RubyGems - dawnscanner - Versions diffs - 1.6.1 → 1.6.2 - Mend

dawnscanner 1.6.1 → 1.6.2

Files changed (124) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.ruby-version +1 -1
data/.travis.yml +2 -0
data/Changelog.md +10 -1
data/KnowledgeBase.md +10 -4
data/README.md +1 -1
data/Rakefile +12 -8
data/VERSION +1 -1
data/checksum/dawnscanner-1.6.1.gem.sha1 +1 -0
data/lib/dawn/kb/cve_2016_2097.rb +35 -0
data/lib/dawn/kb/cve_2016_2098.rb +34 -0
data/lib/dawn/knowledge_base.rb +4 -0
data/lib/dawn/version.rb +4 -4
data/spec/lib/dawn/codesake_core_spec.rb +1 -1
data/spec/lib/dawn/codesake_knowledgebase_spec.rb +451 -441
data/spec/lib/dawn/codesake_padrino_engine_disabled.rb +11 -11
data/spec/lib/dawn/codesake_rails_engine_disabled.rb +2 -2
data/spec/lib/dawn/codesake_sinatra_engine_disabled.rb +36 -36
data/spec/lib/kb/codesake_cve_2013_0175_spec.rb +6 -6
data/spec/lib/kb/codesake_cve_2013_4457_spec.rb +7 -7
data/spec/lib/kb/codesake_dependency_version_check_spec.rb +10 -10
data/spec/lib/kb/codesake_deprecation_check_spec.rb +11 -11
data/spec/lib/kb/codesake_ruby_version_check_spec.rb +4 -4
data/spec/lib/kb/codesake_version_check_spec.rb +42 -42
data/spec/lib/kb/cve_2011_2705_spec.rb +7 -7
data/spec/lib/kb/cve_2011_2930_spec.rb +6 -6
data/spec/lib/kb/cve_2011_3009_spec.rb +4 -4
data/spec/lib/kb/cve_2011_3187_spec.rb +4 -4
data/spec/lib/kb/cve_2011_4319_spec.rb +9 -9
data/spec/lib/kb/cve_2011_5036_spec.rb +21 -21
data/spec/lib/kb/cve_2012_1098_spec.rb +7 -7
data/spec/lib/kb/cve_2012_2139_spec.rb +3 -3
data/spec/lib/kb/cve_2012_2671_spec.rb +4 -4
data/spec/lib/kb/cve_2012_6109_spec.rb +25 -25
data/spec/lib/kb/cve_2012_6684_spec.rb +2 -2
data/spec/lib/kb/cve_2013_0162_spec.rb +4 -4
data/spec/lib/kb/cve_2013_0183_spec.rb +11 -11
data/spec/lib/kb/cve_2013_0184_spec.rb +26 -26
data/spec/lib/kb/cve_2013_0256_spec.rb +6 -6
data/spec/lib/kb/cve_2013_0262_spec.rb +9 -9
data/spec/lib/kb/cve_2013_0263_spec.rb +1 -1
data/spec/lib/kb/cve_2013_1607_spec.rb +2 -2
data/spec/lib/kb/cve_2013_1655_spec.rb +4 -4
data/spec/lib/kb/cve_2013_1756_spec.rb +4 -4
data/spec/lib/kb/cve_2013_2090_spec.rb +2 -2
data/spec/lib/kb/cve_2013_2105_spec.rb +1 -1
data/spec/lib/kb/cve_2013_2119_spec.rb +5 -5
data/spec/lib/kb/cve_2013_2512_spec.rb +2 -2
data/spec/lib/kb/cve_2013_2513_spec.rb +2 -2
data/spec/lib/kb/cve_2013_2516_spec.rb +2 -2
data/spec/lib/kb/cve_2013_4203_spec.rb +2 -2
data/spec/lib/kb/cve_2013_4413_spec.rb +2 -2
data/spec/lib/kb/cve_2013_4489_spec.rb +11 -11
data/spec/lib/kb/cve_2013_4491_spec.rb +2 -2
data/spec/lib/kb/cve_2013_4593_spec.rb +2 -2
data/spec/lib/kb/cve_2013_5647_spec.rb +3 -3
data/spec/lib/kb/cve_2013_5671_spec.rb +4 -4
data/spec/lib/kb/cve_2013_6416_spec.rb +5 -5
data/spec/lib/kb/cve_2013_6459_spec.rb +2 -2
data/spec/lib/kb/cve_2013_7086_spec.rb +3 -3
data/spec/lib/kb/cve_2014_0036_spec.rb +2 -2
data/spec/lib/kb/cve_2014_0080_spec.rb +5 -5
data/spec/lib/kb/cve_2014_0081_spec.rb +10 -10
data/spec/lib/kb/cve_2014_0082_spec.rb +8 -8
data/spec/lib/kb/cve_2014_0130_spec.rb +3 -3
data/spec/lib/kb/cve_2014_1233_spec.rb +2 -2
data/spec/lib/kb/cve_2014_1234_spec.rb +2 -2
data/spec/lib/kb/cve_2014_2322_spec.rb +2 -2
data/spec/lib/kb/cve_2014_2538_spec.rb +2 -2
data/spec/lib/kb/cve_2014_3482_spec.rb +2 -2
data/spec/lib/kb/cve_2014_3483_spec.rb +5 -5
data/spec/lib/kb/cve_2014_7818_spec.rb +8 -8
data/spec/lib/kb/cve_2014_7819_spec.rb +32 -32
data/spec/lib/kb/cve_2014_7829_spec.rb +10 -10
data/spec/lib/kb/cve_2014_9490_spec.rb +2 -2
data/spec/lib/kb/cve_2015_1819_spec.rb +2 -2
data/spec/lib/kb/cve_2015_1840_spec.rb +7 -7
data/spec/lib/kb/cve_2015_2963_spec.rb +2 -2
data/spec/lib/kb/cve_2015_3224_spec.rb +2 -2
data/spec/lib/kb/cve_2015_3225_spec.rb +5 -5
data/spec/lib/kb/cve_2015_3226_spec.rb +6 -6
data/spec/lib/kb/cve_2015_3227_spec.rb +5 -5
data/spec/lib/kb/cve_2015_3448_spec.rb +2 -2
data/spec/lib/kb/cve_2015_4020_spec.rb +4 -4
data/spec/lib/kb/cve_2015_5312_spec.rb +6 -6
data/spec/lib/kb/cve_2015_7497_spec.rb +6 -6
data/spec/lib/kb/cve_2015_7498_spec.rb +6 -6
data/spec/lib/kb/cve_2015_7499_spec.rb +6 -6
data/spec/lib/kb/cve_2015_7500_spec.rb +6 -6
data/spec/lib/kb/cve_2015_7519_spec.rb +4 -4
data/spec/lib/kb/cve_2015_7541_spec.rb +2 -2
data/spec/lib/kb/cve_2015_7576_spec.rb +11 -11
data/spec/lib/kb/cve_2015_7577_spec.rb +11 -11
data/spec/lib/kb/cve_2015_7578_spec.rb +2 -2
data/spec/lib/kb/cve_2015_7579_spec.rb +4 -4
data/spec/lib/kb/cve_2015_7581_spec.rb +11 -11
data/spec/lib/kb/cve_2015_8241_spec.rb +6 -6
data/spec/lib/kb/cve_2015_8242_spec.rb +6 -6
data/spec/lib/kb/cve_2015_8317_spec.rb +6 -6
data/spec/lib/kb/cve_2016_0751_spec.rb +11 -11
data/spec/lib/kb/cve_2016_0752_spec.rb +11 -11
data/spec/lib/kb/cve_2016_0753_spec.rb +11 -11
data/spec/lib/kb/cve_2016_2097_spec.rb +35 -0
data/spec/lib/kb/cve_2016_2098_spec.rb +39 -0
data/spec/lib/kb/osvdb_105971_spec.rb +2 -2
data/spec/lib/kb/osvdb_108530_spec.rb +3 -3
data/spec/lib/kb/osvdb_108563_spec.rb +2 -2
data/spec/lib/kb/osvdb_108569_spec.rb +2 -2
data/spec/lib/kb/osvdb_108570_spec.rb +2 -2
data/spec/lib/kb/osvdb_115654_spec.rb +2 -2
data/spec/lib/kb/osvdb_116010_spec.rb +2 -2
data/spec/lib/kb/osvdb_117903_spec.rb +4 -4
data/spec/lib/kb/osvdb_118830_spec.rb +2 -2
data/spec/lib/kb/osvdb_118954_spec.rb +3 -3
data/spec/lib/kb/osvdb_119878_spec.rb +21 -21
data/spec/lib/kb/osvdb_119927_spec.rb +2 -2
data/spec/lib/kb/osvdb_120415_spec.rb +2 -2
data/spec/lib/kb/osvdb_120857_spec.rb +6 -6
data/spec/lib/kb/osvdb_121701_spec.rb +2 -2
data/spec/lib/kb/owasp_ror_cheatsheet_disabled.rb +10 -10
metadata +9 -2
metadata.gz.sig +0 -0

data/spec/lib/kb/cve_2012_6684_spec.rb CHANGED

@@ -6,11 +6,11 @@ describe "The CVE-2012-6684 vulnerability" do
 	end
   it "is reported when vulnerable raven-ruby gem is used (4.2.9)" do
     @check.dependencies = [{:name=>"RedCloth", :version=>'4.2.9'}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is not reported when safe raven-ruby gem is used (4.2.10)" do
     @check.dependencies = [{:name=>"RedCloth", :version=>'4.2.10'}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end

data/spec/lib/kb/cve_2013_0162_spec.rb CHANGED

@@ -6,18 +6,18 @@ describe "The CVE-2013-0162 vulnerability" do
 	end
   it "is reported when ruby_parser version 1.x is used" do
     @check.dependencies = [{:name=>"ruby_parser", :version=>'1.4.5'}]
-    @check.vuln?.should == true
+    expect(@check.vuln?).to eq(true)
   end
   it "is reported when ruby_parser version 2.x is used" do
     @check.dependencies = [{:name=>"ruby_parser", :version=>'2.4.5'}]
-    @check.vuln?.should == true
+    expect(@check.vuln?).to eq(true)
   end
   it "is reported when ruby_parser version 3.0.x is used" do
     @check.dependencies = [{:name=>"ruby_parser", :version=>'3.0.5'}]
-    @check.vuln?.should == true
+    expect(@check.vuln?).to eq(true)
   end
   it "is not reported when ruby_parser version 3.1.1 is used" do
     @check.dependencies = [{:name=>"ruby_parser", :version=>'3.1.1'}]
-    @check.vuln?.should == false
+    expect(@check.vuln?).to eq(false)
   end
 end

data/spec/lib/kb/cve_2013_0183_spec.rb CHANGED

@@ -7,48 +7,48 @@ describe "The CVE-2013-0183 vulnerability" do
   it "is reported when the vulnerable gem is detected - 1.3.0" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.1" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.1"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.2" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.2"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.3" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.3"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.4" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.4"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.5" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.5"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.6" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.6"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.7" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.7"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.4.0" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.4.1" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.1"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.4.2" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.2"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
 end

data/spec/lib/kb/cve_2013_0184_spec.rb CHANGED

@@ -7,109 +7,109 @@ describe "The CVE-2013-0184 vulnerability" do
   it "is reported when the vulnerable gem is detected - 1.1.0" do
     @check.dependencies = [{:name=>"rack", :version=>"1.1.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.1.3" do
     @check.dependencies = [{:name=>"rack", :version=>"1.1.3"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.1.2" do
     @check.dependencies = [{:name=>"rack", :version=>"1.1.2"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.1.4" do
     @check.dependencies = [{:name=>"rack", :version=>"1.1.4"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.2.0" do
     @check.dependencies = [{:name=>"rack", :version=>"1.2.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.2.1" do
     @check.dependencies = [{:name=>"rack", :version=>"1.2.1"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.2.2" do
     @check.dependencies = [{:name=>"rack", :version=>"1.2.2"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.2.3" do
     @check.dependencies = [{:name=>"rack", :version=>"1.2.3"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.2.4" do
     @check.dependencies = [{:name=>"rack", :version=>"1.2.4"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.2.5" do
     @check.dependencies = [{:name=>"rack", :version=>"1.2.5"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.2.6" do
     @check.dependencies = [{:name=>"rack", :version=>"1.2.6"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.0" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.1" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.1"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.2" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.2"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.3" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.3"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.4" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.4"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.5" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.5"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.6" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.6"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.7" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.7"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected - 1.3.8" do
     @check.dependencies = [{:name=>"rack", :version=>"1.3.8"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.1"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.2"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.3"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is not reported when a fixed release is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.5"}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
   it "is not reported when a fixed release is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.5.2"}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end

data/spec/lib/kb/cve_2013_0256_spec.rb CHANGED

@@ -6,29 +6,29 @@ describe "The CVE-2013-0256 vulnerability" do
 	end
   it "fires when vulnerable ruby (1.9.3-p382) and rdoc version (2.3.0) has been found" do
     @check.options={:detected_ruby=>{:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"381"}, :dependencies=>[{:name=>"rdoc", :version=>'2.3.0'}, :root_dir=>"."]}
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "fires when vulnerable ruby (1.9.2-p342) and rdoc version (2.3.0) has been found" do
     @check.options={:detected_ruby=>{:engine=>"ruby", :version=>"1.9.2", :patchlevel=>"342"}, :dependencies=>[{:name=>"rdoc", :version=>'2.3.0'}, :root_dir=>"."]}
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "fires when vulnerable ruby (1.9.3-p382) and rdoc version (3.12) has been found" do
     @check.options={:detected_ruby=>{:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"381"}, :dependencies=>[{:name=>"rdoc", :version=>'3.12'}, :root_dir=>"."]}
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "fires when vulnerable ruby (1.9.2-p342) and rdoc version (3.12) has been found" do
     @check.options={:detected_ruby=>{:engine=>"ruby", :version=>"1.9.2", :patchlevel=>"342"}, :dependencies=>[{:name=>"rdoc", :version=>'3.12'}, :root_dir=>"."]}
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "doesn't fire when not vulnerable ruby (1.9.3-p383) is found but vulnerable rdoc version (3.12) has been found" do
     @check.options={:detected_ruby=>{:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"383"}, :dependencies=>[{:name=>"rdoc", :version=>'3.12'}, :root_dir=>"."]}
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
   it "doesn't fire when vulnerable ruby (1.9.3-p382) is found but not vulnerable rdoc version (3.13) has been found" do
     @check.options={:detected_ruby=>{:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"322"}, :dependencies=>[{:name=>"rdoc", :version=>'3.13'}, :root_dir=>"."]}
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end

data/spec/lib/kb/cve_2013_0262_spec.rb CHANGED

@@ -7,38 +7,38 @@ describe "The CVE-2013-0262 vulnerability" do
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.5.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.5.1"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.1"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.2"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.3"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is reported when the vulnerable gem is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.4"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is not reported when a fixed release is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.4.5"}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
   it "is not reported when a fixed release is detected" do
     @check.dependencies = [{:name=>"rack", :version=>"1.5.2"}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end

data/spec/lib/kb/cve_2013_0263_spec.rb CHANGED

@@ -6,6 +6,6 @@ describe "The CVE-2013-0263 vulnerability" do
 	end
   it "is not reported when rack version 1.4.5 is used" do
     @check.dependencies = [{:name=>"rack", :version=>'1.4.5'}]
-    @check.vuln?.should == false
+    expect(@check.vuln?).to eq(false)
   end
 end

data/spec/lib/kb/cve_2013_1607_spec.rb CHANGED

@@ -6,10 +6,10 @@ describe "The CVE-2013-1607 vulnerability" do
 	end
   it "is reported when a pdfkit gem version 0.5.2 is detected" do
     @check.dependencies = [{:name=>"pdfkit", :version=>"0.5.2"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is not reported when a pdfkit gem version 0.5.3 is detected" do
     @check.dependencies = [{:name=>"pdfkit", :version=>"0.5.3"}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end

data/spec/lib/kb/cve_2013_1655_spec.rb CHANGED

@@ -8,24 +8,24 @@ describe "The CVE-2013-1655 vulnerability" do
   it "is detected if vulnerable version of puppet rubygem is detect when running on ruby 1.9.3 and 2.0.0" do
     @check.options[:dependencies]=[{:name=>"puppet", :version=>'2.7.20'}]
     @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p342"}
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is ignored if only vulnerable version of puppet rubygem has been found" do
     @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p358"}
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
   it "is ignored if only the vulnerable ruby interpreter version has been found" do
     @check.options[:dependencies]=[{:name=>"puppet", :version=>'8.7.21'}]
     @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p342"}
     # @check.dump_status
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
   it "is ignored if none of the prerequisites have been met" do
     @check.options[:dependencies]=[{:name=>"puppet", :version=>'8.7.21'}]
     @check.options[:detected_ruby] = {:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p342"}
     # @check.dump_status
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end

data/spec/lib/kb/cve_2013_1756_spec.rb CHANGED

@@ -6,18 +6,18 @@ describe "The CVE-2013-1756 vulnerability" do
 	end
   it "is reported when dragonfly version 0.9.12 is used" do
     @check.dependencies = [{:name=>"dragonfly", :version=>'0.9.12'}]
-    @check.vuln?.should == true
+    expect(@check.vuln?).to eq(true)
   end
   it "is reported when dragonfly version 0.8.12 is used" do
     @check.dependencies = [{:name=>"dragonfly", :version=>'0.8.12'}]
-    @check.vuln?.should == true
+    expect(@check.vuln?).to eq(true)
   end
   it "is reported when dragonfly version 0.7.12 is used" do
     @check.dependencies = [{:name=>"dragonfly", :version=>'0.7.12'}]
-    @check.vuln?.should == true
+    expect(@check.vuln?).to eq(true)
   end
   it "is not reported when dragonfly version 0.9.13 is used" do
     @check.dependencies = [{:name=>"dragonfly", :version=>'0.9.13'}]
-    @check.vuln?.should == false
+    expect(@check.vuln?).to eq(false)
   end
 end

data/spec/lib/kb/cve_2013_2090_spec.rb CHANGED

@@ -6,10 +6,10 @@ describe "The CVE-2013-2090 vulnerability" do
 	end
   it "fires when vulnerable cremefraiche version is used" do
     @check.dependencies = [{:name=>"cremefraiche", :version=>'0.6.1'}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "doesn't fire when not vulnerable cremefraiche version is used" do
     @check.dependencies = [{:name=>"cremefraiche", :version=>'0.6.2'}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end

data/spec/lib/kb/cve_2013_2105_spec.rb CHANGED

@@ -6,6 +6,6 @@ describe "The CVE-2013-2105 vulnerability" do
 	end
   it "is reported when show_in_browser vulnerable version is reported (0.0.3)" do
     @check.dependencies = [{:name=>'show_in_browser', :version=>'0.0.3'}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
 end

data/spec/lib/kb/cve_2013_2119_spec.rb CHANGED

@@ -6,22 +6,22 @@ describe "The CVE-2013-2119 vulnerability" do
 	end
   it "fires when vulnerable passenger version is used" do
     @check.dependencies = [{:name=>"passenger", :version=>"4.0.4"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "fires when vulnerable passenger version is used" do
     @check.dependencies = [{:name=>"passenger", :version=>"4.0.0"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "fires when vulnerable passenger version is used" do
     @check.dependencies = [{:name=>"passenger", :version=>"3.0.20"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "doesn't fire when not vulnerable passenger version is used" do
     @check.dependencies = [{:name=>"passenger", :version=>"4.0.5"}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
   it "doesn't fire when not vulnerable passenger version is used" do
     @check.dependencies = [{:name=>"passenger", :version=>"3.0.21"}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end

data/spec/lib/kb/cve_2013_2512_spec.rb CHANGED

@@ -6,10 +6,10 @@ describe "The CVE-2013-2512 vulnerability" do
 	end
   it "is reported when a ftpd gem version 0.2.1 is detected" do
     @check.dependencies = [{:name=>"ftpd", :version=>"0.2.1"}]
-    @check.vuln?.should   == true
+    expect(@check.vuln?).to   eq(true)
   end
   it "is not reported when a ftpd gem version 0.2.2 is detected" do
     @check.dependencies = [{:name=>"ftpd", :version=>"0.2.2"}]
-    @check.vuln?.should   == false
+    expect(@check.vuln?).to   eq(false)
   end
 end