Module: Homebrew::Vulns::Output Private
- Defined in:
- vulns/output.rb
This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.
Constant Summary collapse
- DEFAULT_MAX_SUMMARY =
This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.
60
Class Method Summary collapse
- .json(results, io: $stdout) ⇒ void private
- .text(results, max_summary: DEFAULT_MAX_SUMMARY, io: $stdout) ⇒ void private
Class Method Details
.json(results, io: $stdout) ⇒ void
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
This method returns an undefined value.
53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'vulns/output.rb', line 53 def self.json(results, io: $stdout) data = results.findings.map do |f| { formula: f.name, version: f.version, tag: f.tag, repo_url: f.repo_url, vulnerabilities: f.open.map { |v| vuln_json(v) }, patched: f.patched.map { |v| vuln_json(v) }, } end io.puts JSON.pretty_generate(data) end |
.text(results, max_summary: DEFAULT_MAX_SUMMARY, io: $stdout) ⇒ void
This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.
This method returns an undefined value.
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'vulns/output.rb', line 15 def self.text(results, max_summary: DEFAULT_MAX_SUMMARY, io: $stdout) io.puts "Checking #{Utils.pluralize("package", results.checked, include_count: true)} for vulnerabilities..." if results.skipped.positive? io.puts "(#{Utils.pluralize("package", results.skipped, include_count: true)} " \ "skipped - no supported source URL)" end io.puts open = results.findings.select { |f| f.open.any? } patched = results.findings.select { |f| f.patched.any? } if open.empty? io.puts patched.empty? ? "No vulnerabilities found." : "No open vulnerabilities found." patched_summary(patched, io:) return end total = 0 open.sort_by { |f| -f.open.map(&:severity_level).max }.each do |f| io.puts "#{sanitize(f.name)} (#{sanitize(f.version)})" f.open.sort_by { |v| -v.severity_level }.each do |v| total += 1 line = " #{sanitize(v.id)} (#{colorize_severity(v.severity, v.severity_display)})" summary = v.summary line += " - #{truncate(sanitize(summary), max_summary)}" if summary io.puts line io.puts " Fixed in: #{v.fixed_versions.map { |s| sanitize(s) }.join(", ")}" if v.fixed_versions.any? end io.puts end io.puts "Found #{Utils.pluralize("vulnerabilit", total, plural: "ies", singular: "y", include_count: true)} " \ "in #{Utils.pluralize("package", open.size, include_count: true)}" patched_summary(patched, io:) end |