hakiri 0.2.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,60 +0,0 @@
1
- class Hakiri::SystemScan < Hakiri::Cli
2
- #
3
- # Walks the user through system scanning process.
4
- #
5
- def command
6
- @stack.build_from_json_file(@options.stack)
7
- @stack.fetch_versions
8
-
9
- # GETTING VERSIONS
10
- say '-----> Scanning system for software versions...'
11
-
12
- if @stack.technologies.empty?
13
- say '-----> No versions were found...'
14
- else
15
- @stack.technologies.each do |technology_slug, payload|
16
- say "-----> Found #{payload[:name]} #{payload[:version]}"
17
- end
18
-
19
- # GETTING VULNERABILITIES
20
- say '-----> Searching for vulnerabilities...'
21
- params = ({ technologies: @stack.technologies }.to_param)
22
- response = @http_client.get_issues(params)
23
-
24
- if response[:errors]
25
- response[:errors].each do |error|
26
- say "! Server Error: #{error}"
27
- end
28
- else
29
- authenticated = response[:meta][:authenticated]
30
-
31
- if response[:technologies].empty?
32
- say '-----> No vulnerabilities found. Keep it up!'
33
- else
34
- response[:technologies].each do |technology|
35
- unless technology[:issues_count] == 0
36
- say "-----> Found #{technology[:issues_count].to_i} #{'vulnerability'.pluralize if technology[:issues_count].to_i != 1} in #{technology[:technology][:name]} #{technology[:version]}"
37
- puts ' '
38
- end
39
- end
40
-
41
- if authenticated
42
- if agree 'Show all of them? (yes or no) '
43
- puts ' '
44
- response[:technologies].each do |technology|
45
- technology[:issues].each do |issue|
46
- say issue[:name]
47
- say issue[:description]
48
- puts ' '
49
- end
50
- end
51
- end
52
- else
53
- say '****** Signup on www.hakiriup.com and make your command line requests with an auth_token, so you can see issues that your technologies have.'
54
- say '****** You will also receive notifications via email whenever new issues are found.'
55
- end
56
- end
57
- end
58
- end
59
- end
60
- end
@@ -1,90 +0,0 @@
1
- class Hakiri::SystemSteps < Hakiri::Cli
2
- #
3
- # Walks the user through manual technologies selection.
4
- #
5
- def command
6
- say 'Hakiri Walkthrough will help you configure your @stack step by step and show '
7
- say 'you vulnerabilities at the end.'
8
- puts ' '
9
- say 'Step 1 of 5: Rails Server'
10
- say '1. Unicorn'
11
- say '2. Phusion Passenger'
12
- say '3. Thin'
13
- say '4. Trinidad'
14
- say '5. None of the above'
15
-
16
- server = ask('What do you use as your Rails server? (1, 2, 3, 4 or 5) ', Integer) { |q| q.in = 1..5 }
17
- puts ' '
18
- say 'Step 2 of 5: Secondary Server'
19
- say '1. Apache'
20
- say '2. nginx'
21
- say '3. Both'
22
- say '4. Neither'
23
-
24
- extra_server = ask('Do you use Apache or nginx? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
25
- puts ' '
26
- say 'Step 3 of 5: Database'
27
- say '1. MySQL'
28
- say '2. Postgres'
29
- say '3. MongoDB'
30
- say '4. None of the above'
31
-
32
- db = ask('What database do you use? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
33
- puts ' '
34
- redis = agree 'Step 4 of 5: do you use Redis? (yes or no) '
35
- puts ' '
36
- memcached = agree 'Step 5 of 5: do you use Memcached? (yes or no) '
37
-
38
- say '-----> Retrieving software versions versions on your system...'
39
-
40
- @stack.build_from_input(server, extra_server, db, redis, memcached)
41
- @stack.fetch_versions
42
-
43
- if @stack.technologies.empty?
44
- say '-----> No versions were found...'
45
- else
46
- @stack.technologies.each do |technology_slug, payload|
47
- say "-----> Found #{payload[:name]} #{payload[:version]}"
48
- end
49
-
50
- say '-----> Searching for vulnerabilities...'
51
- params = ({ technologies: @stack.technologies }.to_param)
52
- response = @http_client.get_issues(params)
53
-
54
- if response[:errors]
55
- response[:errors].each do |error|
56
- say "! Server Error: #{error}"
57
- end
58
- else
59
- authenticated = response[:meta][:authenticated]
60
-
61
- if response[:technologies].empty?
62
- say '-----> No vulnerabilities found. Keep it up!'
63
- else
64
- response[:technologies].each do |technology|
65
- unless technology[:issues_count] == 0
66
- say "-----> Found #{technology[:issues_count].to_i} #{'vulnerability'.pluralize if technology[:issues_count].to_i != 1} in #{technology[:name]} #{technology[:version]}"
67
- puts ' '
68
- end
69
- end
70
-
71
- if authenticated
72
- if agree 'Show all of them? (yes or no) '
73
- puts ' '
74
- response[:technologies].each do |technology|
75
- technology[:issues].each do |issue|
76
- say issue[:name]
77
- say issue[:description]
78
- puts ' '
79
- end
80
- end
81
- end
82
- else
83
- say '****** Signup on www.hakiriup.com and make your command line requests with an auth_token, so you can see issues that your technologies have.'
84
- say '****** You will also receive notifications via email whenever new issues are found.'
85
- end
86
- end
87
- end
88
- end
89
- end
90
- end
@@ -1,86 +0,0 @@
1
- class Hakiri::SystemSync < Hakiri::Cli
2
- #
3
- # Walks the user through the version syncing process.
4
- #
5
- def command
6
- @stack.build_from_json_file(@options.stack)
7
- @stack.fetch_versions
8
-
9
- if @http_client.auth_token
10
- # GETTING VERSIONS
11
- say '-----> Scanning system for software versions...'
12
-
13
- if @stack.technologies.empty?
14
- say '-----> No versions were found...'
15
- else
16
- @stack.technologies.each do |technology_name, payload|
17
- say "-----> Found #{technology_name} #{payload[:version]}"
18
- end
19
-
20
- # CHECK VERSIONS ON THE SERVER
21
- params = ({ project_id: @options.project, technologies: @stack.technologies }.to_param)
22
- say '-----> Checking software versions on www.hakiriup.com...'
23
- response = @http_client.check_versions_diff(params)
24
-
25
- if response[:errors]
26
- response[:errors].each do |error|
27
- say "! Server Error: #{error}"
28
- end
29
- else
30
- if response[:diffs].any?
31
- @stack.technologies = {}
32
- response[:diffs].each do |diff|
33
- if diff[:success]
34
- if diff[:hakiri_version]
35
- @stack.technologies[diff[:technology][:slug]] = { version: diff[:system_version] }
36
-
37
- if diff[:system_version_newer]
38
- say "-----> System version of #{diff[:technology][:name]} is newer (#{diff[:system_version]} > #{diff[:hakiri_version]})"
39
- else
40
- say "-----> System version of #{diff[:technology][:name]} is older (#{diff[:system_version]} < #{diff[:hakiri_version]})"
41
- end
42
- else
43
- say "-----> New technology detected: #{diff[:technology][:name]} #{diff[:system_version]}"
44
- end
45
- else
46
- say "! Error in #{diff[:technology][:name]}: #{diff[:errors][:value][0]}"
47
- end
48
- end
49
-
50
- # UPDATE VERSIONS ON THE SERVER
51
- if @stack.technologies.any?
52
- update = agree "Do you want to update \"#{response[:project][:name]}\" with system versions? (yes or no) "
53
- else
54
- say '-----> Nothing to update.'
55
- end
56
-
57
- if update
58
- params = ({ project_id: @options.project, technologies: @stack.technologies }.to_param)
59
- response = @http_client.sync_project_versions(response[:project][:id], params)
60
-
61
- if response[:errors]
62
- response[:errors].each do |error|
63
- say "! Server Error: #{error}"
64
- end
65
- else
66
- if response[:updated].any?
67
- response[:updated].each do |update|
68
- if update[:success]
69
- say "-----> #{update[:technology][:name]} was updated to #{update[:new_version]}"
70
- else
71
- say "! Error syncing #{update[:technology][:name]}: #{update[:errors][:value][0]}"
72
- end
73
- end
74
- end
75
- end
76
- end
77
- else
78
- say '-----> No differences were found. Everything is up to date.'
79
- end
80
- end
81
- end
82
- else
83
- say '! You have to setup HAKIRI_AUTH_TOKEN environmental variable with your Hakiri authentication token.'
84
- end
85
- end
86
- end
data/technologies.json DELETED
@@ -1,4 +0,0 @@
1
- {
2
- "ruby": { "path": "", "version": "" },
3
- "ruby-on-rails": { "path": "" }
4
- }