dawnscanner 2.1.0 → 2.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Changelog.md +5 -1
  3. data/Rakefile +6 -6
  4. data/VERSION +1 -1
  5. data/checksum/dawnscanner-2.1.0.gem.sha1 +1 -0
  6. data/features/step_definition/dawn_steps.rb +4 -5
  7. data/lib/dawn/knowledge_base.rb +4 -4
  8. data/lib/dawn/version.rb +4 -4
  9. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b54d897767ce4e5a5e565205cafb15af72ae9bf92079718dfa416d8fcc4900cb
4
- data.tar.gz: 17d4cba48fb33fb04c473b0cb9e9f85c1aa40c84f16a39c1df34332695e0435b
3
+ metadata.gz: fbb231ba7ae0542ffa5a4df93bf1957ca989e4073129f8c57894b2f6d5813973
4
+ data.tar.gz: 833442b38e833db16ee550a56e26ce67b69cc77ee4ff2b69389bd1dab7ff16b3
5
5
  SHA512:
6
- metadata.gz: c689915e7a17e4db223a9ef587a3c70ab1e6f748d54dec0463da7cf728770a77f9a298995959befbe77f322771de1c1eefb5bdd9e6c27352c389e2789d4d05e9
7
- data.tar.gz: be77801fb48251c860b2b07341927dbc704eb34f28951f082d0971aa23c96cdf90d70bff219b946e67facea7022948ac9aa3353e0a87a4441ab6f7ea5f7fa19f
6
+ metadata.gz: 157a7aaf188e55b35027cae52ae7f7a71146d2b490ab5d31b8eaf3dcfc29a10de0dc3ef646e0d9b8f30330ec3b73412df62bdb4467233046b92a98f2ba4bb81a
7
+ data.tar.gz: 012e8a07b7d8bdde1947b8c0ccd6fee4bd31336c72481934ec74d4f252847fb26a0bcbab60550c2221d9716d2e51bdefeff140425c99a82e7af4df5e15a7b074
data/Changelog.md CHANGED
@@ -5,7 +5,11 @@ It supports [Sinatra](http://www.sinatrarb.com),
5
5
  [Padrino](http://www.padrinorb.com) and [Ruby on Rails](http://rubyonrails.org)
6
6
  frameworks.
7
7
 
8
- _latest update: thu 13 apr 2023, 16:54:52, CEST_
8
+ _latest update: fri 14 apr 2023, 16:36:56, CEST_
9
+
10
+ ## Version 2.1.1 (2023-04-14)
11
+
12
+ * Issue #252 fix was uncomplete.
9
13
 
10
14
  ## Version 2.1.0 (2023-04-13)
11
15
 
data/Rakefile CHANGED
@@ -160,35 +160,35 @@ namespace :rubysec do
160
160
  end
161
161
 
162
162
  def __kb_pack
163
- if Dir.exists? "#{YAML_KB}/bulletin"
163
+ if Dir.exist? "#{YAML_KB}/bulletin"
164
164
  system "tar cfvz #{YAML_KB}/bulletin.tar.gz -C #{YAML_KB} bulletin"
165
165
  system "rm -rf #{YAML_KB}/bulletin"
166
166
  system "shasum -a 256 #{YAML_KB}/bulletin.tar.gz > #{YAML_KB}/bulletin.tar.gz.sig"
167
167
  end
168
168
 
169
- if Dir.exists? "#{YAML_KB}/generic_check"
169
+ if Dir.exist? "#{YAML_KB}/generic_check"
170
170
  system "tar cfvz #{YAML_KB}/generic_check.tar.gz -C #{YAML_KB} generic_check"
171
171
  system "rm -rf #{YAML_KB}/generic_check"
172
172
  system "shasum -a 256 #{YAML_KB}/generic_check.tar.gz > #{YAML_KB}/generic_check.tar.gz.sig"
173
173
  end
174
174
 
175
- if Dir.exists? "#{YAML_KB}/owasp_ror_cheatsheet"
175
+ if Dir.exist? "#{YAML_KB}/owasp_ror_cheatsheet"
176
176
  system "tar cfvz #{YAML_KB}/owasp_ror_cheatsheet.tar.gz -C #{YAML_KB} owasp_ror_cheatsheet"
177
177
  system "rm -rf #{YAML_KB}/owasp_ror_cheatsheet"
178
178
  system "shasum -a 256 #{YAML_KB}/owasp_ror_cheatsheet.tar.gz > #{YAML_KB}/owasp_ror_cheatsheet.tar.gz.sig"
179
179
  end
180
180
 
181
- if Dir.exists? "#{YAML_KB}/code_style"
181
+ if Dir.exist? "#{YAML_KB}/code_style"
182
182
  system "tar cfvz #{YAML_KB}/code_style.tar.gz -C #{YAML_KB} code_style"
183
183
  system "rm -rf #{YAML_KB}/code_style"
184
184
  system "shasum -a 256 #{YAML_KB}/code_style.tar.gz > #{YAML_KB}/code_style.tar.gz.sig"
185
185
  end
186
- if Dir.exists? "#{YAML_KB}/code_quality"
186
+ if Dir.exist? "#{YAML_KB}/code_quality"
187
187
  system "tar cfvz #{YAML_KB}/code_quality.tar.gz -C #{YAML_KB} code_quality"
188
188
  system "rm -rf #{YAML_KB}/code_quality"
189
189
  system "shasum -a 256 #{YAML_KB}/code_quality.tar.gz > #{YAML_KB}/code_quality.tar.gz.sig"
190
190
  end
191
- if Dir.exists? "#{YAML_KB}/owasp_top_10"
191
+ if Dir.exist? "#{YAML_KB}/owasp_top_10"
192
192
  system "tar cfvz #{YAML_KB}/owasp_top_10.tar.gz -C #{YAML_KB} owasp_top_10"
193
193
  system "rm -rf #{YAML_KB}/owasp_top_10"
194
194
  system "shasum -a 256 #{YAML_KB}/owasp_top_10.tar.gz > #{YAML_KB}/owasp_top_10.tar.gz.sig"
data/VERSION CHANGED
@@ -1,3 +1,3 @@
1
1
  # I removed codenames :-)
2
2
  # Code review is fun
3
- 2.1.0
3
+ 2.1.1
data/checksum/dawnscanner-2.1.0.gem.sha1 ADDED
@@ -0,0 +1 @@
1
+ e463c7c3f54c900752f3b9be47da3f311cddd941
data/features/step_definition/dawn_steps.rb CHANGED
@@ -1,19 +1,18 @@
1
1
  Given /^the generic project "(.*?)" doesn't exist$/ do |file|
2
- FileUtils.rm(file) if File.exists?(file)
2
+ FileUtils.rm(file) if File.exist?(file)
3
3
  end
4
4
 
5
5
  Given /^the hello world rails project does exist$/ do
6
6
  system("rm -rf /tmp/hello_world_3.2.13")
7
- system("cp -a ./spec/support/hello_world_3.2.13 /tmp")
7
+ system("cp -a ./spec/support/hello_world_3.2.13 /tmp")
8
8
  end
9
9
 
10
10
  Given /^a safe sinatra application exists$/ do
11
11
  system("rm -rf /tmp/sinatra-safe")
12
- system("cp -a ./spec/support/sinatra-safe /tmp")
12
+ system("cp -a ./spec/support/sinatra-safe /tmp")
13
13
  end
14
14
 
15
15
  Given /^a vulnerable sinatra application exists$/ do
16
16
  system("rm -rf /tmp/sinatra-vulnerable")
17
- system("cp -a ./spec/support/sinatra-vulnerable /tmp")
17
+ system("cp -a ./spec/support/sinatra-vulnerable /tmp")
18
18
  end
19
-
data/lib/dawn/knowledge_base.rb CHANGED
@@ -244,7 +244,7 @@ module Dawn
244
244
  # Please note that if we enter in this branch, it means someone
245
245
  # tampered the KB between the previous __valid? check and this point.
246
246
  # Of course this is a very rare situation, but we must handle it.
247
- unless Dir.exists?(dir)
247
+ unless Dir.exist?(dir)
248
248
  $logger.warn "Missing check directory #{dir}"
249
249
  else
250
250
  Dir.glob(dir+"/**/*.yml").each do |f|
@@ -311,12 +311,12 @@ module Dawn
311
311
 
312
312
  lines = ""
313
313
 
314
- unless File.exists?(File.join(@path, "kb.yaml"))
314
+ unless File.exist?(File.join(@path, "kb.yaml"))
315
315
  $logger.error "Missing kb.yaml in #{path}. Giving up"
316
316
  return false
317
317
  end
318
318
 
319
- unless File.exists?(File.join(@path, "kb.yaml.sig"))
319
+ unless File.exist?(File.join(@path, "kb.yaml.sig"))
320
320
  $logger.error "Missing kb.yaml signature in #{path}. Giving up"
321
321
  return false
322
322
  end
@@ -343,7 +343,7 @@ module Dawn
343
343
  # local DB path
344
344
  def __packed?
345
345
  FILES.each do |fn|
346
- return true if fn.end_with? 'tar.gz' and File.exists?(File.join(@path, fn))
346
+ return true if fn.end_with? 'tar.gz' and File.exist?(File.join(@path, fn))
347
347
  end
348
348
  return false
349
349
  end
data/lib/dawn/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module Dawn
2
- VERSION = "2.1.0"
3
- RELEASE = "20230413"
4
- BUILD = "3"
5
- COMMIT = "gc8a1ac6"
2
+ VERSION = "2.1.1"
3
+ RELEASE = "20230414"
4
+ BUILD = "1"
5
+ COMMIT = "gbb3ea6d"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dawnscanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 2.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Paolo Perego
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-04-13 00:00:00.000000000 Z
11
+ date: 2023-04-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: cvss
@@ -277,6 +277,7 @@ files:
277
277
  - checksum/dawnscanner-2.0.0.rc2.gem.sha1
278
278
  - checksum/dawnscanner-2.0.0.rc3.gem.sha1
279
279
  - checksum/dawnscanner-2.0.0.rc5.gem.sha1
280
+ - checksum/dawnscanner-2.1.0.gem.sha1
280
281
  - code_of_conduct.md
281
282
  - dawnscanner.gemspec
282
283
  - doc/change.sh