hackerone-client 0.15.0 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f62ef7d9e2b28623a67a832dcff10032799de7de3f22977cbc3f15165809a819
4
- data.tar.gz: b4203d5e1f0fd4beb6faebf08c7a9937fdf75512e9d75d8de1153af5c4c35664
3
+ metadata.gz: 99cdf21603a490301a3901f5f62430f10fc7a8425ee7ffe08944ac046d85c2d8
4
+ data.tar.gz: d390b20bc3611d74ab4d94a3fc22292f4c419ec7be9a6a0fc151b518fc713fa0
5
5
  SHA512:
6
- metadata.gz: d960366891f9f7188140a984f9ad6c5a55aae2e9aa0d640165819021c2eeebb02ac59c883d8509466cc2a167c524b0940528b707af8b9beadb58ff58e75f6bbc
7
- data.tar.gz: ef27ffb39ce4baa945a2af8e4ba85a1e0fdbfcebcd8a1cbd88780862b1385964461a88a2391041517ef1e69eb24384fa22cf171fb6360d02829782e053120220
6
+ metadata.gz: 500e402f964f2e5bf53ec230e598ec9418846f4abcc45683e2e2e0b7dec220c05b406213b4a934f82a59ac6a2425d6fe35021c1aa8a0b8963a8a8cfd0d2d888e
7
+ data.tar.gz: 3d1fe92e5a018419a6d4c04b0651ffe0453c6d9f3194a26e8f4cf446ab20d029e6dda18e375bf5ebfd72373818f94a3f65f733db204a2341db118c1276db7a62
@@ -1,19 +1,35 @@
1
1
  name: Build + Test
2
- on: [push]
2
+ on: [pull_request]
3
3
 
4
4
  jobs:
5
5
  build:
6
6
  name: Build + Test
7
7
  runs-on: ubuntu-latest
8
-
8
+ strategy:
9
+ matrix:
10
+ ruby: [ '2.4', '2.5', '2.6', '2.7']
11
+ steps:
12
+ - uses: actions/checkout@master
13
+ - name: Set up Ruby ${{ matrix.ruby }}
14
+ uses: actions/setup-ruby@v1
15
+ with:
16
+ ruby-version: ${{ matrix.ruby }}
17
+ - name: Build and test with Rake with Ruby ${{ matrix.ruby }}
18
+ run: |
19
+ gem install bundler
20
+ bundle install --jobs 4 --retry 3
21
+ bundle exec rake spec
22
+ lint:
23
+ name: Rubocop
24
+ runs-on: ubuntu-latest
9
25
  steps:
10
- - uses: actions/checkout@master
11
- - name: Set up Ruby 2.6
12
- uses: actions/setup-ruby@v1
13
- with:
14
- version: 2.6.x
15
- - name: Build and test with Rake
16
- run: |
17
- gem install bundler --version '1.0.0'
18
- bundle install --jobs 4 --retry 3
19
- bundle exec rake spec
26
+ - uses: actions/checkout@master
27
+ - name: Set up Ruby 2.6
28
+ uses: actions/setup-ruby@v1
29
+ with:
30
+ ruby-version: 2.6
31
+ - name: Run linters
32
+ run: |
33
+ gem install bundler
34
+ bundle install --jobs 4 --retry 3
35
+ bundle exec rake rubocop
@@ -0,0 +1,4 @@
1
+ inherit_gem:
2
+ rubocop-github:
3
+ - config/default.yml
4
+ require: rubocop-performance
@@ -1,3 +1,7 @@
1
+ ## [0.16.0] - 2020-03-23
2
+
3
+ - [Add support for updating the severity of an issue](https://github.com/oreoshake/hackerone-client/pull/50) (@rzhade3)
4
+
1
5
  ## [0.15.0] - 2020-03-09
2
6
 
3
7
  - [Add 'update program policy' API support](https://github.com/oreoshake/hackerone-client/pull/47) (@rzhade3)
data/Gemfile CHANGED
@@ -1,4 +1,6 @@
1
- source 'https://rubygems.org'
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
2
4
 
3
5
  # Specify your gem's dependencies in hackerone-client.gemspec
4
6
  gemspec
@@ -7,8 +9,14 @@ group :developement do
7
9
  gem "pry"
8
10
  end
9
11
 
12
+ group :test do
13
+ gem "rubocop", "< 0.68"
14
+ gem "rubocop-github"
15
+ gem "rubocop-performance"
16
+ end
17
+
10
18
  group :guard do
11
- gem "growl", :require => RUBY_PLATFORM.include?('darwin') && 'growl'
12
- gem "rb-fsevent", :require => RUBY_PLATFORM.include?('darwin') && 'rb-fsevent'
19
+ gem "growl", require: RUBY_PLATFORM.include?("darwin") && "growl"
13
20
  gem "guard-rspec"
21
+ gem "rb-fsevent", require: RUBY_PLATFORM.include?("darwin") && "rb-fsevent"
14
22
  end
data/Guardfile CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  guard :rspec, cmd: "bundle exec rspec" do
2
4
  require "guard/rspec/dsl"
3
5
  dsl = Guard::RSpec::Dsl.new(self)
data/Rakefile CHANGED
@@ -1,6 +1,15 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "bundler/gem_tasks"
2
4
  require "rspec/core/rake_task"
3
5
 
4
6
  RSpec::Core::RakeTask.new(:spec)
5
7
 
6
- task :default => :spec
8
+ task default: :spec
9
+
10
+ begin
11
+ require "rubocop/rake_task"
12
+ RuboCop::RakeTask.new
13
+ rescue LoadError
14
+ task(:rubocop) { $stderr.puts "RuboCop is disabled" }
15
+ end
@@ -1,4 +1,5 @@
1
1
  #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
2
3
 
3
4
  require "bundler/setup"
4
5
  require "hackerone/client"
@@ -1,7 +1,9 @@
1
1
  # coding: utf-8
2
- lib = File.expand_path('../lib', __FILE__)
2
+ # frozen_string_literal: true
3
+
4
+ lib = File.expand_path("../lib", __FILE__)
3
5
  $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
- require 'hackerone/client/version'
6
+ require "hackerone/client/version"
5
7
 
6
8
  Gem::Specification.new do |spec|
7
9
  spec.name = "hackerone-client"
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "faraday"
2
4
  require "json"
3
5
  require "active_support/time"
@@ -24,7 +26,7 @@ module HackerOne
24
26
  DEFAULT_HIGH_RANGE = 2500...4999
25
27
  DEFAULT_CRITICAL_RANGE = 5000...100_000_000
26
28
 
27
- LENIENT_MODE_ENV_VARIABLE = 'HACKERONE_CLIENT_LENIENT_MODE'
29
+ LENIENT_MODE_ENV_VARIABLE = "HACKERONE_CLIENT_LENIENT_MODE"
28
30
 
29
31
  class << self
30
32
  ATTRS = [:low_range, :medium_range, :high_range, :critical_range].freeze
@@ -102,7 +104,7 @@ module HackerOne
102
104
  def post(endpoint, body)
103
105
  response = with_retry do
104
106
  self.class.hackerone_api_connection.post do |req|
105
- req.headers['Content-Type'] = 'application/json'
107
+ req.headers["Content-Type"] = "application/json"
106
108
  req.body = body.to_json
107
109
  req.url endpoint
108
110
  end
@@ -114,7 +116,7 @@ module HackerOne
114
116
  def get(endpoint, params = nil)
115
117
  response = with_retry do
116
118
  self.class.hackerone_api_connection.get do |req|
117
- req.headers['Content-Type'] = 'application/json'
119
+ req.headers["Content-Type"] = "application/json"
118
120
  req.params = params || {}
119
121
  req.url endpoint
120
122
  end
@@ -129,7 +131,7 @@ module HackerOne
129
131
  elsif response.status.to_s.start_with?("5")
130
132
  raise RuntimeError, "API called failed, probably their fault: #{response.body}"
131
133
  elsif response.success?
132
- response_body_json = JSON.parse(response.body, :symbolize_names => true)
134
+ response_body_json = JSON.parse(response.body, symbolize_names: true)
133
135
  if extract_data && response_body_json.key?(:data)
134
136
  response_body_json[:data]
135
137
  else
@@ -145,13 +147,13 @@ module HackerOne
145
147
  raise NotConfiguredError, "HACKERONE_TOKEN_NAME HACKERONE_TOKEN environment variables must be set"
146
148
  end
147
149
 
148
- @connection ||= Faraday.new(:url => "https://api.hackerone.com/v1") do |faraday|
150
+ @connection ||= Faraday.new(url: "https://api.hackerone.com/v1") do |faraday|
149
151
  faraday.basic_auth(ENV["HACKERONE_TOKEN_NAME"], ENV["HACKERONE_TOKEN"])
150
152
  faraday.adapter Faraday.default_adapter
151
153
  end
152
154
  end
153
155
 
154
- def with_retry(attempts=3, &block)
156
+ def with_retry(attempts = 3, &block)
155
157
  attempts_remaining = attempts
156
158
 
157
159
  begin
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  module Activities
@@ -84,14 +86,14 @@ module HackerOne
84
86
  end
85
87
 
86
88
  ACTIVITY_TYPE_CLASS_MAPPING = {
87
- 'activity-bounty-awarded' => BountyAwarded,
88
- 'activity-swag-awarded' => SwagAwarded,
89
- 'activity-user-assigned-to-bug' => UserAssignedToBug,
90
- 'activity-group-assigned-to-bug' => GroupAssignedToBug,
91
- 'activity-bug-triaged' => BugTriaged,
92
- 'activity-reference-id-added' => ReferenceIdAdded,
93
- 'activity-comment' => CommentAdded,
94
- 'activity-bounty-suggested' => BountySuggested
89
+ "activity-bounty-awarded" => BountyAwarded,
90
+ "activity-swag-awarded" => SwagAwarded,
91
+ "activity-user-assigned-to-bug" => UserAssignedToBug,
92
+ "activity-group-assigned-to-bug" => GroupAssignedToBug,
93
+ "activity-bug-triaged" => BugTriaged,
94
+ "activity-reference-id-added" => ReferenceIdAdded,
95
+ "activity-comment" => CommentAdded,
96
+ "activity-bounty-suggested" => BountySuggested
95
97
  }.freeze
96
98
 
97
99
  def self.build(activity_data)
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class Address
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class Bounty
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class Group
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  module Incremental
@@ -48,7 +50,7 @@ module HackerOne
48
50
 
49
51
  def current_page
50
52
  @current_page ||= make_get_request(
51
- 'incremental/activities',
53
+ "incremental/activities",
52
54
  extract_data: false,
53
55
  params: {
54
56
  handle: program.handle,
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class Member
@@ -1,4 +1,6 @@
1
- require_relative './resource_helper'
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "./resource_helper"
2
4
 
3
5
  module HackerOne
4
6
  module Client
@@ -71,7 +73,7 @@ module HackerOne
71
73
  "programs/#{id}/swag",
72
74
  params: { page: { number: page_number, size: page_size } }
73
75
  )
74
- response_body.map{|r| Swag.new(r, self) }
76
+ response_body.map { |r| Swag.new(r, self) }
75
77
  end
76
78
 
77
79
  private
@@ -1,6 +1,8 @@
1
- require_relative './resource_helper'
2
- require_relative './weakness'
3
- require_relative './activity'
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "./resource_helper"
4
+ require_relative "./weakness"
5
+ require_relative "./activity"
4
6
 
5
7
  module HackerOne
6
8
  module Client
@@ -118,7 +120,7 @@ module HackerOne
118
120
 
119
121
  # Bounty writeups just use the key, and not the label value.
120
122
  def writeup_classification
121
- classification_label().split("-").first
123
+ classification_label.split("-").first
122
124
  end
123
125
 
124
126
  def activities
@@ -304,7 +306,7 @@ module HackerOne
304
306
  request_body[:id] = assignee_id if assignee_id
305
307
 
306
308
  response = HackerOne::Client::Api.hackerone_api_connection.put do |req|
307
- req.headers['Content-Type'] = 'application/json'
309
+ req.headers["Content-Type"] = "application/json"
308
310
  req.url "reports/#{id}/assignee"
309
311
  req.body = { data: request_body }.to_json
310
312
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class Reporter
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  module ResourceHelper
@@ -14,7 +16,7 @@ module HackerOne
14
16
 
15
17
  def make_put_request(url, request_body:, extract_data: true)
16
18
  response = HackerOne::Client::Api.hackerone_api_connection.put do |req|
17
- req.headers['Content-Type'] = 'application/json'
19
+ req.headers["Content-Type"] = "application/json"
18
20
  req.url url
19
21
  req.body = { data: request_body }.to_json
20
22
  end
@@ -24,7 +26,7 @@ module HackerOne
24
26
 
25
27
  def make_post_request(url, request_body:, extract_data: true)
26
28
  response = HackerOne::Client::Api.hackerone_api_connection.post do |req|
27
- req.headers['Content-Type'] = 'application/json'
29
+ req.headers["Content-Type"] = "application/json"
28
30
  req.url url
29
31
  req.body = { data: request_body }.to_json
30
32
  end
@@ -34,7 +36,7 @@ module HackerOne
34
36
 
35
37
  def make_get_request(url, params: {}, extract_data: true)
36
38
  response = HackerOne::Client::Api.hackerone_api_connection.get do |req|
37
- req.headers['Content-Type'] = 'application/json'
39
+ req.headers["Content-Type"] = "application/json"
38
40
  req.url url
39
41
  req.params = params
40
42
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class StructuredScope
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class Swag
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class User
@@ -1,5 +1,7 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Hackerone
2
4
  module Client
3
- VERSION = "0.15.0"
5
+ VERSION = "0.16.0"
4
6
  end
5
7
  end
@@ -1,17 +1,19 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module HackerOne
2
4
  module Client
3
5
  class Weakness
4
6
  class << self
5
7
  def validate_cwe!(cwe)
6
- fail NotAnOwaspWeaknessError if cwe.upcase.start_with?('CAPEC-')
7
- fail StandardError::ArgumentError unless cwe.upcase.start_with?('CWE-')
8
+ fail NotAnOwaspWeaknessError if cwe.upcase.start_with?("CAPEC-")
9
+ fail StandardError::ArgumentError unless cwe.upcase.start_with?("CWE-")
8
10
  end
9
11
 
10
12
  def extract_cwe_number(cwe)
11
13
  return if cwe.nil?
12
14
  validate_cwe!(cwe)
13
15
 
14
- cwe.split('CWE-').last.to_i
16
+ cwe.split("CWE-").last.to_i
15
17
  end
16
18
  end
17
19
 
@@ -39,20 +41,20 @@ module HackerOne
39
41
  }
40
42
 
41
43
  OWASP_TOP_10_2013_TO_CWE = {
42
- 'A1-Injection' => [77, 78, 88, 89, 90, 91, 564],
43
- 'A2-AuthSession' =>
44
+ "A1-Injection" => [77, 78, 88, 89, 90, 91, 564],
45
+ "A2-AuthSession" =>
44
46
  [287, 613, 522, 256, 384, 472, 346, 441, 523, 620, 640, 319, 311],
45
- 'A3-XSS' => [79],
46
- 'A4-DirectObjRef' => [639, 99, 22],
47
- 'A5-Misconfig' => [16, 2, 215, 548, 209],
48
- 'A6-DataExposure' => [312, 319, 310, 326, 320, 311, 325, 328, 327],
49
- 'A7-MissingACL' => [285, 287],
50
- 'A8-CSRF' => [352, 642, 613, 346, 441],
51
- 'A9-KnownVuln' => [],
52
- 'A10-Redirects' => [601],
47
+ "A3-XSS" => [79],
48
+ "A4-DirectObjRef" => [639, 99, 22],
49
+ "A5-Misconfig" => [16, 2, 215, 548, 209],
50
+ "A6-DataExposure" => [312, 319, 310, 326, 320, 311, 325, 328, 327],
51
+ "A7-MissingACL" => [285, 287],
52
+ "A8-CSRF" => [352, 642, 613, 346, 441],
53
+ "A9-KnownVuln" => [],
54
+ "A10-Redirects" => [601],
53
55
  }.freeze
54
56
 
55
- OWASP_DEFAULT = 'A0-Other'.freeze
57
+ OWASP_DEFAULT = "A0-Other".freeze
56
58
 
57
59
  def initialize(weakness)
58
60
  @attributes = weakness
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hackerone-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.15.0
4
+ version: 0.16.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Neil Matatall
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-03-09 00:00:00.000000000 Z
11
+ date: 2020-03-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -118,6 +118,7 @@ files:
118
118
  - ".github/workflows/build.yml"
119
119
  - ".gitignore"
120
120
  - ".rspec"
121
+ - ".rubocop.yml"
121
122
  - ".travis.yml"
122
123
  - CHANGELOG.md
123
124
  - CODE_OF_CONDUCT.md