codeclimate
diff --git a/‎Gemfile‎
Lines changed: 0 additions & 1 deletion b/‎Gemfile‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎Gemfile.lock‎
Lines changed: 3 additions & 5 deletions b/‎Gemfile.lock‎
Lines changed: 3 additions & 5 deletions
diff --git a/‎lib/cc/engine/bundler_audit.rb‎
Lines changed: 12 additions & 11 deletions b/‎lib/cc/engine/bundler_audit.rb‎
Lines changed: 12 additions & 11 deletions
diff --git a/‎spec/cc/engine/bundler_audit_spec.rb‎
Lines changed: 14 additions & 43 deletions b/‎spec/cc/engine/bundler_audit_spec.rb‎
Lines changed: 14 additions & 43 deletions
diff --git a/‎spec/fixtures/no_gemfile_lock/.gitkeep‎ b/‎spec/fixtures/no_gemfile_lock/.gitkeep‎
@@ -7,5 +7,4 @@ gem "rake"
 
 group :test do
   gem "rspec", require: false
-  gem "fakefs", require: false
 end
@@ -1,12 +1,11 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    blockenspiel (0.4.5)
+    blockenspiel (0.5.0)
     bundler-audit (0.4.0)
       bundler (~> 1.2)
       thor (~> 0.18)
     diff-lcs (1.2.5)
-    fakefs (0.6.7)
     json (1.8.3)
     rake (10.4.2)
     rspec (3.3.0)
@@ -23,15 +22,14 @@ GEM
       rspec-support (~> 3.3.0)
     rspec-support (3.3.0)
     thor (0.19.1)
-    versionomy (0.4.4)
-      blockenspiel (>= 0.4.5)
+    versionomy (0.5.0)
+      blockenspiel (~> 0.5)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   bundler-audit
-  fakefs
   json
   rake
   rspec
 
@@ -19,17 +19,18 @@ def initialize(directory: , io: , engine_config: )
 
       def run
         if gemfile_lock_exists?
-          Dir.chdir(@directory)
-          raw_output = `bundle-audit`
-          raw_issues = raw_output.split(/\n\n/).select { |chunk|
-            chunk =~ /^Name: /
-          }
-          @gemfile_lock_lines = File.read(
-            File.join(@directory, 'Gemfile.lock')
-          ).lines
-          raw_issues.each do |raw_issue|
-            issue = issue_from_raw(raw_issue)
-            @io.print("#{issue.to_json}\0")
+          Dir.chdir(@directory) do
+            raw_output = `bundle-audit`
+            raw_issues = raw_output.split(/\n\n/).select { |chunk|
+              chunk =~ /^Name: /
+            }
+            @gemfile_lock_lines = File.read(
+              File.join(@directory, 'Gemfile.lock')
+            ).lines
+            raw_issues.each do |raw_issue|
+              issue = issue_from_raw(raw_issue)
+              @io.print("#{issue.to_json}\0")
+            end
           end
         else
           raise GemfileLockNotFound, "No Gemfile.lock found."
 
@@ -4,58 +4,29 @@ module CC::Engine
   describe BundlerAudit do
     describe "#run" do
       it "raises an error when no Gemfile.lock exists" do
-        FakeFS do
-          directory = "/c"
-          FileUtils.mkdir_p(directory)
-          io = StringIO.new
-          config = {}
+        directory = File.join(Dir.pwd, "spec", "fixtures", "no_gemfile_lock")
+        io = StringIO.new
 
-          expect { BundlerAudit.new(directory: directory, io: io, engine_config: config).run }
-            .to raise_error(CC::Engine::BundlerAudit::GemfileLockNotFound)
-        end
+        expect { BundlerAudit.new(directory: directory, io: io, engine_config: {}).run }
+          .to raise_error(CC::Engine::BundlerAudit::GemfileLockNotFound)
       end
 
       it "emits issues for Gemfile.lock problems" do
-        bundle_audit_output = <<-EOF
-Name: actionpack
-Version: 3.2.10
-Advisory: OSVDB-91452
-Criticality: Medium
-URL: http://www.osvdb.org/show/osvdb/91452
-Title: XSS vulnerability in sanitize_css in Action Pack
-Solution: upgrade to ~> 2.3.18, ~> 3.1.12, >= 3.2.13
-        EOF
-        result = {
-          categories: ["Security"],
-          check_name: "Insecure Dependency",
-          content: {
-            body: "**Advisory**: OSVDB-91452\n\n**Criticality**: Medium\n\n**URL**: http://www.osvdb.org/show/osvdb/91452\n\n**Solution**: upgrade to ~> 2.3.18, ~> 3.1.12, >= 3.2.13"
-          },
-          description: "XSS vulnerability in sanitize_css in Action Pack",
-          location: {
-            path: "Gemfile.lock",
-            lines: { begin: nil, end: nil }
-          },
-          remediation_points: 500_000,
-          severity: "normal",
-          type: "Issue",
-        }.to_json
         io = StringIO.new
-        directory = "/c"
-        config = {}
-
-        FakeFS do
-          FileUtils.mkdir_p(directory)
-          FileUtils.touch("/c/Gemfile.lock")
+        directory = File.join(Dir.pwd, "spec", "fixtures", "unpatched_versions")
 
-          audit = BundlerAudit.new(directory: directory, io: io, engine_config: config)
+        audit = BundlerAudit.new(directory: directory, io: io, engine_config: {})
+        audit.run
 
-          allow(audit).to receive(:`).and_return(bundle_audit_output)
+        issues = io.string.split("\0").map { |issue| JSON.load(issue) }
 
-          audit.run
-        end
+        expect(issues).to eq(expected_issues("unpatched_versions"))
+      end
 
-        expect(io.string).to eq("#{result}\0")
+      def expected_issues(fixture)
+        path = File.join(Dir.pwd, "spec", "fixtures", fixture, "issues.json")
+        body = File.read(path)
+        JSON.load(body)
       end
     end
   end