cvss-suite 1.0.6 → 1.0.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/CHANGES.md +24 -0
- data/CODE_OF_CONDUCT.md +68 -7
- data/LICENSE.md +1 -1
- data/README.md +3 -9
- data/cvss_suite.gemspec +0 -2
- data/lib/cvss_suite.rb +2 -0
- data/lib/cvss_suite/cvss.rb +1 -0
- data/lib/cvss_suite/cvss2/cvss2.rb +2 -0
- data/lib/cvss_suite/cvss2/cvss2_base.rb +2 -0
- data/lib/cvss_suite/cvss2/cvss2_environmental.rb +2 -0
- data/lib/cvss_suite/cvss2/cvss2_temporal.rb +2 -0
- data/lib/cvss_suite/cvss3/cvss3.rb +2 -0
- data/lib/cvss_suite/cvss3/cvss3_base.rb +2 -0
- data/lib/cvss_suite/cvss3/cvss3_environmental.rb +2 -0
- data/lib/cvss_suite/cvss3/cvss3_temporal.rb +2 -0
- data/lib/cvss_suite/cvss_metric.rb +1 -0
- data/lib/cvss_suite/cvss_property.rb +1 -0
- data/lib/cvss_suite/helpers/cvss3_helper.rb +1 -0
- data/lib/cvss_suite/helpers/extensions.rb +2 -0
- data/lib/cvss_suite/version.rb +3 -1
- metadata +3 -34
- data/vendor/cache/badgerbadgerbadger-0.14.0.gem +0 -0
- data/vendor/cache/git-1.3.0.gem +0 -0
- data/vendor/cache/rake-10.4.2.gem +0 -0
- data/vendor/cache/thor-0.19.1.gem +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d74ead7a3dfceafd4292917318ab763a6d902c05
|
4
|
+
data.tar.gz: 254e449241c6373100c4cfc7110df97bac6baefe
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8c2a24225c7553fdfe29dc72d7b60fd838118108aa66064b4b7aa449e77592cd5a98cc40c1d55921f47670190c66627252b13ba54335409996ae6656614c8c22
|
7
|
+
data.tar.gz: ae7830eb097da0f0fa61e64a78be2f415a0ce60180f70756133475040ed78f85533a350e6f26e6dd73d6e3857340035d32636bd52070ed93a36b9321dc626821
|
data/.gitignore
CHANGED
data/CHANGES.md
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
# Change Log
|
2
|
+
All notable changes to this project will be documented in this file.
|
3
|
+
This project adheres to [Semantic Versioning](http://semver.org/).
|
4
|
+
|
5
|
+
## [1.0.7] - 2016-06-23
|
6
|
+
### Improvements
|
7
|
+
Removed gems: Rake & badgerbadgerbadger. Improved documentation, webpage (github) is coming very soon!
|
8
|
+
|
9
|
+
## [1.0.6] - 2016-04-15
|
10
|
+
### Fixes
|
11
|
+
While production we spotted a problem with calculating the temporal score in CVSS3. This version fixes this issue.
|
12
|
+
|
13
|
+
## [1.0.5] - 2016-04-15
|
14
|
+
### Fixes
|
15
|
+
Due to troubleshooting issues I forgot to rename a variable, this version fixes this issue.
|
16
|
+
Versions 1.0.1 to 1.0.4 are broken due to this error, do **NOT** use these versions. Use ≥ 1.0.5 instead.
|
17
|
+
|
18
|
+
## [1.0.2] - 2016-04-15
|
19
|
+
### Troubleshooting
|
20
|
+
Tried to fix an error. It turned out to be a local problem. Due to this I increased the version by 2. It's 1.0.2 now.
|
21
|
+
|
22
|
+
## [1.0.0] - 2016-04-15
|
23
|
+
### Initial release
|
24
|
+
First release of this gem.
|
data/CODE_OF_CONDUCT.md
CHANGED
@@ -1,13 +1,74 @@
|
|
1
|
-
# Contributor Code of Conduct
|
1
|
+
# Contributor Covenant Code of Conduct
|
2
2
|
|
3
|
-
|
3
|
+
## Our Pledge
|
4
4
|
|
5
|
-
|
5
|
+
In the interest of fostering an open and welcoming environment, we as
|
6
|
+
contributors and maintainers pledge to making participation in our project and
|
7
|
+
our community a harassment-free experience for everyone, regardless of age, body
|
8
|
+
size, disability, ethnicity, gender identity and expression, level of experience,
|
9
|
+
nationality, personal appearance, race, religion, or sexual identity and
|
10
|
+
orientation.
|
6
11
|
|
7
|
-
|
12
|
+
## Our Standards
|
8
13
|
|
9
|
-
|
14
|
+
Examples of behavior that contributes to creating a positive environment
|
15
|
+
include:
|
10
16
|
|
11
|
-
|
17
|
+
* Using welcoming and inclusive language
|
18
|
+
* Being respectful of differing viewpoints and experiences
|
19
|
+
* Gracefully accepting constructive criticism
|
20
|
+
* Focusing on what is best for the community
|
21
|
+
* Showing empathy towards other community members
|
12
22
|
|
13
|
-
|
23
|
+
Examples of unacceptable behavior by participants include:
|
24
|
+
|
25
|
+
* The use of sexualized language or imagery and unwelcome sexual attention or
|
26
|
+
advances
|
27
|
+
* Trolling, insulting/derogatory comments, and personal or political attacks
|
28
|
+
* Public or private harassment
|
29
|
+
* Publishing others' private information, such as a physical or electronic
|
30
|
+
address, without explicit permission
|
31
|
+
* Other conduct which could reasonably be considered inappropriate in a
|
32
|
+
professional setting
|
33
|
+
|
34
|
+
## Our Responsibilities
|
35
|
+
|
36
|
+
Project maintainers are responsible for clarifying the standards of acceptable
|
37
|
+
behavior and are expected to take appropriate and fair corrective action in
|
38
|
+
response to any instances of unacceptable behavior.
|
39
|
+
|
40
|
+
Project maintainers have the right and responsibility to remove, edit, or
|
41
|
+
reject comments, commits, code, wiki edits, issues, and other contributions
|
42
|
+
that are not aligned to this Code of Conduct, or to ban temporarily or
|
43
|
+
permanently any contributor for other behaviors that they deem inappropriate,
|
44
|
+
threatening, offensive, or harmful.
|
45
|
+
|
46
|
+
## Scope
|
47
|
+
|
48
|
+
This Code of Conduct applies both within project spaces and in public spaces
|
49
|
+
when an individual is representing the project or its community. Examples of
|
50
|
+
representing a project or community include using an official project e-mail
|
51
|
+
address, posting via an official social media account, or acting as an appointed
|
52
|
+
representative at an online or offline event. Representation of a project may be
|
53
|
+
further defined and clarified by project maintainers.
|
54
|
+
|
55
|
+
## Enforcement
|
56
|
+
|
57
|
+
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
58
|
+
reported by contacting the project team at [INSERT EMAIL ADDRESS]. All
|
59
|
+
complaints will be reviewed and investigated and will result in a response that
|
60
|
+
is deemed necessary and appropriate to the circumstances. The project team is
|
61
|
+
obligated to maintain confidentiality with regard to the reporter of an incident.
|
62
|
+
Further details of specific enforcement policies may be posted separately.
|
63
|
+
|
64
|
+
Project maintainers who do not follow or enforce the Code of Conduct in good
|
65
|
+
faith may face temporary or permanent repercussions as determined by other
|
66
|
+
members of the project's leadership.
|
67
|
+
|
68
|
+
## Attribution
|
69
|
+
|
70
|
+
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
|
71
|
+
available at [http://contributor-covenant.org/version/1/4][version]
|
72
|
+
|
73
|
+
[homepage]: http://contributor-covenant.org
|
74
|
+
[version]: http://contributor-covenant.org/version/1/4/
|
data/LICENSE.md
CHANGED
data/README.md
CHANGED
@@ -33,6 +33,7 @@ cvss = CvssSuite.new('AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR
|
|
33
33
|
|
34
34
|
vector = cvss.vector # 'AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M'
|
35
35
|
version = cvss.version # 2
|
36
|
+
valid = cvss.valid? # true
|
36
37
|
|
37
38
|
# Scores
|
38
39
|
base_score = cvss.base_score # 4.9
|
@@ -60,9 +61,8 @@ CvssSuite.new('random_string') # will throw a RuntimeError: Vector is not valid
|
|
60
61
|
CvssSuite.new() # will throw a ArgumentError
|
61
62
|
|
62
63
|
cvss = CvssSuite.new('AV:N/AC:P/C:P/AV:U/RL:OF/RC:C') # invalid vector, authentication is missing
|
63
|
-
|
64
64
|
version = cvss.version # 2
|
65
|
-
|
65
|
+
valid = cvss.valid? # false
|
66
66
|
cvss.base_score # will throw a RuntimeError: Vector is not valid!
|
67
67
|
```
|
68
68
|
|
@@ -76,13 +76,7 @@ Currently it is not possible to leave a attribute blank instead of ND/X. If you
|
|
76
76
|
|
77
77
|
Because the documentation isn't clear on how to calculate the score if Modified Scope (CVSS 3.0 Environmental) is not defined, Modified Scope has to have a valid value (S/U).
|
78
78
|
|
79
|
-
## Development
|
80
|
-
|
81
|
-
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
82
|
-
|
83
|
-
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
84
|
-
|
85
79
|
## Contributing
|
86
80
|
|
87
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/
|
81
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/siemens/cvss_suite. This project is intended to be a safe, welcoming space for collaboration.
|
88
82
|
|
data/cvss_suite.gemspec
CHANGED
@@ -32,10 +32,8 @@ Homepage is still in progress and will be published soon (along with full docume
|
|
32
32
|
spec.require_paths = ["lib"]
|
33
33
|
|
34
34
|
spec.add_development_dependency "bundler", "~> 1.10"
|
35
|
-
spec.add_development_dependency "rake", "~> 10.0"
|
36
35
|
spec.add_development_dependency "rspec", "~> 3.4"
|
37
36
|
spec.add_development_dependency "rspec-its", "~> 1.2"
|
38
37
|
spec.add_development_dependency "rdoc", "~> 4.2"
|
39
38
|
spec.add_development_dependency "simplecov", "~> 0.11.2"
|
40
|
-
spec.add_development_dependency "badgerbadgerbadger", "~> 0.14.0"
|
41
39
|
end
|
data/lib/cvss_suite.rb
CHANGED
data/lib/cvss_suite/cvss.rb
CHANGED
data/lib/cvss_suite/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cvss-suite
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Oliver Hamboerger
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-06-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -24,20 +24,6 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '1.10'
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: rake
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '10.0'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '10.0'
|
41
27
|
- !ruby/object:Gem::Dependency
|
42
28
|
name: rspec
|
43
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -94,20 +80,6 @@ dependencies:
|
|
94
80
|
- - "~>"
|
95
81
|
- !ruby/object:Gem::Version
|
96
82
|
version: 0.11.2
|
97
|
-
- !ruby/object:Gem::Dependency
|
98
|
-
name: badgerbadgerbadger
|
99
|
-
requirement: !ruby/object:Gem::Requirement
|
100
|
-
requirements:
|
101
|
-
- - "~>"
|
102
|
-
- !ruby/object:Gem::Version
|
103
|
-
version: 0.14.0
|
104
|
-
type: :development
|
105
|
-
prerelease: false
|
106
|
-
version_requirements: !ruby/object:Gem::Requirement
|
107
|
-
requirements:
|
108
|
-
- - "~>"
|
109
|
-
- !ruby/object:Gem::Version
|
110
|
-
version: 0.14.0
|
111
83
|
description: |-
|
112
84
|
This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
113
85
|
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
@@ -123,6 +95,7 @@ files:
|
|
123
95
|
- ".rspec"
|
124
96
|
- ".rubocop.yml"
|
125
97
|
- ".travis.yml"
|
98
|
+
- CHANGES.md
|
126
99
|
- CODE_OF_CONDUCT.md
|
127
100
|
- Gemfile
|
128
101
|
- LICENSE.md
|
@@ -146,12 +119,9 @@ files:
|
|
146
119
|
- lib/cvss_suite/helpers/cvss3_helper.rb
|
147
120
|
- lib/cvss_suite/helpers/extensions.rb
|
148
121
|
- lib/cvss_suite/version.rb
|
149
|
-
- vendor/cache/badgerbadgerbadger-0.14.0.gem
|
150
122
|
- vendor/cache/diff-lcs-1.2.5.gem
|
151
123
|
- vendor/cache/docile-1.1.5.gem
|
152
|
-
- vendor/cache/git-1.3.0.gem
|
153
124
|
- vendor/cache/json-1.8.3.gem
|
154
|
-
- vendor/cache/rake-10.4.2.gem
|
155
125
|
- vendor/cache/rdoc-4.2.0.gem
|
156
126
|
- vendor/cache/rspec-3.4.0.gem
|
157
127
|
- vendor/cache/rspec-core-3.4.0.gem
|
@@ -957,7 +927,6 @@ files:
|
|
957
927
|
- vendor/cache/ruby/2.2.0/specifications/thor-0.19.1.gemspec
|
958
928
|
- vendor/cache/simplecov-0.11.2.gem
|
959
929
|
- vendor/cache/simplecov-html-0.10.0.gem
|
960
|
-
- vendor/cache/thor-0.19.1.gem
|
961
930
|
homepage: https://github.com/siemens/cvss-suite
|
962
931
|
licenses:
|
963
932
|
- MIT
|
Binary file
|
data/vendor/cache/git-1.3.0.gem
DELETED
Binary file
|
Binary file
|
Binary file
|