hackerone-client 0.18.0 → 0.19.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/build.yml +2 -2
- data/CHANGELOG.md +4 -0
- data/README.md +5 -2
- data/fixtures/vcr_cassettes/create_report.yml +81 -0
- data/fixtures/vcr_cassettes/create_report_invalid.yml +79 -0
- data/lib/hackerone/client.rb +29 -0
- data/lib/hackerone/client/report.rb +1 -1
- data/lib/hackerone/client/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 52150bc003fc02809d7dc91f18be91ddcda06ad00d5fec58ef467d807ce8ad81
|
4
|
+
data.tar.gz: b396dfca44f52a8c8e466b17e649a6dad4952aedff03bbf33af16e2b9048f88f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: abfc5c743020345387f5f010e273580c27a7b82235d0ec271c69373da7857256a4e2eea4a1aab9f1ec88232770ef9b082a990a7d782951da490354f7d3d6f171
|
7
|
+
data.tar.gz: 2f47d7778bd6ae456604bac21c9beef5b5c44686eab65a3e6852ab64462732481519a4591d5369f1c04c175b7c70c589c33ec3e366338119c85d36d42349ec90
|
data/.github/workflows/build.yml
CHANGED
@@ -9,7 +9,7 @@ jobs:
|
|
9
9
|
matrix:
|
10
10
|
ruby: [ '2.4', '2.5', '2.6', '2.7']
|
11
11
|
steps:
|
12
|
-
- uses: actions/checkout@
|
12
|
+
- uses: actions/checkout@v2
|
13
13
|
- name: Set up Ruby ${{ matrix.ruby }}
|
14
14
|
uses: actions/setup-ruby@v1
|
15
15
|
with:
|
@@ -23,7 +23,7 @@ jobs:
|
|
23
23
|
name: Rubocop
|
24
24
|
runs-on: ubuntu-latest
|
25
25
|
steps:
|
26
|
-
- uses: actions/checkout@
|
26
|
+
- uses: actions/checkout@v2
|
27
27
|
- name: Set up Ruby 2.6
|
28
28
|
uses: actions/setup-ruby@v1
|
29
29
|
with:
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,7 @@
|
|
1
|
+
## [0.19.0] - 2020-05-08
|
2
|
+
|
3
|
+
[Add ability to create a report](https://github.com/oreoshake/hackerone-client/pull/57) (@rzhade3)
|
4
|
+
|
1
5
|
## [0.18.0] - 2020-03-23
|
2
6
|
|
3
7
|
[Add ability to filter reports on states other than "new"](https://github.com/oreoshake/hackerone-client/pull/54) (@rzhade3)
|
data/README.md
CHANGED
@@ -5,6 +5,9 @@ A limited client library for interacting with HackerOne. Currently only supports
|
|
5
5
|
```ruby
|
6
6
|
client = HackerOne::Client::Api.new("github")
|
7
7
|
|
8
|
+
# POST '/reports' creates a new report
|
9
|
+
client.create_report(title: "hi", summary: "hi", impact: "string", severity_rating: :high, source: "api")
|
10
|
+
|
8
11
|
# GET '/reports' returns all reports in a given state for a program, by default :new
|
9
12
|
client.reports(state: :new)
|
10
13
|
|
@@ -29,8 +32,8 @@ report.add_report_reference(reference)
|
|
29
32
|
# Triage an issue (add a reference and set state to :triaged)
|
30
33
|
report.triage(reference)
|
31
34
|
|
32
|
-
# Set the severity on a report (rating can be none, low, medium, high or critical)
|
33
|
-
report.update_severity(rating:
|
35
|
+
# Set the severity on a report (rating can be :none, :low, :medium, :high or :critical)
|
36
|
+
report.update_severity(rating: :high)
|
34
37
|
|
35
38
|
# POST /reports/{id}/bounty_suggestions
|
36
39
|
report.suggest_bounty(message: "I suggest $500 with a small bonus. Report is well-written.", amount: 500, bonus_amount: 50)
|
@@ -0,0 +1,81 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: post
|
5
|
+
uri: https://api.hackerone.com/v1/reports
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: '{"data":{"type":"report","attributes":{"team_handle":"github","title":"hi","vulnerability_information":"hi","impact":"string","severity_rating":"none","source":"api"}}}'
|
9
|
+
headers:
|
10
|
+
Authorization:
|
11
|
+
- Basic NOPE
|
12
|
+
User-Agent:
|
13
|
+
- Faraday v1.0.1
|
14
|
+
Content-Type:
|
15
|
+
- application/json
|
16
|
+
Accept-Encoding:
|
17
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
18
|
+
Accept:
|
19
|
+
- "*/*"
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 201
|
23
|
+
message: Created
|
24
|
+
headers:
|
25
|
+
Date:
|
26
|
+
- Wed, 06 May 2020 23:02:54 GMT
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
|
+
Transfer-Encoding:
|
30
|
+
- chunked
|
31
|
+
Connection:
|
32
|
+
- keep-alive
|
33
|
+
Set-Cookie:
|
34
|
+
- __cfduid=d31f31bc632e337f7fa240d7a863f92a01588806173; expires=Fri, 05-Jun-20
|
35
|
+
23:02:53 GMT; path=/; Domain=api.hackerone.com; HttpOnly; SameSite=Lax; Secure
|
36
|
+
X-Request-Id:
|
37
|
+
- 55676c0a-2510-4787-9e47-7f74c1e9b2ac
|
38
|
+
Etag:
|
39
|
+
- W/"1f8bd995ef79550e2f8c8484301fadcc"
|
40
|
+
Cache-Control:
|
41
|
+
- max-age=0, private, must-revalidate
|
42
|
+
Strict-Transport-Security:
|
43
|
+
- max-age=31536000; includeSubDomains; preload
|
44
|
+
X-Frame-Options:
|
45
|
+
- DENY
|
46
|
+
X-Content-Type-Options:
|
47
|
+
- nosniff
|
48
|
+
X-Xss-Protection:
|
49
|
+
- 1; mode=block
|
50
|
+
X-Download-Options:
|
51
|
+
- noopen
|
52
|
+
X-Permitted-Cross-Domain-Policies:
|
53
|
+
- none
|
54
|
+
Referrer-Policy:
|
55
|
+
- strict-origin-when-cross-origin
|
56
|
+
Expect-Ct:
|
57
|
+
- enforce, max-age=86400
|
58
|
+
Content-Security-Policy:
|
59
|
+
- 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
|
60
|
+
www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
|
61
|
+
font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
|
62
|
+
''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
|
63
|
+
profile-photos.hackerone-user-content.com hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com;
|
64
|
+
media-src ''self'' hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com;
|
65
|
+
script-src ''self'' www.google-analytics.com; style-src ''self'' ''unsafe-inline'';
|
66
|
+
report-uri https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
|
67
|
+
Cf-Cache-Status:
|
68
|
+
- DYNAMIC
|
69
|
+
Server:
|
70
|
+
- cloudflare
|
71
|
+
Cf-Ray:
|
72
|
+
- 58f654d83ea1bc9c-SEA
|
73
|
+
Cf-Request-Id:
|
74
|
+
- '028dd35b1e0000bc9c75365200000001'
|
75
|
+
body:
|
76
|
+
encoding: ASCII-8BIT
|
77
|
+
string: !binary |-
|
78
|
+
eyJkYXRhIjp7ImlkIjoiODY3NDc5IiwidHlwZSI6InJlcG9ydCIsImF0dHJpYnV0ZXMiOnsidGl0bGUiOiJoaSIsInN0YXRlIjoibmV3IiwiY3JlYXRlZF9hdCI6IjIwMjAtMDUtMDZUMjM6MDI6NTMuNjE1WiIsInZ1bG5lcmFiaWxpdHlfaW5mb3JtYXRpb24iOiJoaVxuXG4jIyBJbXBhY3Rcblxuc3RyaW5nIiwidHJpYWdlZF9hdCI6bnVsbCwiY2xvc2VkX2F0IjpudWxsLCJsYXN0X3JlcG9ydGVyX2FjdGl2aXR5X2F0IjoiMjAyMC0wNS0wNlQyMzowMjo1My42NzlaIiwiZmlyc3RfcHJvZ3JhbV9hY3Rpdml0eV9hdCI6IjIwMjAtMDUtMDZUMjM6MDI6NTMuNjc5WiIsImxhc3RfcHJvZ3JhbV9hY3Rpdml0eV9hdCI6IjIwMjAtMDUtMDZUMjM6MDI6NTMuNjc5WiIsImJvdW50eV9hd2FyZGVkX2F0IjpudWxsLCJzd2FnX2F3YXJkZWRfYXQiOm51bGwsImRpc2Nsb3NlZF9hdCI6bnVsbCwicmVwb3J0ZXJfYWdyZWVkX29uX2dvaW5nX3B1YmxpY19hdCI6bnVsbCwibGFzdF9wdWJsaWNfYWN0aXZpdHlfYXQiOiIyMDIwLTA1LTA2VDIzOjAyOjUzLjY3OVoiLCJsYXN0X2FjdGl2aXR5X2F0IjoiMjAyMC0wNS0wNlQyMzowMjo1My42NzlaIiwiY3ZlX2lkcyI6W10sInNvdXJjZSI6ImFwaSJ9LCJyZWxhdGlvbnNoaXBzIjp7InJlcG9ydGVyIjp7ImRhdGEiOnsiaWQiOiIxMDEzNTk2IiwidHlwZSI6InVzZXIiLCJhdHRyaWJ1dGVzIjp7InVzZXJuYW1lIjoicnpoYWRlMy10ZXN0ZXIiLCJuYW1lIjpudWxsLCJkaXNhYmxlZCI6ZmFsc2UsImNyZWF0ZWRfYXQiOiIyMDIwLTAzLTMwVDE1OjIxOjEwLjg3M1oiLCJwcm9maWxlX3BpY3R1cmUiOnsiNjJ4NjIiOiIvYXNzZXRzL2F2YXRhcnMvZGVmYXVsdC03MWEzMDJkNzA2NDU3ZjNkM2EzMWViMzBmYTNlNzNlNmNmMGIxZDY3N2I4ZmEyMThlYWVhZmZkNjdhZTk3OTE4LnBuZyIsIjgyeDgyIjoiL2Fzc2V0cy9hdmF0YXJzL2RlZmF1bHQtNzFhMzAyZDcwNjQ1N2YzZDNhMzFlYjMwZmEzZTczZTZjZjBiMWQ2NzdiOGZhMjE4ZWFlYWZmZDY3YWU5NzkxOC5wbmciLCIxMTB4MTEwIjoiL2Fzc2V0cy9hdmF0YXJzL2RlZmF1bHQtNzFhMzAyZDcwNjQ1N2YzZDNhMzFlYjMwZmEzZTczZTZjZjBiMWQ2NzdiOGZhMjE4ZWFlYWZmZDY3YWU5NzkxOC5wbmciLCIyNjB4MjYwIjoiL2Fzc2V0cy9hdmF0YXJzL2RlZmF1bHQtNzFhMzAyZDcwNjQ1N2YzZDNhMzFlYjMwZmEzZTczZTZjZjBiMWQ2NzdiOGZhMjE4ZWFlYWZmZDY3YWU5NzkxOC5wbmcifSwiYmlvIjpudWxsLCJ3ZWJzaXRlIjpudWxsLCJsb2NhdGlvbiI6bnVsbCwiaGFja2Vyb25lX3RyaWFnZXIiOmZhbHNlfX19LCJwcm9ncmFtIjp7ImRhdGEiOnsiaWQiOiIxMTc2NyIsInR5cGUiOiJwcm9ncmFtIiwiYXR0cmlidXRlcyI6eyJoYW5kbGUiOiJnaXRodWItdGVzdCIsInBvbGljeSI6IiMgR2l0SHViIFNlY3VyaXR5IEJ1ZyBCb3VudHlcblxuU29mdHdhcmUgc2VjdXJpdHkgcmVzZWFyY2hlcnMgYXJlIGluY3JlYXNpbmdseSBlbmdhZ2luZyB3aXRoIEludGVybmV0IGNvbXBhbmllcyB0byBodW50IGRvd24gdnVsbmVyYWJpbGl0aWVzLiBPdXIgYm91bnR5IHByb2dyYW0gZ2l2ZXMgYSB0aXAgb2YgdGhlIGhhdCB0byB0aGVzZSByZXNlYXJjaGVycyBhbmQgcHJvdmlkZXMgcmV3YXJkcyBvZiAgJDMwLDAwMCBvciBtb3JlIGZvciBjcml0aWNhbCB2dWxuZXJhYmlsaXRpZXMuXG5cblxuWW91IGNhbiBmaW5kIG1vcmUgaW5mb3JtYXRpb24gaW4gb3VyIFtydWxlc10oaHR0cHM6Ly9ib3VudHkuZ2l0aHViLmNvbS8jcnVsZXMpLCBbc2NvcGVdKGh0dHBzOi8vYm91bnR5LmdpdGh1Yi5jb20vI3Njb3BlKSwgW3RhcmdldHNdKGh0dHBzOi8vYm91bnR5LmdpdGh1Yi5jb20vI3RhcmdldHMpLCBhbmQgW0ZBUV0oaHR0cHM6Ly9ib3VudHkuZ2l0aHViLmNvbS8jZmFxcykgc2VjdGlvbnMuIFlvdSBjYW4gYWxzbyBjaGVjayB0aGUgY3VycmVudCByYW5raW5ncyBvbiB0aGUgW2xlYWRlcmJvYXJkXShodHRwczovL2JvdW50eS5naXRodWIuY29tLyNsZWFkZXJib2FyZCkuXG5cbkhhcHB5IGhhY2tpbmchXG5cblxuIyMgUnVsZXNcblxuIyMjIEJlZm9yZSB5b3Ugc3RhcnRcblxuKiBDaGVjayB0aGUgbGlzdCBvZiBidWdzIHRoYXQgaGF2ZSBiZWVuIFtjbGFzc2lmaWVkIGFzIGluZWxpZ2libGVdKGh0dHBzOi8vYm91bnR5LmdpdGh1Yi5jb20vaW5lbGlnaWJsZS5odG1sKS4gU3VibWlzc2lvbnMgd2hpY2ggYXJlIGluZWxpZ2libGUgd2lsbCBsaWtlbHkgYmUgY2xvc2VkIGFzIGBOb3QgQXBwbGljYWJsZWAuXG4qIENoZWNrIHRoZSBbR2l0SHViIENoYW5nZWxvZ10oaHR0cHM6Ly9naXRodWIuYmxvZy9jaGFuZ2Vsb2cvKSBmb3IgcmVjZW50bHkgbGF1bmNoZWQgZmVhdHVyZXMuXG4qIE5ldmVyIGF0dGVtcHQgbm9uLXRlY2huaWNhbCBhdHRhY2tzIHN1Y2ggYXMgc29jaWFsIGVuZ2luZWVyaW5nLCBwaGlzaGluZywgb3IgcGh5c2ljYWwgYXR0YWNrcyBhZ2FpbnN0IG91ciBlbXBsb3llZXMsIHVzZXJzLCBvciBpbmZyYXN0cnVjdHVyZS5cbiogV2hlbiBpbiBkb3VidCwgY29udGFjdCB1cyBhdCBgYm91bnR5QGdpdGh1Yi5jb21gLlxuKiBCeSBwYXJ0aWNpcGF0aW5nIGluIEdpdEh1YidzIEJ1ZyBCb3VudHkgcHJvZ3JhbSAodGhlIFwiUHJvZ3JhbVwiKSwgeW91IGFja25vd2xlZGdlIHRoYXQgeW91IGhhdmUgcmVhZCBhbmQgYWdyZWUgdG8gR2l0SHViJ3MgW1Rlcm1zIG9mIFNlcnZpY2VdKGh0dHBzOi8vaGVscC5naXRodWIuY29tL2FydGljbGVzL2dpdGh1Yi10ZXJtcy1vZi1zZXJ2aWNlKSBhcyB3ZWxsIGFzIHRoZSBmb2xsb3dpbmc6XG5cbiAgKiB5b3UncmUgbm90IHBhcnRpY2lwYXRpbmcgZnJvbSBhIGNvdW50cnkgYWdhaW5zdCB3aGljaCB0aGUgVW5pdGVkIFN0YXRlcyBoYXMgaXNzdWVkIGV4cG9ydCBzYW5jdGlvbnMgb3Igb3RoZXIgdHJhZGUgcmVzdHJpY3Rpb25zLCBpbmNsdWRpbmcgQ3ViYSwgSXJhbiwgTm9ydGggS29yZWEsIFN1ZGFuLCBhbmQgU3lyaWEuXG5cbiAgKiB5b3VyIHBhcnRpY2lwYXRpb24gaW4gdGhlIFByb2dyYW0gd2lsbCBub3QgdmlvbGF0ZSBhbnkgbGF3IGFwcGxpY2FibGUgdG8geW91LCBvciBkaXNydXB0IG9yIGNvbXByb21pc2UgYW55IGRhdGEgdGhhdCBpcyBub3QgeW91ciBvd24uXG5cbiAgKiB5b3UgYXJlIHNvbGVseSByZXNwb25zaWJsZSBmb3IgYW55IGFwcGxpY2FibGUgdGF4ZXMsIHdpdGhob2xkaW5nIG9yIG90aGVyd2lzZSwgYXJpc2luZyBmcm9tIG9yIHJlbGF0aW5nIHRvIHlvdXIgcGFydGljaXBhdGlvbiBpbiB0aGUgUHJvZ3JhbSwgaW5jbHVkaW5nIGZyb20gYW55IGJvdW50eSBwYXltZW50cy5cblxuICAqIEdpdEh1YiByZXNlcnZlcyB0aGUgcmlnaHQgdG8gdGVybWluYXRlIG9yIGRpc2NvbnRpbnVlIHRoZSBQcm9ncmFtIGF0IGl0cyBkaXNjcmV0aW9uLlxuXG4gICogT25seSB0ZXN0IGZvciB2dWxuZXJhYmlsaXRpZXMgb24gc2l0ZXMgeW91IGtub3cgdG8gYmUgb3BlcmF0ZWQgYnkgR2l0SHViIGFuZCBhcmUgW2luLXNjb3BlXShodHRwczovL2JvdW50eS5naXRodWIuY29tI3Njb3BlKS4gU29tZSBzaXRlcyBob3N0ZWQgb24gc3ViZG9tYWlucyBvZiBgR2l0SHViLmNvbWAgYXJlIG9wZXJhdGVkIGJ5IHRoaXJkIHBhcnRpZXMgYW5kIHNob3VsZCBub3QgYmUgdGVzdGVkLlxuXG5cbiMjIyBMZWdhbCBzYWZlIGhhcmJvclxuXG5Zb3VyIHJlc2VhcmNoIGlzIGNvdmVyZWQgYnkgdGhlIFtHaXRIdWIgQnVnIEJvdW50eSBQcm9ncmFtIExlZ2FsIFNhZmUgSGFyYm9yXShodHRwczovL2hlbHAuZ2l0aHViLmNvbS9hcnRpY2xlcy9naXRodWItYnVnLWJvdW50eS1wcm9ncmFtLWxlZ2FsLXNhZmUtaGFyYm9yLykgcG9saWN5LiBJbiBzdW1tYXJ5OlxuKiBXZSBjb25zaWRlciBzZWN1cml0eSByZXNlYXJjaCBhbmQgdnVsbmVyYWJpbGl0eSBkaXNjbG9zdXJlIGFjdGl2aXRpZXMgY29uZHVjdGVkIGNvbnNpc3RlbnQgd2l0aCB0aGlzIHBvbGljeSBhcyDigJxhdXRob3JpemVk4oCdIGNvbmR1Y3QgdW5kZXIgdGhlIENvbXB1dGVyIEZyYXVkIGFuZCBBYnVzZSBBY3QsIHRoZSBETUNBLCBhbmQgb3RoZXIgYXBwbGljYWJsZSBjb21wdXRlciB1c2UgbGF3cyBzdWNoIGFzIENhbC4gUGVuYWwgQ29kZSA1MDIoYykuIFdlIHdhaXZlIGFueSBwb3RlbnRpYWwgRE1DQSBjbGFpbSBhZ2FpbnN0IHlvdSBmb3IgY2lyY3VtdmVudGluZyB0aGUgdGVjaG5vbG9naWNhbCBtZWFzdXJlcyB3ZSBoYXZlIHVzZWQgdG8gcHJvdGVjdCB0aGUgYXBwbGljYXRpb25zIGluIHRoaXMgYnVnIGJvdW50eSBwcm9ncmFtJ3Mgc2NvcGUuXG4qIFdlIHdhbnQgeW91IHRvIHJlc3BvbnNpYmx5IGRpc2Nsb3NlIHRocm91Z2ggb3VyIGJ1ZyBib3VudHkgcHJvZ3JhbSwgYW5kIGRvbid0IHdhbnQgcmVzZWFyY2hlcnMgcHV0IGluIGZlYXIgb2YgbGVnYWwgY29uc2VxdWVuY2VzIGJlY2F1c2Ugb2YgdGhlaXIgZ29vZCBmYWl0aCBhdHRlbXB0cyB0byBjb21wbHkgd2l0aCBvdXIgYnVnIGJvdW50eSBwb2xpY3kuIFdlIGNhbm5vdCBiaW5kIGFueSB0aGlyZCBwYXJ0eSwgc28gZG8gbm90IGFzc3VtZSB0aGlzIHByb3RlY3Rpb24gZXh0ZW5kcyB0byBhbnkgdGhpcmQgcGFydHkuIElmIGluIGRvdWJ0LCBhc2sgdXMgYmVmb3JlIGVuZ2FnaW5nIGluIGFueSBzcGVjaWZpYyBhY3Rpb24geW91IHRoaW5rIG1pZ2h0IGdvIG91dHNpZGUgdGhlIGJvdW5kcyBvZiBvdXIgcG9saWN5LlxuKiBCZWNhdXNlIGJvdGggaWRlbnRpZnlpbmcgYW5kIG5vbi1pZGVudGlmeWluZyBpbmZvcm1hdGlvbiBjYW4gcHV0IGEgcmVzZWFyY2hlciBhdCByaXNrLCB3ZSBsaW1pdCB3aGF0IHdlIHNoYXJlIHdpdGggdGhpcmQgcGFydGllcy4gV2UgbWF5IHByb3ZpZGUgbm9uLWlkZW50aWZ5aW5nIHN1YnN0YW50aXZlIGluZm9ybWF0aW9uIGZyb20geW91ciByZXBvcnQgdG8gYW4gYWZmZWN0ZWQgdGhpcmQgcGFydHksIGJ1dCBvbmx5IGFmdGVyIG5vdGlmeWluZyB5b3UgYW5kIHJlY2VpdmluZyBhIGNvbW1pdG1lbnQgdGhhdCB0aGUgdGhpcmQgcGFydHkgd2lsbCBub3QgcHVyc3VlIGxlZ2FsIGFjdGlvbiBhZ2FpbnN0IHlvdS4gV2Ugd2lsbCBvbmx5IHNoYXJlIGlkZW50aWZ5aW5nIGluZm9ybWF0aW9uIChuYW1lLCBlbWFpbCBhZGRyZXNzLCBwaG9uZSBudW1iZXIsIGV0Yy4pIHdpdGggYSB0aGlyZCBwYXJ0eSBpZiB5b3UgZ2l2ZSB5b3VyIHdyaXR0ZW4gcGVybWlzc2lvbi5cbiogSWYgeW91ciBzZWN1cml0eSByZXNlYXJjaCBhcyBwYXJ0IG9mIHRoZSBidWcgYm91bnR5IHByb2dyYW0gdmlvbGF0ZXMgY2VydGFpbiByZXN0cmljdGlvbnMgaW4gb3VyIHNpdGUgcG9saWNpZXMsIHRoZSBzYWZlIGhhcmJvciB0ZXJtcyBwZXJtaXQgYSBsaW1pdGVkIGV4ZW1wdGlvbi5cblxuXG4jIyMgUGVyZm9ybWluZyB5b3VyIHJlc2VhcmNoXG5cbiogRG8gbm90IGltcGFjdCBvdGhlciB1c2VycyB3aXRoIHlvdXIgdGVzdGluZywgdGhpcyBpbmNsdWRlcyB0ZXN0aW5nIHZ1bG5lcmFiaWxpdGllcyBpbiByZXBvc2l0b3JpZXMgb3Igb3JnYW5pemF0aW9ucyB5b3UgZG8gbm90IG93bi4gSWYgeW91IGFyZSBhdHRlbXB0aW5nIHRvIGZpbmQgYW4gYXV0aG9yaXphdGlvbiBieXBhc3MsIHlvdSBtdXN0IHVzZSBhY2NvdW50cyB5b3Ugb3duLlxuKiBUaGUgZm9sbG93aW5nIGFyZSAqKm5ldmVyKiogYWxsb3dlZCBhbmQgYXJlIGluZWxpZ2libGUgZm9yIHJld2FyZC4gV2UgbWF5IHN1c3BlbmQgeW91ciBHaXRIdWIgYWNjb3VudCBhbmQgYmFuIHlvdXIgSVAgYWRkcmVzcyBmb3I6XG5cbiAgKiBQZXJmb3JtaW5nIGRpc3RyaWJ1dGVkIGRlbmlhbCBvZiBzZXJ2aWNlIChERG9TKSBvciBvdGhlciB2b2x1bWV0cmljIGF0dGFja3NcbiAgKiBTcGFtbWluZyBjb250ZW50XG4gICogTGFyZ2Utc2NhbGUgdnVsbmVyYWJpbGl0eSBzY2FubmVycywgc2NyYXBlcnMsIG9yIGF1dG9tYXRlZCB0b29scyB3aGljaCBwcm9kdWNlIGV4Y2Vzc2l2ZSBhbW91bnRzIG9mIHRyYWZmaWMuXG4gICAgKiBOb3RlOiBXZSBfZG9fIGFsbG93IHRoZSB1c2Ugb2YgYXV0b21hdGVkIHRvb2xzIHNvIGxvbmcgYXMgdGhleSBkbyBub3QgcHJvZHVjZSBleGNlc3NpdmUgYW1vdW50cyBvZiB0cmFmZmljLiBGb3IgZXhhbXBsZSwgcnVubmluZyBvbmUgYG5tYXBgIHNjYW4gYWdhaW5zdCBvbmUgaG9zdCBpcyBhbGxvd2VkLCBidXQgc2VuZGluZyA2NSwwMDAgcmVxdWVzdHMgaW4gdHdvIG1pbnV0ZXMgdXNpbmcgQnVycCBTdWl0ZSBJbnRydWRlciBpcyBleGNlc3NpdmUuXG4qIFJlc2VhcmNoaW5nIGRlbmlhbC1vZi1zZXJ2aWNlIGF0dGFja3MgaXMgYWxsb3dlZCBhbmQgZWxpZ2libGUgZm9yIHJld2FyZHMgb25seSBpZiB5b3UgZm9sbG93IHRoZXNlIHJ1bGVzOlxuXG4gICogUmVzZWFyY2ggKiptdXN0KiogYmUgcGVyZm9ybWVkIGluIG9yZ2FuaXphdGlvbnMgb3IgcmVwb3NpdG9yaWVzIHlvdSBvd25cbiAgKiBTdG9wICoqaW1tZWRpYXRlbHkqKiBpZiB5b3UgYmVsaWV2ZSB5b3UgaGF2ZSBhZmZlY3RlZCB0aGUgYXZhaWxhYmlsaXR5IG9mIG91ciBzZXJ2aWNlcy4gRG9uJ3Qgd29ycnkgYWJvdXQgZGVtb25zdHJhdGluZyB0aGUgZnVsbCBpbXBhY3Qgb2YgeW91ciB2dWxuZXJhYmlsaXR5LCBHaXRIdWIncyBzZWN1cml0eSB0ZWFtIHdpbGwgYmUgYWJsZSB0byBkZXRlcm1pbmUgdGhlIGltcGFjdC5cbiAgKiBUaGVyZSBhcmUgbm8gbGltaXRzIGZvciByZXNlYXJjaGluZyBkZW5pYWwgb2Ygc2VydmljZSB2dWxuZXJhYmlsaXRpZXMgYWdhaW5zdCB5b3VyIG93biBpbnN0YW5jZSBvZiBbR2l0SHViIEVudGVycHJpc2UgU2VydmVyXShodHRwczovL2JvdW50eS5naXRodWIuY29tL3RhcmdldHMvZ2l0aHViLWVudGVycHJpc2Utc2VydmVyLmh0bWwpXG5cblxuIyMjIEhhbmRsaW5nIHBlcnNvbmFsbHkgaWRlbnRpZmlhYmxlIGluZm9ybWF0aW9uIChQSUkpXG5cbiogUGVyc29uYWxseSBpZGVudGlmeWluZyBpbmZvcm1hdGlvbiAoUElJKSBpbmNsdWRlczpcbiAgKiBsZWdhbCBhbmQvb3IgZnVsbCBuYW1lc1xuICAqIG5hbWVzIG9yIHVzZXJuYW1lcyBjb21iaW5lZCB3aXRoIG90aGVyIGlkZW50aWZpZXJzIGxpa2UgcGhvbmUgbnVtYmVycyBvciBlbWFpbCBhZGRyZXNzZXNcbiAgKiBoZWFsdGggb3IgZmluYW5jaWFsIGluZm9ybWF0aW9uIChpbmNsdWRpbmcgaW5zdXJhbmNlIGluZm9ybWF0aW9uLCBzb2NpYWwgc2VjdXJpdHkgbnVtYmVycywgZXRjLilcbiAgKiBpbmZvcm1hdGlvbiBhYm91dCBwb2xpdGljYWwgb3IgcmVsaWdpb3VzIGFmZmlsaWF0aW9uc1xuICAqIGluZm9ybWF0aW9uIGFib3V0IHJhY2UsIGV0aG5pY2l0eSwgc2V4dWFsIG9yaWVudGF0aW9uLCBnZW5kZXIsIG9yIG90aGVyIGlkZW50aWZ5aW5nIGluZm9ybWF0aW9uIHRoYXQgY291bGQgYmUgdXNlZCBmb3IgZGlzY3JpbWluYXRvcnkgcHVycG9zZXNcbiogRG8gbm90IGludGVudGlvbmFsbHkgYWNjZXNzIG90aGVycycgUElJLiBJZiB5b3Ugc3VzcGVjdCBhIHNlcnZpY2UgcHJvdmlkZXMgYWNjZXNzIHRvIFBJSSwgbGltaXQgcXVlcmllcyB0byB5b3VyIG93biBwZXJzb25hbCBpbmZvcm1hdGlvbi5cbiogUmVwb3J0IHRoZSB2dWxuZXJhYmlsaXR5ICppbW1lZGlhdGVseSogYW5kIGRvIG5vdCBhdHRlbXB0IHRvIGFjY2VzcyBhbnkgb3RoZXIgZGF0YS4gVGhlIEdpdEh1YiBTZWN1cml0eSB0ZWFtIHdpbGwgYXNzZXNzIHRoZSBzY29wZSBhbmQgaW1wYWN0IG9mIHRoZSBQSUkgZXhwb3N1cmUuXG4qIExpbWl0IHRoZSBhbW91bnQgb2YgZGF0YSByZXR1cm5lZCBmcm9tIHNlcnZpY2VzLiBGb3IgU1FMIGluamVjdGlvbiwgZm9yIGV4YW1wbGUsIGxpbWl0IHRoZSBudW1iZXIgb2Ygcm93cyByZXR1cm5lZFxuKiBZb3UgbXVzdCBkZWxldGUgYWxsIHlvdXIgbG9jYWwsIHN0b3JlZCwgb3IgY2FjaGVkIGNvcGllcyBvZiBkYXRhIGNvbnRhaW5pbmcgUElJIGFzIHNvb24gYXMgcG9zc2libGUuIFdlIG1heSBhc2sgeW91IHRvIHNpZ24gYSBjZXJ0aWZpY2F0ZSBvZiBkZWxldGlvbiBhbmQgY29uZmlkZW50aWFsaXR5IGFncmVlbWVudCByZWdhcmRpbmcgdGhlIGV4YWN0IGluZm9ybWF0aW9uIHlvdSBhY2Nlc3NlZC4gVGhpcyBhZ3JlZW1lbnQgd2lsbCBub3QgYWZmZWN0IHlvdXIgYm91bnR5IHJld2FyZC5cbiogV2UgbWF5IGFzayB5b3UgZm9yIHRoZSB1c2VybmFtZXMgYW5kIElQIGFkZHJlc3NlcyB1c2VkIGR1cmluZyB5b3VyIHRlc3RpbmcgdG8gYXNzZXNzIHRoZSBpbXBhY3Qgb2YgdGhlIHZ1bG5lcmFiaWxpdHlcblxuXG4jIyMgUmVwb3J0aW5nIHlvdXIgdnVsbmVyYWJpbGl0eVxuXG4qIFN1Ym1pc3Npb25zIG11c3QgaW5jbHVkZSB3cml0dGVuIGluc3RydWN0aW9ucyBmb3IgcmVwcm9kdWNpbmcgdGhlIHZ1bG5lcmFiaWxpdHkuIFN1Ym1pc3Npb25zIHdpdGhvdXQgY2xlYXIgcmVwcm9kdWN0aW9uIHN0ZXBzIG9yIHdoaWNoIG9ubHkgaW5jbHVkZSByZXByb2R1Y3Rpb24gc3RlcHMgaW4gdmlkZW8gZm9ybSBtYXkgYmUgaW5lbGlnaWJsZSBmb3IgYSByZXdhcmQuXG4qIFdoZW4gcmVwb3J0aW5nIHZ1bG5lcmFiaWxpdGllcyB5b3UgbXVzdCBrZWVwIGFsbCBpbmZvcm1hdGlvbiBvbiBIYWNrZXJPbmUuIERvIG5vdCBwb3N0IGluZm9ybWF0aW9uIHRvIHZpZGVvLXNoYXJpbmcgb3IgcGFzdGViaW4gc2l0ZXMuIFZpZGVvcyBhbmQgaW1hZ2VzIGNhbiBiZSB1cGxvYWRlZCBkaXJlY3RseSB2aWEgSGFja2VyT25lLlxuKiBGb3IgdnVsbmVyYWJpbGl0aWVzIGludm9sdmluZyBwZXJzb25hbGx5IGlkZW50aWZpYWJsZSBpbmZvcm1hdGlvbiwgcGxlYXNlIGV4cGxhaW4gdGhlIGtpbmQgb2YgUElJIHlvdSBiZWxpZXZlIGlzIGV4cG9zZWQgYW5kIGxpbWl0IHRoZSBhbW91bnQgb2YgUElJIGRhdGEgaW5jbHVkZWQgaW4geW91ciBzdWJtaXNzaW9ucy4gRm9yIHRleHR1YWwgaW5mb3JtYXRpb24gYW5kIHNjcmVlbnNob3RzLCBwbGVhc2Ugb25seSBpbmNsdWRlIHJlZGFjdGVkIGRhdGEgaW4geW91ciBzdWJtaXNzaW9uLlxuKiBEbyBub3QgcHVibGljbHkgZGlzY2xvc2UgeW91ciBzdWJtaXNzaW9uIHVudGlsIEdpdEh1YiBoYXMgZXZhbHVhdGVkIHRoZSBpbXBhY3QuXG5cblxuIyMjIFJlY2VpdmluZyB5b3VyIGF3YXJkXG5cbiogQWxsIHJld2FyZCBhbW91bnRzIGFyZSBkZXRlcm1pbmVkIGJ5IG91ciBbc2V2ZXJpdHkgZ3VpZGVsaW5lc10oaHR0cHM6Ly9ib3VudHkuZ2l0aHViLmNvbS8jc2V2ZXJpdHktZ3VpZGVsaW5lcykuXG4qIFdoZW4gZHVwbGljYXRlcyBvY2N1ciwgd2Ugb25seSBhd2FyZCB0aGUgZmlyc3QgcmVwb3J0IHRoYXQgd2FzIHJlY2VpdmVkIChwcm92aWRlZCB0aGF0IGl0IGNhbiBiZSBmdWxseSByZXByb2R1Y2VkKS5cbiogWW91IGFyZSBmcmVlIHRvIHB1Ymxpc2ggd3JpdGUtdXBzIGFib3V0IHlvdXIgdnVsbmVyYWJpbGl0eSBhbmQgR2l0SHViIHdpbGwgbm90IGxpbWl0IHdoYXQgeW91IHdyaXRlLiBXZSBtYXkgcGF5IG91dCB5b3VyIHJld2FyZCBiZWZvcmUgdGhlIHZ1bG5lcmFiaWxpdHkgaXMgcGF0Y2hlZCBzbyB3ZSBtYXkgYXNrIHRoYXQgeW91IGRlbGF5IHB1Ymxpc2hpbmcgdG8ga2VlcCBvdGhlciBHaXRIdWIgdXNlcnMgc2FmZS5cbiogTWVkaXVtLCBoaWdoLCBhbmQgY3JpdGljYWwgc2V2ZXJpdHkgaXNzdWVzIHdpbGwgYmUgd3JpdHRlbiB1cCBvbiB0aGUgR2l0SHViIEJ1ZyBCb3VudHkgc2l0ZSBhbmQgaW5jbHVkZWQgaW4gb3VyIGxlYWRlcmJvYXJkLiBXZSBkb24ndCBjdXJyZW50bHkgcG9zdCB3cml0ZS11cHMgZm9yIGxvdyBzZXZlcml0eSB2dWxuZXJhYmlsaXRpZXMuXG4qIEdpdEh1YiBpcyBhIENWRSBOdW1iZXJpbmcgQXV0aG9yaXR5IChDTkEpIGZvciBHaXRIdWIgRW50ZXJwcmlzZSBTZXJ2ZXIuIEVsaWdpYmxlIEJ1ZyBCb3VudHkgc3VibWlzc2lvbnMgdGhhdCBhZmZlY3QgR2l0SHViIEVudGVycHJpc2UgU2VydmVyIG1heSBiZSBhc3NpZ25lZCBDVkVzLiBUaGVzZSBDVkVzIHdpbGwgYmUgc2hhcmVkIHdpdGggc3VibWl0dGVycyB2aWEgSGFja2VyT25lLCBpbmNsdWRlZCBpbiBbYm91bnR5IHdyaXRlLXVwc10oaHR0cHM6Ly9ib3VudHkuZ2l0aHViLmNvbS9ib3VudHktaHVudGVycy5odG1sKSBhbmQgbGlzdGVkIGluIHRoZSBHaXRIdWIgRW50ZXJwcmlzZSBTZXJ2ZXIgW3JlbGVhc2Ugbm90ZXNdKGh0dHBzOi8vZW50ZXJwcmlzZS5naXRodWIuY29tL3JlbGVhc2VzKS5cbiogWW91IG1heSBwcmVmZXIgdGhlIHJld2FyZCBnbyB0b3dhcmQgaGVscGluZyBvdGhlcnMuIElmIHlvdSBjaG9vc2UgdG8gZG8gc28sIEdpdEh1YiB3aWxsIGRvbmF0ZSB5b3VyIHJld2FyZCB0byBhbiBlc3RhYmxpc2hlZCA1MDEoYykoMykgY2hhcml0YWJsZSBvcmdhbml6YXRpb24gb2YgeW91ciBjaG9pY2UuIEdpdEh1YiB3aWxsIGFsc28gbWF0Y2ggeW91ciBkb25hdGlvbiAtIHN1YmplY3QgdG8gb3VyIGRpc2NyZXRpb24uIEFueSByZXdhcmRzIHRoYXQgZ28gdW5jbGFpbWVkIGFmdGVyIDEyIG1vbnRocyB3aWxsIGJlIGRvbmF0ZWQgdG8gYSBjaGFyaXR5IG9mIEdpdEh1YidzIGNob29zaW5nLlxuXG5cbiMjIFNjb3BlXG5cbkdpdEh1YiBydW5zIGEgbnVtYmVyIG9mIHNlcnZpY2VzIGJ1dCBvbmx5IHN1Ym1pc3Npb25zIHVuZGVyIHRoZSBmb2xsb3dpbmcgZG9tYWlucyBhcmUgZWxpZ2libGUgZm9yIHJld2FyZHMuIEFueSBHaXRIdWItb3duZWQgZG9tYWlucyBub3QgbGlzdGVkIGJlbG93IGFyZSAqbm90KiBpbi1zY29wZSwgKm5vdCogZWxpZ2libGUgZm9yIHJld2FyZHMgYW5kICpub3QqIGNvdmVyZWQgYnkgb3VyIFtsZWdhbCBzYWZlIGhhcmJvcl0oaHR0cHM6Ly9ib3VudHkuZ2l0aHViLmNvbSNsZWdhbF9zYWZlX2hhcmJvcikuXG5cblxuIyMjIGdpdGh1Yi5jb21cblxuT3VyIG1haW4gZG9tYWluIGhvc3RpbmcgdXNlci1mYWNpbmcgR2l0SHViIHNlcnZpY2VzLi4gQWxsIHN1YmRvbWFpbnMgdW5kZXIgYGdpdGh1Yi5jb21gIGFyZSBpbi1zY29wZSAqZXhjZXB0KjpcbiogYGJsb2cuZ2l0aHViLmNvbWBcbiogYGNvbW11bml0eS5naXRodWIuY29tYFxuKiBgZW1haWwuZW50ZXJwcmlzZS5naXRodWIuY29tYFxuKiBgZW1haWwuZmluYW5jZS5naXRodWIuY29tYFxuKiBgZW1haWwuc3RhZ2luZy5maW5hbmNlLmdpdGh1Yi5jb21gXG4qIGBlbWFpbC5zdXBwb3J0LmdpdGh1Yi5jb21gXG4qIGBlbWFpbC52ZXJpZnkuZ2l0aHViLmNvbWBcbiogYGdvb2dsZTc2NTBkY2Y2MTQ2ZjA0ZDguZ2l0aHViLmNvbWBcbiogYGsxLl9kb21haW5rZXkuZ2l0aHViLmNvbWBcbiogYGsxLl9kb21haW5rZXkubWNtYWlsLmdpdGh1Yi5jb21gXG4qIGBtY21haWwuZ2l0aHViLmNvbWBcbiogYHJlc291cmNlcy5naXRodWIuY29tYFxuKiBgKi5yZXNvdXJjZXMuZ2l0aHViLmNvbWBcbiogYHNnbWFpbC5naXRodWIuY29tYFxuKiBgKi5zZ21haWwuZ2l0aHViLmNvbWBcbiogYHNob3AuZ2l0aHViLmNvbWBcbiogYHNtdHAuZ2l0aHViLmNvbWBcbiogYCouc210cC5naXRodWIuY29tYFxuKiBgc3VwcG9ydC5naXRodWIuY29tYFxuXG4jIyMgZ2l0aHViYXNzZXRzLmNvbVxuXG5PdXIgZG9tYWluIGZvciBob3N0aW5nIHN0YXRpYyBhc3NldHMuLiBBbGwgc3ViZG9tYWlucyB1bmRlciBgZ2l0aHViYXNzZXRzLmNvbWAgYXJlIGluLXNjb3BlXG5cbiMjIyBnaXRodWJ1c2VyY29udGVudC5jb21cblxuT3VyIGRvbWFpbiBmb3IgaG9zdGluZyBhbmQgcmVuZGVyaW5nIHVzZXJzJyBkYXRhLi4gQWxsIHN1YmRvbWFpbnMgdW5kZXIgYGdpdGh1YnVzZXJjb250ZW50LmNvbWAgYXJlIGluLXNjb3BlXG5cbiMjIyBnaXRodWJhcHAuY29tXG5cbk91ciBkb21haW4gZm9yIGhvc3RpbmcgZW1wbG95ZWUtZmFjaW5nIHNlcnZpY2VzLi4gQWxsIHN1YmRvbWFpbnMgdW5kZXIgYGdpdGh1YmFwcC5jb21gIGFyZSBpbi1zY29wZSAqZXhjZXB0KjpcbiogYGF0b20taW8uZ2l0aHViYXBwLmNvbWBcbiogYGF0b20taW8tc3RhZ2luZy5naXRodWJhcHAuY29tYFxuKiBgZW1haWwuZW50ZXJwcmlzZS1zdGFnaW5nLmdpdGh1YmFwcC5jb21gXG4qIGBlbWFpbC5oYXlzdGFjay5naXRodWJhcHAuY29tYFxuKiBgcmVwbHkuZ2l0aHViYXBwLmNvbWBcblxuIyMjIGdpdGh1Yi5uZXRcblxuT3VyIGRvbWFpbiBmb3IgaG9zdGluZyBHaXRIdWIncyBpbnRlcm5hbCBwcm9kdWN0aW9uIHNlcnZpY2VzLiBNYW55IG9mIHRoZXNlIHNlcnZpY2VzIGFyZSBub3QgYWNjZXNzaWJsZSBmcm9tIG91dHNpZGUgb3VyIGludGVybmFsIG5ldHdvcmsuLiBBbGwgc3ViZG9tYWlucyB1bmRlciBgZ2l0aHViLm5ldGAgYXJlIGluLXNjb3BlXG5cbiMjIyBzZW1tbGUuY29tXG5cbk91ciBtYWluIGRvbWFpbiBmb3IgU2VtbWxlIGFuZCBMR1RNIHNlcnZpY2VzLiBBbGwgc3ViZG9tYWlucyB1bmRlciBgc2VtbWxlLmNvbWAgYXJlIGluLXNjb3BlICpleGNlcHQqOlxuKiBgZGV2LnNlbW1sZS5jb21gXG4qIGBnaXQuc2VtbWxlLmNvbWBcbiogYGppcmEuc2VtbWxlLmNvbWBcbiogYHdpa2kuc2VtbWxlLmNvbWBcblxuIyMjIHNlbW1sZS5uZXRcblxuT3VyIGRvbWFpbiBmb3Igbm9uLXByb2R1Y3Rpb24gU2VtbWxlIHNlcnZpY2VzLiBBbGwgc3ViZG9tYWlucyB1bmRlciBgc2VtbWxlLm5ldGAgYXJlIGluLXNjb3BlXG5cbiMjIyBkb3dubG9hZHMubGd0bS5jb21cblxuT3VyIGRvbWFpbiBmb3Igc2VydmluZyBMR1RNIGRvd25sb2Fkcy4uIEFsbCBzdWJkb21haW5zIHVuZGVyIGBkb3dubG9hZHMubGd0bS5jb21gIGFyZSBpbi1zY29wZVxuXG4jIyMgbGd0bS1jb20ucGVudGVzdGluZy5zZW1tbGUubmV0XG5cbkFuIGluc3RhbmNlIG9mIFtMR1RNXShodHRwczovL2JvdW50eS5naXRodWIuY29tL3RhcmdldHMvbGd0bS5odG1sKSBlc3BlY2lhbGx5IGZvciBCdWcgQm91bnR5IHJlc2VhcmNoLi4gQWxsIHN1YmRvbWFpbnMgdW5kZXIgYGxndG0tY29tLnBlbnRlc3Rpbmcuc2VtbWxlLm5ldGAgYXJlIGluLXNjb3BlXG5cbiMjIyBiYWNrZW5kLWRvdC1sZ3RtLXBlbmV0cmF0aW9uLXRlc3RpbmcuYXBwc3BvdC5jb21cblxuQW4gaW5zdGFuY2Ugb2YgW0xHVE1dKGh0dHBzOi8vYm91bnR5LmdpdGh1Yi5jb20vdGFyZ2V0cy9sZ3RtLmh0bWwpJ3MgYmFja2VuZCB1c2VkIGZvciB0cmlnZ2VyaW5nIGF1dG9tYXRlZCB0YXNrcy4uIEFsbCBzdWJkb21haW5zIHVuZGVyIGBiYWNrZW5kLWRvdC1sZ3RtLXBlbmV0cmF0aW9uLXRlc3RpbmcuYXBwc3BvdC5jb21gIGFyZSBpbi1zY29wZVxuXG4jIyBTZXZlcml0eSBHdWlkZWxpbmVzXG5cbkFsbCBib3VudHkgc3VibWlzc2lvbnMgYXJlIHJhdGVkIGJ5IEdpdEh1YiB1c2luZyBhIHB1cnBvc2VmdWxseSBzaW1wbGUgc2NhbGUuIEVhY2ggdnVsbmVyYWJpbGl0eSBpcyB1bmlxdWUgYnV0IHRoZSBmb2xsb3dpbmcgaXMgYSByb3VnaCBndWlkZWxpbmUgd2UgdXNlIGludGVybmFsbHkgZm9yIHJhdGluZyBhbmQgcmV3YXJkaW5nIHN1Ym1pc3Npb25zOlxuXG5cbiMjIyBDcml0aWNhbDogJDIwLDAwMCAtICQzMCwwMDBcblxuQ3JpdGljYWwgc2V2ZXJpdHkgaXNzdWVzIHByZXNlbnQgYSBkaXJlY3QgYW5kIGltbWVkaWF0ZSByaXNrIHRvIGEgYnJvYWQgYXJyYXkgb2Ygb3VyIHVzZXJzIG9yIHRvIEdpdEh1YiBpdHNlbGYuIFRoZXkgb2Z0ZW4gYWZmZWN0IHJlbGF0aXZlbHkgbG93LWxldmVsL2ZvdW5kYXRpb25hbCBjb21wb25lbnRzIGluIG9uZSBvZiBvdXIgYXBwbGljYXRpb24gc3RhY2tzIG9yIGluZnJhc3RydWN0dXJlLiBGb3IgZXhhbXBsZTpcbiogYXJiaXRyYXJ5IGNvZGUvY29tbWFuZCBleGVjdXRpb24gb24gYSBHaXRIdWIgc2VydmVyIGluIG91ciBwcm9kdWN0aW9uIG5ldHdvcmsuXG4qIGFyYml0cmFyeSBTUUwgcXVlcmllcyBvbiB0aGUgR2l0SHViIHByb2R1Y3Rpb24gZGF0YWJhc2UuXG4qIGJ5cGFzc2luZyB0aGUgR2l0SHViIGxvZ2luIHByb2Nlc3MsIGVpdGhlciBwYXNzd29yZCBvciAyRkEuXG4qIGFjY2VzcyB0byBzZW5zaXRpdmUgcHJvZHVjdGlvbiB1c2VyIGRhdGEgb3IgYWNjZXNzIHRvIGludGVybmFsIHByb2R1Y3Rpb24gc3lzdGVtcy5cbiogYWNjZXNzaW5nIGFub3RoZXIgdXNlcidzIGRhdGEgaW4gdGhlIEdpdEh1YiBBY3Rpb25zIHNlcnZpY2UuXG5cblRoZSB1cHBlciBib3VuZCBmb3IgY3JpdGljYWwgdnVsbmVyYWJpbGl0aWVzLCAkMzAsMDAwLCBpcyBvbmx5IGEgZ3VpZGVsaW5lIGFuZCBHaXRIdWIgbWF5IHJld2FyZCBoaWdoZXIgYW1vdW50cyBmb3IgZXhjZXB0aW9uYWwgcmVwb3J0cy5cblxuXG4jIyMgSGlnaDogJDEwLDAwMCAtICQyMCwwMDBcblxuSGlnaCBzZXZlcml0eSBpc3N1ZXMgYWxsb3cgYW4gYXR0YWNrZXIgdG8gcmVhZCBvciBtb2RpZnkgaGlnaGx5IHNlbnNpdGl2ZSBkYXRhIHRoYXQgdGhleSBhcmUgbm90IGF1dGhvcml6ZWQgdG8gYWNjZXNzLiBUaGV5IGFyZSBnZW5lcmFsbHkgbW9yZSBuYXJyb3cgaW4gc2NvcGUgdGhhbiBjcml0aWNhbCBpc3N1ZXMsIHRob3VnaCB0aGV5IG1heSBzdGlsbCBncmFudCBhbiBhdHRhY2tlciBleHRlbnNpdmUgYWNjZXNzLiBGb3IgZXhhbXBsZTpcbiogaW5qZWN0aW5nIGF0dGFja2VyIGNvbnRyb2xsZWQgY29udGVudCBpbnRvIEdpdEh1Yi5jb20gKFhTUykgd2hpY2ggYnlwYXNzZXMgQ1NQLlxuKiBieXBhc3NpbmcgYXV0aG9yaXphdGlvbiBsb2dpYyB0byBncmFudCBhIHJlcG9zaXRvcnkgY29sbGFib3JhdG9yIG1vcmUgYWNjZXNzIHRoYW4gaW50ZW5kZWQuXG4qIGRpc2NvdmVyaW5nIHNlbnNpdGl2ZSB1c2VyIG9yIEdpdEh1YiBkYXRhIGluIGEgcHVibGljbHkgZXhwb3NlZCByZXNvdXJjZSwgc3VjaCBhcyBhbiBTMyBidWNrZXQuXG4qIGdhaW5pbmcgYWNjZXNzIHRvIGEgbm9uLWNyaXRpY2FsIHJlc291cmNlIHRoYXQgb25seSBHaXRIdWIgZW1wbG95ZWVzIHNob3VsZCBiZSBhYmxlIHRvIHJlYWNoLlxuKiB1c2luZyB0aGUgR2l0SHViIEFjdGlvbnMgcmVwby1zY29wZWQgR2l0SHViIHRva2VuIHRvIGFjY2VzcyBoaWdoLXJpc2sgcHJpdmF0ZSBjb250ZW50IG91dHNpZGUgb2YgdGhhdCByZXBvc2l0b3J5LlxuKiBjb2RlIGV4ZWN1dGlvbiBpbiBhIGRlc2t0b3AgYXBwIHRoYXQgcmVxdWlyZXMgbm8gdXNlciBpbnRlcmFjdGlvbi5cblxuXG4jIyMgTWVkaXVtOiAkNCwwMDAgLSAkMTAsMDAwXG5cbk1lZGl1bSBzZXZlcml0eSBpc3N1ZXMgYWxsb3cgYW4gYXR0YWNrZXIgdG8gcmVhZCBvciBtb2RpZnkgbGltaXRlZCBhbW91bnRzIG9mIGRhdGEgdGhhdCB0aGV5IGFyZSBub3QgYXV0aG9yaXplZCB0byBhY2Nlc3MuIFRoZXkgZ2VuZXJhbGx5IGdyYW50IGFjY2VzcyB0byBsZXNzIHNlbnNpdGl2ZSBpbmZvcm1hdGlvbiB0aGFuIGhpZ2ggc2V2ZXJpdHkgaXNzdWVzLiBGb3IgZXhhbXBsZTpcbiogZGlzY2xvc2luZyB0aGUgdGl0bGUgb2YgaXNzdWVzIGluIHByaXZhdGUgcmVwb3NpdG9yaWVzIHdoaWNoIHNob3VsZCBiZSBiZSBpbmFjY2Vzc2libGUuXG4qIGluamVjdGluZyBhdHRhY2tlciBjb250cm9sbGVkIGNvbnRlbnQgaW50byBHaXRIdWIuY29tIChYU1MpIGJ1dCBub3QgYnlwYXNzaW5nIENTUCBvciBleGVjdXRpbmcgc2Vuc2l0aXZlIGFjdGlvbnMgd2l0aCBhbm90aGVyIHVzZXIncyBzZXNzaW9uLlxuKiBieXBhc3NpbmcgQ1NSRiB2YWxpZGF0aW9uIGZvciBsb3cgcmlzayBhY3Rpb25zLCBzdWNoIGFzIHN0YXJyaW5nIGEgcmVwb3NpdG9yeSBvciB1bnN1YnNjcmliaW5nIGZyb20gYSBtYWlsaW5nIGxpc3QuXG4qIGVzY2FwaW5nIHRoZSBMR1RNIHdvcmtlciBzYW5kYm94IHRvIGFjY2VzcyBvdGhlciB1c2VyJ3MgZGF0YSBvciBwcml2YXRlIG5ldHdvcmtlZCByZXNvdXJjZXNcblxuXG4jIyMgTG93OiAkNjE3IC0gJDIsMDAwXG5cbkxvdyBzZXZlcml0eSBpc3N1ZXMgYWxsb3cgYW4gYXR0YWNrZXIgdG8gYWNjZXNzIGV4dHJlbWVseSBsaW1pdGVkIGFtb3VudHMgb2YgZGF0YS4gVGhleSBtYXkgdmlvbGF0ZSBhbiBleHBlY3RhdGlvbiBmb3IgaG93IHNvbWV0aGluZyBpcyBpbnRlbmRlZCB0byB3b3JrLCBidXQgaXQgYWxsb3dzIG5lYXJseSBubyBlc2NhbGF0aW9uIG9mIHByaXZpbGVnZSBvciBhYmlsaXR5IHRvIHRyaWdnZXIgdW5pbnRlbmRlZCBiZWhhdmlvciBieSBhbiBhdHRhY2tlci4gRm9yIGV4YW1wbGU6XG4qIHNpZ25pbmcgdXAgYXJiaXRyYXJ5IHVzZXJzIGZvciBhY2Nlc3MgdG8gYW4gXCJlYXJseSBhY2Nlc3MgZmVhdHVyZVwiIHdpdGhvdXQgdGhlaXIgY29uc2VudC5cbiogY3JlYXRpbmcgYW4gaXNzdWUgY29tbWVudCB0aGF0IGJ5cGFzc2VzIG91ciBpbWFnZSBwcm94eWluZyBmaWx0ZXIgYnkgcHJvdmlkaW5nIGEgbWFsZm9ybWVkIFVSTC5cbiogYnlwYXNzaW5nIGNvbW11bml0eS1hbmQtc2FmZXR5IGZlYXR1cmVzIHN1Y2ggYXMgbG9ja2VkIGNvbnZlcnNhdGlvbnMuXG4qIGJ5cGFzc2luZyBiaWxsaW5nIFx1MDAyNiBwbGFuIHJlc3RyaWN0aW9ucyB0byBnYWluIGFjY2VzcyB0byBwYWlkIGZlYXR1cmVzLlxuKiB0cmlnZ2VyaW5nIHZlcmJvc2Ugb3IgZGVidWcgZXJyb3IgcGFnZXMgd2l0aG91dCBwcm9vZiBvZiBleHBsb2l0YWJpbGl0eSBvciBvYnRhaW5pbmcgc2Vuc2l0aXZlIGluZm9ybWF0aW9uLlxuKiB0cmlnZ2VyaW5nIGFwcGxpY2F0aW9uIGV4Y2VwdGlvbnMgdGhhdCBjb3VsZCBhZmZlY3QgbWFueSBHaXRIdWIgdXNlcnMuXG4qIHRyaWdnZXJpbmcgWFNTIG9yIENTUkYgdnVsbmVyYWJpbGl0aWVzIGluIExHVE1cblxuIiwiY3JlYXRlZF9hdCI6IjIwMTYtMDQtMTVUMTc6MTA6MzEuMjYxWiIsInVwZGF0ZWRfYXQiOiIyMDIwLTA0LTA4VDEzOjQ1OjQ5LjU0OFoifX19LCJzZXZlcml0eSI6eyJkYXRhIjp7ImlkIjoiNzEzNTY4IiwidHlwZSI6InNldmVyaXR5IiwiYXR0cmlidXRlcyI6eyJyYXRpbmciOiJub25lIiwiYXV0aG9yX3R5cGUiOiJVc2VyIiwidXNlcl9pZCI6MTAxMzU5NiwiY3JlYXRlZF9hdCI6IjIwMjAtMDUtMDZUMjM6MDI6NTMuNjM0WiJ9fX0sInN3YWciOnsiZGF0YSI6W119LCJhdHRhY2htZW50cyI6eyJkYXRhIjpbXX0sImFjdGl2aXRpZXMiOnsiZGF0YSI6W119LCJib3VudGllcyI6eyJkYXRhIjpbXX0sInN1bW1hcmllcyI6eyJkYXRhIjpbXX0sImN1c3RvbV9maWVsZF92YWx1ZXMiOnsiZGF0YSI6W119fX19
|
79
|
+
http_version: null
|
80
|
+
recorded_at: Wed, 06 May 2020 23:02:53 GMT
|
81
|
+
recorded_with: VCR 5.1.0
|
@@ -0,0 +1,79 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: post
|
5
|
+
uri: https://api.hackerone.com/v1/reports
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: '{"data":{"type":"report","attributes":{"team_handle":"github","title":"hi","vulnerability_information":"hi","impact":"string","severity_rating":"invalid_severity","source":"api"}}}'
|
9
|
+
headers:
|
10
|
+
Authorization:
|
11
|
+
- Basic NOPE
|
12
|
+
User-Agent:
|
13
|
+
- Faraday v1.0.1
|
14
|
+
Content-Type:
|
15
|
+
- application/json
|
16
|
+
Accept-Encoding:
|
17
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
18
|
+
Accept:
|
19
|
+
- "*/*"
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 400
|
23
|
+
message: Bad Request
|
24
|
+
headers:
|
25
|
+
Date:
|
26
|
+
- Wed, 06 May 2020 23:18:54 GMT
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
|
+
Transfer-Encoding:
|
30
|
+
- chunked
|
31
|
+
Connection:
|
32
|
+
- keep-alive
|
33
|
+
Set-Cookie:
|
34
|
+
- __cfduid=de6cf45714928bec4f073b32dab8dddec1588807134; expires=Fri, 05-Jun-20
|
35
|
+
23:18:54 GMT; path=/; Domain=api.hackerone.com; HttpOnly; SameSite=Lax; Secure
|
36
|
+
X-Request-Id:
|
37
|
+
- ef6a977c-7273-4682-86ac-97a6af3d8ba0
|
38
|
+
Cache-Control:
|
39
|
+
- no-cache
|
40
|
+
Strict-Transport-Security:
|
41
|
+
- max-age=31536000; includeSubDomains; preload
|
42
|
+
X-Frame-Options:
|
43
|
+
- DENY
|
44
|
+
X-Content-Type-Options:
|
45
|
+
- nosniff
|
46
|
+
X-Xss-Protection:
|
47
|
+
- 1; mode=block
|
48
|
+
X-Download-Options:
|
49
|
+
- noopen
|
50
|
+
X-Permitted-Cross-Domain-Policies:
|
51
|
+
- none
|
52
|
+
Referrer-Policy:
|
53
|
+
- strict-origin-when-cross-origin
|
54
|
+
Expect-Ct:
|
55
|
+
- enforce, max-age=86400
|
56
|
+
Content-Security-Policy:
|
57
|
+
- 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
|
58
|
+
www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
|
59
|
+
font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
|
60
|
+
''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
|
61
|
+
profile-photos.hackerone-user-content.com hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com;
|
62
|
+
media-src ''self'' hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com;
|
63
|
+
script-src ''self'' www.google-analytics.com; style-src ''self'' ''unsafe-inline'';
|
64
|
+
report-uri https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
|
65
|
+
Cf-Cache-Status:
|
66
|
+
- DYNAMIC
|
67
|
+
Server:
|
68
|
+
- cloudflare
|
69
|
+
Cf-Ray:
|
70
|
+
- 58f66c4e6cd3f56d-SEA
|
71
|
+
Cf-Request-Id:
|
72
|
+
- '028de204fe0000f56dae94e200000001'
|
73
|
+
body:
|
74
|
+
encoding: UTF-8
|
75
|
+
string: '{"errors":[{"status":400,"title":"Invalid Parameter","detail":"The
|
76
|
+
parameter ''severity_rating'' is invalid.","source":{"parameter":"severity_rating"}}]}'
|
77
|
+
http_version: null
|
78
|
+
recorded_at: Wed, 06 May 2020 23:18:54 GMT
|
79
|
+
recorded_with: VCR 5.1.0
|
data/lib/hackerone/client.rb
CHANGED
@@ -104,6 +104,35 @@ module HackerOne
|
|
104
104
|
end
|
105
105
|
end
|
106
106
|
|
107
|
+
## Public: create a new report
|
108
|
+
#
|
109
|
+
# title: The title of the report
|
110
|
+
# summary: Summary of the report
|
111
|
+
# impact: Impact of the report
|
112
|
+
# severity_rating: severity of report, must be one of https://api.hackerone.com/reference/#severity-ratings
|
113
|
+
# source: where the report came from, i.e. API, Bugcrowd, etc.
|
114
|
+
#
|
115
|
+
# returns an Hackerone::Client::Report object or raises an error if
|
116
|
+
# error during creation
|
117
|
+
def create_report(title:, summary:, impact:, severity_rating:, source:)
|
118
|
+
raise ArgumentError, "Program cannot be nil" unless program
|
119
|
+
|
120
|
+
data = {
|
121
|
+
"data": {
|
122
|
+
"type": "report",
|
123
|
+
"attributes": {
|
124
|
+
"team_handle": program,
|
125
|
+
"title": title,
|
126
|
+
"vulnerability_information": summary,
|
127
|
+
"impact": impact,
|
128
|
+
"severity_rating": severity_rating,
|
129
|
+
"source": source
|
130
|
+
}
|
131
|
+
}
|
132
|
+
}
|
133
|
+
Report.new(post("reports", data))
|
134
|
+
end
|
135
|
+
|
107
136
|
## Public: retrieve a report
|
108
137
|
#
|
109
138
|
# id: the ID of a specific report
|
@@ -174,7 +174,7 @@ module HackerOne
|
|
174
174
|
end
|
175
175
|
|
176
176
|
def update_severity(rating:)
|
177
|
-
raise ArgumentError, "Invalid severity rating" unless SEVERITY_RATINGS.include?(rating)
|
177
|
+
raise ArgumentError, "Invalid severity rating" unless SEVERITY_RATINGS.include?(rating.to_s)
|
178
178
|
|
179
179
|
request_body = {
|
180
180
|
type: "severity",
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hackerone-client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.19.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Neil Matatall
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-05-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -142,6 +142,8 @@ files:
|
|
142
142
|
- fixtures/vcr_cassettes/award_a_bounty.yml
|
143
143
|
- fixtures/vcr_cassettes/award_swag.yml
|
144
144
|
- fixtures/vcr_cassettes/common_responses.yml
|
145
|
+
- fixtures/vcr_cassettes/create_report.yml
|
146
|
+
- fixtures/vcr_cassettes/create_report_invalid.yml
|
145
147
|
- fixtures/vcr_cassettes/dup.yml
|
146
148
|
- fixtures/vcr_cassettes/empty_report_list.yml
|
147
149
|
- fixtures/vcr_cassettes/missing_report.yml
|