Class: Gem::Guardian::CLI::LockfileDataView

Inherits:

Data

• Object
• Data
• Gem::Guardian::CLI::LockfileDataView

Defined in:

lib/gem/guardian/cli.rb

Overview

Lightweight lockfile data adapter used when a user verifies only a subset of gems from a Bundler lockfile.

LockfileParser returns the full dependency graph and all parsed checksum entries. When the CLI receives both +--lockfile+ and explicit +GEM:VERSION[:PLATFORM]+ arguments, this view narrows that data to the requested dependencies while preserving the same reader methods consumed by Verifier, ReportBuilder, and ResultPrinter.

Instance Attribute Summary

• #checksums ⇒ Object readonly

  Returns the value of attribute checksums.

• #checksums_section_present ⇒ Object readonly

  Returns the value of attribute checksums_section_present.

• #dependencies ⇒ Object readonly

  Returns the value of attribute dependencies.

Instance Method Summary

• #checksum_for(dependency, algorithm = "sha256") ⇒ String^?

  Looks up a checksum for a dependency and algorithm.

• #checksums_present? ⇒ Boolean

  Indicates whether the original lockfile contained a +CHECKSUMS+ section.

• #missing_checksum_dependencies ⇒ Array<Dependency>

  Lists selected dependencies that do not have SHA256 lockfile coverage.

• #sha256_checksums ⇒ Hash{Dependency => String}

  Returns only SHA256 checksums from the filtered lockfile data.

Instance Attribute Details

#checksums ⇒ Object (readonly)

Returns the value of attribute checksums

Returns:

• (Object) —

  the current value of checksums

# File 'lib/gem/guardian/cli.rb', line 29

LockfileDataView = Data.define(:dependencies, :checksums, :checksums_section_present) do
  # Looks up a checksum for a dependency and algorithm.
  #
  # @param dependency [Dependency] dependency to look up
  # @param algorithm [String] checksum algorithm name, currently usually
  #   +"sha256"+
  # @return [String, nil] checksum digest when present, otherwise +nil+
  def checksum_for(dependency, algorithm = "sha256")
    checksums.fetch(dependency, {}).fetch(algorithm, nil)
  end

  # Returns only SHA256 checksums from the filtered lockfile data.
  #
  # @return [Hash{Dependency => String}] selected dependencies mapped to
  #   their SHA256 digest
  def sha256_checksums
    checksums.each_with_object({}) do |(dependency, algorithms), memo|
      digest = algorithms["sha256"]
      memo[dependency] = digest if digest
    end
  end

  # Lists selected dependencies that do not have SHA256 lockfile coverage.
  #
  # @return [Array<Dependency>] dependencies missing a SHA256 checksum in
  #   the lockfile view
  def missing_checksum_dependencies
    dependencies.reject { |dependency| sha256_checksums.key?(dependency) }
  end

  # Indicates whether the original lockfile contained a +CHECKSUMS+
  # section.
  #
  # @return [Boolean] +true+ when the source lockfile had checksum metadata
  def checksums_present?
    checksums_section_present
  end
end

#checksums_section_present ⇒ Object (readonly)

Returns the value of attribute checksums_section_present

Returns:

• (Object) —

  the current value of checksums_section_present

# File 'lib/gem/guardian/cli.rb', line 29

LockfileDataView = Data.define(:dependencies, :checksums, :checksums_section_present) do
  # Looks up a checksum for a dependency and algorithm.
  #
  # @param dependency [Dependency] dependency to look up
  # @param algorithm [String] checksum algorithm name, currently usually
  #   +"sha256"+
  # @return [String, nil] checksum digest when present, otherwise +nil+
  def checksum_for(dependency, algorithm = "sha256")
    checksums.fetch(dependency, {}).fetch(algorithm, nil)
  end

  # Returns only SHA256 checksums from the filtered lockfile data.
  #
  # @return [Hash{Dependency => String}] selected dependencies mapped to
  #   their SHA256 digest
  def sha256_checksums
    checksums.each_with_object({}) do |(dependency, algorithms), memo|
      digest = algorithms["sha256"]
      memo[dependency] = digest if digest
    end
  end

  # Lists selected dependencies that do not have SHA256 lockfile coverage.
  #
  # @return [Array<Dependency>] dependencies missing a SHA256 checksum in
  #   the lockfile view
  def missing_checksum_dependencies
    dependencies.reject { |dependency| sha256_checksums.key?(dependency) }
  end

  # Indicates whether the original lockfile contained a +CHECKSUMS+
  # section.
  #
  # @return [Boolean] +true+ when the source lockfile had checksum metadata
  def checksums_present?
    checksums_section_present
  end
end

#dependencies ⇒ Object (readonly)

Returns the value of attribute dependencies

Returns:

• (Object) —

  the current value of dependencies

# File 'lib/gem/guardian/cli.rb', line 29

LockfileDataView = Data.define(:dependencies, :checksums, :checksums_section_present) do
  # Looks up a checksum for a dependency and algorithm.
  #
  # @param dependency [Dependency] dependency to look up
  # @param algorithm [String] checksum algorithm name, currently usually
  #   +"sha256"+
  # @return [String, nil] checksum digest when present, otherwise +nil+
  def checksum_for(dependency, algorithm = "sha256")
    checksums.fetch(dependency, {}).fetch(algorithm, nil)
  end

  # Returns only SHA256 checksums from the filtered lockfile data.
  #
  # @return [Hash{Dependency => String}] selected dependencies mapped to
  #   their SHA256 digest
  def sha256_checksums
    checksums.each_with_object({}) do |(dependency, algorithms), memo|
      digest = algorithms["sha256"]
      memo[dependency] = digest if digest
    end
  end

  # Lists selected dependencies that do not have SHA256 lockfile coverage.
  #
  # @return [Array<Dependency>] dependencies missing a SHA256 checksum in
  #   the lockfile view
  def missing_checksum_dependencies
    dependencies.reject { |dependency| sha256_checksums.key?(dependency) }
  end

  # Indicates whether the original lockfile contained a +CHECKSUMS+
  # section.
  #
  # @return [Boolean] +true+ when the source lockfile had checksum metadata
  def checksums_present?
    checksums_section_present
  end
end

Instance Method Details

#checksum_for(dependency, algorithm = "sha256") ⇒ String^?

Looks up a checksum for a dependency and algorithm.

Parameters:

• dependency (Dependency) —

  dependency to look up

• algorithm (String) (defaults to: "sha256") —

  checksum algorithm name, currently usually +"sha256"+

Returns:

• (String, nil) —

  checksum digest when present, otherwise +nil+

# File 'lib/gem/guardian/cli.rb', line 36

def checksum_for(dependency, algorithm = "sha256")
  checksums.fetch(dependency, {}).fetch(algorithm, nil)
end

#checksums_present? ⇒ Boolean

Indicates whether the original lockfile contained a +CHECKSUMS+ section.

Returns:

• (Boolean) —

  +true+ when the source lockfile had checksum metadata

# File 'lib/gem/guardian/cli.rb', line 63

def checksums_present?
  checksums_section_present
end

#missing_checksum_dependencies ⇒ Array<Dependency>

Lists selected dependencies that do not have SHA256 lockfile coverage.

Returns:

• (Array<Dependency>) —

  dependencies missing a SHA256 checksum in the lockfile view

# File 'lib/gem/guardian/cli.rb', line 55

def missing_checksum_dependencies
  dependencies.reject { |dependency| sha256_checksums.key?(dependency) }
end

#sha256_checksums ⇒ Hash{Dependency => String}

Returns only SHA256 checksums from the filtered lockfile data.

Returns:

• (Hash{Dependency => String}) —

  selected dependencies mapped to their SHA256 digest

# File 'lib/gem/guardian/cli.rb', line 44

def sha256_checksums
  checksums.each_with_object({}) do |(dependency, algorithms), memo|
    digest = algorithms["sha256"]
    memo[dependency] = digest if digest
  end
end