cvelist 0.1.0

data/lib/cvelist/exceptions.rb

@@ -0,0 +1,31 @@
+require 'cve_schema/exceptions'
+
+module CVEList
+  # Base class for all git related exceptions.
+  class GitError < RuntimeError
+  end
+
+  # Raised when a `git clone` failed.
+  class GitCloneFailed < GitError
+  end
+
+  # Raised when a `git pull` failed.
+  class GitPullFailed < GitError
+  end
+
+  class NotFoundError < RuntimeError
+  end
+
+  class YearDirNotFound < NotFoundError
+  end
+
+  class RangeDirNotFound < NotFoundError
+  end
+
+  class CVENotFound < NotFoundError
+  end
+
+  InvalidJSON = CVESchema::InvalidJSON
+  MissingJSONKey = CVESchema::MissingJSONKey
+  UnkownJSONValue = CVESchema::UnknownJSONValue
+end

data/lib/cvelist/malformed_cve.rb

@@ -0,0 +1,42 @@
+module CVEList
+  #
+  # Represents malformed/invalid CVE JSON that could not be loaded.
+  #
+  class MalformedCVE
+
+    # Path to the JSON file.
+    #
+    # @return [String]
+    attr_reader :path
+
+    # The exception encountered when parsing the JSON file.
+    #
+    # @return [StandardError]
+    attr_reader :exception
+
+    #
+    # Initializes the malformed json.
+    #
+    # @param [String] path
+    #   Path to the JSON file.
+    #
+    # @param [StandardError] exception
+    #   The exception encountered when parsing the JSON file.
+    #
+    def initialize(path,exception)
+      @path      = path
+      @exception = exception
+    end
+
+    #
+    # Converts the malformed JSON back into a String.
+    #
+    # @return [String]
+    #   The String containing the {#path}, the {#exception} class and message.
+    #
+    def to_s
+      "#{@path}: #{@exception.class}: #{@exception.message}"
+    end
+
+  end
+end

data/lib/cvelist/range_dir.rb

@@ -0,0 +1,121 @@
+# frozen_string_literal: true
+
+require 'cvelist/directory'
+require 'cvelist/exceptions'
+require 'cvelist/cve'
+require 'cvelist/malformed_cve'
+
+module CVEList
+  class RangeDir < Directory
+
+    include Enumerable
+
+    # @return [String]
+    attr_reader :path
+
+    # @return [String]
+    attr_reader :range
+
+    #
+    # Initializes the range directory.
+    #
+    # @param [String] path
+    #   The path to the range directory.
+    #
+    def initialize(path)
+      super(path)
+
+      @range = File.basename(@path)
+    end
+
+    #
+    # Determines whether the range directory contains the given CVE ID.
+    #
+    # @param [String] cve_id
+    #   The given CVE ID.
+    #
+    # @return [Boolean]
+    #
+    def has_cve?(cve_id)
+      file?("#{cve_id}.json")
+    end
+
+    #
+    # Loads a CVE.
+    #
+    # @param [String] cve_id
+    #   The CVE ID.
+    #
+    # @return [CVE, nil]
+    #   The loaded CVE of `nil` if the CVE could not be found within the range
+    #   directory.
+    #
+    def [](cve_id)
+      cve_file = "#{cve_id}.json"
+      cve_path = join(cve_file)
+
+      if File.file?(cve_path)
+        CVE.load(cve_path)
+      end
+    end
+
+    # `Dir.glob` pattern for all CVE `.json` files.
+    GLOB = 'CVE-[0-9][0-9][0-9][0-9]-*.json'
+
+    #
+    # The JSON files within the range directory.
+    #
+    # @return [Array<String>]
+    #
+    def files
+      glob(GLOB).sort
+    end
+
+    #
+    # Enumerates over the CVEs in the range directory.
+    #
+    # @yield [cve]
+    #   The given block will be passed each CVE in the range directory.
+    #
+    # @yieldparam [CVE] cve
+    #   A CVE within the range directory.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator object will be returned.
+    #
+    def each
+      return enum_for(__method__) unless block_given?
+
+      files.each do |cve_path|
+        begin
+          yield CVE.load(cve_path)
+        rescue InvalidJSON
+        end
+      end
+    end
+
+    #
+    # Enumerates over the malformed CVEs within the range directory.
+    #
+    # @yield [malformed]
+    #   The given block will be passed each malformed 
+    #
+    # @yieldparam [MalformedCVE] malformed
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator object will be returned.
+    #
+    def each_malformed
+      return enum_for(__method__) unless block_given?
+
+      files.each do |cve_path|
+        begin
+          CVE.load(cve_path)
+        rescue InvalidJSON => error
+          yield MalformedCVE.new(cve_path,error)
+        end
+      end
+    end
+
+  end
+end

data/lib/cvelist/repository.rb

@@ -0,0 +1,240 @@
+# frozen_string_literal: true
+
+require 'cvelist/directory'
+require 'cvelist/exceptions'
+require 'cvelist/year_dir'
+
+module CVEList
+  class Repository < Directory
+
+    include Enumerable
+
+    # The default git URI for the cvelist repository
+    URL = 'https://github.com/CVEProject/cvelist.git'
+
+    #
+    # Clones a new repository.
+    #
+    # @param [#to_s] path
+    #   The path to where the cvelist repository will be cloned to.
+    #
+    # @param [#to_s] url
+    #   The URL for the cvelist repository.
+    #
+    # @param [#to_s] depth
+    #   The depth of the git clone.
+    #
+    # @raise [CloneFailedError]
+    #   The `git clone` command failed.
+    #
+    def self.clone(path, url: URL, depth: 1)
+      unless system 'git', 'clone', '--depth', depth.to_s, url.to_s, path.to_s
+        raise(GitCloneFailed,"failed to clone #{url.inspect} into #{path.inspect}")
+      end
+
+      return new(path)
+    end
+
+    class << self
+      alias download clone
+    end
+
+    #
+    # Determines whether the repository is a git repository.
+    #
+    # @return [Boolean]
+    #   Specifies whether the repository is a git repository or not.
+    #
+    def git?
+      directory?('.git')
+    end
+
+    # The default git remote.
+    REMOTE = 'origin'
+
+    # The default git branch.
+    BRANCH = 'master'
+
+    #
+    # Pulls down new commits from the given remote/branch.
+    #
+    # @param [#to_s] remote
+    #   The git remote.
+    #
+    # @param [#to_s] branch
+    #   The git branch.
+    #
+    # @return [true, false]
+    #   Returns `true` if the `git pull` succeeds.
+    #   Returns `false` if the repository is not a git repository.
+    #
+    # @raise [PullFailedError]
+    #   The `git pull` command faild.
+    #
+    def pull!(remote: REMOTE, branch: BRANCH)
+      return false unless git?
+
+      Dir.chdir(@path) do
+        unless system('git', 'pull', remote.to_s, branch.to_s)
+          raise(GitPullFailed,"failed to pull from remote #{remote.inspect} branch #{branch.inspect}")
+        end
+      end
+
+      return true
+    end
+
+    alias update! pull!
+
+    #
+    # Determines if the repository contains a directory for the given year.
+    #
+    # @param [#to_s] year
+    #   The given year.
+    #
+    # @return [Boolean]
+    #   Specifies whether the repository contains the directory for the year.
+    #
+    def has_year?(year)
+      directory?(year.to_s)
+    end
+
+    # `Dir.glob` for year directories.
+    GLOB = '[1-2][0-9][0-9][0-9]'
+
+    #
+    # The year directories within the repository.
+    #
+    # @return [Array<String>]
+    #   The paths to the year directories.
+    #
+    def directories
+      glob(GLOB).sort
+    end
+
+    #
+    # The year directories contained within the repository.
+    #
+    # @return [Array<YearDir>]
+    #   The year directories within the repository.
+    #
+    def years(&block)
+      directories.map { |dir| YearDir.new(dir) }
+    end
+
+    #
+    # Requests a year directory from the repository.
+    #
+    # @param [#to_s] year_number
+    #   The given year number.
+    #
+    # @return [YearDir]
+    #   The year directory.
+    #
+    # @raise [YearNotFound]
+    #   There is no year directory within the repository for the given year.
+    #
+    def year(year_number)
+      year_dir = join(year_number.to_s)
+
+      unless File.directory?(year_dir)
+        raise(YearDirNotFound,"year #{year_number.inspect} not found within #{@path.inspect}")
+      end
+
+      return YearDir.new(year_dir)
+    end
+
+    alias / year
+
+    #
+    # Enumerates over every CVE withing the year directories.
+    #
+    # @yield [cve]
+    #   The given block will be passed each CVE from within the repository.
+    #
+    # @yieldparam [CVE] cve
+    #   A CVE from the repository.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator will be returned.
+    #
+    def each(&block)
+      return enum_for(__method__) unless block_given?
+
+      years.each do |year_dir|
+        year_dir.each(&block)
+      end
+    end
+
+    #
+    # Enumerates over every malformed CVE within the repository.
+    #
+    # @yield [malformed_cve]
+    #   The given block will be passed each malformed CVE from within the
+    #   repository.
+    #
+    # @yieldparam [MalformedCVE] malformed_cve
+    #   A malformed CVE from within the repository.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator will be returned.
+    #
+    def each_malformed(&block)
+      return enum_for(__method__) unless block_given?
+
+      years.each do |year_dir|
+        year_dir.each_malformed(&block)
+      end
+    end
+
+    #
+    # Determines whether the repository contains the given CVE ID.
+    #
+    # @param [String] cve_id
+    #   The given CVE ID.
+    #
+    # @return [Boolean]
+    #
+    def has_cve?(cve_id)
+      year_number = cve_to_year(cve_id)
+
+      return has_year?(year_number) && year(year_number).has_cve?(cve_id)
+    end
+
+    #
+    # Accesses a CVE from the repository with the given CVE ID.
+    #
+    # @param [String] cve_id
+    #   The given CVE ID.
+    #
+    # @return [CVE, nil]
+    #   The CVE with the given ID. If no CVE with the given ID could be found,
+    #   `nil` will be returned.
+    #
+    # @raise [InvalidJSON, MissingJSONKey, UnknownJSONValue]
+    #   The CVE's JSON is invalid or malformed.
+    #
+    def [](cve_id)
+      year_number = cve_to_year(cve_id)
+
+      if has_year?(year_number)
+        year(year_number)[cve_id]
+      end
+    end
+
+    #
+    # Calculates the total number of CVEs in the repository.
+    #
+    # @return [Integer]
+    #
+    def size
+      Dir[join(GLOB,YearDir::GLOB,RangeDir::GLOB)].length
+    end
+
+    private
+
+    def cve_to_year(cve_id)
+      cve_id[cve_id.index('-')+1 .. cve_id.rindex('-')-1]
+    end
+
+  end
+end

data/lib/cvelist/version.rb

@@ -0,0 +1,4 @@
+module CVEList
+  # cvelist version
+  VERSION = "0.1.0"
+end

data/lib/cvelist/year_dir.rb

@@ -0,0 +1,178 @@
+# frozen_string_literal: true
+
+require 'cvelist/directory'
+require 'cvelist/exceptions'
+require 'cvelist/range_dir'
+
+module CVEList
+  class YearDir < Directory
+
+    include Enumerable
+
+    # Path to the year directory.
+    #
+    # @return [String]
+    attr_reader :path
+
+    # The year of the directory.
+    #
+    # @return [Integer]
+    attr_reader :year
+
+    #
+    # Initializes the year dir.
+    #
+    # @param [String] path
+    #   The path to the year directory.
+    #
+    def initialize(path)
+      super(path)
+
+      @year = File.basename(@path).to_i
+    end
+
+    #
+    # Determines if the year directory contains the given range directory.
+    #
+    # @param [String] xxx_range
+    #   The given range directory ending in `xxx`.
+    #
+    # @return [Boolean]
+    #
+    def has_range?(xxx_range)
+      directory?(xxx_range)
+    end
+
+    #
+    # Access a range directory within the year directory.
+    #
+    # @param [String] xxx_range
+    #   The "xxx" range.
+    #
+    # @return [RangeDir]
+    #   The range directory.
+    #
+    # @raise [RangeDirNotFound]
+    #   Could not find the given range directory within the year directory.
+    #
+    def range(xxx_range)
+      range_dir_path = join(xxx_range)
+
+      unless File.directory?(range_dir_path)
+        raise(RangeDirNotFound,"#{xxx_range.inspect} not found within #{@path.inspect}")
+      end
+
+      return RangeDir.new(range_dir_path)
+    end
+
+    alias / range
+
+    # `Dir.glob` pattern for `Nxxx` range directories.
+    GLOB = '*xxx'
+
+    #
+    # The `xxx` number ranges within the directory.
+    #
+    # @return [Array<String>]
+    #
+    def directories
+      glob(GLOB).sort
+    end
+
+    #
+    # The range directories within the year directory.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator will be returned.
+    #
+    def ranges(&block)
+      directories.map { |dir| RangeDir.new(dir) }
+    end
+
+    #
+    # Enumerates over each CVE, in each range directory, within the year
+    # directory.
+    #
+    # @yield [cve]
+    #   The given block will be passed each CVE in the year dir.
+    #
+    # @yieldparam [CVE] cve
+    #   A CVE within one of the range directories.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator will be returned.
+    #
+    def each(&block)
+      return enum_for(__method__) unless block_given?
+
+      ranges.each do |range_dir|
+        range_dir.each(&block)
+      end
+    end
+
+    #
+    # Enumerates over every malformed CVE within the year directories.
+    #
+    # @yield [malformed_cve]
+    #   The given block will be passed each malformed CVE from within the
+    #   year directory.
+    #
+    # @yieldparam [MalformedCVE] malformed_cve
+    #   A malformed CVE from within the year directory.
+    #
+    # @return [Enumerator]
+    #   If no block is given, an Enumerator will be returned.
+    #
+    def each_malformed(&block)
+      return enum_for(__method__) unless block_given?
+
+      ranges.each do |range_dir|
+        range_dir.each_malformed(&block)
+      end
+    end
+
+    #
+    # Determines whether a CVE exists with the given ID, within any of the range
+    # directories, within the year directory.
+    #
+    # @param [String] cve_id
+    #   The given CVE ID.
+    #
+    # @return [Boolean]
+    #   Specifies whether the CVE exists.
+    #
+    def has_cve?(cve_id)
+      xxx_range = cve_to_xxx_range(cve_id)
+
+      has_range?(xxx_range) && range(xxx_range).has_cve?(cve_id)
+    end
+
+    #
+    # Loads a CVE.
+    #
+    # @param [String] cve_id
+    #   The CVE ID.
+    #
+    # @return [CVE, nil]
+    #   The loaded CVE or `nil` if the accompaning range directory for the CVE
+    #   could not be found.
+    #
+    def [](cve_id)
+      xxx_range = cve_to_xxx_range(cve_id)
+
+      if has_range?(xxx_range)
+        range(xxx_range)[cve_id]
+      end
+    end
+
+    private
+
+    def cve_to_xxx_range(cve_id)
+      cve_number = cve_id[cve_id.rindex('-')+1 ..]
+      cve_number[-3,3] = 'xxx'
+
+      return cve_number
+    end
+
+  end
+end