dobby 0.1.0 → 0.1.2

data/lib/dobby/builtins.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Dobby
+  # Contains information about dobby-provided strategies.
+  module Builtins
+    PACKAGE_SOURCES = {
+      'dpkg' => PackageSource::DpkgStatusFile
+    }.freeze
+
+    VULN_SOURCES = {
+      'debian' => VulnSource::Debian,
+      'ubuntu' => VulnSource::Ubuntu
+    }.freeze
+
+    ALL = PACKAGE_SOURCES.values | VULN_SOURCES.values
+  end
+end

data/lib/dobby/cli.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+module Dobby
+  # The dobby CLI.
+  class CLI
+    STATUS_SUCCESS = 0
+    STATUS_WARNING = 1
+    STATUS_ERROR   = 2
+
+    class Finished < RuntimeError; end
+
+    attr_reader :options
+
+    def initialize
+      @options = {}
+    end
+
+    def run(args = ARGV)
+      @options, files = Options.new.parse(args)
+      act_on_options
+      execute_runner(files)
+    rescue Finished
+      STATUS_SUCCESS
+    rescue OptionParser::InvalidOption => e
+      warn e.message
+      warn 'For usage information, use --help'
+      STATUS_ERROR
+    rescue StandardError, SyntaxError, LoadError => e
+      warn e.message
+      warn e.backtrace
+      STATUS_ERROR
+    end
+
+    private
+
+    def act_on_options
+      handle_exiting_options
+      # TODO: handle incompatible options (ubuntu source with source file specified)
+
+      if @options[:color]
+        Rainbow.enabled = true
+      elsif @options[:color] == false
+        Rainbow.enabled = false
+      end
+    end
+
+    def handle_exiting_options
+      return unless Options::EXITING_OPTIONS.any? { |o| @options.key? o }
+
+      puts Dobby::Version.version(true) if @options[:verbose_version]
+      puts Dobby::Version.version(false) if @options[:version]
+      raise Finished
+    end
+
+    def execute_runner(paths)
+      runner = Runner.new(@options)
+      all_passed = runner.run(paths) && !runner.aborting? && runner.errors.empty?
+
+      return STATUS_SUCCESS if all_passed
+
+      STATUS_WARNING
+    end
+  end
+end

data/lib/dobby/configuration.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+module Dobby
+  # All available Package and Database strategies available to the library.
+  #
+  # @return [Array<Object>]
+  def self.strategies
+    @strategies ||= []
+  end
+
+  def self.config
+    Configuration.instance
+  end
+
+  def self.configure
+    yield config
+  end
+
+  def self.logger
+    config.logger
+  end
+
+  # Gem configuration.
+  class Configuration
+    include Singleton
+
+    def self.default_logger
+      logger = Logger.new(STDOUT)
+      logger.progname = 'dobby'
+      logger
+    end
+
+    def self.defaults
+      @defaults ||= {}
+    end
+
+    def initialize
+      self.class.defaults.each_pair { |k, v| send("#{k}=", v) }
+    end
+
+    ###########
+    # Callbacks
+    #
+    #
+    # def on_failure(&block)
+    #   if block_given?
+    #     @on_failure = block
+    #   else
+    #     @on_failure
+    #   end
+    # end
+    #
+    # attr_writer :on_failure
+    # #########
+
+    attr_accessor :logger
+  end
+end

data/lib/dobby/database.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module Dobby
+  # A set of Defects that knows how to update itself.
+  class Database
+    include Enumerable
+
+    class InitializationError < Error; end
+
+    def initialize(strategy)
+      @records = Hash.new { |h, k| h[k] = [] }
+      @strategy = strategy
+      raise InitializationError, 'Strategy did not update at initialize!' unless update
+
+      # TODO: Make the flag path configurable
+      file = File.join(File.expand_path(__dir__), 'flags.yml')
+      flags = Psych.load_file(file)
+      flags.each do |flag, defects|
+        defects.each { |d| @records[d].flag = flag if @records.key?(d) }
+      end
+    end
+
+    # @param package [Package]
+    #
+    # @return [Array<Dobby::Defect>]
+    def defects_for(package)
+      @records[package.name] | @records[package.source]
+    end
+
+    # @param key [String] Package name
+    #
+    # @return [Array<Dobby::Defect>] if the package has any, an array of {Defect}s
+    # @return [nil] if the package has no {Defect}s
+    def [](key)
+      @records[key]
+    end
+
+    # @param key [String] Package name
+    #
+    # @return [Boolean] true if at least one {Defect} exists for key
+    def contains?(key)
+      @records.key? key
+    end
+
+    # Iterate over all {Package}s in the database and their associated {Defect}s
+    #
+    # @yield [Iterator]
+    def each(&block)
+      @records.each(&block)
+    end
+
+    # @return [true] if strategy reports it has new content
+    def update
+      response = @strategy.update
+      return false unless response.changed?
+
+      @records.clear
+      @records.merge!(response.content)
+      true
+    end
+  end
+end

data/lib/dobby/defect.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module Dobby
+  # A vulnerability which affects a particular {Package}
+  class Defect
+    # @return [String] unique identifier for this defect, usually a CVE ID
+    attr_reader :identifier
+
+    # @return [String] a description of the defect
+    attr_reader :description
+
+    # Set of Packages representing the minimum fix version
+    # @return [Array<Package>]
+    attr_reader :fixed_in
+
+    # @return [String] (low, medium, high) the priority category assigned to
+    #   this Defect
+    attr_reader :severity
+
+    attr_reader :link
+
+    attr_accessor :flag
+
+    # Simple hash serializer for a Defect
+    # @return [Hash]
+    def to_hash
+      {
+        identifier: identifier,
+        description: description,
+        severity: severity.to_s,
+        fixed_in: fixed_in.map(&:to_s)
+      }
+    end
+
+    # @param identifier [String]
+    # @param description [String]
+    # @param severity [Severity]
+    # @param fixed_in [Array<Package>]
+    # @param link [String] External reference for the defect
+    def initialize(identifier:, description:, severity:, link: nil, fixed_in: [])
+      @identifier = identifier
+      @description = description
+      @severity = severity
+      @fixed_in = fixed_in
+      @link = link
+    end
+
+    # The Defect has at least one released fix version
+    #
+    # @return [Boolean]
+    def fix_available?
+      fixed_in.any? { |v| v.version != Package::MAX_VERSION }
+    end
+
+    def filtered?(filter: :default, flag_filter: :default)
+      return true if flag_filtered?(flag_filter)
+      return false if filter == :default
+      return !fix_available? if filter == :only_fixed
+
+      raise UnknownFilterError, filter
+    end
+
+    def flagged?
+      !flag.nil?
+    end
+
+    def flag_filtered?(filter)
+      return !flag.nil? if filter == :default
+      return false if flag == filter
+
+      true
+    end
+  end
+end

data/lib/dobby/dpkg.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Dobby
+  # Generic Debian dpkg helper methods
+  module Dpkg
+    # Default location of the dpkg binary
+    DPKG = '/usr/bin/dpkg'
+    # Default location of the lsb_release binary
+    LSBR = '/usr/bin/lsb_release'
+
+    # @return [String] Debian codename for this system
+    def self.code_name
+      `#{LSBR} -sc`.chomp!
+    end
+
+    # @return [String] System architecture
+    def self.architecture
+      `#{DPKG} --print-architecture`.chomp!
+    end
+  end
+end

data/lib/dobby/error.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module Dobby
+  class Error < StandardError; end
+  class UnknownFilterError < Error; end
+end

data/lib/dobby/flag_manager.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+module Dobby
+  # Simple interface for managing whitelist/allowed flags of defects.
+  class FlagManager
+    attr_reader :flags
+
+    # @param file [String] Path to YML file describing current flags, and where
+    #   flags will be stored on {write}
+    # @param who [String] User or person associated with a flag entry
+    def initialize(file, who)
+      flags = {
+        whitelist: {},
+        allowed: {}
+      }
+
+      @file = file
+      @flags = flags.merge!(Psych.load_file(file))
+      @who = who
+    end
+
+    def add(flag, id, ticket)
+      return false if @flags[flag].key?(id)
+
+      @flags[flag][id] = {
+        by: @who,
+        on: Time.now.utc,
+        ticket: ticket
+      }
+    end
+
+    def remove(flag, id)
+      return false unless @flags[flag].key?(id)
+
+      @flags[flag].delete id
+    end
+
+    def move(src, dst, id)
+      ticket = @flags[src][id][:ticket]
+      return false unless remove(src, id)
+
+      add(dst, id, ticket)
+    end
+
+    def bulk_add(flag, ids)
+      ids.each { |id| remove(flag, id) }
+    end
+
+    def builk_remove(flag, ids)
+      ids.each { |id| remove(flag, id) }
+    end
+
+    def bulk_move(src, dst, ids)
+      ids.each { |id| move(src, dst, id) }
+    end
+
+    def dump
+      @flags.to_yaml
+    end
+
+    def write
+      File.open(@file, 'w') do |f|
+        f.write(@flags.to_yaml)
+      end
+    end
+  end
+end

data/lib/dobby/flags.yml

@@ -0,0 +1,8 @@
+# DO NOT EDIT THIS FILE! IT HAS BEEN AUTO-GENERATED.
+#
+# To make changes, use script/dobby_filter.rb
+#
+---
+:whitelist: {}
+:allowed: {}
+

data/lib/dobby/formatter/abstract_formatter.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Dobby
+  module Formatter
+    class AbstractFormatter
+      attr_reader :output
+      attr_reader :options
+
+      def initialize(output, options = {})
+        @output = output
+        @options = options
+      end
+
+      # Called once before starting work.
+      def started(target_files); end
+
+      # Called when starting work for a single file.
+      def file_started(file); end
+
+      def file_finished(file, results); end
+
+      def finished(files); end
+    end
+  end
+end

data/lib/dobby/formatter/colorizable.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module Dobby
+  module Formatter
+    # This mix-in module provides string coloring methods for terminals.
+    # It automatically disables coloring if coloring is disabled in the process
+    # globally or the formatter's output is not a terminal.
+    module Colorizable
+      def rainbow
+        @rainbow ||= begin
+          rainbow = Rainbow.new
+          if options[:color]
+            rainbow.enabled = true
+          elsif options[:color] == false || !output.tty?
+            rainbow.enabled = false
+          end
+          rainbow
+        end
+      end
+
+      def colorize(string, *args)
+        rainbow.wrap(string).color(*args)
+      end
+
+      %i[
+        black
+        red
+        green
+        yellow
+        blue
+        magenta
+        cyan
+        white
+      ].each do |color|
+        define_method(color) do |string|
+          colorize(string, color)
+        end
+      end
+    end
+  end
+end