SecurityMailCommand - Code Metrics - Inspection of "Replace abandoned Sensiolabs security checker" - Jorijn/laravel-security-checker - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#34)

by Paras

created 2021-01-28 12:57 UTC

SecurityMailCommand A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	51
Duplicated Lines	0 %

Test Coverage

Coverage

100%

Importance

Changes	4
Bugs	1	Features	1

Metric	Value
eloc	22
dl	0
loc	51
ccs	15
cts	15
cp	1
rs	10
c	4
b	1
f	1
wmc	5

1 Method

Rating	Name	Duplication	Size	Complexity
A	handle()	0	36	5

<?php

namespace Jorijn\LaravelSecurityChecker\Console;

use Enlightn\SecurityChecker\AdvisoryAnalyzer;
use Enlightn\SecurityChecker\AdvisoryFetcher;
use Enlightn\SecurityChecker\AdvisoryParser;
use Enlightn\SecurityChecker\Composer;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Mail;
use Jorijn\LaravelSecurityChecker\Mailables\SecurityMail;

class SecurityMailCommand extends Command
{
    /**
     * @var string
     */
    protected $name = 'security-check:email';

    /**
     * @var string
     */
    protected $description = 'Emails any vulnerabilities for packages you have in your composer.lock file.';

    /**
     * Execute the command
     */
    public function handle()
    {
        // get the path to composer.lock
        $composerLock = base_path('composer.lock');

        // and feed it into the SecurityChecker
        Log::debug('about to check for vulnerabilities');
        $parser = new AdvisoryParser((new AdvisoryFetcher)->fetchAdvisories());
        $dependencies = (new Composer)->getDependencies($composerLock);
        $checkResult = (new AdvisoryAnalyzer($parser->getAdvisories()))->analyzeDependencies($dependencies);

        // if the user didn't want any email if there are no results,
        // cancel execution here.
        $proceed = config('laravel-security-checker.notify_even_without_vulnerabilities', false);
        if ($proceed !== true && \count($checkResult) === 0) {
            Log::info('no vulnerabilities were found, not sending any email');
            return 0;
        }

        // get the recipients and filter out any configuration mistakes
        $recipients = collect(config('laravel-security-checker.recipients', [ ]))->filter(function ($recipient) {
            return $recipient !== null && !empty($recipient);
        });

        if ($recipients->count() === 0) {
            Log::error('vulnerabilities were found, but there are no recipients configured');
            $this->error(
                /** @scrutinizer ignore-type */__('laravel-security-checker::messages.no_recipients_configured')
            );
            return 1;
        }

        Log::warning('vulnerabilities were found, emailed to configured recipients');
        Mail::to($recipients->toArray())->send(new SecurityMail($checkResult));

        return 0;
    }
}


1		<?php
2
3		namespace Jorijn\LaravelSecurityChecker\Console;
4
5		use Enlightn\SecurityChecker\AdvisoryAnalyzer;
6		use Enlightn\SecurityChecker\AdvisoryFetcher;
7		use Enlightn\SecurityChecker\AdvisoryParser;
8		use Enlightn\SecurityChecker\Composer;
9		use Illuminate\Console\Command;
10		use Illuminate\Support\Facades\Log;
11		use Illuminate\Support\Facades\Mail;
12		use Jorijn\LaravelSecurityChecker\Mailables\SecurityMail;
13
14		class SecurityMailCommand extends Command
15		{
16		/**
17		* @var string
18		*/
19		protected $name = 'security-check:email';
20
21		/**
22		* @var string
23		*/
24		protected $description = 'Emails any vulnerabilities for packages you have in your composer.lock file.';
25
26		/**
27		* Execute the command
28		*/
29		public function handle()
30		{
31		// get the path to composer.lock
32		$composerLock = base_path('composer.lock');
33	27
34		// and feed it into the SecurityChecker
35	27	Log::debug('about to check for vulnerabilities');
36		$parser = new AdvisoryParser((new AdvisoryFetcher)->fetchAdvisories());
37	27	$dependencies = (new Composer)->getDependencies($composerLock);
38	27	$checkResult = (new AdvisoryAnalyzer($parser->getAdvisories()))->analyzeDependencies($dependencies);
39
40		// if the user didn't want any email if there are no results,
41		// cancel execution here.
42		$proceed = config('laravel-security-checker.notify_even_without_vulnerabilities', false);
43	12	if ($proceed !== true && \count($checkResult) === 0) {
44		Log::info('no vulnerabilities were found, not sending any email');
45		return 0;
46	12	}
47
48		// get the recipients and filter out any configuration mistakes
49	12	$recipients = collect(config('laravel-security-checker.recipients', [ ]))->filter(function ($recipient) {
50	12	return $recipient !== null && !empty($recipient);
51		});
52
53		if ($recipients->count() === 0) {
54	12	Log::error('vulnerabilities were found, but there are no recipients configured');
55	12	$this->error(
56	3	/** @scrutinizer ignore-type */__('laravel-security-checker::messages.no_recipients_configured')
57	3	);
58		return 1;
59		}
60
61	9	Log::warning('vulnerabilities were found, emailed to configured recipients');
62	6	Mail::to($recipients->toArray())->send(new SecurityMail($checkResult));
63	9
64		return 0;
65	9	}
66		}
67

Jorijn / laravel-security-checker

Pull Request — master (#34)

SecurityMailCommand A

Complexity

Size/Duplication

Test Coverage

Importance

1 Method

Duplication Side-by-Side

Filter issues like