dependency_spy 0.1.3

data/lib/dependency_spy/semver.rb

@@ -0,0 +1,71 @@
+# dependency_spy - Finds known vulnerabilities in your dependencies
+# Copyright (C) 2017-2018 Rodrigo Fernandes
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+require 'semantic_range'
+
+module DependencySpy
+
+  class SemVer
+
+    def self.intersects(vor1, vor2)
+      vor1 = parse(vor1) if vor1.is_a?(String)
+      vor2 = parse(vor2) if vor2.is_a?(String)
+
+      if vor1.is_a?(SemanticRange::Range) && vor2.is_a?(SemanticRange::Range)
+        vor1.intersects(vor2)
+      elsif vor1.is_a?(SemanticRange::Range) && vor2.is_a?(SemanticRange::Version)
+        SemanticRange.satisfies(vor2, vor1)
+      elsif vor1.is_a?(SemanticRange::Version) && vor2.is_a?(SemanticRange::Range)
+        SemanticRange.satisfies(vor1, vor2)
+      elsif vor1.is_a?(SemanticRange::Version) && vor2.is_a?(SemanticRange::Version)
+        SemanticRange.eq(vor1, vor2)
+      else
+        vor1 == vor2
+      end
+    end
+
+    class << self
+
+      private
+
+      def parse(version_or_range, loose = false)
+        return version_or_range if version_or_range.is_a?(SemanticRange::Range) ||
+                                   version_or_range.is_a?(SemanticRange::Version)
+
+        begin
+          SemanticRange::Version.new(version_or_range, loose)
+        rescue SemanticRange::InvalidVersion
+          begin
+            SemanticRange::Range.new(version_or_range, loose)
+          rescue SemanticRange::InvalidRange
+            version_or_range
+          end
+        end
+      end
+
+    end
+
+  end
+
+  class ImpossibleComparison < StandardError
+
+    def initialize(msg)
+      @msg = msg
+    end
+
+  end
+
+end

data/lib/dependency_spy/version.rb

@@ -0,0 +1,21 @@
+# dependency_spy - Finds known vulnerabilities in your dependencies
+# Copyright (C) 2017-2018 Rodrigo Fernandes
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+module DependencySpy
+
+  VERSION = '0.1.3'
+
+end

metadata

@@ -0,0 +1,246 @@
+--- !ruby/object:Gem::Specification
+name: dependency_spy
+version: !ruby/object:Gem::Version
+  version: 0.1.3
+platform: ruby
+authors:
+- Rodrigo Fernandes
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-09-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: codacy-coverage
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: rspec-collection_matchers
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.59'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.59'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.29'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.29'
+- !ruby/object:Gem::Dependency
+  name: bibliothecary
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.3'
+- !ruby/object:Gem::Dependency
+  name: semantic_range
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: thor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.20'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.20'
+- !ruby/object:Gem::Dependency
+  name: yavdb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+description: "\n    Finds known vulnerabilities in your dependencies\n    Using rubysec/ruby-advisory-db,
+  snyk.io, ossindex.net, nodesecurity.io\n  "
+email:
+- rodrigo.fernandes@tecnico.ulisboa.pt
+executables:
+- dependency_spy
+- depspy
+extensions: []
+extra_rdoc_files: []
+files:
+- ".circleci/config.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".ruby-version"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- Rakefile
+- bin/console
+- bin/dependency_spy
+- bin/depspy
+- bin/setup
+- dependency_spy.gemspec
+- examples/Gemfile
+- examples/Gemfile.lock
+- examples/npm-shrinkwrap.json
+- examples/package.json
+- examples/yarn.lock
+- lib/dependency_spy.rb
+- lib/dependency_spy/cli.rb
+- lib/dependency_spy/dtos/dependency.rb
+- lib/dependency_spy/formatters/json.rb
+- lib/dependency_spy/formatters/text.rb
+- lib/dependency_spy/formatters/yaml.rb
+- lib/dependency_spy/outputs/file.rb
+- lib/dependency_spy/outputs/stdout.rb
+- lib/dependency_spy/semver.rb
+- lib/dependency_spy/version.rb
+homepage: https://github.com/rtfpessoa/dependency_spy
+licenses:
+- AGPL-3.0+
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.3.7
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2.3
+signing_key: 
+specification_version: 4
+summary: Finds known vulnerabilities in your dependencies
+test_files: []