dradis-acunetix 4.19.0 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.ruby-version +1 -0
  3. data/CHANGELOG.md +6 -0
  4. data/dradis-acunetix.gemspec +1 -1
  5. data/lib/acunetix/concerns/cleanup.rb +20 -18
  6. data/lib/dradis/plugins/acunetix/gem_version.rb +2 -2
  7. data/lib/dradis/plugins/acunetix/mapping.rb +4 -1
  8. data/spec/acunetix/acunetix360/importer_spec.rb +10 -0
  9. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6848a64f469b4fd4dfdbda618cf73292d46f6015ee69e6edcc92f462d50bd322
4
- data.tar.gz: bc18893ba7151ae8b183d17a2737ee3b660c38aeb50b70337c462836b48499f7
3
+ metadata.gz: 7c3359b19271cb5ead1f4661414c4bbaa1f14fcf5c4938faefcf30abd19e00b0
4
+ data.tar.gz: f127ef6a55000150c99822eb73760cefa2f69bc388eac14ed37e7e03c29514cf
5
5
  SHA512:
6
- metadata.gz: 23834ca3074c9608da844720b16b4ea3419f13c81ced9ca23ba63d218a85e4ef3142b465217d63f15dd0ece06ba67e492e5aef44c52b8a1dbcd2dc502dc64ae9
7
- data.tar.gz: 949bb33188c760b7d1b1cea566b80f1296d523a8b6af3f1d97470705f623819ed89b464ae48efeeb61d46532e175940a8604bb44c777a188782b41d89a3464f9
6
+ metadata.gz: df76d5c3c5479dc65a3c70b79bc4e0ed3e9aceec8cbea651d40a76070d898ffd076bf54716916f174f97236db8916ebd66a5101a0052e17b2a3af59fe7a0f3b3
7
+ data.tar.gz: 1e4b0ac6701d36dc59036fbf6a62a9b4a7c562e118f1a32bf4f802fe732d878d64e966eb644143bfc4e71f2ecb355ab90ee9024bdb356c5b20fdad33b51bde94
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ 3.4.6
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ v5.0.0 (March 2026)
2
+ - No changes
3
+
4
+ v4.20.0 (XXXX 2025)
5
+ - Update HTML tag parsing for Acunetix 360
6
+
1
7
  v4.19.0 (November 2025)
2
8
  - No changes
3
9
 
data/dradis-acunetix.gemspec CHANGED
@@ -23,7 +23,7 @@ Gem::Specification.new do |spec|
23
23
  # versions of Rails (a sure recipe for disaster, I'm sure), which is needed
24
24
  # until we bump Dradis Pro to 4.1.
25
25
  # s.add_dependency 'rails', '~> 4.1.1'
26
- spec.add_dependency 'dradis-plugins', '~> 4.0'
26
+ spec.add_dependency 'dradis-plugins', '>= 4.0'
27
27
  spec.add_dependency 'nokogiri', '~> 1.3'
28
28
 
29
29
  spec.add_development_dependency 'bundler', '~> 2'
data/lib/acunetix/concerns/cleanup.rb CHANGED
@@ -8,32 +8,34 @@ module Acunetix
8
8
 
9
9
  format_table(result)
10
10
 
11
- result.gsub!(/"/, '"')
12
- result.gsub!(/&/, '&')
13
- result.gsub!(/&lt;/, '<')
14
- result.gsub!(/&gt;/, '>')
15
-
16
11
  result.gsub!(/<h[0-9] >(.*?)<\/h[0-9]>/) { "\n\n*#{$1.strip}*\n\n" }
17
12
  result.gsub!(/<b>(.*?)<\/b>/) { "*#{$1.strip}*" }
18
- result.gsub!(/<br\/>/, "\n")
13
+ result.gsub!(/<br ?\/>/, "\n")
19
14
  result.gsub!(/<div(.*?)>|<\/div>/, '')
15
+ result.gsub!(/<span.*?>(.*?)<\/span>/m){"#{$1.strip}"}
16
+ result.gsub!(/<span.*?>|<\/span>/, '') #repeating again to deal with nested/empty/incomplete span tags
17
+
18
+ result.gsub!(/<a(.*?)href='(.*?)'><i(.*?)><\/i>(.*?)<\/a>/m) { "\"#{$4}\":#{$2}" }
20
19
  result.gsub!(/<a.*?>(.*?)<\/a>/m, '\1')
21
20
  result.gsub!(/<font.*?>(.*?)<\/font>/m, '\1')
22
21
  result.gsub!(/<h2>(.*?)<\/h2>/) { "*#{$1.strip}*" }
23
22
  result.gsub!(/<i>(.*?)<\/i>/, '\1')
24
- result.gsub!(/<p.*?>(.*?)<\/p>/) { "\np. #{$1.strip}\n" }
25
- result.gsub!(/<code><pre.*?>(.*?)<\/pre><\/code>/m){|m| "\n\nbc.. #{$1.strip}\n\np. \n" }
26
- result.gsub!(/<code>(.*?)<\/code>/) { "@#{$1.strip}@" }
27
- result.gsub!(/<pre.*?>(.*?)<\/pre>/m){|m| "\n\nbc.. #{$1.strip}\n\np. \n" }
28
-
29
- result.gsub!(/<li.*?>([\s\S]*?)<\/li>/m){"\n* #{$1.strip}"}
30
- result.gsub!(/<ul>([\s\S]*?)<\/ul>/m){ "#{$1.strip}\n" }
23
+ result.gsub!(/<em>(.*?)<\/em>/) { "_#{$1.strip}_" }
24
+ result.gsub!(/<p.*?>(.*?)<\/p>/) { "p. #{$1.strip}\n\n" }
25
+ result.gsub!(/<code><pre.*?>(.*?)<\/pre><\/code>/m){|m| "\n\nbc.. #{$1}\n\np. \n" }
26
+ result.gsub!(/<code>(.*?)<\/code>/) { "\n\nbc. #{$1}\n\n" }
27
+ result.gsub!(/<pre.*?>(.*?)<\/pre>/) { "\n\nbc. #{$1}\n\n" }
28
+ result.gsub!(/<pre.*?>(.*?)<\/pre>/m){|m| "\n\nbc.. #{$1}\n\np. \n" }
29
+
30
+ result.gsub!(/<li.*?>([\s\S]*?)<\/li>/m){"\n* #{$1}"}
31
+ result.gsub!(/<ul>([\s\S]*?)<\/ul>/m){ "#{$1}\n" }
31
32
  result.gsub!(/(<ul>)|(<\/ul>|(<ol>)|(<\/ol>))/, "\n")
32
- result.gsub!(/<li>/, "\n* ")
33
- result.gsub!(/<\/li>/, "\n")
33
+ result.gsub!(/<strong>(.*?)<\/strong>/m) { "*#{$1}*" }
34
34
 
35
- result.gsub!(/<strong>(.*?)<\/strong>/) { "*#{$1.strip}*" }
36
- result.gsub!(/<span.*?>(.*?)<\/span>/m){"#{$1.strip}\n"}
35
+ result.gsub!(/&quot;/, '"')
36
+ result.gsub!(/&amp;/, '&')
37
+ result.gsub!(/&lt;/, '<')
38
+ result.gsub!(/&gt;/, '>')
37
39
 
38
40
  result
39
41
  end
@@ -68,7 +70,7 @@ module Acunetix
68
70
 
69
71
  # Some of the values have embedded HTML conent that we need to strip
70
72
  def tags_with_html_content
71
- [:details, :description, :detailed_information, :impact, :recommendation]
73
+ [:details, :description, :detailed_information, :impact, :recommendation, :remedial_actions, :remedial_procedure, :external_references]
72
74
  end
73
75
 
74
76
  def tags_with_commas
data/lib/dradis/plugins/acunetix/gem_version.rb CHANGED
@@ -7,8 +7,8 @@ module Dradis
7
7
  end
8
8
 
9
9
  module VERSION
10
- MAJOR = 4
11
- MINOR = 19
10
+ MAJOR = 5
11
+ MINOR = 0
12
12
  TINY = 0
13
13
  PRE = nil
14
14
 
data/lib/dradis/plugins/acunetix/mapping.rb CHANGED
@@ -60,7 +60,10 @@ module Dradis::Plugins::Acunetix
60
60
  'CVSS3Vector' => '{{ acunetix[vulnerability_360.cvss31_vector] }}',
61
61
  'CVSS3Base' => '{{ acunetix[vulnerability_360.cvss31_base] }}',
62
62
  'CVSS3Temporal' => '{{ acunetix[vulnerability_360.cvss31_temporal] }}',
63
- 'CVSS3Environmental' => '{{ acunetix[vulnerability_360.cvss31_environmental] }}'
63
+ 'CVSS3Environmental' => '{{ acunetix[vulnerability_360.cvss31_environmental] }}',
64
+ 'Remedial Actions' => '{{ acunetix[vulnerability_360.remedial_actions] }}',
65
+ 'Remedial Procedure' => '{{ acunetix[vulnerability_360.remedial_procedure] }}',
66
+ 'References' => '{{ acunetix[vulnerability_360.external_references] }}',
64
67
  }
65
68
  }.freeze
66
69
 
data/spec/acunetix/acunetix360/importer_spec.rb CHANGED
@@ -57,5 +57,15 @@ module Dradis::Plugins
57
57
 
58
58
  run_import!
59
59
  end
60
+
61
+ it 'parses links in <external-references> tag' do
62
+ expect(@content_service).to receive(:create_issue) do |args|
63
+ expect(args[:text]).to include('"Blind SQL Injection":https://www.owasp.org/index.php/Blind_SQL_Injection')
64
+ expect(args[:text]).to include('"SQL Injection Cheat Sheet[#Blind]":https://www.acunetix.com/blog/web-security/sql-injection-cheat-sheet/#BlindSQLInjections')
65
+ OpenStruct.new(args)
66
+ end
67
+
68
+ run_import!
69
+ end
60
70
  end
61
71
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dradis-acunetix
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.19.0
4
+ version: 5.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Martin
@@ -13,14 +13,14 @@ dependencies:
13
13
  name: dradis-plugins
14
14
  requirement: !ruby/object:Gem::Requirement
15
15
  requirements:
16
- - - "~>"
16
+ - - ">="
17
17
  - !ruby/object:Gem::Version
18
18
  version: '4.0'
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
- - - "~>"
23
+ - - ">="
24
24
  - !ruby/object:Gem::Version
25
25
  version: '4.0'
26
26
  - !ruby/object:Gem::Dependency
@@ -103,6 +103,7 @@ files:
103
103
  - ".github/pull_request_template.md"
104
104
  - ".gitignore"
105
105
  - ".rspec"
106
+ - ".ruby-version"
106
107
  - CHANGELOG.md
107
108
  - CHANGELOG.template
108
109
  - CONTRIBUTING.md