chelsea 0.0.21 → 0.0.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Jenkinsfile +1 -1
- data/README.md +5 -44
- data/bin/chelsea +1 -0
- data/lib/chelsea/cli.rb +2 -1
- data/lib/chelsea/iq_client.rb +3 -2
- data/lib/chelsea/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2e8f55973cc277e40b428bd4024d57ee8faeb9497a9533c5325c4992f347e497
|
|
4
|
+
data.tar.gz: 4e131ffd1c73531aaa2e03ada3a7e0c580fae8ffc3c98c5e3db4bc91ee55f899
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 68126c4c9fa51ffb7e74402eb6649fe4bca546959d03c28e0c3a028fd36e6912d4ceabe87b6ad7688e2a68a200df05cecc188e4f512fca1b31f823b5ff20f977
|
|
7
|
+
data.tar.gz: 02e554ba6e20ecea0f5027abf8c72feefa272f1336e458997bbae14000fceacefc14f0237ac78c956328d573f27466455a926c57b351f718de8011d03b3bcab3
|
data/Jenkinsfile
CHANGED
|
@@ -32,7 +32,7 @@ dockerizedBuildPipeline(
|
|
|
32
32
|
sh '''
|
|
33
33
|
gem build chelsea.gemspec
|
|
34
34
|
gem install ./chelsea-*.gem
|
|
35
|
-
chelsea --file Gemfile.lock -b -a chelsea -iu $IQ_USERNAME -it $IQ_PASSWORD -i https://policy.ci.sonatype.dev
|
|
35
|
+
chelsea --file Gemfile.lock -b -a chelsea -iu $IQ_USERNAME -it $IQ_PASSWORD -i https://policy.ci.sonatype.dev --stage stage-release
|
|
36
36
|
'''
|
|
37
37
|
}
|
|
38
38
|
})
|
data/README.md
CHANGED
|
@@ -38,21 +38,10 @@ $ gem install chelsea
|
|
|
38
38
|
```
|
|
39
39
|
|
|
40
40
|
```
|
|
41
|
-
$ chelsea
|
|
42
|
-
|
|
43
|
-
/ __ \| | | |
|
|
44
|
-
| / \/| |__ ___ | | ___ ___ __ _
|
|
45
|
-
| | | '_ \ / _ \| |/ __| / _ \ / _` |
|
|
46
|
-
| \__/\| | | || __/| |\__ \| __/| (_| |
|
|
47
|
-
\____/|_| |_| \___||_||___/ \___| \__,_|
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
Version: 0.0.11
|
|
51
|
-
|
|
52
|
-
usage: chelsea [options] ...
|
|
53
|
-
|
|
54
|
-
Options:
|
|
41
|
+
$ chelsea --help
|
|
42
|
+
usage: /usr/local/bin/chelsea [options]
|
|
55
43
|
-f, --file Path to your Gemfile.lock
|
|
44
|
+
-x, --clear Clear OSS Index cache
|
|
56
45
|
-c, --config Set persistent config for OSS Index
|
|
57
46
|
-u, --user Specify OSS Index Username
|
|
58
47
|
-p, --token Specify OSS Index API Token
|
|
@@ -61,9 +50,10 @@ Options:
|
|
|
61
50
|
-iu, --iquser Specify the IQ username
|
|
62
51
|
-it, --iqpass Specify the IQ auth token
|
|
63
52
|
-w, --whitelist Set path to vulnerability whitelist file
|
|
64
|
-
-
|
|
53
|
+
-v, --verbose Make chelsea only output vulnerable third party dependencies for text output (default: true)
|
|
65
54
|
-t, --format Choose what type of format you want your report in (default: text) (options: text, json, xml)
|
|
66
55
|
-b, --iq Use Nexus IQ Server to audit your project
|
|
56
|
+
-s, --stage Specify Nexus IQ Stage (default: build) (options: develop, build, stage-release, release, operate)
|
|
67
57
|
--version Print the version
|
|
68
58
|
-h, --help Show usage
|
|
69
59
|
```
|
|
@@ -96,35 +86,6 @@ Audit Results
|
|
|
96
86
|
|
|
97
87
|
Audit Results will show a list of your third party dependencies, their reverse dependencies (so what brought them in to your project), and if they are vulnerable or not.
|
|
98
88
|
|
|
99
|
-
### Quiet usage
|
|
100
|
-
|
|
101
|
-
Running with `--quiet` will only output any vulnerable dependencies found, similar to:
|
|
102
|
-
|
|
103
|
-
```
|
|
104
|
-
_____ _ _
|
|
105
|
-
/ __ \| | | |
|
|
106
|
-
| / \/| |__ ___ | | ___ ___ __ _
|
|
107
|
-
| | | '_ \ / _ \| |/ __| / _ \ / _` |
|
|
108
|
-
| \__/\| | | || __/| |\__ \| __/| (_| |
|
|
109
|
-
\____/|_| |_| \___||_||___/ \___| \__,_|
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
Version: 0.0.11
|
|
113
|
-
[15/31] - pkg:gem/rake@10.5.0 Vulnerable.
|
|
114
|
-
Required by: domain_name-0.5.20190701
|
|
115
|
-
Required by: equatable-0.6.1
|
|
116
|
-
Required by: pastel-0.7.3
|
|
117
|
-
Required by: public_suffix-4.0.3
|
|
118
|
-
Required by: rspec_junit_formatter-0.4.1
|
|
119
|
-
Required by: slop-4.8.1
|
|
120
|
-
Required by: slop-4.8.0
|
|
121
|
-
Required by: unf-0.1.4
|
|
122
|
-
Required by: unf_ext-0.0.7.7
|
|
123
|
-
Required by: unf_ext-0.0.7.6
|
|
124
|
-
```
|
|
125
|
-
|
|
126
|
-
This can be useful if you are only interested in seeing your vulnerable dependencies, and not the whole list.
|
|
127
|
-
|
|
128
89
|
### Usage with Formatters
|
|
129
90
|
|
|
130
91
|
Chelsea can be run with a number of different formatters:
|
data/bin/chelsea
CHANGED
|
@@ -34,6 +34,7 @@ opts =
|
|
|
34
34
|
o.bool '-v', '--verbose', 'Make chelsea only output vulnerable third party dependencies for text output (default: true)', default: false
|
|
35
35
|
o.string '-t', '--format', 'Choose what type of format you want your report in (default: text) (options: text, json, xml)', default: 'text'
|
|
36
36
|
o.bool '-b', '--iq', 'Use Nexus IQ Server to audit your project'
|
|
37
|
+
o.string '-s', '--stage', 'Specify Nexus IQ Stage (default: build) (options: develop, build, stage-release, release, operate)', default: 'build'
|
|
37
38
|
o.on '--version', 'Print the version' do
|
|
38
39
|
puts Chelsea::VERSION
|
|
39
40
|
exit
|
data/lib/chelsea/cli.rb
CHANGED
|
@@ -63,7 +63,8 @@ module Chelsea
|
|
|
63
63
|
public_application_id: @opts[:application],
|
|
64
64
|
server_url: @opts[:server],
|
|
65
65
|
username: @opts[:iquser],
|
|
66
|
-
auth_token: @opts[:iqpass]
|
|
66
|
+
auth_token: @opts[:iqpass],
|
|
67
|
+
stage: @opts[:stage]
|
|
67
68
|
}
|
|
68
69
|
)
|
|
69
70
|
bom = Chelsea::Bom.new(gems.deps.dependencies).collect
|
data/lib/chelsea/iq_client.rb
CHANGED
|
@@ -28,7 +28,8 @@ module Chelsea
|
|
|
28
28
|
server_url: 'http://localhost:8070',
|
|
29
29
|
username: 'admin',
|
|
30
30
|
auth_token: 'admin123',
|
|
31
|
-
internal_application_id: ''
|
|
31
|
+
internal_application_id: '',
|
|
32
|
+
stage: 'build'
|
|
32
33
|
}
|
|
33
34
|
def initialize(options: DEFAULT_OPTIONS)
|
|
34
35
|
@options = options
|
|
@@ -149,7 +150,7 @@ module Chelsea
|
|
|
149
150
|
end
|
|
150
151
|
|
|
151
152
|
def _api_url
|
|
152
|
-
"#{@options[:server_url]}/api/v2/scan/applications/#{@internal_application_id}/sources/chelsea"
|
|
153
|
+
"#{@options[:server_url]}/api/v2/scan/applications/#{@internal_application_id}/sources/chelsea?stageId=#{@options[:stage]}"
|
|
153
154
|
end
|
|
154
155
|
|
|
155
156
|
def _internal_application_id_api_url
|
data/lib/chelsea/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: chelsea
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.22
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Allister Beharry
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-10-
|
|
11
|
+
date: 2020-10-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: tty-font
|