Contents

# frozen_string_literal: true

module Overcommit::Hook::PreCommit
  # Checks for vulnerable versions of gems in Gemfile.lock.
  #
  # @see https://github.com/rubysec/bundler-audit
  class BundleAudit < Base
    LOCK_FILE = 'Gemfile.lock'

    def run
      # Ignore if Gemfile.lock is not tracked by git
      ignored_files = execute(%W[git ls-files -o -i --exclude-standard -- #{LOCK_FILE}]).
                      stdout.split("\n")
      return :pass if ignored_files.include?(LOCK_FILE)

      result = execute(command)
      if result.success?
        :pass
      else
        return [:warn, result.stdout]
      end
    end
  end
end

Version data entries

18 entries across 18 versions & 2 rubygems

Version	Path
overcommit-0.58.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.57.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.56.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.55.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.54.1	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.54.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-jeygeethanmedia-0.53.1.2	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-jeygeethanmedia-0.53.1.1	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-jeygeethanmedia-0.53.1	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.53.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.52.1	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.52.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.51.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.50.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.49.1	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.49.0	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.48.1	lib/overcommit/hook/pre_commit/bundle_audit.rb
overcommit-0.48.0	lib/overcommit/hook/pre_commit/bundle_audit.rb