/** * Execute the "scan" command * * @param InputInterface $input Input object * @param OutputInterface $output Output object */ protected function execute(InputInterface $input, OutputInterface $output) { $phpVersion = $input->getOption('php-version'); $failOnly = $input->getOption('fail-only'); $sort = $input->getOption('sort'); $scan = new \Psecio\Versionscan\Scan(); $scan->execute($phpVersion); $output->writeLn('Executing against version: ' . $scan->getVersion()); $failedCount = 0; $table = $this->getApplication()->getHelperSet()->get('table'); $table->setHeaders(array('Status', 'CVE ID', 'Risk', 'Summary')); $data = array(); $column = 100; foreach ($scan->getChecks() as $check) { if ($failOnly !== null && $check->getResult() !== true) { continue; } if ($check->getResult() === true) { $status = '<fg=red>FAIL</fg=red>'; $failedCount++; } else { $status = '<fg=green>PASS</fg=green>'; } if ($output->isVerbose() === true) { $summary = trim($check->getSummary()); } else { $summary = strlen($check->getSummary()) > $column ? substr($check->getSummary(), 0, $column - 3) . '...' : $check->getSummary(); } $data[] = array($status, $check->getCveId(), $check->getThreat(), $summary); } if ($sort !== false) { usort($data, function ($row1, $row2) use($sort) { $sort = strtolower($sort); if ($sort == 'cve') { $r1 = str_replace(array('CVE', '-'), '', $row1[1]); $r2 = str_replace(array('CVE', '-'), '', $row2[1]); return $r1 > $r2 ? -1 : 1; } elseif ($sort == 'risk') { $r1 = (int) $row1[2]; $r2 = (int) $row2[2]; return $r1 > $r2 ? -1 : 1; } }); } $table->setRows($data); $table->render($output); $output->writeLn("\nScan complete\n" . str_repeat('-', 20) . "\n" . "Total checks: " . count($scan->getChecks()) . "\n" . "<fg=red>Failures: " . $failedCount . "</fg=red>\n"); }
/** * Execute the "scan" command * * @param InputInterface $input Input object * @param OutputInterface $output Output object */ protected function execute(InputInterface $input, OutputInterface $output) { $phpVersion = $input->getOption('php-version'); $failOnly = $input->getOption('fail-only'); $sort = $input->getOption('sort'); $outputPath = $input->getOption('output'); $format = $input->getOption('format'); $format = $format === null ? 'console' : strtolower($format); if ($format === 'html' && $outputPath === null) { throw new \InvalidArgumentException('Output path must be set for format "HTML"'); } $scan = new \Psecio\Versionscan\Scan(); $scan->execute($phpVersion); $results = array(); $failCount = 0; foreach ($scan->getChecks() as $check) { if ($failOnly !== null && $check->getResult() !== true) { continue; } $status = $check->getResult() === true ? 'fail' : 'pass'; if ($status === 'fail') { $failCount++; } $results[] = array('status' => $status, 'cve-id' => $check->getCveId(), 'risk' => $check->getThreat(), 'summary' => trim($check->getSummary())); } if ($sort !== false) { usort($results, function ($row1, $row2) use($sort) { $sort = strtolower($sort); if ($sort == 'cve') { $r1 = str_replace(array('CVE', '-'), '', $row1['cve-id']); $r2 = str_replace(array('CVE', '-'), '', $row2['cve-id']); return $r1 > $r2 ? -1 : 1; } elseif ($sort == 'risk') { $r1 = (int) $row1['risk']; $r2 = (int) $row2['risk']; return $r1 > $r2 ? -1 : 1; } }); } $options = array('phpVersion' => $scan->getVersion(), 'checksCount' => count($scan->getChecks()), 'failCount' => $failCount, 'outputPath' => $outputPath); $formatClass = '\\Psecio\\Versionscan\\Command\\ScanCommand\\Output\\' . ucwords($format); if (!class_exists($formatClass)) { throw new FormatNotFoundException(sprintf('Output format "%s" not found', $format)); } $outputHandler = new $formatClass($output, $options); return $outputHandler->render($results, $this); }