hackerone-client 0.21.0 → 0.22.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c404066a77eb0268ffe68195bde8325495791ed83081d77f78ae3d3d050a68ac
-  data.tar.gz: b10a0451bff43158faee9bf912e5e597f14ffd6dff7779625bc085fe4b821201
+  metadata.gz: 684b59afaacb9acad9aba5a4a4e696535684c27ee3abb2d37b3a4c9e761c87a8
+  data.tar.gz: 50b813301fb053284ef490a8fad3fea66319881a569ec3acf53329963c4684aa
 SHA512:
-  metadata.gz: f095e3da37045adebd08ed65d6bdeab6e0e37c5ead94669a747269ce1a17296863afa77cd8373a60f94f36f5919a95249bcf490d835ab48609047223997024a5
-  data.tar.gz: 22d3f5fd055377103bb966f336925ddbaa0f021a7680b7780eb30badc945022c94fe02b5dd49a1e6b635e1025d49bca5046c555efb26b2dd85eb46abe0f08352
+  metadata.gz: 7dfae7e6b2348b4a1ab6554fc5a440311fa6c583fbd196684908565395b2a3ad8f04eb5cfd4ed33838c4118a2615b400e3a3874578d2129adfd90791a38abc50
+  data.tar.gz: 2060b8258b6b48f7b0e444b17e87332495facc6a8da934add226c82d78e364f76831c0355da4a200684a1112b49d691adcc679d40bf71a50c6012666789a39b4

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## [0.22.0] - 2024-01-10
+
+[Update Faraday API call and deprecate support for Ruby <2.6](https://github.com/github/hackerone-client/pull/2) (@maclarel)
+
 ## [0.20.0] - 2020-10-21
 
 [Add ability to lock a report](https://github.com/oreoshake/hackerone-client/pull/59) (@rzhade3)

data/CODEOWNERS

@@ -0,0 +1,2 @@
+# This repository is maintained by: 
+* @rzhade3 @maclarel

data/CODE_OF_CONDUCT.md

@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at oreoshake@users.noreply.github.com. All
+reported by contacting the project team at opensource@github.com. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.

data/CONTRIBUTING.md

@@ -1,13 +1,15 @@
 ## Contributing
 
-[fork]: https://github.com/oreoshake/hackerone-client/fork
-[pr]: https://github.com/oreoshake/hackerone-client/compare
+[fork]: https://github.com/github/hackerone-client/fork
+[pr]: https://github.com/github/hackerone-client/compare
 [style]: https://github.com/styleguide/ruby
 [code-of-conduct]: CODE_OF_CONDUCT.md
 
 Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great.
 
-Please note that this project is released with a [Contributor Code of Conduct][code-of-conduct]. By participating in this project you agree to abide by its terms.
+Contributions to this project are [released](https://help.github.com/articles/github-terms-of-service/#6-contributions-under-repository-license) to the public under the [project's open source license](LICENSE.txt).
+
+Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.
 
 ## Submitting a pull request
 
@@ -21,6 +23,7 @@ Please note that this project is released with a [Contributor Code of Conduct][c
 
 Here are a few things you can do that will increase the likelihood of your pull request being accepted:
 
+- Follow the [style guide][style].
 - Write tests.
 - Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
 - Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2017 Neil Matatall
+Copyright (c) 2023 GitHub, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -1,6 +1,6 @@
 # Hackerone::Client
 
-A limited client library for interacting with HackerOne. Currently only supports a few operations:
+A limited client library for interacting with HackerOne in Ruby. Currently only supports a few operations:
 
 ```ruby
 client = HackerOne::Client::Api.new("github")
@@ -114,6 +114,6 @@ Setting this variable will make the client try to absorb errors, like a malforme
 Bug reports and pull requests are welcome on GitHub at https://github.com/oreoshake/hackerone-client. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
 
 
-## License
+## License 
 
-The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+This project is licensed under the terms of the MIT open source license. Please refer to [MIT](./LICENSE.txt) for the full terms.

data/SECURITY.md

@@ -0,0 +1,31 @@
+Thanks for helping make GitHub safe for everyone.
+
+# Security
+
+GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
+
+Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we will ensure that your finding gets passed along to the appropriate maintainers for remediation. 
+
+## Reporting Security Issues
+
+If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure.
+
+**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
+
+Instead, please send an email to opensource-security[@]github.com.
+
+Please include as much of the information listed below as you can to help us better understand and resolve the issue:
+
+  * The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+## Policy
+
+See [GitHub's Safe Harbor Policy](https://docs.github.com/en/github/site-policy/github-bug-bounty-program-legal-safe-harbor#1-safe-harbor-terms)

data/SUPPORT.md

@@ -0,0 +1,13 @@
+# Support 
+
+## How to file issues and get help
+
+This project uses GitHub issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates. For new issues, file your bug or feature request as a new issue.
+
+For help or questions about using this project, please file an issue on this repository.
+
+- `hackerone-client` is not actively developed but is maintained by GitHub staff **AND THE COMMUNITY**. We will do our best to respond to support and community questions in a timely manner. 
+
+## GitHub Support Policy
+
+Support for this project is limited to the resources listed above.

data/hackerone-client.gemspec

@@ -12,11 +12,12 @@ Gem::Specification.new do |spec|
   spec.email         = ["neil.matatall@gmail.com"]
 
   spec.summary       = %q{A limited client for the HackerOne API}
-  spec.homepage      = "https://github.com/oreoshake/hackerone-client"
+  spec.homepage      = "https://github.com/github/hackerone-client"
   spec.license       = "MIT"
+  spec.required_ruby_version = ">= 2.6.0"
 
   spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
+    f.match(%r{^(test|spec|features|.github|)/})
   end
   spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
@@ -27,6 +28,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rspec"
   spec.add_development_dependency "vcr"
   spec.add_development_dependency "webmock"
-  spec.add_runtime_dependency "faraday"
+  spec.add_runtime_dependency "faraday", ">= 2.0.0"
   spec.add_runtime_dependency "activesupport"
 end

data/lib/hackerone/client/program.rb

@@ -78,9 +78,9 @@ module HackerOne
 
       def balance
         response_body = make_get_request(
-         "programs/#{id}/billing/balance"
-       )
-       BillingBalance.new(response_body).balance
+          "programs/#{id}/billing/balance"
+        )
+        BillingBalance.new(response_body).balance
       end
 
       private

data/lib/hackerone/client/version.rb

@@ -2,6 +2,6 @@
 
 module Hackerone
   module Client
-    VERSION = "0.21.0"
+    VERSION = "0.22.1"
   end
 end

data/lib/hackerone/client.rb

@@ -2,7 +2,8 @@
 
 require "faraday"
 require "json"
-require "active_support/time"
+require "active_support"
+require "active_support/core_ext/numeric/time"
 require_relative "client/version"
 require_relative "client/report"
 require_relative "client/activity"
@@ -201,7 +202,7 @@ module HackerOne
         end
 
         @connection ||= Faraday.new(url: "https://api.hackerone.com/v1") do |faraday|
-          faraday.basic_auth(ENV["HACKERONE_TOKEN_NAME"], ENV["HACKERONE_TOKEN"])
+          faraday.request(:authorization, :basic, ENV["HACKERONE_TOKEN_NAME"], ENV["HACKERONE_TOKEN"])
           faraday.adapter Faraday.default_adapter
         end
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hackerone-client
 version: !ruby/object:Gem::Version
-  version: 0.21.0
+  version: 0.22.1
 platform: ruby
 authors:
 - Neil Matatall
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-02-18 00:00:00.000000000 Z
+date: 2024-01-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -108,19 +108,18 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: 
+description:
 email:
 - neil.matatall@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".github/workflows/build.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
-- ".travis.yml"
 - CHANGELOG.md
+- CODEOWNERS
 - CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
 - Gemfile
@@ -128,6 +127,8 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- SECURITY.md
+- SUPPORT.md
 - bin/console
 - bin/setup
 - fixtures/vcr_cassettes/add_comment.yml
@@ -186,11 +187,11 @@ files:
 - lib/hackerone/client/user.rb
 - lib/hackerone/client/version.rb
 - lib/hackerone/client/weakness.rb
-homepage: https://github.com/oreoshake/hackerone-client
+homepage: https://github.com/github/hackerone-client
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -198,15 +199,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.6.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.0.9
+signing_key:
 specification_version: 4
 summary: A limited client for the HackerOne API
 test_files: []

data/.github/workflows/build.yml

@@ -1,36 +0,0 @@
-name: Build + Test
-on: [pull_request]
-
-jobs:
-  build:
-    name: Build + Test
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        ruby: [ '2.4.0', '2.5.0', '2.6.0', '2.7.2', '3.0.0']
-    steps:
-      - uses: actions/checkout@v2
-      - name: Set up Ruby ${{ matrix.ruby }}
-        uses: ruby/setup-ruby@v1.64.1
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-      - name: Build and test with Rake with Ruby ${{ matrix.ruby }}
-        run: |
-          gem install bundler
-          bundle install --jobs 4 --retry 3
-          bundle exec rake spec
-  lint:
-    name: Rubocop
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Set up Ruby 2.6
-        uses: actions/setup-ruby@v1
-        with:
-          ruby-version: 2.6
-      - name: Run linters
-        run: |
-          gem install bundler
-          bundle install --jobs 4 --retry 3
-          bundle exec rake rubocop

data/.travis.yml

@@ -1,8 +0,0 @@
-sudo: false
-language: ruby
-rvm:
-  - 2.3.1
-  - 2.2
-  - 2.1
-before_install: gem install bundler -v 1.14.4
-bundler_args: --without guard