Class: BundleUpdateInteractive::Report

Inherits:

Object

• Object
• BundleUpdateInteractive::Report

Defined in:

lib/bundle_update_interactive/report.rb

Instance Attribute Summary

• #updatable_gems ⇒ Object readonly

  Returns the value of attribute updatable_gems.

• #withheld_gems ⇒ Object readonly

  Returns the value of attribute withheld_gems.

Instance Method Summary

• #all_gems ⇒ Object
• #bundle_update!(*gem_names) ⇒ Object
• #empty? ⇒ Boolean
• #expand_gems_with_exact_dependencies(*gem_names) ⇒ Object
• #initialize(current_lockfile:, withheld_gems:, updatable_gems:) ⇒ Report constructor

  A new instance of Report.

• #scan_for_vulnerabilities! ⇒ Object

Constructor Details

#initialize(current_lockfile:, withheld_gems:, updatable_gems:) ⇒ Report

Returns a new instance of Report.

# File 'lib/bundle_update_interactive/report.rb', line 12

def initialize(current_lockfile:, withheld_gems:, updatable_gems:)
  @current_lockfile = current_lockfile
  @withheld_gems = withheld_gems.freeze
  @updatable_gems = updatable_gems.freeze
end

Instance Attribute Details

#updatable_gems ⇒ Object (readonly)

Returns the value of attribute updatable_gems.

# File 'lib/bundle_update_interactive/report.rb', line 10

def updatable_gems
  @updatable_gems
end

#withheld_gems ⇒ Object (readonly)

Returns the value of attribute withheld_gems.

# File 'lib/bundle_update_interactive/report.rb', line 10

def withheld_gems
  @withheld_gems
end

Instance Method Details

#all_gems ⇒ Object

# File 'lib/bundle_update_interactive/report.rb', line 22

def all_gems
  @all_gems ||= withheld_gems.merge(updatable_gems)
end

#bundle_update!(*gem_names) ⇒ Object

# File 'lib/bundle_update_interactive/report.rb', line 44

def bundle_update!(*gem_names)
  expanded_names = expand_gems_with_exact_dependencies(*gem_names)
  BundlerCommands.update_gems_conservatively(*expanded_names)
end

#empty? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/bundle_update_interactive/report.rb', line 18

def empty?
  withheld_gems.empty? && updatable_gems.empty?
end

#expand_gems_with_exact_dependencies(*gem_names) ⇒ Object

# File 'lib/bundle_update_interactive/report.rb', line 26

def expand_gems_with_exact_dependencies(*gem_names)
  gem_names.flatten!
  gem_names.flat_map { |name| [name, *current_lockfile[name].exact_dependencies] }.uniq
end

#scan_for_vulnerabilities! ⇒ Object

# File 'lib/bundle_update_interactive/report.rb', line 31

def scan_for_vulnerabilities!
  return false if all_gems.empty?

  Bundler::Audit::Database.update!(quiet: true)
  audit_report = Bundler::Audit::Scanner.new.report
  vulnerable_gem_names = Set.new(audit_report.vulnerable_gems.map(&:name))

  all_gems.each do |name, gem|
    gem.vulnerable = (vulnerable_gem_names & [name, *current_lockfile[name].exact_dependencies]).any?
  end
  true
end