/api/v1/versions/#{@gem_name}.json")
  vulnerable_gems = all_gems.select do |gem|
    created_at = Time.parse(gem["created_at"])
    VULNERABLE_TERMS.cover?(created_at)
  end

  vulnerable_gems.map{ |gem| gem["number"] }.sort_by { |version| Gem::Version.new(version) }
end