cvss-suite 1.1.1 → 2.0.1

data/lib/cvss_suite/cvss_metric.rb

@@ -8,46 +8,42 @@
 # This work is licensed under the terms of the MIT license.
 # See the LICENSE.md file in the top-level directory.
 
-##
-# This class represents any CVSS metric.
-
-class CvssMetric
-
+module CvssSuite
   ##
-  # Creates a new CVSS metric by +properties+
-
-  def initialize(selected_properties)
-    @properties = []
-    init_properties
-    extract_selected_choices_from selected_properties
-  end
-
-  ##
-  # Returns if the metric is valid.
-
-  def valid?
-    @properties.each do |property|
-      return false unless property.valid?
+  # This class represents any CVSS metric.
+  class CvssMetric
+    ##
+    # Creates a new CVSS metric by +properties+
+    def initialize(selected_properties)
+      @properties = []
+      init_properties
+      extract_selected_values_from selected_properties
     end
-    true
-  end
 
-  ##
-  # Returns number of properties for this metric.
+    ##
+    # Returns if the metric is valid.
+    def valid?
+      @properties.each do |property|
+        return false unless property.valid?
+      end
+      true
+    end
 
-  def count
-    @properties.count
-  end
+    ##
+    # Returns number of properties for this metric.
+    def count
+      @properties.count
+    end
 
-  private
+    private
 
-  def extract_selected_choices_from(selected_properties)
-    selected_properties.each do |selected_property|
-      property = @properties.detect {
-          |p| p.abbreviation == selected_property[:name] && p.position.include?(selected_property[:position])
-      }
-      property.set_selected_choice selected_property[:selected] unless property.nil?
+    def extract_selected_values_from(selected_properties)
+      selected_properties.each do |selected_property|
+        property = @properties.detect do |p|
+          p.abbreviation == selected_property[:name] && p.position.include?(selected_property[:position])
+        end
+        property&.set_selected_value selected_property[:selected]
+      end
     end
   end
-
-end
+end

data/lib/cvss_suite/cvss_property.rb

@@ -8,78 +8,79 @@
 # This work is licensed under the terms of the MIT license.
 # See the LICENSE.md file in the top-level directory.
 
-##
-# This class represents a CVSS property of a CVSS metric.
-
-class CvssProperty
-
+module CvssSuite
   ##
-  # Creates a new CVSS property by a +property+.
-  #
-  # +Property+ needs to consist of a name, a abbreviation, the possible positions in the CVSS vector, a weight, and the
-  # available choices for the property.
-
-  def initialize(property)
-    @property = property
-    @property[:default_choice] ||= 'Not Available'
-  end
+  # This class represents a CVSS property of a CVSS metric.
+  class CvssProperty
+    ##
+    # Creates a new CVSS property by a +property+.
+    #
+    # +Property+ needs to consist of a name, a abbreviation,
+    # the possible positions in the CVSS vector, a weight, and the
+    # available values for the property.
+
+    def initialize(property)
+      @property = property
+      @property[:default_value] ||= 'Not Available'
+    end
 
-  ##
-  # Returns the full name of the property.
+    ##
+    # Returns the full name of the property.
 
-  def name
-    @property[:name]
-  end
+    def name
+      @property[:name]
+    end
 
-  ##
-  # Returns the abbreviation of the property.
+    ##
+    # Returns the abbreviation of the property.
 
-  def abbreviation
-    @property[:abbreviation]
-  end
+    def abbreviation
+      @property[:abbreviation]
+    end
 
-  ##
-  # Returns all available choices of the property.
+    ##
+    # Returns all available values of the property.
 
-  def choices
-    @property[:choices]
-  end
+    def values
+      @property[:values]
+    end
 
-  ##
-  # Returns the possible positions in the CVSS vector of the property.
+    ##
+    # Returns the possible positions in the CVSS vector of the property.
 
-  def position
-    @property[:position]
-  end
+    def position
+      @property[:position]
+    end
 
-  ##
-  # Returns the selected choice of the property.
+    ##
+    # Returns the selected value of the property.
 
-  def selected_choice
-    @selected_choice || @property[:default_choice]
-  end
+    def selected_value
+      @selected_value || @property[:default_value]
+    end
 
-  ##
-  # Returns true if the property is valid.
+    ##
+    # Returns true if the property is valid.
 
-  def valid?
-    !@selected_choice.nil?
-  end
+    def valid?
+      !@selected_value.nil?
+    end
 
-  ##
-  # Returns the score of the selected choice.
+    ##
+    # Returns the score of the selected value.
 
-  def score
-    @selected_choice[:weight]
-  end
+    def score
+      @selected_value[:weight]
+    end
 
-  ##
-  # Sets the selected choice by a +choice+.
+    ##
+    # Sets the selected value by a +value+.
 
-  def set_selected_choice(selected_choice)
-    choices.each do |choice|
-      choice[:selected] = selected_choice.eql?(choice[:abbreviation])
+    def set_selected_value(selected_value)
+      values.each do |value|
+        value[:selected] = selected_value.eql?(value[:abbreviation])
+      end
+      @selected_value = values.detect { |value| value[:selected] }
     end
-    @selected_choice = choices.detect { |choice| choice[:selected] }
   end
-end
+end

data/lib/cvss_suite/helpers/cvss31_helper.rb

@@ -0,0 +1,27 @@
+# CVSS-Suite, a Ruby gem to manage the CVSS vector
+#
+# Copyright (c) Siemens AG, 2016
+#
+# Authors:
+#   Oliver Hambörger <oliver.hamboerger@siemens.com>
+#
+# This work is licensed under the terms of the MIT license.
+# See the LICENSE.md file in the top-level directory.
+
+module CvssSuite
+  ##
+  # This module includes methods which are used by the CVSS 3 classes.
+  module Cvss31Helper
+    ##
+    # Since CVSS 3 all float values are rounded up, therefore this method is used
+    # instead of the mathematically correct method round().
+    def self.round_up(float)
+      output = (float * 100_000).round
+      if (output % 10_000).zero?
+        output / 100_000.0
+      else
+        ((output / 10_000).floor + 1) / 10.0
+      end
+    end
+  end
+end

data/lib/cvss_suite/helpers/cvss3_helper.rb

@@ -8,22 +8,28 @@
 # This work is licensed under the terms of the MIT license.
 # See the LICENSE.md file in the top-level directory.
 
-##
-# This module includes methods which are used by the CVSS 3 classes.
-
-module Cvss3Helper
-
+module CvssSuite
   ##
-  # Since CVSS 3 the Privilege Required score depends on the selected choice of the Scope metric.
-  # This method takes a +Privilege+ +Required+ and a +Scope+ metric and returns the newly calculated score.
+  # This module includes methods which are used by the CVSS 3 classes.
+  module Cvss3Helper
+    ##
+    # Since CVSS 3 all float values are rounded up, therefore this method is used
+    # instead of the mathematically correct method round().
+    def self.round_up(float)
+      float.ceil(1).to_f
+    end
 
-  def self.privileges_required_score(privileges_required, scope)
-    changed =  scope.selected_choice[:name] == 'Changed'
-    privilege_score = privileges_required.score
-    if changed
-      privilege_score = 0.68 if privileges_required.selected_choice[:name] == 'Low'
-      privilege_score = 0.50 if privileges_required.selected_choice[:name] == 'High'
+    ##
+    # Since CVSS 3 the Privilege Required score depends on the selected value of the Scope metric.
+    # This method takes a +Privilege+ +Required+ and a +Scope+ metric and returns the newly calculated score.
+    def self.privileges_required_score(privileges_required, scope)
+      changed = scope.selected_value[:name] == 'Changed'
+      privilege_score = privileges_required.score
+      if changed
+        privilege_score = 0.68 if privileges_required.selected_value[:name] == 'Low'
+        privilege_score = 0.50 if privileges_required.selected_value[:name] == 'High'
+      end
+      privilege_score
     end
-    privilege_score
   end
-end
+end

data/lib/cvss_suite/invalid_cvss.rb

@@ -8,50 +8,42 @@
 # This work is licensed under the terms of the MIT license.
 # See the LICENSE.md file in the top-level directory.
 
-# ##
-# # This class represents a invalid CVSS vector.
-
-class InvalidCvss < Cvss
-
-  ##
-  # Creates a new invalid CVSS vector.
-
-  def initialize
-  end
-
-  ##
-  # Since this is an invalid CVSS vector, it always returns false.
-
-  def valid?
-    false
-  end
-
-  ##
-  # Since this is an invalid CVSS vector, it always throws an exception.
-
-  def version
-    check_validity
-  end
-
-  ##
-  # Since this is an invalid CVSS vector, it always throws an exception.
-
-  def base_score
-    check_validity
-  end
-
+module CvssSuite
   ##
-  # Since this is an invalid CVSS vector, it always throws an exception.
-
-  def temporal_score
-    check_validity
-  end
-
-  ##
-  # Since this is an invalid CVSS vector, it always throws an exception.
-
-  def environmental_score
-    check_validity
+  # This class represents a invalid CVSS vector.
+  class InvalidCvss < Cvss
+    ##
+    # Creates a new invalid CVSS vector.
+    def initialize; end
+
+    ##
+    # Since this is an invalid CVSS vector, it always returns false.
+    def valid?
+      false
+    end
+
+    ##
+    # Since this is an invalid CVSS vector, it always throws an exception.
+    def version
+      check_validity
+    end
+
+    ##
+    # Since this is an invalid CVSS vector, it always throws an exception.
+    def base_score
+      check_validity
+    end
+
+    ##
+    # Since this is an invalid CVSS vector, it always throws an exception.
+    def temporal_score
+      check_validity
+    end
+
+    ##
+    # Since this is an invalid CVSS vector, it always throws an exception.
+    def environmental_score
+      check_validity
+    end
   end
-
-end
+end

data/lib/cvss_suite/version.rb

@@ -1,6 +1,6 @@
 # CVSS-Suite, a Ruby gem to manage the CVSS vector
 #
-# Copyright (c) Siemens AG, 2016
+# Copyright (c) Siemens AG, 2019
 #
 # Authors:
 #   Oliver Hambörger <oliver.hamboerger@siemens.com>
@@ -9,5 +9,5 @@
 # See the LICENSE.md file in the top-level directory.
 
 module CvssSuite
-  VERSION = "1.1.1"
+  VERSION = '2.0.1'.freeze
 end

metadata

@@ -1,27 +1,27 @@
 --- !ruby/object:Gem::Specification
 name: cvss-suite
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 2.0.1
 platform: ruby
 authors:
 - Oliver Hamboerger
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-10-18 00:00:00.000000000 Z
+date: 2020-07-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.10'
 - !ruby/object:Gem::Dependency
@@ -52,34 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.2'
-- !ruby/object:Gem::Dependency
-  name: rdoc
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '4.2'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '4.2'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: '0.18'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: '0.18'
 description: |-
   This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
   Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
@@ -89,15 +75,22 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/ISSUE_TEMPLATE/bug_report.md"
+- ".github/ISSUE_TEMPLATE/custom.md"
+- ".github/ISSUE_TEMPLATE/feature_request.md"
+- ".github/workflows/rspec.yml"
+- ".github/workflows/rubocop.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
-- ".travis.yml"
+- ".rubocop_todo.yml"
 - CHANGES.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE.md
+- PULL_REQUEST_TEMPLATE.md
 - README.md
+- _config.yml
 - bin/console
 - bin/setup
 - cvss_suite.gemspec
@@ -111,11 +104,15 @@ files:
 - lib/cvss_suite/cvss3/cvss3_base.rb
 - lib/cvss_suite/cvss3/cvss3_environmental.rb
 - lib/cvss_suite/cvss3/cvss3_temporal.rb
+- lib/cvss_suite/cvss31/cvss31.rb
+- lib/cvss_suite/cvss31/cvss31_base.rb
+- lib/cvss_suite/cvss31/cvss31_environmental.rb
+- lib/cvss_suite/cvss31/cvss31_temporal.rb
 - lib/cvss_suite/cvss_metric.rb
 - lib/cvss_suite/cvss_property.rb
 - lib/cvss_suite/errors.rb
+- lib/cvss_suite/helpers/cvss31_helper.rb
 - lib/cvss_suite/helpers/cvss3_helper.rb
-- lib/cvss_suite/helpers/extensions.rb
 - lib/cvss_suite/invalid_cvss.rb
 - lib/cvss_suite/version.rb
 homepage: https://siemens.github.io/cvss-suite/
@@ -130,15 +127,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Ruby gem for processing cvss vectors.