Module: Homebrew::Vulns::Output Private

Defined in:
vulns/output.rb

This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.

Constant Summary collapse

DEFAULT_MAX_SUMMARY =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

60

Class Method Summary collapse

Class Method Details

.json(results, io: $stdout) ⇒ void

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

This method returns an undefined value.

Parameters:



53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'vulns/output.rb', line 53

def self.json(results, io: $stdout)
  data = results.findings.map do |f|
    {
      formula:         f.name,
      version:         f.version,
      tag:             f.tag,
      repo_url:        f.repo_url,
      vulnerabilities: f.open.map { |v| vuln_json(v) },
      patched:         f.patched.map { |v| vuln_json(v) },
    }
  end
  io.puts JSON.pretty_generate(data)
end

.text(results, max_summary: DEFAULT_MAX_SUMMARY, io: $stdout) ⇒ void

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

This method returns an undefined value.

Parameters:

  • results (Scanner::Results)
  • max_summary (Integer) (defaults to: DEFAULT_MAX_SUMMARY)
  • io (IO, StringIO) (defaults to: $stdout)


15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'vulns/output.rb', line 15

def self.text(results, max_summary: DEFAULT_MAX_SUMMARY, io: $stdout)
  io.puts "Checking #{Utils.pluralize("package", results.checked, include_count: true)} for vulnerabilities..."
  if results.skipped.positive?
    io.puts "(#{Utils.pluralize("package", results.skipped, include_count: true)} " \
            "skipped - no supported source URL)"
  end
  io.puts

  open = results.findings.select { |f| f.open.any? }
  patched = results.findings.select { |f| f.patched.any? }

  if open.empty?
    io.puts patched.empty? ? "No vulnerabilities found." : "No open vulnerabilities found."
    patched_summary(patched, io:)
    return
  end

  total = 0
  open.sort_by { |f| -f.open.map(&:severity_level).max }.each do |f|
    io.puts "#{sanitize(f.name)} (#{sanitize(f.version)})"
    f.open.sort_by { |v| -v.severity_level }.each do |v|
      total += 1
      line = "  #{sanitize(v.id)} (#{colorize_severity(v.severity, v.severity_display)})"
      summary = v.summary
      line += " - #{truncate(sanitize(summary), max_summary)}" if summary
      io.puts line
      io.puts "    Fixed in: #{v.fixed_versions.map { |s| sanitize(s) }.join(", ")}" if v.fixed_versions.any?
    end
    io.puts
  end

  io.puts "Found #{Utils.pluralize("vulnerabilit", total, plural: "ies", singular: "y",
include_count: true)} " \
          "in #{Utils.pluralize("package", open.size, include_count: true)}"
  patched_summary(patched, io:)
end