Skip to content

Fix/gemguard-lockfile-corruption #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wilburhimself wants to merge 3 commits into
base: main
Choose a base branch
from
+93 −83
Open

Fix/gemguard-lockfile-corruption #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bf77e3f
fix: Strip '!' from gem names in Gemfile.lock parser
wilburhimself Sep 2, 2025
690982e
fix: allow ! character in gem names for local gem references in lockf…
wilburhimself Sep 2, 2025
4877ddf
chore: bump version to 1.2.8
wilburhimself Sep 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
PATH
remote: .
specs:
gem_guard (1.2.6)
gem_guard (1.2.8)
json (~> 2.0)
thor (~> 1.0)
tty-prompt (~> 0.23)
Expand Down
Binary file added gem_guard-1.2.6.gem
View file
Open in desktop
Binary file not shown.
Binary file added gem_guard-1.2.8.gem
View file
Open in desktop
Binary file not shown.
5 changes: 3 additions & 2 deletions lib/gem_guard/parser.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,11 +58,12 @@ def validate_dependencies_section!(content, spec_names, lockfile_path)
end

# Expect indentation then a gem name optionally with version in parens
if !/^\s{2,}[a-z0-9_\-]+(\s*\([^)]*\))?\s*$/i.match?(stripped)
# Allow ! character for local gem references (e.g., gem_guard!)
if !/^\s{2,}[a-z0-9_\-!]+(\s*\([^)]*\))?\s*$/i.match?(stripped)
raise GemGuard::InvalidLockfileError, "Invalid Gemfile.lock at #{lockfile_path}: malformed DEPENDENCIES entry '#{line.strip}'"
end

name = stripped.strip.split.first
name = stripped.strip.split.first.delete("!")
# remove optional version tuple e.g., rails, or rails(=7.0.0) case without space
name = name.split("(").first

Expand Down
2 changes: 1 addition & 1 deletion lib/gem_guard/version.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
module GemGuard
VERSION = "1.2.6"
VERSION = "1.2.8"
end
9 changes: 9 additions & 0 deletions lib/gem_guard/vulnerability_fetcher.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,19 @@ def fetch_for(dependencies)
vulnerabilities = []

dependencies.each do |dependency|
spinner.update(text: "[:spinner] Fetching OSV for #{dependency.name}")
vulnerabilities.concat(fetch_osv_vulnerabilities(dependency))

spinner.update(text: "[:spinner] Fetching Ruby Advisory DB for #{dependency.name}")
vulnerabilities.concat(fetch_ruby_advisory_vulnerabilities(dependency))

spinner.update(text: "[:spinner] Fetching GHSA for #{dependency.name}")
vulnerabilities.concat(fetch_ghsa_vulnerabilities(dependency))

spinner.update(text: "[:spinner] Fetching NVD for #{dependency.name}")
vulnerabilities.concat(fetch_nvd_vulnerabilities(dependency))

spinner.update(text: "[:spinner] Fetching Curesec Advisory DB for #{dependency.name}")
vulnerabilities.concat(fetch_cu_advisory_vulnerabilities(dependency))
end

Expand Down
158 changes: 79 additions & 79 deletions spec/examples.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,104 +1,104 @@
example_id | status | run_time |
----------------------------------------------------- | ------ | --------------- |
./spec/gem_guard/analyzer_spec.rb[1:1:1] | passed | 0.00003 seconds |
./spec/gem_guard/analyzer_spec.rb[1:1:2] | passed | 0.00058 seconds |
./spec/gem_guard/analyzer_spec.rb[1:1:3] | passed | 0.00017 seconds |
./spec/gem_guard/analyzer_spec.rb[2:1:1] | passed | 0.00003 seconds |
./spec/gem_guard/analyzer_spec.rb[1:1:1] | passed | 0.00004 seconds |
./spec/gem_guard/analyzer_spec.rb[1:1:2] | passed | 0.00003 seconds |
./spec/gem_guard/analyzer_spec.rb[1:1:3] | passed | 0.00002 seconds |
./spec/gem_guard/analyzer_spec.rb[2:1:1] | passed | 0.00004 seconds |
./spec/gem_guard/analyzer_spec.rb[2:1:2] | passed | 0.00002 seconds |
./spec/gem_guard/analyzer_spec.rb[2:2:1] | passed | 0.00008 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:1:1] | passed | 0.00061 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:1:2] | passed | 0.00038 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:1:3] | passed | 0.00082 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:1:4] | passed | 0.00048 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:2:1] | passed | 0.00034 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:2:2] | passed | 0.00039 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:3:1] | passed | 0.00048 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:2:1:1] | passed | 0.00034 seconds |
./spec/gem_guard/analyzer_spec.rb[2:2:1] | passed | 0.00005 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:1:1] | passed | 0.00049 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:1:2] | passed | 0.00098 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:1:3] | passed | 0.00065 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:1:4] | passed | 0.00273 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:2:1] | passed | 0.00062 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:2:2] | passed | 0.00033 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:1:3:1] | passed | 0.00045 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:2:1:1] | passed | 0.00027 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:2:1:2] | passed | 0.00033 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:2:2:1] | passed | 0.00048 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:2:2:1] | passed | 0.00044 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:2:2:2] | passed | 0.00029 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:2:3:1] | passed | 0.00034 seconds |
./spec/gem_guard/cli_snapshot_spec.rb[1:1] | passed | 0.00072 seconds |
./spec/gem_guard/cli_snapshot_spec.rb[1:2] | passed | 0.00364 seconds |
./spec/gem_guard/cli_spec.rb[1:1:1] | passed | 0.00031 seconds |
./spec/gem_guard/cli_spec.rb[1:1:2] | passed | 0.00072 seconds |
./spec/gem_guard/cli_spec.rb[1:2:1] | passed | 0.0003 seconds |
./spec/gem_guard/cli_spec.rb[1:2:2] | passed | 0.00029 seconds |
./spec/gem_guard/cli_spec.rb[1:3:1] | passed | 0.00049 seconds |
./spec/gem_guard/cli_spec.rb[1:3:2] | passed | 0.00045 seconds |
./spec/gem_guard/config_spec.rb[1:1:1:1] | passed | 0.00015 seconds |
./spec/gem_guard/config_spec.rb[1:1:2:1] | passed | 0.00056 seconds |
./spec/gem_guard/config_spec.rb[1:1:3:1] | passed | 0.00047 seconds |
./spec/gem_guard/auto_fixer_spec.rb[1:2:3:1] | passed | 0.0003 seconds |
./spec/gem_guard/cli_snapshot_spec.rb[1:1] | passed | 0.0025 seconds |
./spec/gem_guard/cli_snapshot_spec.rb[1:2] | passed | 0.00112 seconds |
./spec/gem_guard/cli_spec.rb[1:1:1] | passed | 0.00045 seconds |
./spec/gem_guard/cli_spec.rb[1:1:2] | passed | 0.00033 seconds |
./spec/gem_guard/cli_spec.rb[1:2:1] | passed | 0.00031 seconds |
./spec/gem_guard/cli_spec.rb[1:2:2] | passed | 0.00033 seconds |
./spec/gem_guard/cli_spec.rb[1:3:1] | passed | 0.00047 seconds |
./spec/gem_guard/cli_spec.rb[1:3:2] | passed | 0.00044 seconds |
./spec/gem_guard/config_spec.rb[1:1:1:1] | passed | 0.00012 seconds |
./spec/gem_guard/config_spec.rb[1:1:2:1] | passed | 0.00031 seconds |
./spec/gem_guard/config_spec.rb[1:1:3:1] | passed | 0.00051 seconds |
./spec/gem_guard/config_spec.rb[1:2:1] | passed | 0.00012 seconds |
./spec/gem_guard/config_spec.rb[1:2:2] | passed | 0.00015 seconds |
./spec/gem_guard/config_spec.rb[1:3:1] | passed | 0.00056 seconds |
./spec/gem_guard/config_spec.rb[1:2:2] | passed | 0.00013 seconds |
./spec/gem_guard/config_spec.rb[1:3:1] | passed | 0.00045 seconds |
./spec/gem_guard/config_spec.rb[1:4:1] | passed | 0.00013 seconds |
./spec/gem_guard/config_spec.rb[1:4:2] | passed | 0.00014 seconds |
./spec/gem_guard/config_spec.rb[1:5:1] | passed | 0.00013 seconds |
./spec/gem_guard/config_spec.rb[1:5:2] | passed | 0.00013 seconds |
./spec/gem_guard/config_spec.rb[1:5:1] | passed | 0.00021 seconds |
./spec/gem_guard/config_spec.rb[1:5:2] | passed | 0.00014 seconds |
./spec/gem_guard/config_spec.rb[1:6:1:1] | passed | 0.00014 seconds |
./spec/gem_guard/config_spec.rb[1:6:1:2] | passed | 0.00014 seconds |
./spec/gem_guard/config_spec.rb[1:6:1:3] | passed | 0.00013 seconds |
./spec/gem_guard/config_spec.rb[1:6:2:1] | passed | 0.00014 seconds |
./spec/gem_guard/config_spec.rb[1:7:1] | passed | 0.00039 seconds |
./spec/gem_guard/config_spec.rb[1:8:1] | passed | 0.00018 seconds |
./spec/gem_guard/config_spec.rb[1:6:1:2] | passed | 0.00013 seconds |
./spec/gem_guard/config_spec.rb[1:6:1:3] | passed | 0.00012 seconds |
./spec/gem_guard/config_spec.rb[1:6:2:1] | passed | 0.00017 seconds |
./spec/gem_guard/config_spec.rb[1:7:1] | passed | 0.00048 seconds |
./spec/gem_guard/config_spec.rb[1:8:1] | passed | 0.00023 seconds |
./spec/gem_guard/config_spec.rb[1:8:2] | passed | 0.00011 seconds |
./spec/gem_guard/parser_spec.rb[1:1:1] | passed | 0.00064 seconds |
./spec/gem_guard/parser_spec.rb[1:1:2] | passed | 0.00015 seconds |
./spec/gem_guard/parser_spec.rb[1:1:3] | passed | 0.00029 seconds |
./spec/gem_guard/parser_spec.rb[1:1:4] | passed | 0.00047 seconds |
./spec/gem_guard/parser_spec.rb[1:1:5] | passed | 0.00044 seconds |
./spec/gem_guard/parser_spec.rb[1:1:1] | passed | 0.00021 seconds |
./spec/gem_guard/parser_spec.rb[1:1:2] | passed | 0.0001 seconds |
./spec/gem_guard/parser_spec.rb[1:1:3] | passed | 0.00025 seconds |
./spec/gem_guard/parser_spec.rb[1:1:4] | passed | 0.0002 seconds |
./spec/gem_guard/parser_spec.rb[1:1:5] | passed | 0.00045 seconds |
./spec/gem_guard/parser_spec.rb[2:1:1] | passed | 0.00003 seconds |
./spec/gem_guard/parser_spec.rb[2:2:1] | passed | 0.00003 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:1:1] | passed | 0.00105 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:1:2] | passed | 0.00022 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:2:1] | passed | 0.00003 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:2:2] | passed | 0.00005 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:3] | passed | 0.00004 seconds |
./spec/gem_guard/sbom_cli_spec.rb[1:1] | passed | 0.00019 seconds |
./spec/gem_guard/sbom_cli_spec.rb[1:2] | passed | 0.00028 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:1:1] | passed | 0.00003 seconds |
./spec/gem_guard/parser_spec.rb[2:2:1] | passed | 0.00002 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:1:1] | passed | 0.00095 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:1:2] | passed | 0.00021 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:2:1] | passed | 0.00002 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:2:2] | passed | 0.00003 seconds |
./spec/gem_guard/reporter_spec.rb[1:1:3] | passed | 0.00003 seconds |
./spec/gem_guard/sbom_cli_spec.rb[1:1] | passed | 0.00022 seconds |
./spec/gem_guard/sbom_cli_spec.rb[1:2] | passed | 0.00031 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:1:1] | passed | 0.00005 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:1:2] | passed | 0.00004 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:1:3] | passed | 0.00004 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:1:4] | passed | 0.00003 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:1:5] | passed | 0.00004 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:1] | passed | 0.00004 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:2] | passed | 0.00005 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:3] | passed | 0.00012 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:4] | passed | 0.00004 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:5] | passed | 0.00005 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:6] | passed | 0.00023 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:1:1] | passed | 0.00003 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:2] | passed | 0.00004 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:3] | passed | 0.00003 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:4] | passed | 0.00003 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:5] | passed | 0.00004 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:2:6] | passed | 0.00003 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:1:1] | passed | 0.00002 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:1:2] | passed | 0.00002 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:2:1] | passed | 0.00003 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:2:1] | passed | 0.00002 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:3:1] | passed | 0.00002 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:4:1] | passed | 0.00003 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:4:2] | passed | 0.00004 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:1] | passed | 0.00082 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:2] | passed | 0.00079 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:3] | passed | 0.00061 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:4] | passed | 0.00079 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:5] | passed | 0.00324 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:6] | passed | 0.0009 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:4:1] | passed | 0.00021 seconds |
./spec/gem_guard/sbom_generator_spec.rb[1:3:4:2] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:1] | passed | 0.00079 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:2] | passed | 0.00089 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:3] | passed | 0.00088 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:4] | passed | 0.00185 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:5] | passed | 0.00301 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:1:6] | passed | 0.00091 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:1:1] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:1:2] | passed | 0.00005 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:1:2] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:1:3] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:1:4] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:1:4] | passed | 0.00002 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:1:5] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:2:1] | passed | 0.00002 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:2:2] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:2:1] | passed | 0.00004 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:2:2] | passed | 0.00004 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:2:3] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:2:4] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:3:1] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:3:2] | passed | 0.00004 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:3:1] | passed | 0.00002 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:3:2] | passed | 0.00002 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:3:3] | passed | 0.00002 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:3:4] | passed | 0.00008 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:3:4] | passed | 0.00002 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:4:1] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:4:2] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:4:3] | passed | 0.00002 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[1:1:1] | passed | 0.00217 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[1:1:2] | passed | 0.00013 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[1:1:3] | passed | 0.00066 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[1:1:4] | passed | 0.00024 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[2:1:1] | passed | 0.00003 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[2:2:1] | passed | 0.00003 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:4:2] | passed | 0.00002 seconds |
./spec/gem_guard/typosquat_checker_spec.rb[1:2:4:3] | passed | 0.00003 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[1:1:1] | passed | 0.00014 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[1:1:2] | passed | 0.00012 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[1:1:3] | passed | 0.00012 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[1:1:4] | passed | 0.00019 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[2:1:1] | passed | 0.00002 seconds |
./spec/gem_guard/vulnerability_fetcher_spec.rb[2:2:1] | passed | 0.00002 seconds |
Loading