hackerone-client 0.8.0 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/fixtures/vcr_cassettes/add_comment.yml +1 -79
- data/fixtures/vcr_cassettes/add_public_comment.yml +80 -0
- data/fixtures/vcr_cassettes/add_report_reference.yml +2 -2
- data/fixtures/vcr_cassettes/stage_change.yml +2 -2
- data/lib/hackerone/client.rb +6 -101
- data/lib/hackerone/client/report.rb +104 -0
- data/lib/hackerone/client/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 94884f2e83bc01298d110763495fd447a2a05516
|
4
|
+
data.tar.gz: 7777f1f30b8c352f90d5468b0183d583dbc7110c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1e01b867715db5cfba87f65db099d287958ea8cf2efe1769fc7fb185a9d07a702c31756405ea7b530939fab8e198392e5feb1d94762d3148beed70762633bfd2
|
7
|
+
data.tar.gz: 9e509df444be9dd599d47a557fcf96567e4a3bf36fc11b1721f798d593d6a5c54d9fc83a43968483262e5cfa73ae8001d4eab7e225b0b7b138c2ab4df0a7325d
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,9 @@
|
|
1
|
+
## [0.9.0] - 2017-10-09
|
2
|
+
|
3
|
+
- API: move actions from client into report (@esjee)
|
4
|
+
|
5
|
+
This is a breaking change, but this is still not a 1.0 and shouldn't be considered stable.
|
6
|
+
|
1
7
|
## [0.8.0] - 2017-09-05
|
2
8
|
|
3
9
|
- Feature: add ability to suggest and award swag, cash, and bonuses (@esjee)
|
@@ -2,7 +2,7 @@
|
|
2
2
|
http_interactions:
|
3
3
|
- request:
|
4
4
|
method: post
|
5
|
-
uri: https://api.hackerone.com/v1/reports/
|
5
|
+
uri: https://api.hackerone.com/v1/reports/200/activities
|
6
6
|
body:
|
7
7
|
encoding: UTF-8
|
8
8
|
string: "{\"data\":{\"type\":\"activity-comment\",\"attributes\":{\"message\":\"I
|
@@ -77,81 +77,3 @@ http_interactions:
|
|
77
77
|
am an internal comment\",\"created_at\":\"2017-07-20T19:31:19.733Z\",\"updated_at\":\"2017-07-20T19:31:19.733Z\",\"internal\":true},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}}}"
|
78
78
|
http_version:
|
79
79
|
recorded_at: Thu, 20 Jul 2017 19:31:19 GMT
|
80
|
-
- request:
|
81
|
-
method: post
|
82
|
-
uri: https://api.hackerone.com/v1/reports/132170/activities
|
83
|
-
body:
|
84
|
-
encoding: UTF-8
|
85
|
-
string: "{\"data\":{\"type\":\"activity-comment\",\"attributes\":{\"message\":\"I
|
86
|
-
am not an internal comment\",\"internal\":false}}}"
|
87
|
-
headers:
|
88
|
-
Authorization:
|
89
|
-
- Basic ==
|
90
|
-
User-Agent:
|
91
|
-
- Faraday v0.11.0
|
92
|
-
Content-Type:
|
93
|
-
- application/json
|
94
|
-
Accept-Encoding:
|
95
|
-
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
96
|
-
Accept:
|
97
|
-
- "*/*"
|
98
|
-
response:
|
99
|
-
status:
|
100
|
-
code: 201
|
101
|
-
message: Created
|
102
|
-
headers:
|
103
|
-
Date:
|
104
|
-
- Thu, 20 Jul 2017 19:31:20 GMT
|
105
|
-
Content-Type:
|
106
|
-
- application/json; charset=utf-8
|
107
|
-
Transfer-Encoding:
|
108
|
-
- chunked
|
109
|
-
Connection:
|
110
|
-
- keep-alive
|
111
|
-
Set-Cookie:
|
112
|
-
- __cfduid=d104d11a7dd0d4d546ad5de4a34ae70091500579080; expires=Fri, 20-Jul-18
|
113
|
-
19:31:20 GMT; path=/; Domain=api.hackerone.com; HttpOnly
|
114
|
-
X-Request-Id:
|
115
|
-
- d3253b5d-6f40-4070-8a49-2c9fddc85b6f
|
116
|
-
Etag:
|
117
|
-
- W/"5409aa55cb4b50a7801681b8f529bcfd"
|
118
|
-
Cache-Control:
|
119
|
-
- max-age=0, private, must-revalidate
|
120
|
-
Strict-Transport-Security:
|
121
|
-
- max-age=31536000; includeSubDomains; preload
|
122
|
-
Content-Security-Policy:
|
123
|
-
- 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
|
124
|
-
www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
|
125
|
-
font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
|
126
|
-
''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
|
127
|
-
profile-photos.hackerone-user-content.com hackerone-attachments.s3.amazonaws.com;
|
128
|
-
media-src ''self'' hackerone-attachments.s3.amazonaws.com; script-src ''self''
|
129
|
-
www.google-analytics.com; style-src ''self'' ''unsafe-inline''; report-uri
|
130
|
-
https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
|
131
|
-
X-Content-Type-Options:
|
132
|
-
- nosniff
|
133
|
-
X-Download-Options:
|
134
|
-
- noopen
|
135
|
-
X-Frame-Options:
|
136
|
-
- DENY
|
137
|
-
X-Permitted-Cross-Domain-Policies:
|
138
|
-
- none
|
139
|
-
X-Xss-Protection:
|
140
|
-
- 1; mode=block
|
141
|
-
Public-Key-Pins-Report-Only:
|
142
|
-
- pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";
|
143
|
-
pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=";
|
144
|
-
pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="bIlWcjiKq1mftH/xd7Hw1JO77Cr+Gv+XYcGUQWwO+A4=";
|
145
|
-
pin-sha256="tXD+dGAP8rGY4PW1be90cOYEwg7pZ4G+yPZmIZWPTSg="; max-age=600; includeSubDomains;
|
146
|
-
report-uri="https://hackerone.report-uri.io/r/default/hpkp/reportOnly"
|
147
|
-
Server:
|
148
|
-
- cloudflare-nginx
|
149
|
-
Cf-Ray:
|
150
|
-
- 381857128fff7820-LAX
|
151
|
-
body:
|
152
|
-
encoding: UTF-8
|
153
|
-
string: "{\"data\":{\"type\":\"activity-comment\",\"id\":\"1854711\",\"attributes\":{\"message\":\"I
|
154
|
-
am not an internal comment\",\"created_at\":\"2017-07-20T19:31:20.181Z\",\"updated_at\":\"2017-07-20T19:31:20.181Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}}}"
|
155
|
-
http_version:
|
156
|
-
recorded_at: Thu, 20 Jul 2017 19:31:20 GMT
|
157
|
-
recorded_with: VCR 3.0.3
|
@@ -0,0 +1,80 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: post
|
5
|
+
uri: https://api.hackerone.com/v1/reports/200/activities
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: "{\"data\":{\"type\":\"activity-comment\",\"attributes\":{\"message\":\"I
|
9
|
+
am not an internal comment\",\"internal\":false}}}"
|
10
|
+
headers:
|
11
|
+
Authorization:
|
12
|
+
- Basic ==
|
13
|
+
User-Agent:
|
14
|
+
- Faraday v0.11.0
|
15
|
+
Content-Type:
|
16
|
+
- application/json
|
17
|
+
Accept-Encoding:
|
18
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
19
|
+
Accept:
|
20
|
+
- "*/*"
|
21
|
+
response:
|
22
|
+
status:
|
23
|
+
code: 201
|
24
|
+
message: Created
|
25
|
+
headers:
|
26
|
+
Date:
|
27
|
+
- Thu, 20 Jul 2017 19:31:20 GMT
|
28
|
+
Content-Type:
|
29
|
+
- application/json; charset=utf-8
|
30
|
+
Transfer-Encoding:
|
31
|
+
- chunked
|
32
|
+
Connection:
|
33
|
+
- keep-alive
|
34
|
+
Set-Cookie:
|
35
|
+
- __cfduid=d104d11a7dd0d4d546ad5de4a34ae70091500579080; expires=Fri, 20-Jul-18
|
36
|
+
19:31:20 GMT; path=/; Domain=api.hackerone.com; HttpOnly
|
37
|
+
X-Request-Id:
|
38
|
+
- d3253b5d-6f40-4070-8a49-2c9fddc85b6f
|
39
|
+
Etag:
|
40
|
+
- W/"5409aa55cb4b50a7801681b8f529bcfd"
|
41
|
+
Cache-Control:
|
42
|
+
- max-age=0, private, must-revalidate
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=31536000; includeSubDomains; preload
|
45
|
+
Content-Security-Policy:
|
46
|
+
- 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
|
47
|
+
www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
|
48
|
+
font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
|
49
|
+
''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
|
50
|
+
profile-photos.hackerone-user-content.com hackerone-attachments.s3.amazonaws.com;
|
51
|
+
media-src ''self'' hackerone-attachments.s3.amazonaws.com; script-src ''self''
|
52
|
+
www.google-analytics.com; style-src ''self'' ''unsafe-inline''; report-uri
|
53
|
+
https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
|
54
|
+
X-Content-Type-Options:
|
55
|
+
- nosniff
|
56
|
+
X-Download-Options:
|
57
|
+
- noopen
|
58
|
+
X-Frame-Options:
|
59
|
+
- DENY
|
60
|
+
X-Permitted-Cross-Domain-Policies:
|
61
|
+
- none
|
62
|
+
X-Xss-Protection:
|
63
|
+
- 1; mode=block
|
64
|
+
Public-Key-Pins-Report-Only:
|
65
|
+
- pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";
|
66
|
+
pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=";
|
67
|
+
pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="bIlWcjiKq1mftH/xd7Hw1JO77Cr+Gv+XYcGUQWwO+A4=";
|
68
|
+
pin-sha256="tXD+dGAP8rGY4PW1be90cOYEwg7pZ4G+yPZmIZWPTSg="; max-age=600; includeSubDomains;
|
69
|
+
report-uri="https://hackerone.report-uri.io/r/default/hpkp/reportOnly"
|
70
|
+
Server:
|
71
|
+
- cloudflare-nginx
|
72
|
+
Cf-Ray:
|
73
|
+
- 381857128fff7820-LAX
|
74
|
+
body:
|
75
|
+
encoding: UTF-8
|
76
|
+
string: "{\"data\":{\"type\":\"activity-comment\",\"id\":\"1854711\",\"attributes\":{\"message\":\"I
|
77
|
+
am not an internal comment\",\"created_at\":\"2017-07-20T19:31:20.181Z\",\"updated_at\":\"2017-07-20T19:31:20.181Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}}}"
|
78
|
+
http_version:
|
79
|
+
recorded_at: Thu, 20 Jul 2017 19:31:20 GMT
|
80
|
+
recorded_with: VCR 3.0.3
|
@@ -2,7 +2,7 @@
|
|
2
2
|
http_interactions:
|
3
3
|
- request:
|
4
4
|
method: post
|
5
|
-
uri: https://api.hackerone.com/v1/reports/
|
5
|
+
uri: https://api.hackerone.com/v1/reports/200/issue_tracker_reference_id
|
6
6
|
body:
|
7
7
|
encoding: UTF-8
|
8
8
|
string: '{"data":{"type":"issue-tracker-reference-id","attributes":{"reference":"fooooo"}}}'
|
@@ -67,7 +67,7 @@ http_interactions:
|
|
67
67
|
- 340a6ba9fa5653a8-LAX
|
68
68
|
body:
|
69
69
|
encoding: ASCII-8BIT
|
70
|
-
string: '{"relationships":{"report":{"data":{"id":"
|
70
|
+
string: '{"relationships":{"report":{"data":{"id":"200","type":"report","attributes":{"title":"ssss","state":"triaged","created_at":"2016-04-18T22:24:50.065Z","vulnerability_information":"sssss","triaged_at":"2017-03-16T19:53:49.939Z","closed_at":null,"last_reporter_activity_at":"2016-04-18T22:24:50.118Z","first_program_activity_at":"2017-03-16T18:36:40.650Z","last_program_activity_at":"2017-03-16T19:53:49.939Z","bounty_awarded_at":null,"swag_awarded_at":null,"disclosed_at":null,"last_activity_at":"2017-03-16T19:53:49.939Z","issue_tracker_reference_id":"fooooo"},"relationships":{"reporter":{"data":{"id":"57690","type":"user","attributes":{"username":"ndm-github","name":"Neil
|
71
71
|
Matatall","disabled":false,"created_at":"2016-02-24T01:33:01.258Z","profile_picture":{"62x62":"https://profile-photos.hackerone-user-content.com/production/000/057/690/1e0c9ef6fc8bcc17806ae82e6f73cdd4d0e74eb9_small.jpg?1469554487","82x82":"https://profile-photos.hackerone-user-content.com/production/000/057/690/f6a17c40a6c910ba801014d1498b55727ea858e3_medium.jpg?1469554487","110x110":"https://profile-photos.hackerone-user-content.com/production/000/057/690/2259dde15230756d99f68a9ca824af11081ab965_large.jpg?1469554487","260x260":"https://profile-photos.hackerone-user-content.com/production/000/057/690/6d2da33805fef8b8ac4cf513e1562699e79365e0_xtralarge.jpg?1469554487"}}}},"program":{"data":{"id":"11767","type":"program","attributes":{"handle":"github-test","created_at":"2016-04-15T17:10:31.261Z","updated_at":"2016-09-20T14:54:15.448Z"}}},"swag":{"data":[]},"attachments":{"data":[]},"vulnerability_types":{"data":[{"id":"107921","type":"vulnerability-type","attributes":{"name":"Cross-Site
|
72
72
|
Scripting (XSS)","description":"Failure of a site to validate, filter, or
|
73
73
|
encode user input before returning it to another user''s web client.\n","created_at":"2016-04-15T17:10:39.169Z"}}]},"activities":{"data":[{"type":"activity-reference-id-added","id":"1546419","attributes":{"message":"","created_at":"2017-03-16T20:21:44.883Z","updated_at":"2017-03-16T20:21:44.883Z","internal":true,"reference":"fooooo","reference_url":null},"relationships":{"actor":{"data":{"type":"user","id":"151303","attributes":{"username":"testingagain","name":null,"disabled":false,"created_at":"2017-03-16T00:35:19.472Z","profile_picture":{"62x62":"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png","82x82":"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png","110x110":"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png","260x260":"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png"}}}}}},{"type":"activity-bug-triaged","id":"1546376","attributes":{"message":"This
|
@@ -2,7 +2,7 @@
|
|
2
2
|
http_interactions:
|
3
3
|
- request:
|
4
4
|
method: post
|
5
|
-
uri: https://api.hackerone.com/v1/reports/
|
5
|
+
uri: https://api.hackerone.com/v1/reports/200/state_changes
|
6
6
|
body:
|
7
7
|
encoding: UTF-8
|
8
8
|
string: '{"data":{"type":"state-change","attributes":{"message":"This is has
|
@@ -68,7 +68,7 @@ http_interactions:
|
|
68
68
|
- 340a42c58e9553de-LAX
|
69
69
|
body:
|
70
70
|
encoding: UTF-8
|
71
|
-
string: '{"data":{"id":"
|
71
|
+
string: '{"data":{"id":"200","type":"report","attributes":{"title":"ssss","state":"triaged","created_at":"2016-04-18T22:24:50.065Z","vulnerability_information":"sssss","triaged_at":"2017-03-16T19:53:49.939Z","closed_at":null,"last_reporter_activity_at":"2016-04-18T22:24:50.118Z","first_program_activity_at":"2017-03-16T18:36:40.650Z","last_program_activity_at":"2017-03-16T19:53:49.939Z","bounty_awarded_at":null,"swag_awarded_at":null,"disclosed_at":null,"last_activity_at":"2017-03-16T19:53:49.939Z","issue_tracker_reference_id":"3476"},"relationships":{"reporter":{"data":{"id":"57690","type":"user","attributes":{"username":"ndm-github","name":"Neil
|
72
72
|
Matatall","disabled":false,"created_at":"2016-02-24T01:33:01.258Z","profile_picture":{"62x62":"https://profile-photos.hackerone-user-content.com/production/000/057/690/1e0c9ef6fc8bcc17806ae82e6f73cdd4d0e74eb9_small.jpg?1469554487","82x82":"https://profile-photos.hackerone-user-content.com/production/000/057/690/f6a17c40a6c910ba801014d1498b55727ea858e3_medium.jpg?1469554487","110x110":"https://profile-photos.hackerone-user-content.com/production/000/057/690/2259dde15230756d99f68a9ca824af11081ab965_large.jpg?1469554487","260x260":"https://profile-photos.hackerone-user-content.com/production/000/057/690/6d2da33805fef8b8ac4cf513e1562699e79365e0_xtralarge.jpg?1469554487"}}}},"program":{"data":{"id":"11767","type":"program","attributes":{"handle":"github-test","created_at":"2016-04-15T17:10:31.261Z","updated_at":"2016-09-20T14:54:15.448Z"}}},"swag":{"data":[]},"attachments":{"data":[]},"vulnerability_types":{"data":[{"id":"107921","type":"vulnerability-type","attributes":{"name":"Cross-Site
|
73
73
|
Scripting (XSS)","description":"Failure of a site to validate, filter, or
|
74
74
|
encode user input before returning it to another user''s web client.\n","created_at":"2016-04-15T17:10:39.169Z"}}]},"activities":{"data":[{"type":"activity-bug-triaged","id":"1546376","attributes":{"message":"This
|
data/lib/hackerone/client.rb
CHANGED
@@ -22,23 +22,6 @@ module HackerOne
|
|
22
22
|
DEFAULT_HIGH_RANGE = 2500...4999
|
23
23
|
DEFAULT_CRITICAL_RANGE = 5000...100_000_000
|
24
24
|
|
25
|
-
STATES = %w(
|
26
|
-
new
|
27
|
-
triaged
|
28
|
-
needs-more-info
|
29
|
-
resolved
|
30
|
-
not-applicable
|
31
|
-
informative
|
32
|
-
duplicate
|
33
|
-
spam
|
34
|
-
).map(&:to_sym).freeze
|
35
|
-
|
36
|
-
STATES_REQUIRING_STATE_CHANGE_MESSAGE = %w(
|
37
|
-
needs-more-info
|
38
|
-
informative
|
39
|
-
duplicate
|
40
|
-
).map(&:to_sym).freeze
|
41
|
-
|
42
25
|
class << self
|
43
26
|
ATTRS = [:low_range, :medium_range, :high_range, :critical_range].freeze
|
44
27
|
attr_accessor :program
|
@@ -101,89 +84,6 @@ module HackerOne
|
|
101
84
|
end
|
102
85
|
end
|
103
86
|
|
104
|
-
## Idempotent: add the issue reference and put the report into the "triage" state.
|
105
|
-
#
|
106
|
-
# id: the ID of the report
|
107
|
-
# state: value for the reference (e.g. issue number or relative path to cross-repo issue)
|
108
|
-
#
|
109
|
-
# returns an HackerOne::Client::Report object or raises an error if
|
110
|
-
# no report is found.
|
111
|
-
def triage(id, reference)
|
112
|
-
add_report_reference(id, reference)
|
113
|
-
state_change(id, :triaged)
|
114
|
-
end
|
115
|
-
|
116
|
-
## Idempotent: Add a report reference to a project
|
117
|
-
#
|
118
|
-
# id: the ID of the report
|
119
|
-
# state: value for the reference (e.g. issue number or relative path to cross-repo issue)
|
120
|
-
#
|
121
|
-
# returns an HackerOne::Client::Report object or raises an error if
|
122
|
-
# no report is found.
|
123
|
-
def add_report_reference(id, reference)
|
124
|
-
body = {
|
125
|
-
data: {
|
126
|
-
type: "issue-tracker-reference-id",
|
127
|
-
attributes: {
|
128
|
-
reference: reference
|
129
|
-
}
|
130
|
-
}
|
131
|
-
}
|
132
|
-
|
133
|
-
Report.new(post("reports/#{id}/issue_tracker_reference_id", body))
|
134
|
-
end
|
135
|
-
|
136
|
-
## Idempotent: change the state of a report. See STATES for valid values.
|
137
|
-
#
|
138
|
-
# id: the ID of the report
|
139
|
-
# state: the state in which the report is to be put in
|
140
|
-
#
|
141
|
-
# returns an HackerOne::Client::Report object or raises an error if
|
142
|
-
# no report is found.
|
143
|
-
def state_change(id, state, message = nil)
|
144
|
-
raise ArgumentError, "state (#{state}) must be one of #{STATES}" unless STATES.include?(state)
|
145
|
-
|
146
|
-
body = {
|
147
|
-
data: {
|
148
|
-
type: "state-change",
|
149
|
-
attributes: {
|
150
|
-
state: state
|
151
|
-
}
|
152
|
-
}
|
153
|
-
}
|
154
|
-
|
155
|
-
if message
|
156
|
-
body[:data][:attributes][:message] = message
|
157
|
-
elsif STATES_REQUIRING_STATE_CHANGE_MESSAGE.include?(state)
|
158
|
-
fail ArgumentError, "State #{state} requires a message. No message was supplied."
|
159
|
-
else
|
160
|
-
# message is in theory optional, but a value appears to be required.
|
161
|
-
body[:data][:attributes][:message] = ""
|
162
|
-
end
|
163
|
-
post("reports/#{id}/state_changes", body)
|
164
|
-
end
|
165
|
-
|
166
|
-
# Add a comment to a report. By default, internal comments will be added.
|
167
|
-
#
|
168
|
-
# id: the ID of the report
|
169
|
-
# message: the content of the comment that will be created
|
170
|
-
# internal: "team only" comment (true, default) or "all participants"
|
171
|
-
def add_comment(id, message, internal: true)
|
172
|
-
fail ArgumentError, "message is required" if message.blank?
|
173
|
-
|
174
|
-
body = {
|
175
|
-
data: {
|
176
|
-
type: "activity-comment",
|
177
|
-
attributes: {
|
178
|
-
message: message,
|
179
|
-
internal: internal
|
180
|
-
}
|
181
|
-
}
|
182
|
-
}
|
183
|
-
|
184
|
-
post("reports/#{id}/activities", body)
|
185
|
-
end
|
186
|
-
|
187
87
|
## Public: retrieve a report
|
188
88
|
#
|
189
89
|
# id: the ID of a specific report
|
@@ -225,7 +125,12 @@ module HackerOne
|
|
225
125
|
elsif response.status.to_s.start_with?("5")
|
226
126
|
raise RuntimeError, "API called failed, probably their fault: #{response.body}"
|
227
127
|
elsif response.success?
|
228
|
-
JSON.parse(response.body, :symbolize_names => true)
|
128
|
+
response_body_json = JSON.parse(response.body, :symbolize_names => true)
|
129
|
+
if response_body_json.key?(:data)
|
130
|
+
response_body_json[:data]
|
131
|
+
else
|
132
|
+
response_body_json
|
133
|
+
end
|
229
134
|
else
|
230
135
|
raise RuntimeError, "Not sure what to do here: #{response.body}"
|
231
136
|
end
|
@@ -7,6 +7,23 @@ module HackerOne
|
|
7
7
|
class Report
|
8
8
|
include ResourceHelper
|
9
9
|
|
10
|
+
STATES = %w(
|
11
|
+
new
|
12
|
+
triaged
|
13
|
+
needs-more-info
|
14
|
+
resolved
|
15
|
+
not-applicable
|
16
|
+
informative
|
17
|
+
duplicate
|
18
|
+
spam
|
19
|
+
).map(&:to_sym).freeze
|
20
|
+
|
21
|
+
STATES_REQUIRING_STATE_CHANGE_MESSAGE = %w(
|
22
|
+
needs-more-info
|
23
|
+
informative
|
24
|
+
duplicate
|
25
|
+
).map(&:to_sym).freeze
|
26
|
+
|
10
27
|
def initialize(report)
|
11
28
|
@report = report
|
12
29
|
end
|
@@ -27,6 +44,10 @@ module HackerOne
|
|
27
44
|
attributes[:issue_tracker_reference_url]
|
28
45
|
end
|
29
46
|
|
47
|
+
def issue_tracker_reference_id
|
48
|
+
attributes[:issue_tracker_reference_id]
|
49
|
+
end
|
50
|
+
|
30
51
|
def reporter
|
31
52
|
relationships
|
32
53
|
.fetch(:reporter, {})
|
@@ -126,6 +147,89 @@ module HackerOne
|
|
126
147
|
Activities.build(response_body)
|
127
148
|
end
|
128
149
|
|
150
|
+
## Idempotent: change the state of a report. See STATES for valid values.
|
151
|
+
#
|
152
|
+
# id: the ID of the report
|
153
|
+
# state: the state in which the report is to be put in
|
154
|
+
#
|
155
|
+
# returns an HackerOne::Client::Report object or raises an error if
|
156
|
+
# no report is found.
|
157
|
+
def state_change(state, message = nil)
|
158
|
+
raise ArgumentError, "state (#{state}) must be one of #{STATES}" unless STATES.include?(state)
|
159
|
+
|
160
|
+
body = {
|
161
|
+
type: "state-change",
|
162
|
+
attributes: {
|
163
|
+
state: state
|
164
|
+
}
|
165
|
+
}
|
166
|
+
|
167
|
+
if message
|
168
|
+
body[:attributes][:message] = message
|
169
|
+
elsif STATES_REQUIRING_STATE_CHANGE_MESSAGE.include?(state)
|
170
|
+
fail ArgumentError, "State #{state} requires a message. No message was supplied."
|
171
|
+
else
|
172
|
+
# message is in theory optional, but a value appears to be required.
|
173
|
+
body[:attributes][:message] = ""
|
174
|
+
end
|
175
|
+
|
176
|
+
response_json = make_post_request("reports/#{id}/state_changes", request_body: body)
|
177
|
+
@report = response_json
|
178
|
+
self
|
179
|
+
end
|
180
|
+
|
181
|
+
## Idempotent: Add a report reference to a project
|
182
|
+
#
|
183
|
+
# id: the ID of the report
|
184
|
+
# state: value for the reference (e.g. issue number or relative path to cross-repo issue)
|
185
|
+
#
|
186
|
+
# returns an HackerOne::Client::Report object or raises an error if
|
187
|
+
# no report is found.
|
188
|
+
def add_report_reference(reference)
|
189
|
+
body = {
|
190
|
+
type: "issue-tracker-reference-id",
|
191
|
+
attributes: {
|
192
|
+
reference: reference
|
193
|
+
}
|
194
|
+
}
|
195
|
+
|
196
|
+
response_json = make_post_request("reports/#{id}/issue_tracker_reference_id", request_body: body)
|
197
|
+
@report = response_json[:relationships][:report][:data]
|
198
|
+
self
|
199
|
+
end
|
200
|
+
|
201
|
+
## Idempotent: add the issue reference and put the report into the "triage" state.
|
202
|
+
#
|
203
|
+
# id: the ID of the report
|
204
|
+
# state: value for the reference (e.g. issue number or relative path to cross-repo issue)
|
205
|
+
#
|
206
|
+
# returns an HackerOne::Client::Report object or raises an error if
|
207
|
+
# no report is found.
|
208
|
+
def triage(reference)
|
209
|
+
add_report_reference(reference)
|
210
|
+
state_change(:triaged)
|
211
|
+
end
|
212
|
+
|
213
|
+
# Add a comment to a report. By default, internal comments will be added.
|
214
|
+
#
|
215
|
+
# id: the ID of the report
|
216
|
+
# message: the content of the comment that will be created
|
217
|
+
# internal: "team only" comment (true, default) or "all participants"
|
218
|
+
def add_comment(message, internal: true)
|
219
|
+
fail ArgumentError, "message is required" if message.blank?
|
220
|
+
|
221
|
+
body = {
|
222
|
+
type: "activity-comment",
|
223
|
+
attributes: {
|
224
|
+
message: message,
|
225
|
+
internal: internal
|
226
|
+
}
|
227
|
+
}
|
228
|
+
|
229
|
+
response_json = make_post_request("reports/#{id}/activities", request_body: body)
|
230
|
+
HackerOne::Client::Activities.build(response_json)
|
231
|
+
end
|
232
|
+
|
129
233
|
def assign_to_user(name)
|
130
234
|
member = program.find_member(name)
|
131
235
|
_assign_to(member.user.id, :user)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hackerone-client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.9.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Neil Matatall
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-09
|
11
|
+
date: 2017-10-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -135,6 +135,7 @@ files:
|
|
135
135
|
- bin/console
|
136
136
|
- bin/setup
|
137
137
|
- fixtures/vcr_cassettes/add_comment.yml
|
138
|
+
- fixtures/vcr_cassettes/add_public_comment.yml
|
138
139
|
- fixtures/vcr_cassettes/add_report_reference.yml
|
139
140
|
- fixtures/vcr_cassettes/assign_report_to_group.yml
|
140
141
|
- fixtures/vcr_cassettes/assign_report_to_group_no_permission.yml
|