dawnscanner 2.1.1 → 2.2.0

data/spec/lib/kb/codesake_cve_2013_0175_spec.rb

@@ -1,35 +0,0 @@
-require 'spec_helper'
-
-describe "CVE-2013-0175 security check" do
-  let (:check) {Dawn::Kb::CVE_2013_0175.new}
-  it "knows its name" do
-    expect(check.name).to eq("CVE-2013-0175")
-  end
-  it "has a 7.5 cvss score" do
-    check.cvss_score == 7.5
-  end
-
-  it "fires when multi_xml vulnerable gem it has been found" do
-    check.dependencies = [{:name=>"multi_xml", :version=>"0.5.2"}]
-    expect(check.vuln?).to eq(true)
-  end
-  it "fires when Grape vulnerable gem it has been found" do
-    check.dependencies = [{:name=>"grape", :version=>"0.2.5"}]
-    expect(check.vuln?).to eq(true)
-  end
-  it "fires when multi_xml gem is not vulnerable but Grape is" do
-    check.dependencies = [{:name=>"grape", :version=>"0.2.5"}, {:name=>"multi_xml", :version=>"0.5.3"}]
-    expect(check.vuln?).to eq(true)
-  end
-  it "fires when multi_xml gem is vulnerable but Grape is not" do
-    check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.2"}]
-    expect(check.vuln?).to eq(true)
-  end
-
-  it "doesn't fire when no vulnerabilities were found" do
-    check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.3"}]
-    expect(check.vuln?).to eq(false)
-  end
-
-
-end

data/spec/lib/kb/codesake_cve_2013_4457_spec.rb

@@ -1,41 +0,0 @@
-require 'spec_helper'
-
-describe "The CVE-2013-4457 vulnerability" do
-  before(:all) do 
-    @check = Dawn::Kb::CVE_2013_4457.new
-    # @check.debug = true
-  end
-  it "is detected if vulnerable version of cocaine rubygem is detected" do
-    @check.dependencies=[{:name=>"cocaine", :version=>'0.4.0'}]
-    expect(@check.vuln?).to   eq(true)
-  end
-  it "is detected if vulnerable version of cocaine rubygem is detected" do
-    @check.dependencies=[{:name=>"cocaine", :version=>'0.4.1'}]
-    expect(@check.vuln?).to   eq(true)
-  end
-  it "is detected if vulnerable version of cocaine rubygem is detected" do
-    @check.dependencies=[{:name=>"cocaine", :version=>'0.4.2'}]
-    expect(@check.vuln?).to   eq(true)
-  end
-  it "is detected if vulnerable version of cocaine rubygem is detected" do
-    @check.dependencies=[{:name=>"cocaine", :version=>'0.5.0'}]
-    expect(@check.vuln?).to   eq(true)
-  end
-  it "is detected if vulnerable version of cocaine rubygem is detected" do
-    @check.dependencies=[{:name=>"cocaine", :version=>'0.5.1'}]
-    expect(@check.vuln?).to   eq(true)
-  end
-  it "is detected if vulnerable version of cocaine rubygem is detected" do
-    @check.dependencies=[{:name=>"cocaine", :version=>'0.5.2'}]
-    expect(@check.vuln?).to   eq(true)
-  end
-
-  it "is skipped if non vulnerable version of cocaine rubygem is detected" do
-    @check.dependencies=[{:name=>"cocaine", :version=>'0.3.2'}]
-    # @check.debug = true
-    expect(@check.vuln?).to   eq(false)
-  end
-
-
-
-end

data/spec/lib/kb/codesake_dependency_version_check_spec.rb

@@ -1,79 +0,0 @@
-require 'spec_helper'
-
-# class DependencyMockup
-#   include Dawn::Kb::DependencyCheck
-
-#   def initialize
-#     message = "This is a mock"
-#     super(
-#       :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
-#       :applies=>['sinatra', 'padrino', 'rails'],
-#       :message=> message
-#     )
-#     # self.debug = true
-
-#     self.safe_dependencies = [{:name=>'this_gem', :version=>['0.3.0', '1.3.3', '2.3.3', '2.4.2', '9.4.31.2']}]
-#     self.save_major = true
-#   end
-# end
-
-
-describe "The security check for gem dependency should" do
-  before(:all) do
-    @check = Dawn::Kb::DependencyCheck.new
-    @check.kind=Dawn::KnowledgeBase::DEPENDENCY_CHECK
-    @check.applies = ['sinatra', 'padrino', 'rails']
-    @check.message = "This is a mock"
-  end
-  # let (:check) {Mockup.new}
-
-  it "gives an unkown priority value" do
-    expect(@check.priority).to eq("unknown")
-  end
-
-  it "gives the assigned priority value" do
-    @check.priority = :critical
-    expect(@check.priority).to eq("critical")
-  end
-  it "gives an unknown severity since no CVSS is provided and no severity is given" do
-    expect(@check.severity).to  eq("unknown")
-  end
-
-  it "gives the severity level provided. No CVSS is here" do
-    @check.severity = :critical
-    expect(@check.severity).to  eq("critical")
-  end
-
-  it "fires if vulnerable 0.2.9 version is detected" do
-    @check.dependencies = [{:name=>"this_gem", :version=>'0.2.9'}]
-    expect(@check.vuln?).to    eq(true)
-  end
-  it "doesn't fire if not vulnerable 0.4.0 version is found" do
-    @check.dependencies = [{:name=>"this_gem", :version=>'0.4.0'}]
-    expect(@check.vuln?).to    eq(false)
-  end
-
-  it "fires if vulnerable 1.3.2 version is found" do
-    @check.dependencies = [{:name=>"this_gem", :version=>'1.3.2'}]
-    expect(@check.vuln?).to    eq(true)
-  end
-
-  it "doesn't fire if not vulnerable 1.4.2 version is found" do
-    @check.dependencies = [{:name=>"this_gem", :version=>'1.4.2'}]
-    expect(@check.vuln?).to    eq(false)
-  end
-
-  it "doesn't fires when a non vulnerable version is found and there is a fixed version with higher minor release but I asked to honor the minor version (useful with rails gem)" do
-    @check.dependencies = [{:name=>"this_gem", :version=>'2.3.3'}]
-    @check.save_minor = true
-    expect(@check.vuln?).to    eq(false)
-  end
-  it "fires when a vulnerable version (2.3.2) is found even if I asked to save minors..." do
-    @check.dependencies = [{:name=>"this_gem", :version=>'2.3.2'}]
-    @check.save_minor = true
-    expect(@check.vuln?).to    eq(true)
-
-  end
-
-
-end

data/spec/lib/kb/codesake_unsafe_dependency_check_spec.rb

@@ -1,29 +0,0 @@
-require 'spec_helper'
-
-
-describe "The security check for gem unsafe dependency should" do
-  before(:all) do
-    @check =  YAML.load_file("./spec/lib/kb/dependency_check.yml")
-    @check.debug=true
-    puts @check.vulnerable_version_array
-  end
-
-  it "fires if vulnerable 0.5.0 version is detected" do
-    @check.dependencies = [{:name=>"acme-gem", :version=>'0.5.0'}]
-    expect(@check.vuln?).to    eq(true)
-  end
-  it "fires if vulnerable 1.3.2 version is found" do
-    @check.dependencies = [{:name=>"acme-gem", :version=>'1.3.2'}]
-    expect(@check.vuln?).to    eq(true)
-  end
-
-  it "fires if vulnerable 3.4.0 version is found" do
-    @check.dependencies = [{:name=>"acme-gem", :version=>'3.4.0'}]
-    expect(@check.vuln?).to    eq(true)
-  end
-
-  it "doesn't fire if not vulnerable 3.0.0 version is found" do
-    @check.dependencies = [{:name=>"acme-gem", :version=>'3.0.0'}]
-    expect(@check.vuln?).to    eq(false)
-  end
-end