cisa-kev 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,88 @@
1
+ require 'spec_helper'
2
+ require 'webmock/rspec'
3
+ require 'cisa/kev/catalog'
4
+
5
+ describe CISA::KEV::Catalog do
6
+ let(:fixtures_dir) { File.join(__dir__,'fixtures') }
7
+ let(:json_file) { File.join(fixtures_dir,'known_exploited_vulnerabilities.json') }
8
+ let(:raw_json) { File.read(json_file) }
9
+ let(:json) { JSON.parse(raw_json) }
10
+
11
+ before { WebMock.disable_net_connect! }
12
+
13
+ describe ".request" do
14
+ subject { described_class }
15
+
16
+ it "must return JSON data" do
17
+ stub_request(:get, 'https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json')
18
+
19
+ subject.request
20
+ end
21
+ end
22
+
23
+ describe ".load" do
24
+ subject { described_class.load }
25
+
26
+ it "must return a parsed #{described_class} object" do
27
+ stub_request(:get, 'https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json').to_return(body: raw_json)
28
+
29
+ expect(subject).to be_kind_of(described_class)
30
+ expect(subject.title).to eq(json.fetch('title'))
31
+ expect(subject.catalog_version).to eq(json.fetch('catalogVersion'))
32
+ expect(subject.date_released).to eq(Time.parse(json.fetch('dateReleased')))
33
+ expect(subject.count).to eq(json.fetch('count').to_i)
34
+ expect(subject.vulnerabilities).to_not be_empty
35
+ expect(subject.vulnerabilities).to all(be_kind_of(CISA::KEV::Vulnerability))
36
+ end
37
+ end
38
+
39
+ describe ".open" do
40
+ subject { described_class.open(json_file) }
41
+
42
+ it "must read the file and return a parsed #{described_class}" do
43
+ expect(subject).to be_kind_of(described_class)
44
+ expect(subject.catalog_version).to eq(json.fetch('catalogVersion'))
45
+ expect(subject.date_released).to eq(Time.parse(json.fetch('dateReleased')))
46
+ expect(subject.count).to eq(json.fetch('count').to_i)
47
+ expect(subject.vulnerabilities).to_not be_empty
48
+ expect(subject.vulnerabilities).to all(be_kind_of(CISA::KEV::Vulnerability))
49
+ end
50
+ end
51
+
52
+ describe ".parse" do
53
+ subject { described_class.parse(raw_json) }
54
+
55
+ it "must parse the JSON and return a parsed #{described_class}" do
56
+ expect(subject).to be_kind_of(described_class)
57
+ expect(subject.catalog_version).to eq(json.fetch('catalogVersion'))
58
+ expect(subject.date_released).to eq(Time.parse(json.fetch('dateReleased')))
59
+ expect(subject.count).to eq(json.fetch('count').to_i)
60
+ expect(subject.vulnerabilities).to_not be_empty
61
+ expect(subject.vulnerabilities).to all(be_kind_of(CISA::KEV::Vulnerability))
62
+ end
63
+ end
64
+
65
+ subject { described_class.open(json_file) }
66
+
67
+ describe "#each" do
68
+ context "when given a block" do
69
+ it "must yield every CISA::KEV::Vulnerability in #vulnerabilities" do
70
+ expect { |b|
71
+ subject.each(&b)
72
+ }.to yield_successive_args(*subject.vulnerabilities)
73
+ end
74
+ end
75
+
76
+ context "when no block is given" do
77
+ it "must return an Enumerator" do
78
+ expect(subject.each.to_a).to eq(subject.vulnerabilities)
79
+ end
80
+ end
81
+ end
82
+
83
+ describe "#to_s" do
84
+ it "must return a String containing the #title and #date_released" do
85
+ expect(subject.to_s).to eq("#{subject.title} (#{subject.date_released})")
86
+ end
87
+ end
88
+ end