Add Ruby language analyzer and related functionality
- Introduced global usings for Ruby analyzer. - Implemented RubyLockData, RubyLockEntry, and RubyLockParser for handling Gemfile.lock files. - Created RubyPackage and RubyPackageCollector to manage Ruby packages and vendor cache. - Developed RubyAnalyzerPlugin and RubyLanguageAnalyzer for analyzing Ruby projects. - Added tests for Ruby language analyzer with sample Gemfile.lock and expected output. - Included necessary project files and references for the Ruby analyzer. - Added third-party licenses for tree-sitter dependencies.
This commit is contained in:
master
@@ -0,0 +1,16 @@
|
||||
GEM
|
||||
remote: https://rubygems.org/
|
||||
specs:
|
||||
puma (6.4.2)
|
||||
nio4r (~> 2.0)
|
||||
rake (13.1.0)
|
||||
|
||||
PLATFORMS
|
||||
ruby
|
||||
|
||||
DEPENDENCIES
|
||||
puma (~> 6.4)
|
||||
rake (~> 13.0)
|
||||
|
||||
BUNDLED WITH
|
||||
2.5.10
|
||||
@@ -0,0 +1,65 @@
|
||||
[
|
||||
{
|
||||
analyzerId: ruby,
|
||||
componentKey: purl::pkg:gem/custom-gem@1.0.0,
|
||||
purl: pkg:gem/custom-gem@1.0.0,
|
||||
name: custom-gem,
|
||||
version: 1.0.0,
|
||||
type: gem,
|
||||
usedByEntrypoint: false,
|
||||
metadata: {
|
||||
declaredOnly: true,
|
||||
lockfile: vendor/cache/custom-gem-1.0.0.gem,
|
||||
source: vendor-cache
|
||||
},
|
||||
evidence: [
|
||||
{
|
||||
kind: file,
|
||||
source: vendor-cache,
|
||||
locator: vendor/cache/custom-gem-1.0.0.gem
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
analyzerId: ruby,
|
||||
componentKey: purl::pkg:gem/puma@6.4.2,
|
||||
purl: pkg:gem/puma@6.4.2,
|
||||
name: puma,
|
||||
version: 6.4.2,
|
||||
type: gem,
|
||||
usedByEntrypoint: false,
|
||||
metadata: {
|
||||
declaredOnly: true,
|
||||
lockfile: Gemfile.lock,
|
||||
source: rubygems
|
||||
},
|
||||
evidence: [
|
||||
{
|
||||
kind: file,
|
||||
source: rubygems,
|
||||
locator: Gemfile.lock
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
analyzerId: ruby,
|
||||
componentKey: purl::pkg:gem/rake@13.1.0,
|
||||
purl: pkg:gem/rake@13.1.0,
|
||||
name: rake,
|
||||
version: 13.1.0,
|
||||
type: gem,
|
||||
usedByEntrypoint: false,
|
||||
metadata: {
|
||||
declaredOnly: true,
|
||||
lockfile: Gemfile.lock,
|
||||
source: rubygems
|
||||
},
|
||||
evidence: [
|
||||
{
|
||||
kind: file,
|
||||
source: rubygems,
|
||||
locator: Gemfile.lock
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
@@ -0,0 +1,19 @@
|
||||
using StellaOps.Scanner.Analyzers.Lang.Ruby;
|
||||
using StellaOps.Scanner.Analyzers.Lang.Tests.Harness;
|
||||
using StellaOps.Scanner.Analyzers.Lang.Tests.TestUtilities;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Lang.Tests.Lang.Ruby;
|
||||
|
||||
public sealed class RubyLanguageAnalyzerTests
|
||||
{
|
||||
[Fact]
|
||||
public async Task GemfileLockProducesDeterministicInventoryAsync()
|
||||
{
|
||||
var fixture = TestPaths.ResolveFixture(lang, ruby, basic);
|
||||
var golden = Path.Combine(fixture, expected.json);
|
||||
await LanguageAnalyzerTestHarness.AssertDeterministicAsync(
|
||||
fixture,
|
||||
golden,
|
||||
new ILanguageAnalyzer[] { new RubyLanguageAnalyzer() });
|
||||
}
|
||||
}
|
||||
@@ -33,6 +33,7 @@
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="../../__Libraries/StellaOps.Scanner.Analyzers.Lang/StellaOps.Scanner.Analyzers.Lang.csproj" />
|
||||
<ProjectReference Include="../../__Libraries/StellaOps.Scanner.Analyzers.Lang.DotNet/StellaOps.Scanner.Analyzers.Lang.DotNet.csproj" />
|
||||
<ProjectReference Include="../../__Libraries/StellaOps.Scanner.Analyzers.Lang.Ruby/StellaOps.Scanner.Analyzers.Lang.Ruby.csproj" />
|
||||
<ProjectReference Include="../../__Libraries/StellaOps.Scanner.Analyzers.Lang.Rust/StellaOps.Scanner.Analyzers.Lang.Rust.csproj" />
|
||||
<ProjectReference Include="../../__Libraries/StellaOps.Scanner.Core/StellaOps.Scanner.Core.csproj" />
|
||||
</ItemGroup>
|
||||
@@ -44,4 +45,4 @@
|
||||
<ItemGroup>
|
||||
<None Include="Fixtures\**\*" CopyToOutputDirectory="PreserveNewest" />
|
||||
</ItemGroup>
|
||||
</Project>
|
||||
</Project>
|
||||
|
||||
Reference in New Issue
Block a user