gsd-database 0.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/gsd/database.rb +134 -0
- data/lib/gsd/version.rb +9 -0
- data/lib/gsd-database.rb +8 -0
- metadata +61 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 866629cf009360d0e44d5698ca214cd03804b2022894d6b699e6be0f8cdb50f7
|
|
4
|
+
data.tar.gz: 54f2ac761610f238923d78fd5dc73251bb41a98f978ea9727a6b648e11f31df7
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 43460dc7a2d4b01f85644250d84805b9cbbbe1325c54eb0586d39df76c8041ad1bf14a6edb1efd834f608eadaf72c83ea9357d706fae18f27484ba2078183d0b
|
|
7
|
+
data.tar.gz: e882ce401af841e30bc036c43c7ce19ae8e52f29f41782511dc0efaa009914cdd55483c0fef329ec3f26f1d3b0bc9c7d5c56c068cd64a16e1bed4aaa59b9ea01
|
data/lib/gsd/database.rb
ADDED
|
@@ -0,0 +1,134 @@
|
|
|
1
|
+
require 'git'
|
|
2
|
+
require 'json'
|
|
3
|
+
|
|
4
|
+
module GSD
|
|
5
|
+
class Database
|
|
6
|
+
attr_reader :work_branch, :git_repo, :git_fork, :repo_path, :git, :default_branch
|
|
7
|
+
|
|
8
|
+
def initialize(work_branch:, git_repo:, git_fork:, repo_path:)
|
|
9
|
+
@work_branch = work_branch
|
|
10
|
+
@git_repo = git_repo
|
|
11
|
+
@git_fork = git_fork
|
|
12
|
+
@repo_path = repo_path
|
|
13
|
+
# To be set by calling sync
|
|
14
|
+
@git = nil
|
|
15
|
+
@default_branch = nil
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def sync!
|
|
19
|
+
if exists?
|
|
20
|
+
open_repo
|
|
21
|
+
else
|
|
22
|
+
clone_repo
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
@default_branch = Git.default_branch(@git_repo)
|
|
26
|
+
|
|
27
|
+
prepare_work_branch
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def modify(file_path, &block)
|
|
31
|
+
raw_json_data = File.read(file_path)
|
|
32
|
+
old_gsd_entry = JSON.parse(raw_json_data)
|
|
33
|
+
new_gsd_entry = old_gsd_entry.deep_dup
|
|
34
|
+
|
|
35
|
+
yield new_gsd_entry
|
|
36
|
+
|
|
37
|
+
if new_gsd_entry != old_gsd_entry
|
|
38
|
+
indent = json_indent_value(
|
|
39
|
+
parsed_json: old_gsd_entry,
|
|
40
|
+
raw_json: raw_json_data,
|
|
41
|
+
gsd_id: new_gsd_entry['gsd']['osvSchema']['id']
|
|
42
|
+
)
|
|
43
|
+
# Sort by key and include a trailing newline
|
|
44
|
+
contents = json_string(input: new_gsd_entry.sort.to_h, indent: indent) + "\n"
|
|
45
|
+
File.write(file_path, contents)
|
|
46
|
+
add_file(file_path)
|
|
47
|
+
puts "Staged changes!"
|
|
48
|
+
else
|
|
49
|
+
puts "No changes!"
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def save!
|
|
54
|
+
status = @git.status
|
|
55
|
+
staged_files = status.changed.merge(status.added)
|
|
56
|
+
commit("Sync Ruby Advisory DB\n\n#{staged_files.count} IDs have been updated.")
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def push!
|
|
60
|
+
@git.push('fork', @work_branch, force: true)
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def add_file(file_path)
|
|
64
|
+
@git.add(file_path)
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def commit(message)
|
|
68
|
+
@git.commit(message)
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
private
|
|
72
|
+
|
|
73
|
+
def json_string(input:, indent:, ascii_only: false)
|
|
74
|
+
JSON.pretty_generate(input, indent: indent, ascii_only: ascii_only).gsub(/\[\s*\]/, '[]')
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
def exists?
|
|
78
|
+
File.directory?(@repo_path) &&
|
|
79
|
+
!(Dir.entries(@repo_path) - %w[. ..]).empty?
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
def open_repo
|
|
83
|
+
@git = Git.open(@repo_path)
|
|
84
|
+
fetch_remotes
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def clone_repo
|
|
88
|
+
@git = Git.clone(@git_repo, @repo_path)
|
|
89
|
+
@git.add_remote('fork', @git_fork)
|
|
90
|
+
fetch_remotes
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def fetch_remotes
|
|
94
|
+
@git.fetch('origin')
|
|
95
|
+
@git.fetch('fork')
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
def prepare_work_branch
|
|
99
|
+
@git.branch(@work_branch).checkout
|
|
100
|
+
latest_commit = @git.remote('origin').branch(@default_branch).gcommit
|
|
101
|
+
@git.reset_hard(latest_commit)
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def json_indent_value(parsed_json:, raw_json:, gsd_id:)
|
|
105
|
+
two_spaces = json_string(input: parsed_json, indent: ' ')
|
|
106
|
+
four_spaces = json_string(input: parsed_json, indent: ' ')
|
|
107
|
+
two_spaces_with_newline = two_spaces + "\n"
|
|
108
|
+
four_spaces_with_newline = four_spaces + "\n"
|
|
109
|
+
two_spaces_ascii_only = json_string(input: parsed_json, indent: ' ', ascii_only: true)
|
|
110
|
+
four_spaces_ascii_only = json_string(input: parsed_json, indent: ' ', ascii_only: true)
|
|
111
|
+
variations_of_two_spaces = [two_spaces, two_spaces_with_newline, two_spaces_ascii_only]
|
|
112
|
+
variations_of_four_spaces = [four_spaces, four_spaces_with_newline, four_spaces_ascii_only]
|
|
113
|
+
if variations_of_two_spaces.include?(raw_json)
|
|
114
|
+
' '
|
|
115
|
+
elsif variations_of_four_spaces.include?(raw_json)
|
|
116
|
+
' '
|
|
117
|
+
else
|
|
118
|
+
puts 'Failed to auto-detect spacing, falling back to ID range assumptions'
|
|
119
|
+
# GSD is 2021 or newer, and 1000000+, assume 2 spaces
|
|
120
|
+
if gsd_id.match?(/^GSD-202[1-9]-\d{7,}$/)
|
|
121
|
+
puts 'Newer ID in the million plus range, assuming 2 spaces'
|
|
122
|
+
' '
|
|
123
|
+
# Valid ID, but older than 2021 or sub-million range, assume 4 spaces
|
|
124
|
+
elsif gsd_id.match?(/^GSD-\d{4}-\d{4,}$/)
|
|
125
|
+
puts 'Older ID or sub-million range, assuming 4 spaces'
|
|
126
|
+
' '
|
|
127
|
+
else
|
|
128
|
+
puts 'Invalid ID! All bets are off, defaulting to 2 spaces...'
|
|
129
|
+
' '
|
|
130
|
+
end
|
|
131
|
+
end
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
end
|
data/lib/gsd/version.rb
ADDED
data/lib/gsd-database.rb
ADDED
metadata
ADDED
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: gsd-database
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.0
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Josh Buker
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2023-04-02 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: git
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - "~>"
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '1.0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - "~>"
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '1.0'
|
|
27
|
+
description: Provides an easy way to interact with the GSD Database via Ruby.
|
|
28
|
+
email: crypto@joshbuker.com
|
|
29
|
+
executables: []
|
|
30
|
+
extensions: []
|
|
31
|
+
extra_rdoc_files: []
|
|
32
|
+
files:
|
|
33
|
+
- lib/gsd-database.rb
|
|
34
|
+
- lib/gsd/database.rb
|
|
35
|
+
- lib/gsd/version.rb
|
|
36
|
+
homepage: https://gsd.id
|
|
37
|
+
licenses:
|
|
38
|
+
- Apache-2.0
|
|
39
|
+
metadata:
|
|
40
|
+
bug_tracker_uri: https://github.com/cloudsecurityalliance/gsd-tools/issues
|
|
41
|
+
rubygems_mfa_required: 'true'
|
|
42
|
+
post_install_message:
|
|
43
|
+
rdoc_options: []
|
|
44
|
+
require_paths:
|
|
45
|
+
- lib
|
|
46
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
47
|
+
requirements:
|
|
48
|
+
- - ">="
|
|
49
|
+
- !ruby/object:Gem::Version
|
|
50
|
+
version: 3.0.0
|
|
51
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
|
+
requirements:
|
|
53
|
+
- - ">="
|
|
54
|
+
- !ruby/object:Gem::Version
|
|
55
|
+
version: '0'
|
|
56
|
+
requirements: []
|
|
57
|
+
rubygems_version: 3.3.5
|
|
58
|
+
signing_key:
|
|
59
|
+
specification_version: 4
|
|
60
|
+
summary: GSD Database Ruby Interface
|
|
61
|
+
test_files: []
|