capistrano-holepicker 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 95d4b2cb9a5203e1037dfd2e74e8dfc75d047e07
+  data.tar.gz: bde157807ef267036970cdc0081da8a0eb4e7c72
+SHA512:
+  metadata.gz: ac88c7ec4346903457dcb68673d7c82cb6f437348e39be9d37e42fe30be829f884ba0be829ff8cb97ad4669ed620763fb2742d852f9a5330a9cf3c9a4e4f9339
+  data.tar.gz: 7b649cdfe2d63549408ef2988ed2dadc15aeeb7299d2c14f2265b9fbd4ae07bc871befa65c120ecb8a7d25afbdeb5a9c0faedb9f9a7afe8c45c2fe8958e3958f

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in capistrano-holepicker.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,13 @@
+Copyright (c) 2014 The Board of Trustees of the Leland Stanford Junior University
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/README.md

@@ -0,0 +1,29 @@
+# Capistrano::Holepicker
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'capistrano-holepicker'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install capistrano-holepicker
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it ( http://github.com/<my-github-username>/capistrano-holepicker/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/capistrano-holepicker.gemspec

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'capistrano/holepicker/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "capistrano-holepicker"
+  spec.version       = Capistrano::Holepicker::VERSION
+  spec.authors       = ["Chris Beer"]
+  spec.email         = ["cabeer@stanford.edu"]
+  spec.summary       = %q{Capistrano/Holepicker integration for checking dependencies for vulnerabilities}
+  spec.homepage      = ""
+  spec.license       = "APACHE2"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "capistrano", "~> 3.0"
+  spec.add_dependency "holepicker"
+
+  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.add_development_dependency "rake"
+end

data/lib/capistrano/holepicker.rb

@@ -0,0 +1,11 @@
+require "capistrano/holepicker/version"
+require 'holepicker'
+
+module Capistrano
+  module Holepicker
+    class VulnerableException < Exception
+    end
+  end
+end
+
+load File.expand_path("../tasks/holepicker.rake", __FILE__)

data/lib/capistrano/holepicker/version.rb

@@ -0,0 +1,5 @@
+module Capistrano
+  module Holepicker
+    VERSION = "0.0.1"
+  end
+end

data/lib/capistrano/tasks/holepicker.rake

@@ -0,0 +1,49 @@
+require 'tempfile'
+
+namespace :deploy do
+  namespace :check do
+    task :holepicker do
+      on roles(:app) do |host|
+        within release_path do
+
+          options = {
+            :ignored_gems => fetch(:holepicker_ignored_gems),
+            :offline => fetch(:holepicker_offline)
+          }
+
+          file = Tempfile.new('remote-Gemfile.lock')
+          begin
+            download! "#{release_path}/Gemfile.lock", file.path
+            reporter = HolePicker::ScanReporter.new
+            log = StringIO.new
+            reporter.logger = HolePicker::Logger.new log
+
+            scanner = HolePicker::Scanner.new(file.path, options)
+            scanner.instance_variable_set :@reporter, reporter
+            scanner.send :scan_gemfile, File.read(file.path), "Gemfile.lock"
+            success = reporter.success?
+
+            unless success
+              reporter.print_report
+              logger.important(log.string)
+              raise Capistrano::VulnerableException.new("HolePicker found vulnerabilities")
+            end
+
+          ensure
+            file.close
+            file.unlink
+          end
+        end
+      end
+    end
+  end
+
+  before 'deploy:publishing', 'deploy:check:holepicker'
+end
+
+namespace :load do
+  task :defaults do   
+    set :holepicker_offline, false
+    set :holepicker_ignored_gems, []
+  end
+end

metadata

@@ -0,0 +1,109 @@
+--- !ruby/object:Gem::Specification
+name: capistrano-holepicker
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Chris Beer
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-01-16 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: capistrano
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: holepicker
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- cabeer@stanford.edu
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- capistrano-holepicker.gemspec
+- lib/capistrano/holepicker.rb
+- lib/capistrano/holepicker/version.rb
+- lib/capistrano/tasks/holepicker.rake
+homepage: ''
+licenses:
+- APACHE2
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.0
+signing_key: 
+specification_version: 4
+summary: Capistrano/Holepicker integration for checking dependencies for vulnerabilities
+test_files: []