dependagrab 0.1.5 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGE_LOG.md +4 -0
- data/Dockerfile +1 -1
- data/Gemfile.lock +1 -1
- data/README.md +38 -7
- data/Rakefile +11 -0
- data/bin/dependagrab +8 -1
- data/lib/dependagrab/cli.rb +11 -2
- data/lib/dependagrab/file_writer.rb +1 -1
- data/lib/dependagrab/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7e32432885a4421f53fc65a7ffca2b8fef05e8738088b437eb8e9aa9a98d8f0b
|
|
4
|
+
data.tar.gz: 8cbbc87b9c80d5a81a6f3fe36a9758e57d43e60ac2fb1aecc291ac11b712962a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b41b50249738a6d4df018e21f4f64c69eb7e1f052be98d5cad399202e66e97a4734db2d3da359f43fe60b058b817b3cbb9c3483efad37ef70d6fc09c697d5b77
|
|
7
|
+
data.tar.gz: 0ba5284cde0e3291400001ae6137a50529da56ea758b8d309cfc48f6a7b4f6cad713b8f36234113209da5533b9e765e077811bceb83f2b877ba39970cbb9acfc
|
data/CHANGE_LOG.md
CHANGED
data/Dockerfile
CHANGED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -1,26 +1,57 @@
|
|
|
1
1
|
# Dependagrab
|
|
2
|
+
Utility for extracting dependency warnings from GitHub
|
|
3
|
+
|
|
4
|
+
[](https://badge.fury.io/rb/dependagrab)
|
|
2
5
|
|
|
3
|
-
Tool for extracting GitHub dependency warnings and converting it into a ThreadFix compatible file
|
|
4
6
|
|
|
5
7
|
## Installation
|
|
6
8
|
|
|
7
|
-
|
|
9
|
+
*with ruby*
|
|
10
|
+
```bash
|
|
11
|
+
$ gem install dependagrab
|
|
12
|
+
#=> Fetching dependagrab-0.1.6.gem
|
|
13
|
+
#=> Successfully installed dependagrab-0.1.6
|
|
14
|
+
#=> 1 gem installed
|
|
15
|
+
```
|
|
8
16
|
|
|
9
|
-
|
|
17
|
+
*with docker*
|
|
18
|
+
```bash
|
|
19
|
+
$ docker pull ddazza/dependagrab:latest
|
|
20
|
+
```
|
|
21
|
+
|
|
22
|
+
### Configure
|
|
23
|
+
[Setup a GitHub access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)
|
|
24
|
+
```bash
|
|
25
|
+
export GITHUB_API_TOKEN=<token>
|
|
26
|
+
```
|
|
10
27
|
|
|
11
28
|
## Usage
|
|
12
29
|
|
|
13
|
-
|
|
30
|
+
*with ruby*
|
|
31
|
+
```bash
|
|
32
|
+
# Usage: dependagrab <REPO> [Options]
|
|
33
|
+
# e.g. dependagrab DDAZZA/foo
|
|
14
34
|
|
|
15
|
-
|
|
16
|
-
|
|
35
|
+
# or to write to a file
|
|
36
|
+
dependagrab DDAZZA/foo --output ./foo.json
|
|
37
|
+
#=> 3 dependency warnings written to './foo.json'
|
|
38
|
+
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
*with docker*
|
|
42
|
+
```bash
|
|
43
|
+
docker run --rm --env GITHUB_API_TOKEN --volume `pwd`:/output \
|
|
44
|
+
ddazza/dependagrab:latest DDAZZA/foo --output /output/foo.json
|
|
45
|
+
#=> 3 dependency warnings written to '/output/foo.json'
|
|
46
|
+
```
|
|
17
47
|
|
|
18
48
|
## Development
|
|
19
49
|
|
|
20
50
|
```
|
|
21
51
|
$ git clone https://github.com/DDAZZA/dependagrab.git
|
|
22
52
|
$ bundle install
|
|
23
|
-
$
|
|
53
|
+
$ bundle exec rake install
|
|
54
|
+
$ dependagrab --help
|
|
24
55
|
```
|
|
25
56
|
|
|
26
57
|
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
data/Rakefile
CHANGED
|
@@ -4,3 +4,14 @@ require "rspec/core/rake_task"
|
|
|
4
4
|
RSpec::Core::RakeTask.new(:spec)
|
|
5
5
|
|
|
6
6
|
task :default => :spec
|
|
7
|
+
|
|
8
|
+
desc 'build docker image'
|
|
9
|
+
task :build_docker do
|
|
10
|
+
require './lib/dependagrab.rb'
|
|
11
|
+
system("docker build --tag ddazza/dependagrab:#{Dependagrab::VERSION} .")
|
|
12
|
+
system("docker tag ddazza/dependagrab:latest ddazza/dependagrab:#{Dependagrab::VERSION}")
|
|
13
|
+
|
|
14
|
+
puts
|
|
15
|
+
puts "$ docker push ddazza/dependagrab:#{Dependagrab::VERSION}"
|
|
16
|
+
puts "$ docker push ddazza/dependagrab:latest"
|
|
17
|
+
end
|
data/bin/dependagrab
CHANGED
|
@@ -1,4 +1,11 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
require "dependagrab/cli"
|
|
3
3
|
|
|
4
|
-
|
|
4
|
+
begin
|
|
5
|
+
Dependagrab::CLI.start
|
|
6
|
+
rescue SignalException => e
|
|
7
|
+
# exit
|
|
8
|
+
rescue Exception => e
|
|
9
|
+
STDERR.puts "Error: Something went wrong (set DEBUG=true for detailed backtrace)"
|
|
10
|
+
STDERR.puts e.backtrace if ENV['DEBUG']
|
|
11
|
+
end
|
data/lib/dependagrab/cli.rb
CHANGED
|
@@ -26,7 +26,10 @@ module Dependagrab
|
|
|
26
26
|
end
|
|
27
27
|
end
|
|
28
28
|
rescue GetoptLong::Error => e
|
|
29
|
+
STDERR.puts "Error: #{e.message} (set DEBUG=true for detailed backtrace)"
|
|
30
|
+
puts
|
|
29
31
|
print_help
|
|
32
|
+
STDERR.puts e.backtrace if ENV['DEBUG']
|
|
30
33
|
exit 1
|
|
31
34
|
end
|
|
32
35
|
|
|
@@ -42,7 +45,13 @@ module Dependagrab
|
|
|
42
45
|
exit 1
|
|
43
46
|
end
|
|
44
47
|
|
|
45
|
-
|
|
48
|
+
begin
|
|
49
|
+
run(options)
|
|
50
|
+
rescue => e
|
|
51
|
+
STDERR.puts "Error: #{e.message} (set DEBUG=true for detailed backtrace)"
|
|
52
|
+
STDERR.puts e.backtrace if ENV['DEBUG']
|
|
53
|
+
exit 1
|
|
54
|
+
end
|
|
46
55
|
end
|
|
47
56
|
|
|
48
57
|
private
|
|
@@ -56,7 +65,7 @@ module Dependagrab
|
|
|
56
65
|
puts "#{result[:alerts].count} dependency warnings written to '#{options.fetch(:output)}'"
|
|
57
66
|
rescue => e
|
|
58
67
|
STDERR.puts "Failed to write file '#{options.fetch(:output)}'"
|
|
59
|
-
STDERR.puts "#{e.message} (set DEBUG=true for detailed backtrace)"
|
|
68
|
+
STDERR.puts "Error: #{e.message} (set DEBUG=true for detailed backtrace)"
|
|
60
69
|
STDERR.puts e.backtrace if ENV['DEBUG']
|
|
61
70
|
exit 1
|
|
62
71
|
end
|
data/lib/dependagrab/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependagrab
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dave Elliott
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-12-
|
|
11
|
+
date: 2021-12-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: graphql-client
|