class Bundler::Audit::Advisory
def self.load(path)
- Api: - semipublic
Returns:
-
(Advisory)-
Parameters:
-
path(String) --
def self.load(path) cve = File.basename(path).chomp('.yml') data = YAML.load_file(path) unless data.kind_of?(Hash) raise("advisory data in #{path.dump} was not a Hash") end return new( cve, data['url'], data['title'], data['description'], data['cvss_v2'], Array(data['patched_versions']).map { |version| Gem::Requirement.new(*version.split(', ')) } ) end
def criticality
-
(:low, :medium, :high)-
def criticality case cvss_v2 when 0.0..3.3 then :low when 3.3..6.6 then :medium when 6.6..10.0 then :high end end
def vulnerable?(version)
-
(Boolean)-
Parameters:
-
version(Gem::Version) --
def vulnerable?(version) !patched_versions.any? do |patched_version| patched_version === version end end