gems-status 0.16.0 → 0.17.0
Sign up to get free protection for your applications and to get access to all the features.
@@ -72,20 +72,24 @@ class NotASecurityAlertChecker < GemChecker
|
|
72
72
|
return
|
73
73
|
end
|
74
74
|
Utils::log_debug "Source URL for #{gem.name} #{source_repo}"
|
75
|
-
look_for_security_messages(gem.name, source_repo)
|
75
|
+
look_for_security_messages(gem.name, source_repo, gem.origin)
|
76
76
|
filter_security_messages_already_fixed(gem.version)
|
77
77
|
end
|
78
78
|
|
79
|
+
def key_for_emails(listname, gem, email)
|
80
|
+
"email_#{listname}_#{gem.name}_#{gem.origin}_#{email.uid}"
|
81
|
+
end
|
82
|
+
|
79
83
|
def look_in_emails(gem)
|
80
84
|
@emails.each do |listname, emails|
|
81
85
|
emails.each do |email|
|
82
86
|
if listname.include?(gem.name)
|
83
|
-
@security_messages[
|
87
|
+
@security_messages[key_for_emails] = email.subject
|
84
88
|
Utils::log_debug "looking for security emails: listname matches gem #{gem.name}: #{listname}"
|
85
89
|
next
|
86
90
|
end
|
87
91
|
if email.subject.include?(gem.name)
|
88
|
-
@security_messages[
|
92
|
+
@security_messages[key_for_emails] = email.subject
|
89
93
|
Utils::log_debug "looking for security emails: subject matches gem #{gem.name}: #{email.subject}"
|
90
94
|
next
|
91
95
|
end
|
@@ -146,7 +150,7 @@ class NotASecurityAlertChecker < GemChecker
|
|
146
150
|
return uri
|
147
151
|
end
|
148
152
|
|
149
|
-
def look_for_security_messages(name, source_repo, counter = 0)
|
153
|
+
def look_for_security_messages(name, source_repo, origin, counter = 0)
|
150
154
|
Utils::log_debug "looking for security messages on #{source_repo}"
|
151
155
|
if ! File.exists?("build_security_messages_check")
|
152
156
|
Dir.mkdir("build_security_messages_check")
|
@@ -170,7 +174,7 @@ class NotASecurityAlertChecker < GemChecker
|
|
170
174
|
return {}
|
171
175
|
end
|
172
176
|
@security_messages = scmCheckMessages.check_messages(name, source_repo,
|
173
|
-
ScmSecurityMessages.new)
|
177
|
+
ScmSecurityMessages.new, origin)
|
174
178
|
end
|
175
179
|
end
|
176
180
|
end
|
@@ -1,29 +1,29 @@
|
|
1
1
|
class ScmCheckMessages
|
2
2
|
MAX_RETRIES = 3
|
3
3
|
|
4
|
-
def check_messages(name, source_repo, message_checker, counter = 0)
|
4
|
+
def check_messages(name, source_repo, message_checker, origin, counter = 0)
|
5
5
|
begin
|
6
6
|
messages = messages(name, source_repo)
|
7
|
-
return security_alerts(name, messages, message_checker)
|
7
|
+
return security_alerts(name, messages, message_checker, origin)
|
8
8
|
rescue => e
|
9
9
|
if counter == MAX_RETRIES
|
10
10
|
Utils::log_error name, "There was a problem checking out #{source_repo} #{e}"
|
11
11
|
return {}
|
12
12
|
else
|
13
13
|
Utils::log_debug "There was a problem checking out #{source_repo} #{e}: Trying it again..."
|
14
|
-
return check_messages(name, source_repo, message_checker, counter + 1)
|
14
|
+
return check_messages(name, source_repo, message_checker, origin, counter + 1)
|
15
15
|
end
|
16
16
|
end
|
17
17
|
end
|
18
18
|
|
19
19
|
private
|
20
20
|
|
21
|
-
def security_alerts(name, commits, message_checker)
|
21
|
+
def security_alerts(name, commits, message_checker, origin)
|
22
22
|
results = {}
|
23
23
|
commits.each do |commit|
|
24
24
|
if message_checker.check_message?(message(commit))
|
25
25
|
Utils::log_debug "#{message(commit)}"
|
26
|
-
key = "#{name}_#{commit_key(commit)}"
|
26
|
+
key = "#{name}_#{origin}_#{commit_key(commit)}"
|
27
27
|
if !key
|
28
28
|
Utils::log_error "no key for #{name}"
|
29
29
|
next
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gems-status
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 91
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
|
-
-
|
8
|
+
- 17
|
9
9
|
- 0
|
10
|
-
version: 0.
|
10
|
+
version: 0.17.0
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Jordi Massaguer Pla
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2012-
|
18
|
+
date: 2012-07-02 00:00:00 Z
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
21
21
|
name: xml-simple
|