RubyGems - gems-status - Versions diffs - 0.63.0 → 0.64.0 - Mend

gems-status 0.63.0 → 0.64.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

data/VERSION +1 -1
data/bin/gems-status +24 -5
data/lib/gems-status.rb +1 -36
data/lib/gems-status/checkers/not_a_security_alert_checker.rb +50 -70
data/lib/gems-status/checkers/scm_check_messages_factory.rb +25 -0
data/lib/gems-status/gem_simple.rb +9 -2
data/lib/gems-status/runner.rb +53 -0
data/lib/gems-status/sources/lockfile_gems.rb +22 -32
data/lib/gems-status/text_view.rb +35 -23
data/lib/gems-status/utils.rb +30 -0
data/test/test-gem_simple.rb +48 -0
data/test/test-has_a_license.rb +17 -0
data/test/test-is_not_gpl.rb +28 -0
data/test/test-is_rubygems.rb +34 -0
data/test/test-lockfile_gems.rb +20 -13
data/test/test-not_a_security_alert_checker.rb +158 -0
data/test/test-runner.rb +40 -0
data/test/test-scm_check_messages.rb +40 -0
data/test/test-scm_check_messages_factory.rb +15 -0
data/test/test-scm_security_messages.rb +27 -0
data/test/test-security_alert.rb +15 -0
metadata +16 -9
data/lib/gems-status/gems_command.rb +0 -39
data/lib/gems-status/gems_composite_command.rb +0 -57
data/lib/gems-status/sources/ruby_gems_gems_gem_simple.rb +0 -46
data/test/test-gems_command.rb +0 -67
data/test/test-gems_composite_command.rb +0 -14

data/test/test-runner.rb ADDED Viewed

@@ -0,0 +1,40 @@
+require './test/test-helper.rb'
+$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
+require 'test/unit'
+require 'gems-status'
+module GemsStatus
+  class MockSource
+    def gem_list
+      {
+        "gem 1 name" => "gem 1 object",
+        "gem 2 name" => "gem 2 object"
+      }
+    end
+  end
+  class MockChecker
+    def check?(gem)
+      false
+    end
+  end
+  class RunnerTest < Test::Unit::TestCase
+    def test_a_run
+      runner = Runner.new
+      assert !runner.are_there_gems?
+      runner.source = MockSource.new
+      assert !runner.are_there_gems?
+      runner.add_checker(MockChecker.new)
+      runner.add_checker(MockChecker.new)
+      runner.execute
+      assert runner.are_there_gems?
+      expected = { "gem 1 name" => "gem 1 object", "gem 2 name" => "gem 2 object" }
+      assert_equal expected, runner.gem_list
+      assert_equal Array, runner.checker_results["gem 1 name"].class
+      assert_equal 2, runner.checker_results["gem 1 name"].length
+      assert_equal MockChecker, runner.checker_results["gem 1 name"][0].class
+      assert runner.checker_results["gem 1 name"][0] != runner.checker_results["gem 1 name"][1]
+    end
+  end
+end

data/test/test-scm_check_messages.rb ADDED Viewed

@@ -0,0 +1,40 @@
+require './test/test-helper.rb'
+$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
+require 'test/unit'
+require 'gems-status'
+module GemsStatus
+  class ScmCheckMessages
+    def commit_key(commit)
+      commit[0..3]
+    end
+    def message(commit)
+      commit
+    end
+    def messages(name, source_repo)
+      ["#{name} - #{source_repo} - message"]
+    end
+    def date(commit)
+      "2012-03-12"
+    end
+  end
+  class MessageChecker
+    def check_message?(commit)
+      commit.include?("security")
+    end
+  end
+  class ScmCheckMessagesTest < Test::Unit::TestCase
+    def test_check_messages
+      scm = ScmCheckMessages.new
+      cm = scm.check_messages("name security", "source_repo", MessageChecker.new, "origin")
+      assert_equal 1, cm.length
+      cm = scm.check_messages("name", "source_repo", MessageChecker.new, "origin")
+      assert_equal 0, cm.length
+    end
+  end
+end

data/test/test-scm_check_messages_factory.rb ADDED Viewed

@@ -0,0 +1,15 @@
+require './test/test-helper.rb'
+$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
+require 'test/unit'
+require 'gems-status'
+module GemsStatus
+  class ScmCheckMessagesFactoryTest < Test::Unit::TestCase
+    def test_instance
+      assert_equal ScmCheckMessagesFactory.get_instance("bla"), nil
+      assert_equal ScmCheckMessagesFactory.get_instance("git bla").class, GemsStatus::GitCheckMessages
+      assert_equal ScmCheckMessagesFactory.get_instance("svn bla").class, GemsStatus::SvnCheckMessages
+      assert_equal ScmCheckMessagesFactory.get_instance("bitbucket bla").class, GemsStatus::HgCheckMessages
+    end
+  end
+end

data/test/test-scm_security_messages.rb ADDED Viewed

@@ -0,0 +1,27 @@
+require './test/test-helper.rb'
+$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
+require 'test/unit'
+require 'gems-status'
+module GemsStatus
+  class TestScmSecurityMessages < Test::Unit::TestCase
+    def test_check_message
+      ssm = ScmSecurityMessages.new
+      assert !ssm.check_message?("bla bla")
+      assert ssm.check_message?("bla XSS bla")
+      assert ssm.check_message?("bla CSRF bla")
+      assert ssm.check_message?("bla cross-site bla")
+      assert ssm.check_message?("bla crosssite bla")
+      assert ssm.check_message?("bla injection bla")
+      assert ssm.check_message?("bla forgery bla")
+      assert ssm.check_message?("bla traversal bla")
+      assert ssm.check_message?("bla CVE bla")
+      assert ssm.check_message?("bla unsafe bla")
+      assert ssm.check_message?("bla vulnerab bla")
+      assert ssm.check_message?("bla risk bla")
+      assert ssm.check_message?("bla security bla")
+      assert ssm.check_message?("bla Malicious bla")
+      assert ssm.check_message?("bla DoS bla")
+    end
+  end
+end

data/test/test-security_alert.rb ADDED Viewed

@@ -0,0 +1,15 @@
+require './test/test-helper.rb'
+$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
+require 'test/unit'
+require 'gems-status'
+module GemsStatus
+  class SecurityAlertTest < Test::Unit::TestCase
+    def test_new
+      sa = GemsStatus::SecurityAlert.new("desc", "date")
+      assert sa.desc = "desc"
+      assert sa.date = "date"
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gems-status
 version: !ruby/object:Gem::Version
-  version: 0.63.0
+  version: 0.64.0
   prerelease:
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-07-12 00:00:00.000000000 Z
+date: 2013-07-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: xml-simple
@@ -182,12 +182,11 @@ extra_rdoc_files: []
 files:
 - LICENSE
 - lib/gems-status.rb
+- lib/gems-status/runner.rb
 - lib/gems-status/sources.rb
 - lib/gems-status/checkers.rb
 - lib/gems-status/gem_simple.rb
 - lib/gems-status/sources/lockfile_gems.rb
-- lib/gems-status/sources/ruby_gems_gems_gem_simple.rb
-- lib/gems-status/gems_command.rb
 - lib/gems-status/text_view.rb
 - lib/gems-status/gems_status_metadata.rb
 - lib/gems-status/utils.rb
@@ -198,20 +197,28 @@ files:
 - lib/gems-status/checkers/scm_check_messages.rb
 - lib/gems-status/checkers/svn_check_messages.rb
 - lib/gems-status/checkers/not_a_security_alert_checker.rb
+- lib/gems-status/checkers/scm_check_messages_factory.rb
 - lib/gems-status/checkers/gem_checker.rb
 - lib/gems-status/checkers/hg_check_messages.rb
 - lib/gems-status/checkers/git_check_messages.rb
 - lib/gems-status/checkers/is_rubygems.rb
-- lib/gems-status/gems_composite_command.rb
 - bin/gems-status
+- test/test-scm_security_messages.rb
 - test/Gemfile
-- test/test-gems_composite_command.rb
+- test/test-scm_check_messages_factory.rb
+- test/test-not_a_security_alert_checker.rb
 - test/Gemfile.lock
-- test/test-gems_command.rb
+- test/test-scm_check_messages.rb
+- test/test-is_not_gpl.rb
 - test/Gemfile.lock.test
 - test/test-utils.rb
 - test/test-helper.rb
+- test/test-has_a_license.rb
+- test/test-gem_simple.rb
+- test/test-security_alert.rb
+- test/test-runner.rb
 - test/test-lockfile_gems.rb
+- test/test-is_rubygems.rb
 - VERSION
 homepage: http://github.com/jordimassaguerpla/gems-status
 licenses:
@@ -228,7 +235,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4111752291554713446
+      hash: -837205862980188547
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -237,7 +244,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4111752291554713446
+      hash: -837205862980188547
 requirements: []
 rubyforge_project:
 rubygems_version: 1.8.25

data/lib/gems-status/gems_command.rb DELETED Viewed

@@ -1,39 +0,0 @@
-require "gems-status/gem_simple"
-module GemsStatus
-  class GemsCommand
-    attr_reader :result
-    attr_reader :ident
-    def gem_name(gem)
-      pos = gem.rindex(".gem")
-      if ! pos then
-        return gem
-      end
-      name = gem[0...pos]
-      pos = name.rindex("-")
-      if ! pos then
-        return name
-      end
-      return name[0...pos]
-    end
-    def gem_version(gem)
-      pos = gem.rindex(".gem")
-      if ! pos then
-        return '-1'
-      end
-      name = gem[0...pos]
-      pos = name.rindex("-")
-      if ! pos then
-        return '-1'
-      end
-      pos = pos + 1
-      return name[pos..-1]
-    end
-    def execute
-    end
-  end
-end

data/lib/gems-status/gems_composite_command.rb DELETED Viewed

@@ -1,57 +0,0 @@
-require "gems-status/gem_simple"
-require "gems-status/gems_command"
-require "gems-status/text_view"
-module GemsStatus
-  class GemsCompositeCommand < GemsCommand
-    attr_accessor :results, :checker_results, :command
-    def initialize
-      @command = []
-      @checkers = []
-      @checker_results = {}
-      @comments = {}
-      @results = []
-    end
-    def add_checker(check_object)
-      @checkers << check_object
-    end
-    def execute
-      return unless @command
-      @command.execute
-      @results << @command.result
-      @checkers.each do |check_object|
-        Utils::log_debug "checking #{check_object.class.name}"
-        @results.each do |gems|
-          gems.each do |name, gem|
-            if !check_object.check?(gem)
-              @checker_results[name] = {} unless @checker_results[name]
-              @checker_results[gem.name][check_object.class.name] = check_object.clone
-            end
-          end
-        end
-      end
-    end
-    def add_comments(comments)
-      @comments = comments
-    end
-    def are_there_results?
-      return @results && !@results.empty?
-    end
-    def print
-      return if !are_there_results?
-      view = TextView.new
-      view.print_head
-      ids = @command.filename
-      view.print_description(ids)
-      view.print_results(@results, @checker_results, @comments)
-      view.print_tail
-    end
-  end
-end

data/lib/gems-status/sources/ruby_gems_gems_gem_simple.rb DELETED Viewed

@@ -1,46 +0,0 @@
-require "rubygems/format"
-require "gems-status/gem_simple"
-require "time"
-module GemsStatus
-  class RubyGemsGems_GemSimple < GemSimple
-    def initialize(name, version, md5, origin, gems_url, dependencies=nil)
-      super(name, version, nil, origin, gems_url, dependencies)
-    end
-    def license
-      if from_git?
-        return nil
-      end
-      Utils::download_license(@name, @version, @gems_url)
-    end
-    def md5
-      if from_git?
-        return nil
-      end
-      Utils::download_md5(@name, @version, @gems_url)
-    end
-    def date
-      Utils::log_debug "looking for date for #{@name} - #{@version}"
-      begin
-        versions = JSON.parse(open("https://rubygems.org/api/v1/versions/#{@name}.json").read)
-        versions.each do |version|
-          if Gem::Version.new(version["number"]) == @version
-            Utils::log_debug  "Date for #{@name} - #{@version} : #{version["built_at"]}"
-            return Time.parse version["built_at"]
-          end
-        end
-      rescue
-        Utils::log_error(@name, "There was a problem opening https://rubygems.org/api/v1/versions/#{@name}.json")
-      end
-      nil
-    end
-  end
-end

data/test/test-gems_command.rb DELETED Viewed

@@ -1,67 +0,0 @@
-require './test/test-helper.rb'
-$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
-require 'test/unit'
-require 'gems-status'
-module GemsStatus
-  class TestGemsCommand < Test::Unit::TestCase
-    def test_gem_name_wrong_name
-      gem_name = 'wrong_name'
-      result = GemsCommand.new.gem_name(gem_name)
-      expected = gem_name
-      assert_equal(result, expected)
-    end
-    def test_gem_name_without_version
-      gem_name = 'name.gem'
-      result = GemsCommand.new.gem_name(gem_name)
-      expected = 'name'
-      assert_equal(result, expected)
-    end
-    def test_gem_name_simple
-      gem_name = 'name-1.0.0.gem'
-      result = GemsCommand.new.gem_name(gem_name)
-      expected = 'name'
-      assert_equal(result, expected)
-    end
-    def test_gem_name_with_dashes
-      gem_name = 'name-1-1.0.0.gem'
-      result = GemsCommand.new.gem_name(gem_name)
-      expected = 'name-1'
-      assert_equal(result, expected)
-    end
-    def test_gem_version_no_version
-      gem_name = 'name.gem'
-      result = GemsCommand.new.gem_version(gem_name)
-      expected = '-1'
-      assert_equal(result, expected)
-    end
-    def test_gem_version_wrong_name
-      gem_name = 'name-1.0'
-      result = GemsCommand.new.gem_version(gem_name)
-      expected = '-1'
-      assert_equal(result, expected)
-    end
-    def test_gem_version_simple_version
-      gem_name = 'name-1.0.0.gem'
-      result = GemsCommand.new.gem_version(gem_name)
-      expected = '1.0.0'
-      assert_equal(result, expected)
-    end
-    def test_gem_version_with_dashes
-      gem_name = 'name-a-1.0.0.gem'
-      result = GemsCommand.new.gem_version(gem_name)
-      expected = '1.0.0'
-      assert_equal(result, expected)
-    end
-  end
-end

data/test/test-gems_composite_command.rb DELETED Viewed

@@ -1,14 +0,0 @@
-require './test/test-helper.rb'
-$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
-require 'test/unit'
-require 'gems-status'
-module GemsStatus
-  class GemsCompositeCommandTest < GemsCompositeCommand
-    attr_accessor :results
-  end
-  class TestGemsCompositeCommand < Test::Unit::TestCase
-  end
-end