gsd-database 0.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/gsd/database.rb +134 -0
- data/lib/gsd/version.rb +9 -0
- data/lib/gsd-database.rb +8 -0
- metadata +61 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 866629cf009360d0e44d5698ca214cd03804b2022894d6b699e6be0f8cdb50f7
|
|
4
|
+
data.tar.gz: 54f2ac761610f238923d78fd5dc73251bb41a98f978ea9727a6b648e11f31df7
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 43460dc7a2d4b01f85644250d84805b9cbbbe1325c54eb0586d39df76c8041ad1bf14a6edb1efd834f608eadaf72c83ea9357d706fae18f27484ba2078183d0b
|
|
7
|
+
data.tar.gz: e882ce401af841e30bc036c43c7ce19ae8e52f29f41782511dc0efaa009914cdd55483c0fef329ec3f26f1d3b0bc9c7d5c56c068cd64a16e1bed4aaa59b9ea01
|
data/lib/gsd/database.rb
ADDED
|
@@ -0,0 +1,134 @@
|
|
|
1
|
+
require 'git'
|
|
2
|
+
require 'json'
|
|
3
|
+
|
|
4
|
+
module GSD
|
|
5
|
+
class Database
|
|
6
|
+
attr_reader :work_branch, :git_repo, :git_fork, :repo_path, :git, :default_branch
|
|
7
|
+
|
|
8
|
+
def initialize(work_branch:, git_repo:, git_fork:, repo_path:)
|
|
9
|
+
@work_branch = work_branch
|
|
10
|
+
@git_repo = git_repo
|
|
11
|
+
@git_fork = git_fork
|
|
12
|
+
@repo_path = repo_path
|
|
13
|
+
# To be set by calling sync
|
|
14
|
+
@git = nil
|
|
15
|
+
@default_branch = nil
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def sync!
|
|
19
|
+
if exists?
|
|
20
|
+
open_repo
|
|
21
|
+
else
|
|
22
|
+
clone_repo
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
@default_branch = Git.default_branch(@git_repo)
|
|
26
|
+
|
|
27
|
+
prepare_work_branch
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def modify(file_path, &block)
|
|
31
|
+
raw_json_data = File.read(file_path)
|
|
32
|
+
old_gsd_entry = JSON.parse(raw_json_data)
|
|
33
|
+
new_gsd_entry = old_gsd_entry.deep_dup
|
|
34
|
+
|
|
35
|
+
yield new_gsd_entry
|
|
36
|
+
|
|
37
|
+
if new_gsd_entry != old_gsd_entry
|
|
38
|
+
indent = json_indent_value(
|
|
39
|
+
parsed_json: old_gsd_entry,
|
|
40
|
+
raw_json: raw_json_data,
|
|
41
|
+
gsd_id: new_gsd_entry['gsd']['osvSchema']['id']
|
|
42
|
+
)
|
|
43
|
+
# Sort by key and include a trailing newline
|
|
44
|
+
contents = json_string(input: new_gsd_entry.sort.to_h, indent: indent) + "\n"
|
|
45
|
+
File.write(file_path, contents)
|
|
46
|
+
add_file(file_path)
|
|
47
|
+
puts "Staged changes!"
|
|
48
|
+
else
|
|
49
|
+
puts "No changes!"
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def save!
|
|
54
|
+
status = @git.status
|
|
55
|
+
staged_files = status.changed.merge(status.added)
|
|
56
|
+
commit("Sync Ruby Advisory DB\n\n#{staged_files.count} IDs have been updated.")
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def push!
|
|
60
|
+
@git.push('fork', @work_branch, force: true)
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def add_file(file_path)
|
|
64
|
+
@git.add(file_path)
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def commit(message)
|
|
68
|
+
@git.commit(message)
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
private
|
|
72
|
+
|
|
73
|
+
def json_string(input:, indent:, ascii_only: false)
|
|
74
|
+
JSON.pretty_generate(input, indent: indent, ascii_only: ascii_only).gsub(/\[\s*\]/, '[]')
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
def exists?
|
|
78
|
+
File.directory?(@repo_path) &&
|
|
79
|
+
!(Dir.entries(@repo_path) - %w[. ..]).empty?
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
def open_repo
|
|
83
|
+
@git = Git.open(@repo_path)
|
|
84
|
+
fetch_remotes
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def clone_repo
|
|
88
|
+
@git = Git.clone(@git_repo, @repo_path)
|
|
89
|
+
@git.add_remote('fork', @git_fork)
|
|
90
|
+
fetch_remotes
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def fetch_remotes
|
|
94
|
+
@git.fetch('origin')
|
|
95
|
+
@git.fetch('fork')
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
def prepare_work_branch
|
|
99
|
+
@git.branch(@work_branch).checkout
|
|
100
|
+
latest_commit = @git.remote('origin').branch(@default_branch).gcommit
|
|
101
|
+
@git.reset_hard(latest_commit)
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def json_indent_value(parsed_json:, raw_json:, gsd_id:)
|
|
105
|
+
two_spaces = json_string(input: parsed_json, indent: ' ')
|
|
106
|
+
four_spaces = json_string(input: parsed_json, indent: ' ')
|
|
107
|
+
two_spaces_with_newline = two_spaces + "\n"
|
|
108
|
+
four_spaces_with_newline = four_spaces + "\n"
|
|
109
|
+
two_spaces_ascii_only = json_string(input: parsed_json, indent: ' ', ascii_only: true)
|
|
110
|
+
four_spaces_ascii_only = json_string(input: parsed_json, indent: ' ', ascii_only: true)
|
|
111
|
+
variations_of_two_spaces = [two_spaces, two_spaces_with_newline, two_spaces_ascii_only]
|
|
112
|
+
variations_of_four_spaces = [four_spaces, four_spaces_with_newline, four_spaces_ascii_only]
|
|
113
|
+
if variations_of_two_spaces.include?(raw_json)
|
|
114
|
+
' '
|
|
115
|
+
elsif variations_of_four_spaces.include?(raw_json)
|
|
116
|
+
' '
|
|
117
|
+
else
|
|
118
|
+
puts 'Failed to auto-detect spacing, falling back to ID range assumptions'
|
|
119
|
+
# GSD is 2021 or newer, and 1000000+, assume 2 spaces
|
|
120
|
+
if gsd_id.match?(/^GSD-202[1-9]-\d{7,}$/)
|
|
121
|
+
puts 'Newer ID in the million plus range, assuming 2 spaces'
|
|
122
|
+
' '
|
|
123
|
+
# Valid ID, but older than 2021 or sub-million range, assume 4 spaces
|
|
124
|
+
elsif gsd_id.match?(/^GSD-\d{4}-\d{4,}$/)
|
|
125
|
+
puts 'Older ID or sub-million range, assuming 4 spaces'
|
|
126
|
+
' '
|
|
127
|
+
else
|
|
128
|
+
puts 'Invalid ID! All bets are off, defaulting to 2 spaces...'
|
|
129
|
+
' '
|
|
130
|
+
end
|
|
131
|
+
end
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
end
|
data/lib/gsd/version.rb
ADDED
data/lib/gsd-database.rb
ADDED
metadata
ADDED
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: gsd-database
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.0
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Josh Buker
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2023-04-02 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: git
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - "~>"
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '1.0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - "~>"
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '1.0'
|
|
27
|
+
description: Provides an easy way to interact with the GSD Database via Ruby.
|
|
28
|
+
email: crypto@joshbuker.com
|
|
29
|
+
executables: []
|
|
30
|
+
extensions: []
|
|
31
|
+
extra_rdoc_files: []
|
|
32
|
+
files:
|
|
33
|
+
- lib/gsd-database.rb
|
|
34
|
+
- lib/gsd/database.rb
|
|
35
|
+
- lib/gsd/version.rb
|
|
36
|
+
homepage: https://gsd.id
|
|
37
|
+
licenses:
|
|
38
|
+
- Apache-2.0
|
|
39
|
+
metadata:
|
|
40
|
+
bug_tracker_uri: https://github.com/cloudsecurityalliance/gsd-tools/issues
|
|
41
|
+
rubygems_mfa_required: 'true'
|
|
42
|
+
post_install_message:
|
|
43
|
+
rdoc_options: []
|
|
44
|
+
require_paths:
|
|
45
|
+
- lib
|
|
46
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
47
|
+
requirements:
|
|
48
|
+
- - ">="
|
|
49
|
+
- !ruby/object:Gem::Version
|
|
50
|
+
version: 3.0.0
|
|
51
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
|
+
requirements:
|
|
53
|
+
- - ">="
|
|
54
|
+
- !ruby/object:Gem::Version
|
|
55
|
+
version: '0'
|
|
56
|
+
requirements: []
|
|
57
|
+
rubygems_version: 3.3.5
|
|
58
|
+
signing_key:
|
|
59
|
+
specification_version: 4
|
|
60
|
+
summary: GSD Database Ruby Interface
|
|
61
|
+
test_files: []
|