class SecurityReport::Scanner

Public Instance Methods

scan(directory) click to toggle source
# File lib/security_report/scanner.rb, line 8
def scan(directory)
  results = with_gemfile do
    ::Bundler::Audit::Scanner.new(directory).scan
  end

  results.map do |scan_result|
    detected_matching_result_class(scan_result).new(scan_result, directory)
  end
end

Private Instance Methods

detected_matching_result_class(scan_result) click to toggle source
# File lib/security_report/scanner.rb, line 33
def detected_matching_result_class(scan_result)
  [InsecureSourceResult, UnpatchedGemResult].detect do |result_class|
    result_class.matches? scan_result
  end
end
with_gemfile() { || ... } click to toggle source

This is a weird workaround for methods that require a Gemfile in the current directory

# File lib/security_report/scanner.rb, line 22
def with_gemfile
  if File.exist? 'Gemfile'
    yield
  else
    FileUtils.touch 'Gemfile'
    return_value = yield
    FileUtils.rm 'Gemfile'
    return_value
  end
end