appcanary 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +20 -4
- data/lib/appcanary/http.rb +1 -1
- data/lib/appcanary/tasks/appcanary/check.rake +12 -2
- data/lib/appcanary/version.rb +1 -1
- metadata +3 -4
- data/.travis.yml +0 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 284939affc1454e5a6d28abe108b4c9949288c2e
|
4
|
+
data.tar.gz: 59b656003a5ac8a4533377757197d79d25ca1784
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 201fd68b7ef60153da6d237043726f558c04ad23fcc430f1090def068ce5880c2982b1f5307d26feb6396121fd5415233675b9628e2a8a22a84e74c18f4b407f
|
7
|
+
data.tar.gz: a3f711c3e6997fe909af3225404472f7f4e27499b5daff2710a83e07e11292a1fd69788a2f639565aeacf5977c2c1af77d8a89b36e586c4871b68333dc530bb7
|
data/README.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
[![CircleCI](https://circleci.com/gh/appcanary/appcanary.rb.svg?style=svg)](https://circleci.com/gh/appcanary/appcanary.rb)
|
4
4
|
|
5
|
-
[Appcanary](https://appcanary.
|
5
|
+
[Appcanary](https://appcanary.com) is a service which keeps track of which
|
6
6
|
versions of what packages are vulnerable to which security vulnerabilities, so
|
7
7
|
you don't have to.
|
8
8
|
|
@@ -17,7 +17,7 @@ These instructions will get you going on CircleCI with a rails project.
|
|
17
17
|
First, add the appcanary gem to your Gemfile:
|
18
18
|
|
19
19
|
```ruby
|
20
|
-
gem "appcanary"
|
20
|
+
gem "appcanary"
|
21
21
|
```
|
22
22
|
|
23
23
|
`bundle install` it to update your `Gemfile.lock`.
|
@@ -31,7 +31,7 @@ Appcanary.api_key = ENV["APPCANARY_API_KEY"] || "api key not set"
|
|
31
31
|
Now, add the following lines to your `circle.yml` file:
|
32
32
|
|
33
33
|
```yaml
|
34
|
-
|
34
|
+
test:
|
35
35
|
# [ ... other dependency bits elided ... ]
|
36
36
|
post:
|
37
37
|
# outputs CVEs and references
|
@@ -79,7 +79,7 @@ end
|
|
79
79
|
```
|
80
80
|
|
81
81
|
This config style is perhaps best suited to use an initializer file in rails
|
82
|
-
projects.
|
82
|
+
projects. We suggest `config/initializers/appcanary.rb` as a good spot for that.
|
83
83
|
|
84
84
|
Here's a static configuration which is a bit less railsish:
|
85
85
|
|
@@ -124,6 +124,22 @@ base_uri: "https://appcanary.com/api/v3"
|
|
124
124
|
monitor_name: "my_monitor"
|
125
125
|
```
|
126
126
|
|
127
|
+
### Heroku
|
128
|
+
|
129
|
+
For Heroku rails deployments, everything should really "just work".
|
130
|
+
|
131
|
+
1. Include the `appcanary` gem in your `Gemfile` - see previous section.
|
132
|
+
2. Ensure you have the `api_key` set to `ENV["APPCANARY_API_KEY"]` - see previous section.
|
133
|
+
3. Set the env var like this: `heroku config:set APPCANARY_API_KEY=xxxx -a yorapp`, where `yorapp` is replaced with the name of your Heroku application.
|
134
|
+
4. Once deployed, try `heroku run rake appcanary:check` to verify your dependencies.
|
135
|
+
5. Optionally, set up a regular monitor update using the heroku scheduler:
|
136
|
+
1. `heroku addons:create scheduler:standard` - creates a new scheduler service instance, attached to your application.
|
137
|
+
2. `heroku addons:open scheduler` - opens a browser window on the scheduler service UI.
|
138
|
+
3. Add a job that executes `rake appcanary:update_monitor` - the scheduler UI makes how to do this obvious (at the time of writing).
|
139
|
+
|
140
|
+
Steps 1 and 2 are exactly as described in previous sections. This should get you
|
141
|
+
going with a rails deployment on Heroku.
|
142
|
+
|
127
143
|
## Configuration
|
128
144
|
|
129
145
|
As we've seen, you can configure the appcanary gem several different ways. All
|
data/lib/appcanary/http.rb
CHANGED
@@ -4,11 +4,21 @@ require "rake"
|
|
4
4
|
def run_check
|
5
5
|
response = Appcanary.check
|
6
6
|
if response["meta"]["vulnerable"]
|
7
|
+
puts "This app has security vulnerabilities.\n\n"
|
8
|
+
puts "You should upgrade the following packages:"
|
9
|
+
|
10
|
+
puts response["data"].map { |p| p["attributes"]["name"] }.uniq
|
11
|
+
|
12
|
+
puts "\n\n"
|
13
|
+
puts "Due to the following vulnerabilities:"
|
14
|
+
|
7
15
|
response["included"].map do |vuln|
|
8
|
-
vuln["
|
16
|
+
vuln["id"]
|
9
17
|
end.flatten.uniq.each do |ref|
|
10
|
-
puts ref
|
18
|
+
puts "https://appcanary.com/vulns/#{ref}"
|
11
19
|
end
|
20
|
+
|
21
|
+
exit 1
|
12
22
|
end
|
13
23
|
rescue => e
|
14
24
|
puts e
|
data/lib/appcanary/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: appcanary
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- J Irving
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2017-
|
12
|
+
date: 2017-04-06 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: multipart-post
|
@@ -104,7 +104,6 @@ extensions: []
|
|
104
104
|
extra_rdoc_files: []
|
105
105
|
files:
|
106
106
|
- ".gitignore"
|
107
|
-
- ".travis.yml"
|
108
107
|
- Gemfile
|
109
108
|
- README.md
|
110
109
|
- Rakefile
|
@@ -140,7 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
140
139
|
version: '0'
|
141
140
|
requirements: []
|
142
141
|
rubyforge_project:
|
143
|
-
rubygems_version: 2.5.
|
142
|
+
rubygems_version: 2.5.1
|
144
143
|
signing_key:
|
145
144
|
specification_version: 4
|
146
145
|
summary: Check your dependencies against Appcanary's database.
|