module Bundler::Audit::CLI::Formats::Junit
def advisory_criticality(advisory)
def advisory_criticality(advisory) if advisory.criticality advisory.criticality.to_s.capitalize else "Unknown" end end
def advisory_ref(advisory)
def advisory_ref(advisory) advisory.identifiers.join(" ") end
def advisory_solution(advisory)
def advisory_solution(advisory) unless advisory.patched_versions.empty? "upgrade to #{advisory.patched_versions.join(', ')}" else "remove or disable this gem until a patch is available!" end end
def bundle_title(result)
def bundle_title(result) "#{advisory_criticality(result.advisory).upcase} #{result.gem.name}(#{result.gem.version}) #{result.advisory.title}" end
def print_report(report, output=$stdout)
-
output(IO, File) -- -
report(Report) --
def print_report(report, output=$stdout) original_stdout = $stdout $stdout = output print_xml_testsuite(report) do report.each do |result| print_xml_testcase(result) end end $stdout = original_stdout end
def print_xml_testcase(result)
def print_xml_testcase(result) case result when Results::InsecureSource say_xml( %{ <testcase id="#{xml(result.source)}" name="Insecure Source URI found: #{xml(result.source)}">}, %{ <failure message="Insecure Source URI found: #{xml(result.source)}" type="Unknown"></failure>}, %{ </testcase>} ) when Results::UnpatchedGem say_xml( %{ <testcase id="#{xml(result.gem.name)}" name="#{xml(bundle_title(result))}">}, %{ <failure message="#{xml(result.advisory.title)}" type="#{xml(result.advisory.criticality)}">}, %{ Name: #{xml(result.gem.name)}}, %{ Version: #{xml(result.gem.version)}}, %{ Advisory: #{xml(advisory_ref(result.advisory))}}, %{ Criticality: #{xml(advisory_criticality(result.advisory))}}, %{ URL: #{xml(result.advisory.url)}}, %{ Title: #{xml(result.advisory.title)}}, %{ Solution: #{xml(advisory_solution(result.advisory))}}, %{ </failure>}, %{ </testcase>} ) end end
def print_xml_testsuite(report)
def print_xml_testsuite(report) say_xml( %{<?xml version="1.0" encoding="UTF-8" ?>}, %{<testsuites id="#{Time.now.to_i}" name="Bundle Audit">}, %{ <testsuite id="Gemfile" name="Ruby Gemfile" failures="#{report.count}">} ) yield say_xml( %{ </testsuite>}, %{</testsuites>} ) end
def say_xml(*lines)
def say_xml(*lines) say(lines.join($/)) end
def xml(string)
def xml(string) CGI.escapeHTML(string.to_s) end