bundler-audit 0.1.2 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +1 -1
- data/ChangeLog.md +10 -0
- data/Gemfile +1 -1
- data/README.md +50 -34
- data/Rakefile +15 -2
- data/data/ruby-advisory-db/CONTRIBUTING.md +6 -0
- data/data/ruby-advisory-db/CONTRIBUTORS.md +13 -0
- data/data/ruby-advisory-db/Gemfile +3 -0
- data/data/ruby-advisory-db/LICENSE.txt +5 -0
- data/data/ruby-advisory-db/README.md +29 -7
- data/data/ruby-advisory-db/Rakefile +27 -0
- data/data/ruby-advisory-db/gems/actionpack/{2012-1099.yml → OSVDB-79727.yml} +3 -0
- data/data/ruby-advisory-db/gems/actionpack/{2012-3424.yml → OSVDB-84243.yml} +7 -0
- data/data/ruby-advisory-db/gems/actionpack/{2012-3465.yml → OSVDB-84513.yml} +3 -0
- data/data/ruby-advisory-db/gems/actionpack/{2012-3463.yml → OSVDB-84515.yml} +6 -0
- data/data/ruby-advisory-db/gems/actionpack/{2013-0156.yml → OSVDB-89026.yml} +3 -0
- data/data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml +20 -0
- data/data/ruby-advisory-db/gems/actionpack/OSVDB-91454.yml +23 -0
- data/data/ruby-advisory-db/gems/activerecord/{2012-2661.yml → OSVDB-82403.yml} +6 -0
- data/data/ruby-advisory-db/gems/activerecord/{2012-2660.yml → OSVDB-82610.yml} +3 -0
- data/data/ruby-advisory-db/gems/activerecord/{2013-0155.yml → OSVDB-89025.yml} +3 -0
- data/data/ruby-advisory-db/gems/activerecord/{2013-0276.yml → OSVDB-90072.yml} +3 -0
- data/data/ruby-advisory-db/gems/activerecord/{2013-0277.yml → OSVDB-90073.yml} +3 -0
- data/data/ruby-advisory-db/gems/activerecord/OSVDB-91453.yml +26 -0
- data/data/ruby-advisory-db/gems/activesupport/{2012-1098.yml → OSVDB-79726.yml} +6 -0
- data/data/ruby-advisory-db/gems/activesupport/{2012-3464.yml → OSVDB-84516.yml} +3 -0
- data/data/ruby-advisory-db/gems/activesupport/{2013-0333.yml → OSVDB-89594.yml} +3 -0
- data/data/ruby-advisory-db/gems/activesupport/OSVDB-91451.yml +28 -0
- data/data/ruby-advisory-db/gems/command_wrap/OSVDB-91450.yml +10 -0
- data/data/ruby-advisory-db/gems/crack/OSVDB-90742.yml +17 -0
- data/data/ruby-advisory-db/gems/cremefraiche/OSVDB-93395.yml +11 -0
- data/data/ruby-advisory-db/gems/curl/OSVDB-91230.yml +12 -0
- data/data/ruby-advisory-db/gems/devise/{2013-0233.yml → OSVDB-89642.yml} +2 -0
- data/data/ruby-advisory-db/gems/dragonfly/OSVDB-90647.yml +19 -0
- data/data/ruby-advisory-db/gems/enum_column3/OSVDB-94679.yml +9 -0
- data/data/ruby-advisory-db/gems/extlib/OSVDB-90740.yml +18 -0
- data/data/ruby-advisory-db/gems/fastreader/OSVDB-91232.yml +12 -0
- data/data/ruby-advisory-db/gems/fileutils/OSVDB-90715.yml +10 -0
- data/data/ruby-advisory-db/gems/fileutils/OSVDB-90716.yml +10 -0
- data/data/ruby-advisory-db/gems/fileutils/OSVDB-90717.yml +10 -0
- data/data/ruby-advisory-db/gems/flash_tool/OSVDB-90829.yml +9 -0
- data/data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml +18 -0
- data/data/ruby-advisory-db/gems/gtk2/{2007-6183.yml → OSVDB-40774.yml} +2 -0
- data/data/ruby-advisory-db/gems/httparty/OSVDB-90741.yml +19 -0
- data/data/ruby-advisory-db/gems/json/{2013-0269.yml → OSVDB-90074.yml} +4 -2
- data/data/ruby-advisory-db/gems/karteek-docsplit/OSVDB-92117.yml +10 -0
- data/data/ruby-advisory-db/gems/kelredd-pruview/OSVDB-92228.yml +10 -0
- data/data/ruby-advisory-db/gems/ldoce/OSVDB-91870.yml +10 -0
- data/data/ruby-advisory-db/gems/loofah/OSVDB-90945.yml +21 -0
- data/data/ruby-advisory-db/gems/mail/{2011-0739.yml → OSVDB-70667.yml} +2 -0
- data/data/ruby-advisory-db/gems/mail/{2012-2139.yml → OSVDB-81631.yml} +3 -0
- data/data/ruby-advisory-db/gems/mail/{2012-2140.yml → OSVDB-81632.yml} +7 -2
- data/data/ruby-advisory-db/gems/md2pdf/OSVDB-92290.yml +10 -0
- data/data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml +15 -0
- data/data/ruby-advisory-db/gems/multi_xml/{2013-0175.yml → OSVDB-89148.yml} +2 -0
- data/data/ruby-advisory-db/gems/newrelic_rpm/{2013-0284.yml → OSVDB-90189.yml} +4 -2
- data/data/ruby-advisory-db/gems/nori/{2013-0285.yml → OSVDB-90196.yml} +4 -2
- data/data/ruby-advisory-db/gems/omniauth-oauth2/{2012-6134.yml → OSVDB-90264.yml} +4 -2
- data/data/ruby-advisory-db/gems/pdfkit/OSVDB-90867.yml +11 -0
- data/data/ruby-advisory-db/gems/rack-cache/{2012-267.yml → OSVDB-83077.yml} +3 -1
- data/data/ruby-advisory-db/gems/rack/{2013-0263.yml → OSVDB-89939.yml} +2 -0
- data/data/ruby-advisory-db/gems/rdoc/{2013-0256.yml → OSVDB-90004.yml} +2 -0
- data/data/ruby-advisory-db/gems/rgpg/OSVDB-95948.yml +13 -0
- data/data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml +11 -0
- data/data/ruby-advisory-db/gems/spree/OSVDB-91216.yml +10 -0
- data/data/ruby-advisory-db/gems/spree/OSVDB-91217.yml +10 -0
- data/data/ruby-advisory-db/gems/spree/OSVDB-91218.yml +10 -0
- data/data/ruby-advisory-db/gems/spree/OSVDB-91219.yml +10 -0
- data/data/ruby-advisory-db/gems/thumbshooter/OSVDB-91839.yml +10 -0
- data/data/ruby-advisory-db/lib/scrape.rb +87 -0
- data/data/ruby-advisory-db/spec/advisory_example.rb +97 -12
- data/gemspec.yml +3 -1
- data/lib/bundler/audit/advisory.rb +46 -16
- data/lib/bundler/audit/cli.rb +23 -19
- data/lib/bundler/audit/scanner.rb +97 -0
- data/lib/bundler/audit/version.rb +1 -1
- data/spec/advisory_spec.rb +66 -6
- data/spec/bundle/insecure_sources/Gemfile +39 -0
- data/spec/bundle/secure/Gemfile +1 -1
- data/spec/bundle/{vuln → unpatched_gems}/Gemfile +0 -0
- data/spec/integration_spec.rb +75 -6
- data/spec/scanner_spec.rb +74 -0
- metadata +77 -40
data/spec/bundle/secure/Gemfile
CHANGED
File without changes
|
data/spec/integration_spec.rb
CHANGED
@@ -7,8 +7,8 @@ describe "CLI" do
|
|
7
7
|
File.expand_path(File.join(File.dirname(__FILE__),'..','bin','bundle-audit'))
|
8
8
|
end
|
9
9
|
|
10
|
-
context "when auditing a
|
11
|
-
let(:bundle) { '
|
10
|
+
context "when auditing a bundle with unpatched gems" do
|
11
|
+
let(:bundle) { 'unpatched_gems' }
|
12
12
|
let(:directory) { File.join('spec','bundle',bundle) }
|
13
13
|
|
14
14
|
subject do
|
@@ -20,10 +20,26 @@ describe "CLI" do
|
|
20
20
|
end
|
21
21
|
|
22
22
|
it "should print advisory information for the vulnerable gems" do
|
23
|
-
|
23
|
+
expect = %{
|
24
|
+
Name: actionpack
|
25
|
+
Version: 3.2.10
|
26
|
+
Advisory: OSVDB-91452
|
27
|
+
Criticality: Medium
|
28
|
+
URL: http://www.osvdb.org/show/osvdb/91452
|
29
|
+
Title: XSS vulnerability in sanitize_css in Action Pack
|
30
|
+
Solution: upgrade to ~> 2.3.18, ~> 3.1.12, >= 3.2.13
|
31
|
+
|
24
32
|
Name: actionpack
|
25
33
|
Version: 3.2.10
|
26
|
-
|
34
|
+
Advisory: OSVDB-91454
|
35
|
+
Criticality: Medium
|
36
|
+
URL: http://osvdb.org/show/osvdb/91454
|
37
|
+
Title: XSS Vulnerability in the `sanitize` helper of Ruby on Rails
|
38
|
+
Solution: upgrade to ~> 2.3.18, ~> 3.1.12, >= 3.2.13
|
39
|
+
|
40
|
+
Name: actionpack
|
41
|
+
Version: 3.2.10
|
42
|
+
Advisory: OSVDB-89026
|
27
43
|
Criticality: High
|
28
44
|
URL: http://osvdb.org/show/osvdb/89026
|
29
45
|
Title: Ruby on Rails params_parser.rb Action Pack Type Casting Parameter Parsing Remote Code Execution
|
@@ -31,7 +47,15 @@ Solution: upgrade to ~> 2.3.15, ~> 3.0.19, ~> 3.1.10, >= 3.2.11
|
|
31
47
|
|
32
48
|
Name: activerecord
|
33
49
|
Version: 3.2.10
|
34
|
-
|
50
|
+
Advisory: OSVDB-91453
|
51
|
+
Criticality: High
|
52
|
+
URL: http://osvdb.org/show/osvdb/91453
|
53
|
+
Title: Symbol DoS vulnerability in Active Record
|
54
|
+
Solution: upgrade to ~> 2.3.18, ~> 3.1.12, >= 3.2.13
|
55
|
+
|
56
|
+
Name: activerecord
|
57
|
+
Version: 3.2.10
|
58
|
+
Advisory: OSVDB-90072
|
35
59
|
Criticality: Medium
|
36
60
|
URL: http://direct.osvdb.org/show/osvdb/90072
|
37
61
|
Title: Ruby on Rails Active Record attr_protected Method Bypass
|
@@ -39,11 +63,56 @@ Solution: upgrade to ~> 2.3.17, ~> 3.1.11, >= 3.2.12
|
|
39
63
|
|
40
64
|
Name: activerecord
|
41
65
|
Version: 3.2.10
|
42
|
-
|
66
|
+
Advisory: OSVDB-89025
|
43
67
|
Criticality: High
|
44
68
|
URL: http://osvdb.org/show/osvdb/89025
|
45
69
|
Title: Ruby on Rails Active Record JSON Parameter Parsing Query Bypass
|
46
70
|
Solution: upgrade to ~> 2.3.16, ~> 3.0.19, ~> 3.1.10, >= 3.2.11
|
71
|
+
|
72
|
+
Name: activesupport
|
73
|
+
Version: 3.2.10
|
74
|
+
Advisory: OSVDB-91451
|
75
|
+
Criticality: High
|
76
|
+
URL: http://www.osvdb.org/show/osvdb/91451
|
77
|
+
Title: XML Parsing Vulnerability affecting JRuby users
|
78
|
+
Solution: upgrade to ~> 3.1.12, >= 3.2.13
|
79
|
+
|
80
|
+
Unpatched versions found!
|
81
|
+
}.strip.split "\n\n"
|
82
|
+
|
83
|
+
subject.strip.split("\n\n").should =~ expect
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
context "when auditing a bundle with ignored gems" do
|
88
|
+
let(:bundle) { 'unpatched_gems' }
|
89
|
+
let(:directory) { File.join('spec','bundle',bundle) }
|
90
|
+
|
91
|
+
let(:command) do
|
92
|
+
File.expand_path(File.join(File.dirname(__FILE__),'..','bin','bundle-audit -i OSVDB-89026'))
|
93
|
+
end
|
94
|
+
|
95
|
+
subject do
|
96
|
+
Dir.chdir(directory) { sh(command, :fail => true) }
|
97
|
+
end
|
98
|
+
|
99
|
+
it "should not print advisory information for ignored gem" do
|
100
|
+
subject.should_not include("OSVDB-89026")
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
context "when auditing a bundle with insecure sources" do
|
105
|
+
let(:bundle) { 'insecure_sources' }
|
106
|
+
let(:directory) { File.join('spec','bundle',bundle) }
|
107
|
+
|
108
|
+
subject do
|
109
|
+
Dir.chdir(directory) { sh(command, :fail => true) }
|
110
|
+
end
|
111
|
+
|
112
|
+
it "should print warnings about insecure sources" do
|
113
|
+
subject.should include(%{
|
114
|
+
Insecure Source URI found: git://github.com/rails/jquery-rails.git
|
115
|
+
Insecure Source URI found: http://rubygems.org/
|
47
116
|
}.strip)
|
48
117
|
end
|
49
118
|
end
|
@@ -0,0 +1,74 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'bundler/audit/scanner'
|
3
|
+
|
4
|
+
describe Scanner do
|
5
|
+
describe "#scan" do
|
6
|
+
let(:bundle) { 'unpatched_gems' }
|
7
|
+
let(:directory) { File.join('spec','bundle',bundle) }
|
8
|
+
|
9
|
+
subject { described_class.new(directory) }
|
10
|
+
|
11
|
+
it "should yield results" do
|
12
|
+
results = []
|
13
|
+
|
14
|
+
subject.scan { |result| results << result }
|
15
|
+
|
16
|
+
results.should_not be_empty
|
17
|
+
end
|
18
|
+
|
19
|
+
context "when not called with a block" do
|
20
|
+
it "should return an Enumerator" do
|
21
|
+
subject.scan.should be_kind_of(Enumerable)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
context "when auditing a bundle with unpatched gems" do
|
27
|
+
let(:bundle) { 'unpatched_gems' }
|
28
|
+
let(:directory) { File.join('spec','bundle',bundle) }
|
29
|
+
let(:scanner) { described_class.new(directory) }
|
30
|
+
|
31
|
+
subject { scanner.scan.to_a }
|
32
|
+
|
33
|
+
it "should match unpatched gems to their advisories" do
|
34
|
+
subject.all? { |result|
|
35
|
+
result.advisory.vulnerable?(result.gem.version)
|
36
|
+
}.should be_true
|
37
|
+
end
|
38
|
+
|
39
|
+
context "when the :ignore option is given" do
|
40
|
+
subject { scanner.scan(:ignore => ['OSVDB-89026']) }
|
41
|
+
|
42
|
+
it "should ignore the specified advisories" do
|
43
|
+
ids = subject.map { |result| result.advisory.id }
|
44
|
+
|
45
|
+
ids.should_not include('OSVDB-89026')
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
context "when auditing a bundle with insecure sources" do
|
51
|
+
let(:bundle) { 'insecure_sources' }
|
52
|
+
let(:directory) { File.join('spec','bundle',bundle) }
|
53
|
+
let(:scanner) { described_class.new(directory) }
|
54
|
+
|
55
|
+
subject { scanner.scan.to_a }
|
56
|
+
|
57
|
+
it "should match unpatched gems to their advisories" do
|
58
|
+
subject[0].source.should == 'git://github.com/rails/jquery-rails.git'
|
59
|
+
subject[1].source.should == 'http://rubygems.org/'
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
context "when auditing a secure bundle" do
|
64
|
+
let(:bundle) { 'secure' }
|
65
|
+
let(:directory) { File.join('spec','bundle',bundle) }
|
66
|
+
let(:scanner) { described_class.new(directory) }
|
67
|
+
|
68
|
+
subject { scanner.scan.to_a }
|
69
|
+
|
70
|
+
it "should print nothing when everything is fine" do
|
71
|
+
subject.should be_empty
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
metadata
CHANGED
@@ -1,20 +1,18 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bundler-audit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
5
|
-
prerelease:
|
4
|
+
version: 0.2.0
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Postmodern
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date: 2013-
|
11
|
+
date: 2013-08-27 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: bundler
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
17
|
-
none: false
|
18
16
|
requirements:
|
19
17
|
- - ~>
|
20
18
|
- !ruby/object:Gem::Version
|
@@ -22,7 +20,6 @@ dependencies:
|
|
22
20
|
type: :runtime
|
23
21
|
prerelease: false
|
24
22
|
version_requirements: !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
23
|
requirements:
|
27
24
|
- - ~>
|
28
25
|
- !ruby/object:Gem::Version
|
@@ -55,68 +52,108 @@ files:
|
|
55
52
|
- lib/bundler/audit/advisory.rb
|
56
53
|
- lib/bundler/audit/cli.rb
|
57
54
|
- lib/bundler/audit/database.rb
|
55
|
+
- lib/bundler/audit/scanner.rb
|
58
56
|
- lib/bundler/audit/version.rb
|
59
57
|
- spec/advisory_spec.rb
|
60
58
|
- spec/audit_spec.rb
|
59
|
+
- spec/bundle/insecure_sources/Gemfile
|
61
60
|
- spec/bundle/secure/Gemfile
|
62
|
-
- spec/bundle/
|
61
|
+
- spec/bundle/unpatched_gems/Gemfile
|
63
62
|
- spec/database_spec.rb
|
64
63
|
- spec/integration_spec.rb
|
64
|
+
- spec/scanner_spec.rb
|
65
65
|
- spec/spec_helper.rb
|
66
66
|
- data/ruby-advisory-db/.rspec
|
67
|
+
- data/ruby-advisory-db/CONTRIBUTING.md
|
68
|
+
- data/ruby-advisory-db/CONTRIBUTORS.md
|
69
|
+
- data/ruby-advisory-db/Gemfile
|
70
|
+
- data/ruby-advisory-db/LICENSE.txt
|
67
71
|
- data/ruby-advisory-db/README.md
|
68
|
-
- data/ruby-advisory-db/
|
69
|
-
- data/ruby-advisory-db/gems/actionpack/
|
70
|
-
- data/ruby-advisory-db/gems/actionpack/
|
71
|
-
- data/ruby-advisory-db/gems/actionpack/
|
72
|
-
- data/ruby-advisory-db/gems/actionpack/
|
73
|
-
- data/ruby-advisory-db/gems/
|
74
|
-
- data/ruby-advisory-db/gems/
|
75
|
-
- data/ruby-advisory-db/gems/
|
76
|
-
- data/ruby-advisory-db/gems/activerecord/
|
77
|
-
- data/ruby-advisory-db/gems/activerecord/
|
78
|
-
- data/ruby-advisory-db/gems/
|
79
|
-
- data/ruby-advisory-db/gems/
|
80
|
-
- data/ruby-advisory-db/gems/
|
81
|
-
- data/ruby-advisory-db/gems/
|
82
|
-
- data/ruby-advisory-db/gems/
|
83
|
-
- data/ruby-advisory-db/gems/
|
84
|
-
- data/ruby-advisory-db/gems/
|
85
|
-
- data/ruby-advisory-db/gems/
|
86
|
-
- data/ruby-advisory-db/gems/
|
87
|
-
- data/ruby-advisory-db/gems/
|
88
|
-
- data/ruby-advisory-db/gems/
|
89
|
-
- data/ruby-advisory-db/gems/
|
90
|
-
- data/ruby-advisory-db/gems/
|
91
|
-
- data/ruby-advisory-db/gems/
|
92
|
-
- data/ruby-advisory-db/gems/
|
93
|
-
- data/ruby-advisory-db/gems/
|
72
|
+
- data/ruby-advisory-db/Rakefile
|
73
|
+
- data/ruby-advisory-db/gems/actionpack/OSVDB-79727.yml
|
74
|
+
- data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
|
75
|
+
- data/ruby-advisory-db/gems/actionpack/OSVDB-84513.yml
|
76
|
+
- data/ruby-advisory-db/gems/actionpack/OSVDB-84515.yml
|
77
|
+
- data/ruby-advisory-db/gems/actionpack/OSVDB-89026.yml
|
78
|
+
- data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
|
79
|
+
- data/ruby-advisory-db/gems/actionpack/OSVDB-91454.yml
|
80
|
+
- data/ruby-advisory-db/gems/activerecord/OSVDB-82403.yml
|
81
|
+
- data/ruby-advisory-db/gems/activerecord/OSVDB-82610.yml
|
82
|
+
- data/ruby-advisory-db/gems/activerecord/OSVDB-89025.yml
|
83
|
+
- data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
|
84
|
+
- data/ruby-advisory-db/gems/activerecord/OSVDB-90073.yml
|
85
|
+
- data/ruby-advisory-db/gems/activerecord/OSVDB-91453.yml
|
86
|
+
- data/ruby-advisory-db/gems/activesupport/OSVDB-79726.yml
|
87
|
+
- data/ruby-advisory-db/gems/activesupport/OSVDB-84516.yml
|
88
|
+
- data/ruby-advisory-db/gems/activesupport/OSVDB-89594.yml
|
89
|
+
- data/ruby-advisory-db/gems/activesupport/OSVDB-91451.yml
|
90
|
+
- data/ruby-advisory-db/gems/command_wrap/OSVDB-91450.yml
|
91
|
+
- data/ruby-advisory-db/gems/crack/OSVDB-90742.yml
|
92
|
+
- data/ruby-advisory-db/gems/cremefraiche/OSVDB-93395.yml
|
93
|
+
- data/ruby-advisory-db/gems/curl/OSVDB-91230.yml
|
94
|
+
- data/ruby-advisory-db/gems/devise/OSVDB-89642.yml
|
95
|
+
- data/ruby-advisory-db/gems/dragonfly/OSVDB-90647.yml
|
96
|
+
- data/ruby-advisory-db/gems/enum_column3/OSVDB-94679.yml
|
97
|
+
- data/ruby-advisory-db/gems/extlib/OSVDB-90740.yml
|
98
|
+
- data/ruby-advisory-db/gems/fastreader/OSVDB-91232.yml
|
99
|
+
- data/ruby-advisory-db/gems/fileutils/OSVDB-90715.yml
|
100
|
+
- data/ruby-advisory-db/gems/fileutils/OSVDB-90716.yml
|
101
|
+
- data/ruby-advisory-db/gems/fileutils/OSVDB-90717.yml
|
102
|
+
- data/ruby-advisory-db/gems/flash_tool/OSVDB-90829.yml
|
103
|
+
- data/ruby-advisory-db/gems/ftpd/OSVDB-90784.yml
|
104
|
+
- data/ruby-advisory-db/gems/gtk2/OSVDB-40774.yml
|
105
|
+
- data/ruby-advisory-db/gems/httparty/OSVDB-90741.yml
|
106
|
+
- data/ruby-advisory-db/gems/json/OSVDB-90074.yml
|
107
|
+
- data/ruby-advisory-db/gems/karteek-docsplit/OSVDB-92117.yml
|
108
|
+
- data/ruby-advisory-db/gems/kelredd-pruview/OSVDB-92228.yml
|
109
|
+
- data/ruby-advisory-db/gems/ldoce/OSVDB-91870.yml
|
110
|
+
- data/ruby-advisory-db/gems/loofah/OSVDB-90945.yml
|
111
|
+
- data/ruby-advisory-db/gems/mail/OSVDB-70667.yml
|
112
|
+
- data/ruby-advisory-db/gems/mail/OSVDB-81631.yml
|
113
|
+
- data/ruby-advisory-db/gems/mail/OSVDB-81632.yml
|
114
|
+
- data/ruby-advisory-db/gems/md2pdf/OSVDB-92290.yml
|
115
|
+
- data/ruby-advisory-db/gems/mini_magick/OSVDB-91231.yml
|
116
|
+
- data/ruby-advisory-db/gems/multi_xml/OSVDB-89148.yml
|
117
|
+
- data/ruby-advisory-db/gems/newrelic_rpm/OSVDB-90189.yml
|
118
|
+
- data/ruby-advisory-db/gems/nori/OSVDB-90196.yml
|
119
|
+
- data/ruby-advisory-db/gems/omniauth-oauth2/OSVDB-90264.yml
|
120
|
+
- data/ruby-advisory-db/gems/pdfkit/OSVDB-90867.yml
|
121
|
+
- data/ruby-advisory-db/gems/rack-cache/OSVDB-83077.yml
|
122
|
+
- data/ruby-advisory-db/gems/rack/OSVDB-89939.yml
|
123
|
+
- data/ruby-advisory-db/gems/rdoc/OSVDB-90004.yml
|
124
|
+
- data/ruby-advisory-db/gems/rgpg/OSVDB-95948.yml
|
125
|
+
- data/ruby-advisory-db/gems/ruby_parser/OSVDB-90561.yml
|
126
|
+
- data/ruby-advisory-db/gems/spree/OSVDB-91216.yml
|
127
|
+
- data/ruby-advisory-db/gems/spree/OSVDB-91217.yml
|
128
|
+
- data/ruby-advisory-db/gems/spree/OSVDB-91218.yml
|
129
|
+
- data/ruby-advisory-db/gems/spree/OSVDB-91219.yml
|
130
|
+
- data/ruby-advisory-db/gems/thumbshooter/OSVDB-91839.yml
|
131
|
+
- data/ruby-advisory-db/lib/scrape.rb
|
94
132
|
- data/ruby-advisory-db/spec/advisory_example.rb
|
95
133
|
- data/ruby-advisory-db/spec/gems_spec.rb
|
96
134
|
- data/ruby-advisory-db/spec/spec_helper.rb
|
97
|
-
homepage: https://github.com/
|
135
|
+
homepage: https://github.com/rubysec/bundler-audit#readme
|
98
136
|
licenses:
|
99
137
|
- GPLv3
|
138
|
+
metadata: {}
|
100
139
|
post_install_message:
|
101
140
|
rdoc_options: []
|
102
141
|
require_paths:
|
103
142
|
- lib
|
104
143
|
required_ruby_version: !ruby/object:Gem::Requirement
|
105
|
-
none: false
|
106
144
|
requirements:
|
107
|
-
- -
|
145
|
+
- - '>='
|
108
146
|
- !ruby/object:Gem::Version
|
109
147
|
version: '0'
|
110
148
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
111
|
-
none: false
|
112
149
|
requirements:
|
113
|
-
- -
|
150
|
+
- - '>='
|
114
151
|
- !ruby/object:Gem::Version
|
115
|
-
version:
|
152
|
+
version: 1.8.0
|
116
153
|
requirements: []
|
117
154
|
rubyforge_project:
|
118
|
-
rubygems_version:
|
155
|
+
rubygems_version: 2.0.5
|
119
156
|
signing_key:
|
120
|
-
specification_version:
|
157
|
+
specification_version: 4
|
121
158
|
summary: Patch-level verification for Bundler
|
122
159
|
test_files: []
|