Sha256: 66529f721b0da2d68fb42d7d09ddadcd11fa9879f27f3d2d65ae40fb8cd66f13

Contents?: true

Size: 1.82 KB

Versions: 2

Compression:

Stored size: 1.82 KB

Contents

require 'spec_helper'

describe "CLI" do
  include Helpers

  let(:command) do
    File.expand_path(File.join(File.dirname(__FILE__),'..','bin','bundler-leak'))
  end

  context "when auditing a bundle with unpatched gems" do
    let(:bundle)    { 'unpatched_gems' }
    let(:directory) { File.join('spec','bundle', bundle) }

    subject do
      Dir.chdir(directory) { sh(command, :fail => true) }
    end

    it "should print a warning" do
      expect(subject).to include("Vulnerabilities found!")
    end

    it "should print advisory information for the vulnerable gems" do
      advisory_pattern = /(Name: [^\n]+
Version: \d+.\d+.\d+
URL: https?:\/\/(www\.)?.+
Title: [^\n]*?
Solution: remove or disable this gem until a patch is available!)+/

      expect(subject).to match(advisory_pattern)
      expect(subject).to include("Vulnerabilities found!")
    end
  end

  context "when auditing a secure bundle" do
    let(:bundle)    { 'secure' }
    let(:directory) { File.join('spec','bundle',bundle) }

    subject do
      Dir.chdir(directory) { sh(command) }
    end

    it "should print nothing when everything is fine" do
      expect(subject.strip).to eq("No vulnerabilities found")
    end
  end

  describe "update" do

    let(:update_command) { "#{command} update" }
    let(:bundle)         { 'secure' }
    let(:directory)      { File.join('spec','bundle',bundle) }

    subject do
      Dir.chdir(directory) { sh(update_command) }
    end

    context "when advisories update successfully" do
      it "should print status" do
        expect(subject).not_to include("Fail")
        expect(subject).to include("Updating ruby-mem-advisory-db ...\n")
        expect(subject).to include("Updated ruby-mem-advisory-db\n")
        expect(subject.lines.to_a.last).to match(/ruby-mem-advisory-db: \d+ advisories/)
      end
    end

  end

end

Version data entries

2 entries across 2 versions & 1 rubygems

Version Path
bundler-leak-0.1.0 spec/integration_spec.rb
bundler-leak-0.0.0 spec/integration_spec.rb