dawnscanner 2.1.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,35 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe "CVE-2013-0175 security check" do
4
- let (:check) {Dawn::Kb::CVE_2013_0175.new}
5
- it "knows its name" do
6
- expect(check.name).to eq("CVE-2013-0175")
7
- end
8
- it "has a 7.5 cvss score" do
9
- check.cvss_score == 7.5
10
- end
11
-
12
- it "fires when multi_xml vulnerable gem it has been found" do
13
- check.dependencies = [{:name=>"multi_xml", :version=>"0.5.2"}]
14
- expect(check.vuln?).to eq(true)
15
- end
16
- it "fires when Grape vulnerable gem it has been found" do
17
- check.dependencies = [{:name=>"grape", :version=>"0.2.5"}]
18
- expect(check.vuln?).to eq(true)
19
- end
20
- it "fires when multi_xml gem is not vulnerable but Grape is" do
21
- check.dependencies = [{:name=>"grape", :version=>"0.2.5"}, {:name=>"multi_xml", :version=>"0.5.3"}]
22
- expect(check.vuln?).to eq(true)
23
- end
24
- it "fires when multi_xml gem is vulnerable but Grape is not" do
25
- check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.2"}]
26
- expect(check.vuln?).to eq(true)
27
- end
28
-
29
- it "doesn't fire when no vulnerabilities were found" do
30
- check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.3"}]
31
- expect(check.vuln?).to eq(false)
32
- end
33
-
34
-
35
- end
@@ -1,41 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe "The CVE-2013-4457 vulnerability" do
4
- before(:all) do
5
- @check = Dawn::Kb::CVE_2013_4457.new
6
- # @check.debug = true
7
- end
8
- it "is detected if vulnerable version of cocaine rubygem is detected" do
9
- @check.dependencies=[{:name=>"cocaine", :version=>'0.4.0'}]
10
- expect(@check.vuln?).to eq(true)
11
- end
12
- it "is detected if vulnerable version of cocaine rubygem is detected" do
13
- @check.dependencies=[{:name=>"cocaine", :version=>'0.4.1'}]
14
- expect(@check.vuln?).to eq(true)
15
- end
16
- it "is detected if vulnerable version of cocaine rubygem is detected" do
17
- @check.dependencies=[{:name=>"cocaine", :version=>'0.4.2'}]
18
- expect(@check.vuln?).to eq(true)
19
- end
20
- it "is detected if vulnerable version of cocaine rubygem is detected" do
21
- @check.dependencies=[{:name=>"cocaine", :version=>'0.5.0'}]
22
- expect(@check.vuln?).to eq(true)
23
- end
24
- it "is detected if vulnerable version of cocaine rubygem is detected" do
25
- @check.dependencies=[{:name=>"cocaine", :version=>'0.5.1'}]
26
- expect(@check.vuln?).to eq(true)
27
- end
28
- it "is detected if vulnerable version of cocaine rubygem is detected" do
29
- @check.dependencies=[{:name=>"cocaine", :version=>'0.5.2'}]
30
- expect(@check.vuln?).to eq(true)
31
- end
32
-
33
- it "is skipped if non vulnerable version of cocaine rubygem is detected" do
34
- @check.dependencies=[{:name=>"cocaine", :version=>'0.3.2'}]
35
- # @check.debug = true
36
- expect(@check.vuln?).to eq(false)
37
- end
38
-
39
-
40
-
41
- end
@@ -1,79 +0,0 @@
1
- require 'spec_helper'
2
-
3
- # class DependencyMockup
4
- # include Dawn::Kb::DependencyCheck
5
-
6
- # def initialize
7
- # message = "This is a mock"
8
- # super(
9
- # :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
10
- # :applies=>['sinatra', 'padrino', 'rails'],
11
- # :message=> message
12
- # )
13
- # # self.debug = true
14
-
15
- # self.safe_dependencies = [{:name=>'this_gem', :version=>['0.3.0', '1.3.3', '2.3.3', '2.4.2', '9.4.31.2']}]
16
- # self.save_major = true
17
- # end
18
- # end
19
-
20
-
21
- describe "The security check for gem dependency should" do
22
- before(:all) do
23
- @check = Dawn::Kb::DependencyCheck.new
24
- @check.kind=Dawn::KnowledgeBase::DEPENDENCY_CHECK
25
- @check.applies = ['sinatra', 'padrino', 'rails']
26
- @check.message = "This is a mock"
27
- end
28
- # let (:check) {Mockup.new}
29
-
30
- it "gives an unkown priority value" do
31
- expect(@check.priority).to eq("unknown")
32
- end
33
-
34
- it "gives the assigned priority value" do
35
- @check.priority = :critical
36
- expect(@check.priority).to eq("critical")
37
- end
38
- it "gives an unknown severity since no CVSS is provided and no severity is given" do
39
- expect(@check.severity).to eq("unknown")
40
- end
41
-
42
- it "gives the severity level provided. No CVSS is here" do
43
- @check.severity = :critical
44
- expect(@check.severity).to eq("critical")
45
- end
46
-
47
- it "fires if vulnerable 0.2.9 version is detected" do
48
- @check.dependencies = [{:name=>"this_gem", :version=>'0.2.9'}]
49
- expect(@check.vuln?).to eq(true)
50
- end
51
- it "doesn't fire if not vulnerable 0.4.0 version is found" do
52
- @check.dependencies = [{:name=>"this_gem", :version=>'0.4.0'}]
53
- expect(@check.vuln?).to eq(false)
54
- end
55
-
56
- it "fires if vulnerable 1.3.2 version is found" do
57
- @check.dependencies = [{:name=>"this_gem", :version=>'1.3.2'}]
58
- expect(@check.vuln?).to eq(true)
59
- end
60
-
61
- it "doesn't fire if not vulnerable 1.4.2 version is found" do
62
- @check.dependencies = [{:name=>"this_gem", :version=>'1.4.2'}]
63
- expect(@check.vuln?).to eq(false)
64
- end
65
-
66
- it "doesn't fires when a non vulnerable version is found and there is a fixed version with higher minor release but I asked to honor the minor version (useful with rails gem)" do
67
- @check.dependencies = [{:name=>"this_gem", :version=>'2.3.3'}]
68
- @check.save_minor = true
69
- expect(@check.vuln?).to eq(false)
70
- end
71
- it "fires when a vulnerable version (2.3.2) is found even if I asked to save minors..." do
72
- @check.dependencies = [{:name=>"this_gem", :version=>'2.3.2'}]
73
- @check.save_minor = true
74
- expect(@check.vuln?).to eq(true)
75
-
76
- end
77
-
78
-
79
- end
@@ -1,29 +0,0 @@
1
- require 'spec_helper'
2
-
3
-
4
- describe "The security check for gem unsafe dependency should" do
5
- before(:all) do
6
- @check = YAML.load_file("./spec/lib/kb/dependency_check.yml")
7
- @check.debug=true
8
- puts @check.vulnerable_version_array
9
- end
10
-
11
- it "fires if vulnerable 0.5.0 version is detected" do
12
- @check.dependencies = [{:name=>"acme-gem", :version=>'0.5.0'}]
13
- expect(@check.vuln?).to eq(true)
14
- end
15
- it "fires if vulnerable 1.3.2 version is found" do
16
- @check.dependencies = [{:name=>"acme-gem", :version=>'1.3.2'}]
17
- expect(@check.vuln?).to eq(true)
18
- end
19
-
20
- it "fires if vulnerable 3.4.0 version is found" do
21
- @check.dependencies = [{:name=>"acme-gem", :version=>'3.4.0'}]
22
- expect(@check.vuln?).to eq(true)
23
- end
24
-
25
- it "doesn't fire if not vulnerable 3.0.0 version is found" do
26
- @check.dependencies = [{:name=>"acme-gem", :version=>'3.0.0'}]
27
- expect(@check.vuln?).to eq(false)
28
- end
29
- end