diffend-monitor 0.2.27

data/lib/diffend/voting/versions/remote.rb

@@ -0,0 +1,216 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'etc'
+
+module Diffend
+  module Voting
+    # Module responsible for handling both local and remote gem versions
+    module Versions
+      # Module responsible for fetching safe/malicious votes
+      # for current or current/new versions of gems
+      module Remote
+        # API version
+        API_VERSION = '0.1'
+        # Platform type ruby
+        PLATFORM_TYPE = 0
+
+        private_constant :API_VERSION, :PLATFORM_TYPE
+
+        class << self
+          # @param command [String] either install or update
+          # @param definition [Bundler::Definition] definition for your source
+          # @param config [OpenStruct] diffend config
+          def call(command, config, definition)
+            payload = payload(command, config.project_id, definition)
+
+            response = Diffend::Request.call(
+              build_request_object(command, config, payload)
+            )
+
+            JSON.parse(response.body)
+          rescue StandardError => e
+            Diffend::HandleErrors::Report.call(
+              exception: e,
+              payload: payload || {},
+              config: config,
+              message: :unhandled_exception,
+              report: true
+            )
+          end
+
+          # @param command [String] either install or update
+          # @param config [OpenStruct] diffend config
+          # @param payload [Hash]
+          #
+          # @return [Diffend::RequestObject]
+          def build_request_object(command, config, payload)
+            Diffend::RequestObject.new(
+              config: config,
+              url: commands_url(command, config.project_id),
+              payload: payload,
+              request_method: :post
+            )
+          end
+
+          # Build diffend, host, packages, and platform specific information
+          #
+          # @param command [String] either install or update
+          # @param project_id [String] diffend project_id
+          # @param definition [Bundler::Definition] definition for your source
+          #
+          # @return [Hash] payload for diffend endpoint
+          def payload(command, project_id, definition)
+            {
+              'diffend' => build_diffend(project_id),
+              'host' => build_host,
+              'packages' => Local.call(command, definition),
+              'platform' => build_platform
+            }.freeze
+          end
+
+          # Build diffend information
+          #
+          # @param project_id [String, nil] diffend project_id
+          #
+          # @return [Hash]
+          def build_diffend(project_id)
+            {
+              'api_version' => API_VERSION,
+              'environment' => build_diffend_environment,
+              'project_id' => project_id,
+              'type' => PLATFORM_TYPE,
+              'version' => Diffend::VERSION
+            }.freeze
+          end
+
+          # Build diffend environment information
+          #
+          # @return [String]
+          def build_diffend_environment
+            ENV['DIFFEND_ENV'] || 'development'
+          end
+
+          # Build platform information
+          #
+          # @return [Hash]
+          def build_platform
+            {
+              'bundler' => {
+                'version' => Bundler::VERSION
+              },
+              'environment' => build_platform_environment,
+              'ruby' => build_platform_ruby,
+              'rubygems' => {
+                'specification_version' => Gem::Specification::CURRENT_SPECIFICATION_VERSION,
+                'version' => Gem::VERSION
+              }
+            }.freeze
+          end
+
+          # Build platform ruby information
+          #
+          # @return [Hash]
+          def build_platform_ruby
+            if defined?(JRUBY_VERSION)
+              revision = JRUBY_REVISION.to_s
+              version = JRUBY_VERSION
+            else
+              revision = RUBY_REVISION.to_s
+              version = RUBY_ENGINE_VERSION
+            end
+
+            {
+              'engine' => RUBY_ENGINE,
+              'patchlevel' => RUBY_PATCHLEVEL,
+              'release_date' => RUBY_RELEASE_DATE,
+              'revision' => revision,
+              'version' => version
+            }
+          end
+
+          # Build platform environment information
+          #
+          # @return [String]
+          def build_platform_environment
+            ENV['RAILS_ENV'] || ENV['RACK_ENV'] || 'development'
+          end
+
+          # Build host information
+          #
+          # @return [Hash]
+          def build_host
+            uname = Etc.uname
+
+            {
+              'command' => build_host_command,
+              'ips' => build_host_ips,
+              'name' => uname[:nodename],
+              'system' => {
+                'machine' => uname[:machine],
+                'name' => uname[:sysname],
+                'release' => uname[:release],
+                'version' => uname[:version]
+              },
+              'tags' => build_host_tags,
+              'user' => Etc.getpwuid(Process.uid).name,
+              'pid' => Process.pid
+            }.freeze
+          end
+
+          # Build host command information
+          #
+          # @return [Hash]
+          def build_host_command
+            {
+              'name' => $PROGRAM_NAME.split('/').last.strip,
+              'options' => ARGV.join(' ')
+            }
+          end
+
+          # Build host ips, except localhost and loopback
+          #
+          # @return [Array<String>]
+          def build_host_ips
+            Socket.ip_address_list.map do |ip|
+              next if ip.ipv4_loopback? || ip.ipv6_loopback? || ip.ipv6_linklocal?
+
+              ip.ip_address
+            end.compact
+          end
+
+          # Build host tags
+          #
+          # @return [Array]
+          def build_host_tags
+            tags = []
+
+            if ENV.key?('GITHUB_ACTIONS')
+              tags << 'ci'
+              tags << 'ci-github'
+            end
+
+            if ENV.key?('CIRCLECI')
+              tags << 'ci'
+              tags << 'ci-circle'
+            end
+
+            tags
+          end
+
+          # Provides diffend command endpoint url
+          #
+          # @param command [String] either install or update
+          # @param project_id [String] diffend project_id
+          #
+          # @return [String] diffend endpoint
+          def commands_url(command, project_id)
+            return ENV['DIFFEND_COMMAND_URL'] if ENV.key?('DIFFEND_COMMAND_URL')
+
+            "https://my.diffend.io/api/projects/#{project_id}/bundle/#{command}"
+          end
+        end
+      end
+    end
+  end
+end

data/plugins.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+require 'diffend'
+
+Diffend.register

data/scripts/generate_payload_for_file.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'byebug'
+require 'diffend'
+
+
+command = 'install'
+project_id = nil
+
+gemfile = ARGV[0]
+lockfile = ARGV[1]
+
+definition = Diffend::BuildBundlerDefinition.call(command, gemfile lockfile)
+
+pp Diffend::Voting::Versions::Remote.payload(command, project_id, definition)

metadata

@@ -0,0 +1,138 @@
+--- !ruby/object:Gem::Specification
+name: diffend-monitor
+version: !ruby/object:Gem::Version
+  version: 0.2.27
+platform: ruby
+authors:
+- Tomasz Pajor
+- Maciej Mensfeld
+autorequire: 
+bindir: bin
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIEODCCAqCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAjMSEwHwYDVQQDDBhtYWNp
+  ZWovREM9bWVuc2ZlbGQvREM9cGwwHhcNMjAwODExMDkxNTM3WhcNMjEwODExMDkx
+  NTM3WjAjMSEwHwYDVQQDDBhtYWNpZWovREM9bWVuc2ZlbGQvREM9cGwwggGiMA0G
+  CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDCpXsCgmINb6lHBXXBdyrgsBPSxC4/
+  2H+weJ6L9CruTiv2+2/ZkQGtnLcDgrD14rdLIHK7t0o3EKYlDT5GhD/XUVhI15JE
+  N7IqnPUgexe1fbZArwQ51afxz2AmPQN2BkB2oeQHXxnSWUGMhvcEZpfbxCCJH26w
+  hS0Ccsma8yxA6hSlGVhFVDuCr7c2L1di6cK2CtIDpfDaWqnVNJEwBYHIxrCoWK5g
+  sIGekVt/admS9gRhIMaIBg+Mshth5/DEyWO2QjteTodItlxfTctrfmiAl8X8T5JP
+  VXeLp5SSOJ5JXE80nShMJp3RFnGw5fqjX/ffjtISYh78/By4xF3a25HdWH9+qO2Z
+  tx0wSGc9/4gqNM0APQnjN/4YXrGZ4IeSjtE+OrrX07l0TiyikzSLFOkZCAp8oBJi
+  Fhlosz8xQDJf7mhNxOaZziqASzp/hJTU/tuDKl5+ql2icnMv5iV/i6SlmvU29QNg
+  LCV71pUv0pWzN+OZbHZKWepGhEQ3cG9MwvkCAwEAAaN3MHUwCQYDVR0TBAIwADAL
+  BgNVHQ8EBAMCBLAwHQYDVR0OBBYEFImGed2AXS070ohfRidiCEhXEUN+MB0GA1Ud
+  EQQWMBSBEm1hY2llakBtZW5zZmVsZC5wbDAdBgNVHRIEFjAUgRJtYWNpZWpAbWVu
+  c2ZlbGQucGwwDQYJKoZIhvcNAQELBQADggGBAKiHpwoENVrMi94V1zD4o8/6G3AU
+  gWz4udkPYHTZLUy3dLznc/sNjdkJFWT3E6NKYq7c60EpJ0m0vAEg5+F5pmNOsvD3
+  2pXLj9kisEeYhR516HwXAvtngboUcb75skqvBCU++4Pu7BRAPjO1/ihLSBexbwSS
+  fF+J5OWNuyHHCQp+kGPLtXJe2yUYyvSWDj3I2//Vk0VhNOIlaCS1+5/P3ZJThOtm
+  zJUBI7h3HgovwRpcnmk2mXTmU4Zx/bCzX8EA6VY0khEvnmiq7S6eBF0H9qH8KyQ6
+  EkVLpvmUDFcf/uNaBQdazEMB5jYtwoA8gQlANETNGPi51KlkukhKgaIEDMkBDJOx
+  65N7DzmkcyY0/GwjIVIxmRhcrCt1YeCUElmfFx0iida1/YRm6sB2AXqScc1+ECRi
+  2DND//YJUikn1zwbz1kT70XmHd97B4Eytpln7K+M1u2g1pHVEPW4owD/ammXNpUy
+  nt70FcDD4yxJQ+0YNiHd0N8IcVBM1TMIVctMNQ==
+  -----END CERTIFICATE-----
+date: 2020-09-16 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- contact@diffend.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".coditsu/ci.yml"
+- ".diffend.yml"
+- ".github/workflows/ci.yml"
+- ".gitignore"
+- ".rspec"
+- ".ruby-version"
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.md
+- README.md
+- bin/bundle
+- bin/byebug
+- bin/htmldiff
+- bin/ldiff
+- bin/rake
+- bin/rspec
+- certs/mensfeld.pem
+- certs/tomaszpajor.pem
+- diffend.gemspec
+- lib/diffend.rb
+- lib/diffend/build_bundler_definition.rb
+- lib/diffend/commands.rb
+- lib/diffend/config/fetcher.rb
+- lib/diffend/config/file_finder.rb
+- lib/diffend/config/validator.rb
+- lib/diffend/errors.rb
+- lib/diffend/handle_errors/build_exception_payload.rb
+- lib/diffend/handle_errors/display_to_stdout.rb
+- lib/diffend/handle_errors/messages.rb
+- lib/diffend/handle_errors/report.rb
+- lib/diffend/monitor.rb
+- lib/diffend/request.rb
+- lib/diffend/request_object.rb
+- lib/diffend/track.rb
+- lib/diffend/voting.rb
+- lib/diffend/voting/versions/local.rb
+- lib/diffend/voting/versions/remote.rb
+- plugins.rb
+- scripts/generate_payload_for_file.rb
+homepage: https://diffend.io
+licenses:
+- Prosperity Public License
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.4
+signing_key: 
+specification_version: 4
+summary: OSS supply chain security and management platform.
+test_files: []