hackerone-client 0.5.2 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +7 -3
- data/fixtures/vcr_cassettes/add_comment.yml +157 -0
- data/lib/hackerone/client.rb +21 -0
- data/lib/hackerone/client/activity.rb +6 -1
- data/lib/hackerone/client/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c7f8ebc4db13ee0c4e72453bbe928046adf079e0
|
|
4
|
+
data.tar.gz: b7155b4ce06a7cc0dbfaf748eb7c8dad175d4455
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fa218423cbde7a7d0b96e752fe409c7b28b853abedd3b98cd07ee9f2671e3ccbd82ebfa2e143c87410fc7ef22621ffd0e716c714960e46a21f420f32b3816c06
|
|
7
|
+
data.tar.gz: 66e707d5630b0d77edc6de393352cd03cf20d9cbd7b3f30decf7c2b63ef1d769d95034652eac723df214b65b768a874c09a7b4336b769d5ecd933dddea9b290d
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -5,16 +5,20 @@ A limited client library for interacting with HackerOne. Currently only supports
|
|
|
5
5
|
```ruby
|
|
6
6
|
client = HackerOne::Client::Api.new("github")
|
|
7
7
|
|
|
8
|
-
# GET
|
|
8
|
+
# GET '/reports' returns all reports in the "new" state for a given program
|
|
9
9
|
client.reports
|
|
10
10
|
|
|
11
|
-
# GET
|
|
11
|
+
# GET '/report/{id}' returns report data for a given report
|
|
12
12
|
report = client.report(id)
|
|
13
13
|
|
|
14
|
-
# PUT
|
|
14
|
+
# PUT '/reports/{id}/assignee'
|
|
15
15
|
report.assign_to_user("username")
|
|
16
16
|
report.assign_to_group("groupname")
|
|
17
17
|
|
|
18
|
+
# POST '/reports/#{id}/activities'
|
|
19
|
+
|
|
20
|
+
client.add_comment(id, message, internal: false) # internal is true by default
|
|
21
|
+
|
|
18
22
|
# POST '/report/{id}/state_change change the state of a report
|
|
19
23
|
# `state` can be one of new, triaged, needs-more-info, resolved, not-applicable, informative, duplicate, spam
|
|
20
24
|
client.state_change(id, state)
|
|
@@ -0,0 +1,157 @@
|
|
|
1
|
+
---
|
|
2
|
+
http_interactions:
|
|
3
|
+
- request:
|
|
4
|
+
method: post
|
|
5
|
+
uri: https://api.hackerone.com/v1/reports/215230/activities
|
|
6
|
+
body:
|
|
7
|
+
encoding: UTF-8
|
|
8
|
+
string: "{\"data\":{\"type\":\"activity-comment\",\"attributes\":{\"message\":\"I
|
|
9
|
+
am an internal comment\",\"internal\":true}}}"
|
|
10
|
+
headers:
|
|
11
|
+
Authorization:
|
|
12
|
+
- Basic ==
|
|
13
|
+
User-Agent:
|
|
14
|
+
- Faraday v0.11.0
|
|
15
|
+
Content-Type:
|
|
16
|
+
- application/json
|
|
17
|
+
Accept-Encoding:
|
|
18
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
|
19
|
+
Accept:
|
|
20
|
+
- "*/*"
|
|
21
|
+
response:
|
|
22
|
+
status:
|
|
23
|
+
code: 201
|
|
24
|
+
message: Created
|
|
25
|
+
headers:
|
|
26
|
+
Date:
|
|
27
|
+
- Thu, 20 Jul 2017 19:31:19 GMT
|
|
28
|
+
Content-Type:
|
|
29
|
+
- application/json; charset=utf-8
|
|
30
|
+
Transfer-Encoding:
|
|
31
|
+
- chunked
|
|
32
|
+
Connection:
|
|
33
|
+
- keep-alive
|
|
34
|
+
Set-Cookie:
|
|
35
|
+
- __cfduid=dc6e0045651a0dfb269f81402a0ee74051500579079; expires=Fri, 20-Jul-18
|
|
36
|
+
19:31:19 GMT; path=/; Domain=api.hackerone.com; HttpOnly
|
|
37
|
+
X-Request-Id:
|
|
38
|
+
- 552f630f-8f34-4e39-b49f-f4cf6046dd1b
|
|
39
|
+
Etag:
|
|
40
|
+
- W/"213a426a179715f6d44f095780be6b17"
|
|
41
|
+
Cache-Control:
|
|
42
|
+
- max-age=0, private, must-revalidate
|
|
43
|
+
Strict-Transport-Security:
|
|
44
|
+
- max-age=31536000; includeSubDomains; preload
|
|
45
|
+
Content-Security-Policy:
|
|
46
|
+
- 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
|
|
47
|
+
www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
|
|
48
|
+
font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
|
|
49
|
+
''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
|
|
50
|
+
profile-photos.hackerone-user-content.com hackerone-attachments.s3.amazonaws.com;
|
|
51
|
+
media-src ''self'' hackerone-attachments.s3.amazonaws.com; script-src ''self''
|
|
52
|
+
www.google-analytics.com; style-src ''self'' ''unsafe-inline''; report-uri
|
|
53
|
+
https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
|
|
54
|
+
X-Content-Type-Options:
|
|
55
|
+
- nosniff
|
|
56
|
+
X-Download-Options:
|
|
57
|
+
- noopen
|
|
58
|
+
X-Frame-Options:
|
|
59
|
+
- DENY
|
|
60
|
+
X-Permitted-Cross-Domain-Policies:
|
|
61
|
+
- none
|
|
62
|
+
X-Xss-Protection:
|
|
63
|
+
- 1; mode=block
|
|
64
|
+
Public-Key-Pins-Report-Only:
|
|
65
|
+
- pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";
|
|
66
|
+
pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=";
|
|
67
|
+
pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="bIlWcjiKq1mftH/xd7Hw1JO77Cr+Gv+XYcGUQWwO+A4=";
|
|
68
|
+
pin-sha256="tXD+dGAP8rGY4PW1be90cOYEwg7pZ4G+yPZmIZWPTSg="; max-age=600; includeSubDomains;
|
|
69
|
+
report-uri="https://hackerone.report-uri.io/r/default/hpkp/reportOnly"
|
|
70
|
+
Server:
|
|
71
|
+
- cloudflare-nginx
|
|
72
|
+
Cf-Ray:
|
|
73
|
+
- 3818570f7dce53a2-LAX
|
|
74
|
+
body:
|
|
75
|
+
encoding: UTF-8
|
|
76
|
+
string: "{\"data\":{\"type\":\"activity-comment\",\"id\":\"1854710\",\"attributes\":{\"message\":\"I
|
|
77
|
+
am an internal comment\",\"created_at\":\"2017-07-20T19:31:19.733Z\",\"updated_at\":\"2017-07-20T19:31:19.733Z\",\"internal\":true},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}}}"
|
|
78
|
+
http_version:
|
|
79
|
+
recorded_at: Thu, 20 Jul 2017 19:31:19 GMT
|
|
80
|
+
- request:
|
|
81
|
+
method: post
|
|
82
|
+
uri: https://api.hackerone.com/v1/reports/132170/activities
|
|
83
|
+
body:
|
|
84
|
+
encoding: UTF-8
|
|
85
|
+
string: "{\"data\":{\"type\":\"activity-comment\",\"attributes\":{\"message\":\"I
|
|
86
|
+
am not an internal comment\",\"internal\":false}}}"
|
|
87
|
+
headers:
|
|
88
|
+
Authorization:
|
|
89
|
+
- Basic ==
|
|
90
|
+
User-Agent:
|
|
91
|
+
- Faraday v0.11.0
|
|
92
|
+
Content-Type:
|
|
93
|
+
- application/json
|
|
94
|
+
Accept-Encoding:
|
|
95
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
|
96
|
+
Accept:
|
|
97
|
+
- "*/*"
|
|
98
|
+
response:
|
|
99
|
+
status:
|
|
100
|
+
code: 201
|
|
101
|
+
message: Created
|
|
102
|
+
headers:
|
|
103
|
+
Date:
|
|
104
|
+
- Thu, 20 Jul 2017 19:31:20 GMT
|
|
105
|
+
Content-Type:
|
|
106
|
+
- application/json; charset=utf-8
|
|
107
|
+
Transfer-Encoding:
|
|
108
|
+
- chunked
|
|
109
|
+
Connection:
|
|
110
|
+
- keep-alive
|
|
111
|
+
Set-Cookie:
|
|
112
|
+
- __cfduid=d104d11a7dd0d4d546ad5de4a34ae70091500579080; expires=Fri, 20-Jul-18
|
|
113
|
+
19:31:20 GMT; path=/; Domain=api.hackerone.com; HttpOnly
|
|
114
|
+
X-Request-Id:
|
|
115
|
+
- d3253b5d-6f40-4070-8a49-2c9fddc85b6f
|
|
116
|
+
Etag:
|
|
117
|
+
- W/"5409aa55cb4b50a7801681b8f529bcfd"
|
|
118
|
+
Cache-Control:
|
|
119
|
+
- max-age=0, private, must-revalidate
|
|
120
|
+
Strict-Transport-Security:
|
|
121
|
+
- max-age=31536000; includeSubDomains; preload
|
|
122
|
+
Content-Security-Policy:
|
|
123
|
+
- 'default-src ''none''; base-uri ''self''; block-all-mixed-content; child-src
|
|
124
|
+
www.youtube-nocookie.com; connect-src ''self'' www.google-analytics.com errors.hackerone.net;
|
|
125
|
+
font-src ''self''; form-action ''self''; frame-ancestors ''none''; img-src
|
|
126
|
+
''self'' data: cover-photos.hackerone-user-content.com hackathon-photos.hackerone-user-content.com
|
|
127
|
+
profile-photos.hackerone-user-content.com hackerone-attachments.s3.amazonaws.com;
|
|
128
|
+
media-src ''self'' hackerone-attachments.s3.amazonaws.com; script-src ''self''
|
|
129
|
+
www.google-analytics.com; style-src ''self'' ''unsafe-inline''; report-uri
|
|
130
|
+
https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598'
|
|
131
|
+
X-Content-Type-Options:
|
|
132
|
+
- nosniff
|
|
133
|
+
X-Download-Options:
|
|
134
|
+
- noopen
|
|
135
|
+
X-Frame-Options:
|
|
136
|
+
- DENY
|
|
137
|
+
X-Permitted-Cross-Domain-Policies:
|
|
138
|
+
- none
|
|
139
|
+
X-Xss-Protection:
|
|
140
|
+
- 1; mode=block
|
|
141
|
+
Public-Key-Pins-Report-Only:
|
|
142
|
+
- pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";
|
|
143
|
+
pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=";
|
|
144
|
+
pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="bIlWcjiKq1mftH/xd7Hw1JO77Cr+Gv+XYcGUQWwO+A4=";
|
|
145
|
+
pin-sha256="tXD+dGAP8rGY4PW1be90cOYEwg7pZ4G+yPZmIZWPTSg="; max-age=600; includeSubDomains;
|
|
146
|
+
report-uri="https://hackerone.report-uri.io/r/default/hpkp/reportOnly"
|
|
147
|
+
Server:
|
|
148
|
+
- cloudflare-nginx
|
|
149
|
+
Cf-Ray:
|
|
150
|
+
- 381857128fff7820-LAX
|
|
151
|
+
body:
|
|
152
|
+
encoding: UTF-8
|
|
153
|
+
string: "{\"data\":{\"type\":\"activity-comment\",\"id\":\"1854711\",\"attributes\":{\"message\":\"I
|
|
154
|
+
am not an internal comment\",\"created_at\":\"2017-07-20T19:31:20.181Z\",\"updated_at\":\"2017-07-20T19:31:20.181Z\",\"internal\":false},\"relationships\":{\"actor\":{\"data\":{\"type\":\"user\",\"id\":\"185283\",\"attributes\":{\"username\":\"oreoshake-test-token-4\",\"name\":null,\"disabled\":false,\"created_at\":\"2017-07-20T19:22:56.881Z\",\"profile_picture\":{\"62x62\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"82x82\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"110x110\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\",\"260x260\":\"/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png\"}}}}}}}"
|
|
155
|
+
http_version:
|
|
156
|
+
recorded_at: Thu, 20 Jul 2017 19:31:20 GMT
|
|
157
|
+
recorded_with: VCR 3.0.3
|
data/lib/hackerone/client.rb
CHANGED
|
@@ -161,6 +161,27 @@ module HackerOne
|
|
|
161
161
|
post("reports/#{id}/state_changes", body)
|
|
162
162
|
end
|
|
163
163
|
|
|
164
|
+
# Add a comment to a report. By default, internal comments will be added.
|
|
165
|
+
#
|
|
166
|
+
# id: the ID of the report
|
|
167
|
+
# message: the content of the comment that will be created
|
|
168
|
+
# internal: "team only" comment (true, default) or "all participants"
|
|
169
|
+
def add_comment(id, message, internal: true)
|
|
170
|
+
fail ArgumentError, "message is required" if message.blank?
|
|
171
|
+
|
|
172
|
+
body = {
|
|
173
|
+
data: {
|
|
174
|
+
type: "activity-comment",
|
|
175
|
+
attributes: {
|
|
176
|
+
message: message,
|
|
177
|
+
internal: internal
|
|
178
|
+
}
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
|
|
182
|
+
post("reports/#{id}/activities", body)
|
|
183
|
+
end
|
|
184
|
+
|
|
164
185
|
## Public: retrieve a report
|
|
165
186
|
#
|
|
166
187
|
# id: the ID of a specific report
|
|
@@ -53,12 +53,17 @@ module HackerOne
|
|
|
53
53
|
delegate :reference, :reference_url, to: :attributes
|
|
54
54
|
end
|
|
55
55
|
|
|
56
|
+
class CommentAdded < Activity
|
|
57
|
+
delegate :message, :internal, to: :attributes
|
|
58
|
+
end
|
|
59
|
+
|
|
56
60
|
ACTIVITY_TYPE_CLASS_MAPPING = {
|
|
57
61
|
'activity-bounty-awarded' => BountyAwarded,
|
|
58
62
|
'activity-swag-awarded' => SwagAwarded,
|
|
59
63
|
'activity-user-assigned-to-bug' => UserAssignedToBug,
|
|
60
64
|
'activity-bug-triaged' => BugTriaged,
|
|
61
|
-
'activity-reference-id-added' => ReferenceIdAdded
|
|
65
|
+
'activity-reference-id-added' => ReferenceIdAdded,
|
|
66
|
+
'activity-comment' => CommentAdded
|
|
62
67
|
}.freeze
|
|
63
68
|
|
|
64
69
|
def self.build(activity_data)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: hackerone-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neil Matatall
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-07-
|
|
11
|
+
date: 2017-07-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -134,6 +134,7 @@ files:
|
|
|
134
134
|
- Rakefile
|
|
135
135
|
- bin/console
|
|
136
136
|
- bin/setup
|
|
137
|
+
- fixtures/vcr_cassettes/add_comment.yml
|
|
137
138
|
- fixtures/vcr_cassettes/add_report_reference.yml
|
|
138
139
|
- fixtures/vcr_cassettes/assign_report_to_group.yml
|
|
139
140
|
- fixtures/vcr_cassettes/assign_report_to_group_no_permission.yml
|