dependagrab 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGE_LOG.md +4 -0
- data/Gemfile.lock +4 -4
- data/dependagrab.gemspec +1 -1
- data/lib/dependagrab/cli.rb +2 -1
- data/lib/dependagrab/file_writer.rb +3 -1
- data/lib/dependagrab/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 97c5ed1d93d9ee5cf650113f3702798630a24f54c070982f557ced50efc8c571
|
|
4
|
+
data.tar.gz: 368187d2ca1f4ed0c69d1b4ea861df11f10141f7ddf2cd37407bc7555399174a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bf485732f452a2a4984a41523fac4d60d5ed271bf127d8d49e4ed1b40f547e25566f2eb68de20a52e0f23b042ad4cdb05e47d5516e7d74cdbdb45ea8e790f946
|
|
7
|
+
data.tar.gz: 8a2462a187216622cc0541f18b7ee6ba0bd0c66fcc8bc32c1b05322ea9df27354bc8247892abd4c54f61f79de63c662d614bf24755e0b433aa48162de28995e1
|
data/CHANGE_LOG.md
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
dependagrab (0.1.
|
|
4
|
+
dependagrab (0.1.4)
|
|
5
5
|
graphql-client (= 0.17.0)
|
|
6
6
|
|
|
7
7
|
GEM
|
|
@@ -46,14 +46,14 @@ GEM
|
|
|
46
46
|
zeitwerk (2.5.1)
|
|
47
47
|
|
|
48
48
|
PLATFORMS
|
|
49
|
-
|
|
49
|
+
x86_64-linux
|
|
50
50
|
|
|
51
51
|
DEPENDENCIES
|
|
52
|
-
bundler (~>
|
|
52
|
+
bundler (~> 2.2)
|
|
53
53
|
dependagrab!
|
|
54
54
|
pry (~> 0.14)
|
|
55
55
|
rake (~> 10.0)
|
|
56
56
|
rspec (~> 3.0)
|
|
57
57
|
|
|
58
58
|
BUNDLED WITH
|
|
59
|
-
|
|
59
|
+
2.2.32
|
data/dependagrab.gemspec
CHANGED
|
@@ -39,7 +39,7 @@ Gem::Specification.new do |spec|
|
|
|
39
39
|
spec.require_paths = ["lib", "static"]
|
|
40
40
|
|
|
41
41
|
spec.add_dependency "graphql-client", "0.17.0"
|
|
42
|
-
spec.add_development_dependency "bundler", "~>
|
|
42
|
+
spec.add_development_dependency "bundler", "~> 2.2"
|
|
43
43
|
spec.add_development_dependency "rake", "~> 10.0"
|
|
44
44
|
spec.add_development_dependency "rspec", "~> 3.0"
|
|
45
45
|
spec.add_development_dependency "pry", "~> 0.14"
|
data/lib/dependagrab/cli.rb
CHANGED
|
@@ -56,7 +56,8 @@ module Dependagrab
|
|
|
56
56
|
puts "#{result[:alerts].count} dependency warnings written to '#{options.fetch(:output)}'"
|
|
57
57
|
rescue => e
|
|
58
58
|
STDERR.puts "Failed to write file '#{options.fetch(:output)}'"
|
|
59
|
-
STDERR.puts e.message
|
|
59
|
+
STDERR.puts "#{e.message} (set DEBUG=true for detailed backtrace)"
|
|
60
|
+
STDERR.puts e.backtrace if ENV['DEBUG']
|
|
60
61
|
exit 1
|
|
61
62
|
end
|
|
62
63
|
else
|
|
@@ -44,6 +44,8 @@ module Dependagrab
|
|
|
44
44
|
# Converts an alert into a ThreadFix finding format
|
|
45
45
|
#
|
|
46
46
|
def parse_threadfix_finding(alert)
|
|
47
|
+
cwe = alert[:cwe][4..] if alert[:cwe]
|
|
48
|
+
|
|
47
49
|
{
|
|
48
50
|
nativeId: alert[:id],
|
|
49
51
|
severity: alert[:severity].gsub("MODERATE", "MEDIUM"),
|
|
@@ -62,7 +64,7 @@ module Dependagrab
|
|
|
62
64
|
mappings: [
|
|
63
65
|
{
|
|
64
66
|
mappingType: "CWE",
|
|
65
|
-
value:
|
|
67
|
+
value: cwe,
|
|
66
68
|
}
|
|
67
69
|
]
|
|
68
70
|
}
|
data/lib/dependagrab/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependagrab
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dave Elliott
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-12-
|
|
11
|
+
date: 2021-12-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: graphql-client
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '2.2'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '2.2'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rake
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -133,7 +133,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
133
133
|
- !ruby/object:Gem::Version
|
|
134
134
|
version: '0'
|
|
135
135
|
requirements: []
|
|
136
|
-
rubygems_version: 3.
|
|
136
|
+
rubygems_version: 3.2.32
|
|
137
137
|
signing_key:
|
|
138
138
|
specification_version: 4
|
|
139
139
|
summary: Utility for extracting dependency warnings from GitHub
|