Class: SvgSentinel::Result

Inherits:
Object
  • Object
show all
Defined in:
lib/svg_sentinel/result.rb

Overview

The outcome of a scan: the list of findings and a few convenience predicates. "Safe" means no critical findings; warnings do not, on their own, make an SVG unsafe to render.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(findings) ⇒ Result

Returns a new instance of Result.



10
11
12
# File 'lib/svg_sentinel/result.rb', line 10

def initialize(findings)
  @findings = findings
end

Instance Attribute Details

#findingsObject (readonly)

Returns the value of attribute findings.



8
9
10
# File 'lib/svg_sentinel/result.rb', line 8

def findings
  @findings
end

Instance Method Details

#critical?Boolean

Returns:

  • (Boolean)


18
19
20
# File 'lib/svg_sentinel/result.rb', line 18

def critical?
  !criticals.empty?
end

#criticalsObject



26
27
28
# File 'lib/svg_sentinel/result.rb', line 26

def criticals
  @findings.select(&:critical?)
end

#policy_findingsObject

Brand-mark / strict-profile house-rule findings (animation, raster images, size, elements outside the strict allowlist).



38
39
40
# File 'lib/svg_sentinel/result.rb', line 38

def policy_findings
  @findings.select(&:policy?)
end

#safe?Boolean

Returns:

  • (Boolean)


14
15
16
# File 'lib/svg_sentinel/result.rb', line 14

def safe?
  criticals.empty?
end

#security_findingsObject

Genuine attack-surface findings (scripts, XXE, script/data URIs, external references), regardless of severity.



32
33
34
# File 'lib/svg_sentinel/result.rb', line 32

def security_findings
  @findings.select(&:security?)
end

#to_hObject



42
43
44
45
46
47
# File 'lib/svg_sentinel/result.rb', line 42

def to_h
  {
    safe: safe?,
    findings: @findings.map(&:to_h)
  }
end

#warningsObject



22
23
24
# File 'lib/svg_sentinel/result.rb', line 22

def warnings
  @findings.select(&:warning?)
end