dawnscanner 2.0.0.rc1 → 2.0.0.rc2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fedb521a49d75d72343489c68b9871fea0df9de953a3907dbe57e1ca375d5f65
-  data.tar.gz: b1e3c420155adf6c0ed829fad272970bca0c17245fcfea1da38ebd2f69d6043c
+  metadata.gz: 2b6bee4d3b7a5f1fd9189a556dccfe88631e1eed526de637cc0d74dbecea9a71
+  data.tar.gz: f8ad2cf91ce1e212abcfd9732534512aa54794512853f8a200a6d8d0396d5c53
 SHA512:
-  metadata.gz: f5f5496969dd2f55cde87c9156e2d4ee55b70516af1b73a08fad3b8c140ad008c77cfb12d701229539ef430caabb4cbfc4cd27413ebe13c4d19d38de8ca87b59
-  data.tar.gz: 0727f9f752bbb2f99e977ae893cafd765fe602241894a793bfe8000e5327f92932059669313ed7bb0c167b9102d60afc4f3cdfaf229d702f42c750e828eb4b90
+  metadata.gz: 547d98cc3af2c146a7ad987e98c9b67f1f6f7237a669ed509dc08bbbc885d4c4638598b683624ce9efd627e70c6500d42f5d11204caa45a9c3f916a44c863ac5
+  data.tar.gz: b75df8fc99cee42cba08919c7a56ff4eb41e1b0c234502f779d5957ab40efde8f4bbd5ef1c562cc113dee4489d8c718fccb615dc2bf3688526b832c2c6bc9e28

data/Changelog.md

@@ -14,6 +14,9 @@ _latest update: mer 28 nov 2018, 11.03.53, CET_
   invoke dawn the right way or use the 'dawn help' command
 * Added a new debug\_verbosely API for engines and checks
 * Removed rake osvdb[name] and rake cve[name] tasks
+* Adding telemetry
+* Dawn::Utils include refactory. Now it's available application wide
+* debug information refactory. 
 
 ## Version 1.6.9 - codename: Tow Mater (2018-11-28)
 

data/README.md

@@ -12,6 +12,15 @@ box:
 * [Sinatra](http://www.sinatrarb.com)
 * [Padrino](http://www.padrinorb.com)
 
+## Quick update from April, 2019
+
+We just released version 2.0.0 release candidate 1 with a YAML powered revamped
+knowledge base. Please note that dawnscanner will include a telemetry facility
+sending a POST  on https://dawnscanner.org/telemetry with an application id and
+some information about version and knowledge base.
+
+We won't now and ever collect your source code on our side.
+
 ## Quick update from November, 2018
 
 As you can see dawnscanner is on hold since more then an year. Sorry for that.

data/VERSION

@@ -12,4 +12,4 @@
 # |   "Guido"       |  x.x.0  |
 # |   "Luigi"       |  x.x.0  |
 # | "Doc Hudson"    |  x.x.0  |
-2.0.0.rc1 - Finn McMissile
+2.0.0.rc2 - Finn McMissile

data/bin/dawn

@@ -19,215 +19,22 @@ VALID_OUTPUT_FORMAT   = %w(console json csv html)
 
 require 'logger'
 $logger = Logger.new(STDOUT)
-$logger.datetime_format = '%Y-%m-%d %H:%M:%S'
+$logger.formatter = proc do |severity, datetime, progname, msg|
+    date_format = datetime.strftime("%Y-%m-%d %H:%M:%S")
+    if severity == "INFO" or severity == "WARN"
+        "[#{date_format}] #{severity}  (dawn): #{msg}\n"
+    else        
+        "[#{date_format}] #{severity} (dawn): #{msg}\n"
+    end
+end
 
 engine  = nil
 $debug=false
 $verbose=false
 
 
-options = Dawn::Core.read_conf(Dawn::Core.find_conf(true))
 check = ""
 guess = {:name=>"", :version=>"", :connected_gems=>[]}
 
 Dawn::Cli::DawnCli.start
-$logger.bye
 Kernel.exit(0)
-
-###############################################################################
-# CLI argument start.
-#
-# Refactoring is necessary here
-###############################################################################
-begin
-opts.each do |opt, val|
-  case opt
-  when '--version'
-    puts "#{Dawn::VERSION} [#{Dawn::CODENAME}]"
-    Kernel.exit(0)
-  when '--config-file'
-    options = Dawn::Core.read_conf(val)
-  when '--disable-cve-bulletins'
-    options[:enabled_checks].delete(:bulletin)
-  when '--disable-code-quality'
-    options[:enabled_checks].delete(:code_quality)
-  when '--disable-code-style'
-    options[:enabled_checks].delete(:code_style)
-  when '--disable-owasp-ror-cheatsheet'
-    options[:enabled_checks].delete(:owasp_ror_cheatsheet)
-  when '--disable-owasp-top-10'
-    options[:enabled_checks].delete(:owasp_top_10_1)
-    options[:enabled_checks].delete(:owasp_top_10_2)
-    options[:enabled_checks].delete(:owasp_top_10_3)
-    options[:enabled_checks].delete(:owasp_top_10_4)
-    options[:enabled_checks].delete(:owasp_top_10_5)
-    options[:enabled_checks].delete(:owasp_top_10_6)
-    options[:enabled_checks].delete(:owasp_top_10_7)
-    options[:enabled_checks].delete(:owasp_top_10_8)
-    options[:enabled_checks].delete(:owasp_top_10_9)
-    options[:enabled_checks].delete(:owasp_top_10_10)
-  when '--list-known-families'
-    printf "Dawn supports following check families:\n\n"
-    puts Dawn::Kb::BasicCheck.families
-    Kernel.exit(0)
-  when '--json'
-    options[:output] = "json"
-  when '--console'
-    options[:output] = "console"
-  when '--tabular'
-    options[:output] = "tabular"
-  when '--ascii-tabular-report'
-    $logger.warn "--ascii-tabular-report' it has been deprecated. It will be removed in version 2.0.0. Please use '--tabular' instead"
-    options[:output] = "tabular"
-  when '--html'
-    options[:output] = "html"
-  when '--file'
-    options[:filename] = val
-  when '--gem-lock'
-    options[:gemfile_scan] = true
-    $logger.warn "--gem-lock flag it has been deprecated. It will be removed in version 2.0.0. Please use '--dependencies' instead"
-    unless val.empty?
-      options[:gemfile_name] = val
-      guess = Dawn::Core.guess_mvc(val)
-    end
-  when '--dependencies'
-    options[:gemfile_scan] = true
-    unless val.empty?
-      options[:gemfile_name] = val
-      guess = Dawn::Core.guess_mvc(val)
-    end
-
-  when '--verbose'
-    options[:verbose]=true
-  when '--count-only'
-    options[:output] = "count"
-  when '--debug'
-    options[:debug] = true
-  when '--exit-on-warn'
-    options[:exit_on_warn] = true
-
-  when '--search-knowledge-base'
-    found = Dawn::KnowledgeBase.find(nil, val)
-    puts "#{val} found in knowledgebase." if found
-    puts "#{val} not found in knowledgebase" if ! found
-    Kernel.exit(0)
-  when '--list-scan-registry'
-    puts "#{APPNAME} scan registry\n\n"
-    Dawn::Registry.dump
-    Kernel.exit(0)
-
-  when '--list-knowledge-base'
-    Dawn::KnowledgeBase.dump(options[:verbose])
-    Kernel.exit(0)
-  when '--list-known-framework'
-    puts "Ruby MVC framework supported by #{APPNAME}:"
-    LIST_KNOWN_FRAMEWORK.each do |mvc|
-      puts "* #{mvc}"
-    end
-    Kernel.exit(0)
-  when '--help'
-    Kernel.exit(Dawn::Core.help)
-  end
-end
-rescue GetoptLong::InvalidOption => e
-  $logger.helo APPNAME, Dawn::VERSION
-  $logger.error e.message
-  Kernel.exit(Dawn::Core.help)
-end
-###############################################################################
-# CLI argument stop
-###############################################################################
-
-target=ARGV.shift
-
-target = File.expand_path(".") if target == "."
-
-
-## It will be migrated to active record in 2019
-# r = Dawn::Registry.new
-
-# unless Dir.exist?(Dawn::Core.registry_db_folder)
-  # FileUtils.mkdir_p(Dawn::Core.registry_db_folder)
-  # $logger.info "#{Dawn::Core.registry_db_folder} created" if Dir.exist?(Dawn::Core.registry_db_folder)
-# end
-
-trap("INT") { $logger.die('[INTERRUPTED]') }
-$logger.die("missing target") if target.nil? && options[:gemfile_name].empty?
-$logger.die("invalid directory (#{target})") if options[:gemfile_name].empty?  &&! Dawn::Core.is_good_target?(target)
-$logger.debug("security check enabled: #{options[:enabled_checks]}") if options[:debug]
-
-## MVC auto detect.
-
-# Skipping MVC autodetect if it's already been done by guess_mvc when choosing
-# Gemfile.lock scan
-
-unless options[:gemfile_scan]
-  begin
-    engine = Dawn::Core.detect_mvc(target)
-    $logger.debug("using #{engine.class.name} engine via autodect") if options[:debug]
-  rescue ArgumentError => e
-    # r.do_save({:target=>File.basename(target), :scan_started=>DateTime.now, :scan_duration => 0, :issues_found=> -1, :output_dir=> "", :message=>e.message, :scan_status=>:failed})
-    $logger.die(e.message)
-  end
-else
-  engine = Dawn::GemfileLock.new(target, options[:gemfile_name], guess) # if options[:gemfile_scan]
-end
-
-
-if engine.nil?
-  $logger.error("MVC detection failure. Please open an issue at https://github.com/thesp0nge/dawnscanner/issues")
-  # r.do_save({:target=>File.basename(target), :message=>"MVC detection failure. Please open an issue at https://github.com/thesp0nge/dawnscanner/issues", :scan_status=>:failed})
-  $logger.die('ruby framework auto detect failed.')
-end
-## end MVC auto detect.
-
-if options[:exit_on_warn]
-  Kernel.at_exit do
-    if engine.count_vulnerabilities != 0
-      Kernel.exit(engine.count_vulnerabilities)
-    end
-  end
-end
-
-if options[:debug]
-  $logger.warn "putting engine in debug mode"
-  engine.debug = true
-end
-
-$logger.warn "this is a development Dawn version" if Dawn::RELEASE == "(development)"
-
-if engine.nil?
-  # r.do_save({:target=>File.basename(target), :message=>"missing target framework option", :scan_status=>:failed})
-  $logger.die "missing target framework option"
-end
-
-if ! options[:gemfile_scan] && ! engine.can_apply?
-  # r.do_save({:target=>File.basename(target), :message=>"nothing to do on #{target}", :scan_status=>:failed})
-  $logger.die "nothing to do on #{target}"
-end
-
-engine.load_knowledge_base(options[:enabled_checks])
-ret = engine.apply_all
-
-if options[:output] == "count"
-  STDERR.puts (ret)? engine.vulnerabilities.count : "-1" unless options[:output] == "json"
-  STDERR.puts (ret)? {:status=>"OK", :vulnerabilities_count=>engine.count_vulnerabilities}.to_json : {:status=>"KO", :vulnerabilities_count=>-1}.to_json if options[:output] == "json"
-
-  # r.do_save({:target=>engine.target, :scan_started=>engine.scan_start, :scan_duration => engine.scan_time.round(3), :issues_found=>engine.vulnerabilities.count, :output_dir=>engine.output_dir_name, :scan_status=>:completed})
-  $logger.bye
-  Kernel.exit(0)
-end
-
-Dawn::Reporter.new({:engine=>engine, :apply_all_code=>ret, :format=>options[:output].to_sym, :filename=>options[:filename]}).report
-#if (r.do_save({:target=>File.basename(engine.target),
-#           :scan_started=>engine.scan_start,
-#           :scan_duration => engine.scan_time.round(3),
-#           :issues_found=>engine.vulnerabilities.count,
-#           :output_dir=>engine.output_dir_name,
-#           :scan_status=>:completed}))
-#  $logger.info "#{Dawn::Core.registry_db_name} updated with scan infos"
-#else
-#  r.errors.each do |error|
-#    $logger.error error
-#  end
-#end

data/checksum/dawnscanner-2.0.0.rc1.gem.sha1

@@ -0,0 +1 @@
+04dc5b15006b4ee5912b789160756c57b4c9036a

data/lib/dawn/cli/dawn_cli.rb

@@ -1,4 +1,5 @@
 require 'thor'
+require 'dawn/utils'
 
 module Dawn
   module Cli
@@ -6,6 +7,7 @@ module Dawn
     # This class is responsible for the "dawn kb" command and related
     # subcommands.
     class Kb < Thor
+      package_name "dawnscanner"
       desc "search", "Searches the knowledge base for a given security test"
       def search(string)
         kb = Dawn::KnowledgeBase.instance
@@ -19,14 +21,13 @@ module Dawn
         Dawn::KnowledgeBase.enabled_checks=[:bulletin, :generic_check]
         kb = Dawn::KnowledgeBase.instance
         kb.load
+        if kb.security_checks.empty?
+          $logger.error(kb.error)
+        end
+        
+        $logger.info("" + kb.security_checks.count.to_s + " security checks loaded")
         if kb.is_packed?
           $logger.error "The knowledge base is packed. It must be unpacked with the 'unpack' command before it can be used" 
-        else
-          if kb.is_valid?
-            $logger.info "Good Knowledge base found"
-          else
-            $logger.error "Invalid knowledge base found"
-          end
         end
         $logger.bye
         Kernel.exit(0)
@@ -34,7 +35,9 @@ module Dawn
     end
 
     class DawnCli < Thor
+      package_name "dawnscanner"
       class_option :verbose, :type=>:boolean
+      class_option :debug, :type=>:boolean
 
       map %w[--version -v] => :__print_version
 
@@ -48,16 +51,14 @@ module Dawn
       subcommand "kb", Dawn::Cli::Kb
 
       desc "scan", "scans a folder for security issues"
+      option :config_file
       option :gemfile, :type=>:boolean
       option :exit_on_warn, :type=>:boolean
-      option :debug, :type=>:boolean
-      option :verbose, :type=>:boolean
       option :count, :type=>:boolean
       option :output
 
       def scan(target)
         $logger.helo APPNAME, Dawn::VERSION
-        $logger.debug "scanning #{target}"
         trap("INT") { $logger.die('[INTERRUPTED]') }
 
         $logger.die("invalid directory (#{target})") unless Dawn::Core.is_good_target?(target)
@@ -65,7 +66,19 @@ module Dawn
         $debug = true if options[:debug]
         $verbose = true if options[:verbose]
 
-        
+        debug_me("scanning #{target}")
+
+        $config_file= Dawn::Core.find_conf(true) if options[:config_file].nil?
+        $config = Dawn::Core.read_conf($config_file)
+
+        $telemetry_url = $config[:telemetry][:endpoint] if $config[:telemetry][:enabled]
+        debug_me("telemetry url is " + $telemetry_url) unless @telemetry_url.nil?
+        $telemetry_id = $config[:telemetry][:id] if $config[:telemetry][:enabled]
+
+        debug_me("telemetry id is " + $telemetry_id) unless @telemetry_id.nil?
+        $logger.info("telemetry is disabled in config file") unless $config[:telemetry][:enabled]
+ 
+        engine = Dawn::Core.detect_mvc(target) unless options[:gemfile]
         engine = Dawn::GemfileLock.new(target) if options[:gemfile]
 
         if engine.nil?
@@ -83,17 +96,17 @@ module Dawn
 
       
         engine.load_knowledge_base
+        
         ret = engine.apply_all
         if options[:output]
           STDERR.puts (ret)? engine.vulnerabilities.count : "-1" unless options[:output] == "json"
           STDERR.puts (ret)? {:status=>"OK", :vulnerabilities_count=>engine.count_vulnerabilities}.to_json : {:status=>"KO", :vulnerabilities_count=>-1}.to_json if options[:output] == "json"
-
-          # r.do_save({:target=>engine.target, :scan_started=>engine.scan_start, :scan_duration => engine.scan_time.round(3), :issues_found=>engine.vulnerabilities.count, :output_dir=>engine.output_dir_name, :scan_status=>:completed})
           $logger.bye
           Kernel.exit(0)
         end
 
         Dawn::Reporter.new({:engine=>engine, :apply_all_code=>ret}).report
+        $logger.bye
 
         Kernel.exit(0)
 

data/lib/dawn/core.rb

@@ -112,6 +112,7 @@ module Dawn
         fn = p + conf_name if p.start_with?('/')
         # if outside $HOME the config file must be hidden
         fn = File.expand_path(p) + '/.'+conf_name if ! p.start_with?('/')
+        debug_me("found a config file: " + fn) if File.exist?(fn)
         return fn if File.exist?(fn)
       end
 
@@ -122,7 +123,7 @@ module Dawn
 
       # If create_if_none flag is set to true, than I'll create a config file
       # on the current directory with the default configuration.
-      conf = {"config"=>{:verbose=>false, :output=>"tabular", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Dawn::Kb::BasicCheck::ALLOWED_FAMILIES}}
+      conf = {:verbose=>false, :output=>"tabular", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Dawn::Kb::BasicCheck::ALLOWED_FAMILIES}
 
       # Calculate the conf file path
       conf_path = File.expand_path('~') +'/.'+conf_name
@@ -131,6 +132,7 @@ module Dawn
       File.open(conf_path, 'w') do |f|
         rv = f.write(YAML.dump(conf))
       end
+      debug_me(conf_path)
 
       conf_path
     end
@@ -138,6 +140,7 @@ module Dawn
     def self.read_conf(file=nil)
       conf = {:verbose=>false, :output=>"tabular", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Dawn::Kb::BasicCheck::ALLOWED_FAMILIES}
       begin
+        debug_me("returning a default config") if file.nil? or ! File.exist?(file)
         return conf if file.nil?
         file = file.chop if (not file.nil? and file.end_with? '/')
         return conf if ! File.exist?(file)
@@ -146,9 +149,9 @@ module Dawn
         return conf
       end
 
-      c = YAML.load_file(file)
+      cf = YAML.load_file(file)
 
-      cf = c["config"]
+      tm = cf[:telemetry]
       cc = cf[:enabled_checks]
 
       # TODO
@@ -157,6 +160,7 @@ module Dawn
       conf[:debug] = cf["debug"] unless cf["debug"].nil?
       conf[:output] = cf["output"] unless cf["output"].nil?
       conf[:enabled_checks] = cc unless cc.nil?
+      conf[:telemetry] = tm unless tm.nil?
 
       return conf
     end

data/lib/dawn/engine.rb

@@ -1,9 +1,11 @@
+require 'net/http'
+require 'json'
+require 'socket'
 # Statistics stuff
 # require 'code_metrics/statistics'
 
 module Dawn
   module Engine
-    include Dawn::Utils
 
     attr_reader :target
     attr_reader :name
@@ -66,6 +68,9 @@ module Dawn
       @gemfile_lock_sudo = false
 
       set_target(dir) unless dir.nil?
+
+      
+
       @ruby_version = get_ruby_version if dir.nil?
       @gemfile_lock = options[:gemfile_name] unless options[:gemfile_name].nil? 
 
@@ -106,6 +111,8 @@ module Dawn
       # load_knowledge_base
     end
 
+    
+
     def detect_views
       []
     end
@@ -264,6 +271,8 @@ module Dawn
     # otherwise
     def apply(name)
 
+      telemetry
+
       # FIXME.20140325
       # Now if no checks are loaded because knowledge base was not previously called, apply and apply_all proudly refuse to run.
       # Reason is simple, load_knowledge_base now needs enabled check array
@@ -285,10 +294,57 @@ module Dawn
       false
     end
 
+    def have_a_telemetry_id?
+      debug_me ($telemetry_id != ""  and ! $telemetry_id.nil?)
+      return ($telemetry_id != ""  and ! $telemetry_id.nil?)
+      
+    end
+
+    def get_a_telemetry_id
+      return "" if ($telemetry_url == "" or $telemetry_url.nil?)
+      debug_me("T: " + $telemetry_url)
+
+      url = URI.parse($telemetry_url+"/new")
+      res = Net::HTTP.get_response(url)
+
+      return "" unless res.code.to_i == 200
+      return JSON.parse(res.body)["uuid"]
+    end
+
+    def telemetry
+      unless have_a_telemetry_id?
+        $telemetry_id = get_a_telemetry_id
+        $config[:telemetry][:id] = $telemetry_id
+        debug_me($config)
+        debug_me("saving config to " + $config_name)
+        File.open($config_name, 'w') { |f| f.write $config.to_yaml }
+      end
+
+      debug_me("Telemetry ID is: " + $telemetry_id)
+      
+      uri=URI.parse($telemetry_url+"/"+$telemetry_id)
+      header = {'Content-Type': 'text/json'}
+      tele = { "kb_version" => Dawn::KnowledgeBase::VERSION , 
+               "ip" => Socket.ip_address_list.detect{|intf| intf.ipv4_private?}.ip_address, 
+               "message"=> Dawn::KnowledgeBase
+            }
+      http = Net::HTTP.new(uri.host, uri.port)
+      request = Net::HTTP::Post.new(uri.request_uri, header)
+      request.body = tele.to_json
+
+      response=http.request(request)
+      debug_me(response.inspect)
+
+      return true
+      
+    end
+
     def apply_all
       @scan_start = Time.now
       debug_me("SCAN STARTED: #{@scan_start}")
 
+      telemetry
+
       # FIXME.20140325
       # Now if no checks are loaded because knowledge base was not previously called, apply and apply_all proudly refuse to run.
       # Reason is simple, load_knowledge_base now needs enabled check array

data/lib/dawn/kb/basic_check.rb

@@ -4,8 +4,6 @@ module Dawn
   module Kb
     module BasicCheck
 
-      include Dawn::Utils
-
       attr_reader :title
       attr_reader :name
       attr_reader :cve

data/lib/dawn/knowledge_base.rb

@@ -56,11 +56,10 @@ module Dawn
   #
   # Last update: gio 29 nov 2018, 17.34.57, CET
   class KnowledgeBase
-    include Dawn::Utils
     include Singleton
 
     @@path = ""
-    @@error = ""
+    @error = ""
     @@enabled_checks = [:generic_check, :code_quality, :bulletin, :code_style, :owasp_top_10]
 
 
@@ -80,6 +79,7 @@ module Dawn
     attr_reader :security_checks
     attr_reader :descriptor
     attr_reader :path
+    attr_reader :error
 
     def initialize(options={})
       if $logger.nil?
@@ -90,7 +90,7 @@ module Dawn
       @path=@@path
       @enabled_checks = @@enabled_checks
 
-      $logger.debug "KB root path is #{@path}"
+      debug_me "KB root path is #{@path}"
     end
 
     def self.enabled_checks= checks
@@ -112,7 +112,7 @@ module Dawn
 
 
     def find(name)
-      $logger.debug "I'm asked to find #{name}"
+      debug_me "I'm asked to find #{name}"
     end
 
     def unpack
@@ -158,12 +158,12 @@ module Dawn
       # $path = File.join(Dir.pwd, "db")
 
       unless __valid?
-        @@error = "An invalid library it has been found. Please use --recovery flag to force fresh install from dawnscanner.org"
+        @error = "An invalid library it has been found. Please use --recovery flag to force fresh install from dawnscanner.org"
         return []
       end
 
       unless __load?
-        @@error = "The library must be consumed with dawnscanner up to v#{@descriptor[:kb][:api]}. You are using dawnscanner v#{Dawn::VERSION}"
+        @error = "The library must be consumed with dawnscanner up to v#{@descriptor[:kb][:api]}. You are using dawnscanner v#{Dawn::VERSION}"
         return []
       end
 
@@ -187,7 +187,7 @@ module Dawn
 
       end
 
-      $logger.debug "#{@security_checks.count}"
+      debug_me "#{@security_checks.count}"
       return @security_checks
     end
 
@@ -236,7 +236,7 @@ module Dawn
 
       v = __verify_hash(hash_orig, hash_file)
       if v
-        $logger.info("good kb.yaml file found. Reading knowledge base descriptor")
+        debug_me("good kb.yaml file found. Reading knowledge base descriptor")
         @descriptor = YAML.load(lines)
       else
         $logger.error("kb.yaml signature mismatch. Found #{hash_file} while expecting #{hash_orig}. Giving up")
@@ -263,7 +263,7 @@ module Dawn
       require "dawn/kb/version_check"
 
       vc = Dawn::Kb::VersionCheck.new
-      return true if vc.is_higher?(api, v) # => true if v > api
+      return true if vc.is_higher?(v, api) # => true if v > api
       return false
     end
 

data/lib/dawn/version.rb

@@ -1,7 +1,7 @@
 module Dawn
-  VERSION = "2.0.0.rc1"
-  CODENAME = "Finn McMissile"
-  RELEASE = "(development)"
-  BUILD = "7"
-  COMMIT = "g653723d"
+  VERSION = "2.0.0.rc2"
+    CODENAME = "Finn McMissile"
+    RELEASE = "(development)"
+    BUILD = "4"
+    COMMIT = "g95c13be"
 end

data/lib/dawnscanner.rb

@@ -1,4 +1,3 @@
-require "dawn/utils"
 require "dawn/core"
 require "dawn/version"
 require "dawn/rails"
@@ -12,6 +11,7 @@ require "dawn/cli/dawn_cli"
 
 # KB 
 require "dawn/knowledge_base"
-# Datamapper classes
-#require 'data_mapper'
-#require "dawn/registry"
+
+# General purpose utilities
+require "dawn/utils"
+include Dawn::Utils

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dawnscanner
 version: !ruby/object:Gem::Version
-  version: 2.0.0.rc1
+  version: 2.0.0.rc2
 platform: ruby
 authors:
 - Paolo Perego
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-09 00:00:00.000000000 Z
+date: 2019-04-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cvss
@@ -287,6 +287,7 @@ files:
 - checksum/dawnscanner-1.6.6.gem.sha1
 - checksum/dawnscanner-1.6.7.gem.sha1
 - checksum/dawnscanner-1.6.8.gem.sha1
+- checksum/dawnscanner-2.0.0.rc1.gem.sha1
 - code_of_conduct.md
 - dawnscanner.gemspec
 - doc/change.sh