dradis-nessus 3.12.0 → 3.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.github/issue_template.md +16 -0
- data/.github/pull_request_template.md +36 -0
- data/CHANGELOG.md +20 -0
- data/lib/dradis/plugins/nessus/field_processor.rb +7 -5
- data/lib/dradis/plugins/nessus/gem_version.rb +1 -1
- data/spec/dradis/plugins/nessus/field_processor_spec.rb +24 -10
- metadata +5 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 525b6414b2fe9dfa5b90211ce9851eae66719e6a459e289e0eb9f08d80ba42fd
|
|
4
|
+
data.tar.gz: 68206b4fff7b3df9d2967fa3d1054be5a012e320d68089d2b5308e74e9aad00b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 118844a0a6c32a1a197925e0748f7addb774e348ba5349101cf261f585ac9a0086a39cedcff870e62fa833efd4312d6f51b1109ea61187fac59731fcf2bfabd0
|
|
7
|
+
data.tar.gz: 577bc2449a1100fbb766fe3f6851471c8c6d8d920f21506a39332cf10163ca7136017df883424c7ca10fc987774db6083bcd11115a92bab1263352bf502d6650
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
### Steps to reproduce
|
|
2
|
+
|
|
3
|
+
Help us help you, how can we reproduce the problem?
|
|
4
|
+
|
|
5
|
+
### Expected behavior
|
|
6
|
+
Tell us what should happen
|
|
7
|
+
|
|
8
|
+
### Actual behavior
|
|
9
|
+
Tell us what happens instead
|
|
10
|
+
|
|
11
|
+
### System configuration
|
|
12
|
+
**Dradis version**:
|
|
13
|
+
|
|
14
|
+
**Ruby version**:
|
|
15
|
+
|
|
16
|
+
**OS version**:
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
### Summary
|
|
2
|
+
|
|
3
|
+
Provide a general description of the code changes in your pull
|
|
4
|
+
request... were there any bugs you had fixed? If so, mention them. If
|
|
5
|
+
these bugs have open GitHub issues, be sure to tag them here as well,
|
|
6
|
+
to keep the conversation linked together.
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
### Other Information
|
|
10
|
+
|
|
11
|
+
If there's anything else that's important and relevant to your pull
|
|
12
|
+
request, mention that information here. This could include
|
|
13
|
+
benchmarks, or other information.
|
|
14
|
+
|
|
15
|
+
Thanks for contributing to Dradis!
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
### Copyright assignment
|
|
19
|
+
|
|
20
|
+
Collaboration is difficult with commercial closed source but we want
|
|
21
|
+
to keep as much of the OSS ethos as possible available to users
|
|
22
|
+
who want to fix it themselves.
|
|
23
|
+
|
|
24
|
+
In order to unambiguously own and sell Dradis Framework commercial
|
|
25
|
+
products, we must have the copyright associated with the entire
|
|
26
|
+
codebase. Any code you create which is merged must be owned by us.
|
|
27
|
+
That's not us trying to be a jerks, that's just the way it works.
|
|
28
|
+
|
|
29
|
+
Please review the [CONTRIBUTING.md](https://github.com/dradis/dradis-ce/blob/master/CONTRIBUTING.md)
|
|
30
|
+
file for the details.
|
|
31
|
+
|
|
32
|
+
You can delete this section, but the following sentence needs to
|
|
33
|
+
remain in the PR's description:
|
|
34
|
+
|
|
35
|
+
> I assign all rights, including copyright, to any future Dradis
|
|
36
|
+
> work by myself to Security Roots.
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,23 @@
|
|
|
1
|
+
## Dradis Framework 3.17 (May, 2020) ##
|
|
2
|
+
|
|
3
|
+
* No changes.
|
|
4
|
+
|
|
5
|
+
## Dradis Framework 3.16 (February, 2020) ##
|
|
6
|
+
|
|
7
|
+
* No changes.
|
|
8
|
+
|
|
9
|
+
## Dradis Framework 3.15 (November, 2019) ##
|
|
10
|
+
|
|
11
|
+
* Fixed bullet points formatting to handle internal text column widths
|
|
12
|
+
|
|
13
|
+
## Dradis Framework 3.14 (August, 2019) ##
|
|
14
|
+
|
|
15
|
+
* No changes.
|
|
16
|
+
|
|
17
|
+
## Dradis Framework 3.13 (June, 2019) ##
|
|
18
|
+
|
|
19
|
+
* No changes.
|
|
20
|
+
|
|
1
21
|
## Dradis Framework 3.12 (March, 2019) ##
|
|
2
22
|
|
|
3
23
|
* No changes.
|
|
@@ -28,7 +28,7 @@ module Dradis
|
|
|
28
28
|
else
|
|
29
29
|
output = @nessus_object.try(name) || 'n/a'
|
|
30
30
|
|
|
31
|
-
if field == 'report_item.description' && output =~
|
|
31
|
+
if field == 'report_item.description' && output =~ /^\s+-/
|
|
32
32
|
format_bullet_point_lists(output)
|
|
33
33
|
else
|
|
34
34
|
output
|
|
@@ -39,15 +39,17 @@ module Dradis
|
|
|
39
39
|
private
|
|
40
40
|
def format_bullet_point_lists(input)
|
|
41
41
|
input.split("\n").map do |paragraph|
|
|
42
|
-
if paragraph =~
|
|
43
|
-
|
|
42
|
+
if paragraph =~ /(.*)\s+:\s*$/m
|
|
43
|
+
$1 + ':'
|
|
44
|
+
elsif paragraph =~ /^\s+-\s+(.*)$/m
|
|
45
|
+
'* ' + $1.gsub(/\s{3,}/, ' ').gsub(/\n/, ' ')
|
|
44
46
|
else
|
|
45
47
|
paragraph
|
|
46
48
|
end
|
|
47
|
-
end.join("\n
|
|
49
|
+
end.join("\n")
|
|
48
50
|
end
|
|
49
51
|
end
|
|
50
52
|
|
|
51
53
|
end
|
|
52
54
|
end
|
|
53
|
-
end
|
|
55
|
+
end
|
|
@@ -3,25 +3,39 @@ require 'ostruct'
|
|
|
3
3
|
|
|
4
4
|
describe Dradis::Plugins::Nessus::FieldProcessor do
|
|
5
5
|
|
|
6
|
-
describe
|
|
7
|
-
context
|
|
8
|
-
|
|
9
|
-
doc = Nokogiri::XML(
|
|
6
|
+
describe '%report_item.description% field formatting' do
|
|
7
|
+
context 'bullet points' do
|
|
8
|
+
before do
|
|
9
|
+
doc = Nokogiri::XML(
|
|
10
|
+
File.read('spec/fixtures/files/report_item-with-list.xml')
|
|
11
|
+
)
|
|
10
12
|
processor = described_class.new(data: doc.root)
|
|
11
13
|
|
|
12
|
-
value = processor.value(field: 'report_item.description')
|
|
13
|
-
|
|
14
|
+
@value = processor.value(field: 'report_item.description')
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
it 'converts Nessus broken lists into Textile bullet-point lists' do
|
|
18
|
+
expect(@value).to_not be_empty
|
|
19
|
+
|
|
20
|
+
expect(@value).to include(
|
|
21
|
+
'* A denial of service vulnerability exists relating to '\
|
|
22
|
+
'the \'mod_dav\' module as it relates to MERGE requests.'
|
|
23
|
+
)
|
|
24
|
+
end
|
|
14
25
|
|
|
15
|
-
|
|
26
|
+
it 'does not add unnecessary newlines to list items' do
|
|
27
|
+
expect(@value).to include("vulnerabilities:\n\n* A flaw exists")
|
|
16
28
|
end
|
|
17
29
|
end
|
|
18
30
|
end
|
|
19
31
|
|
|
20
|
-
it
|
|
21
|
-
doc = Nokogiri::XML(
|
|
32
|
+
it 'Recasted severity values appear in the Evidence' do
|
|
33
|
+
doc = Nokogiri::XML(
|
|
34
|
+
File.read('spec/fixtures/files/report_item-with-list.xml')
|
|
35
|
+
)
|
|
22
36
|
processor = described_class.new(data: doc.root)
|
|
23
37
|
value = processor.value(field: 'evidence.severity')
|
|
24
38
|
expect(value).to_not be_empty
|
|
25
|
-
expect(value).to include(
|
|
39
|
+
expect(value).to include('2')
|
|
26
40
|
end
|
|
27
41
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dradis-nessus
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.17.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Martin
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-06-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dradis-plugins
|
|
@@ -102,6 +102,8 @@ executables: []
|
|
|
102
102
|
extensions: []
|
|
103
103
|
extra_rdoc_files: []
|
|
104
104
|
files:
|
|
105
|
+
- ".github/issue_template.md"
|
|
106
|
+
- ".github/pull_request_template.md"
|
|
105
107
|
- ".gitignore"
|
|
106
108
|
- ".rspec"
|
|
107
109
|
- CHANGELOG.md
|
|
@@ -156,8 +158,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
156
158
|
- !ruby/object:Gem::Version
|
|
157
159
|
version: '0'
|
|
158
160
|
requirements: []
|
|
159
|
-
|
|
160
|
-
rubygems_version: 2.6.12
|
|
161
|
+
rubygems_version: 3.0.1
|
|
161
162
|
signing_key:
|
|
162
163
|
specification_version: 4
|
|
163
164
|
summary: Nessus upload add-on for the Dradis Framework.
|