hakiri 0.7.0 → 0.7.2
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +4 -0
- data/bin/hakiri +5 -0
- data/lib/hakiri/cli/cli.rb +4 -0
- data/lib/hakiri/cli/code.rb +1 -1
- data/lib/hakiri/cli/gemfile.rb +3 -3
- data/lib/hakiri/cli/system.rb +4 -4
- data/lib/hakiri/version.rb +2 -2
- metadata +2 -2
data/README.md
CHANGED
@@ -1,4 +1,6 @@
|
|
1
1
|
# Secure Rails with Hakiri
|
2
|
+
[![Gem Version](https://badge.fury.io/rb/hakiri.svg)](http://badge.fury.io/rb/hakiri)
|
3
|
+
[![security](https://hakiri.io/github/vasinov/hakiri_toolbelt/master.svg)](https://hakiri.io/github/vasinov/hakiri_toolbelt/master)
|
2
4
|
|
3
5
|
Hakiri Toolbelt is a command line interface for the Hakiri platform. It allows Ruby on Rails developers to automate version scraping of Ruby gems, servers, databases and other technologies used in their stacks. For each technology Hakiri shows CVE vulnerabilities. Here is a snippet of how it works:
|
4
6
|
|
@@ -116,6 +118,8 @@ We just went through the most basic Hakiri use case. Here are links to docs desc
|
|
116
118
|
- Commit, do not make changes to version.
|
117
119
|
- Submit a pull request.
|
118
120
|
|
121
|
+
To run the gem locally use the following command: `ruby -Ilib ./bin/hakiri`.
|
122
|
+
|
119
123
|
## License
|
120
124
|
|
121
125
|
(The MIT license)
|
data/bin/hakiri
CHANGED
@@ -24,6 +24,8 @@ command 'system:scan' do |c|
|
|
24
24
|
c.summary = 'Configure your stack with a manifest JSON file.'
|
25
25
|
c.description = 'This command grabs your custom stack JSON file and shows vulnerabilities in your project.'
|
26
26
|
c.option '--manifest STRING', String, 'Path to your manifest JSON file'
|
27
|
+
c.option '--force', 'Force showing vulnerabilities without asking for it first.'
|
28
|
+
c.option '--quiet', 'Only show vulnerability report'
|
27
29
|
|
28
30
|
c.action do |args, options|
|
29
31
|
options.default :manifest => './manifest.json'
|
@@ -66,6 +68,8 @@ command 'gemfile:scan' do |c|
|
|
66
68
|
c.summary = 'Check if Gemfile.lock has any vulnerabilities.'
|
67
69
|
c.description = 'This command grabs your Gemfile.lock file and shows vulnerabilities in it.'
|
68
70
|
c.option '--gemfile STRING', String, 'Path to your Gemfile.lock'
|
71
|
+
c.option '--force', 'Force showing vulnerabilities without asking for it first.'
|
72
|
+
c.option '--quiet', 'Only show vulnerability report'
|
69
73
|
|
70
74
|
c.action do |args, options|
|
71
75
|
options.default :gemfile => './Gemfile.lock'
|
@@ -97,6 +101,7 @@ command 'code:report' do |c|
|
|
97
101
|
c.summary = 'Check code report on the latest push.'
|
98
102
|
c.description = 'This command connects to Hakiri and returns a report on vulnerabilities from the latest push.'
|
99
103
|
c.option '--stack INTEGER', String, 'Your stack ID.'
|
104
|
+
c.option '--force', 'Force showing vulnerabilities without asking for it first.'
|
100
105
|
|
101
106
|
c.action do |args, options|
|
102
107
|
cli = Hakiri::Code.new(args, options)
|
data/lib/hakiri/cli/cli.rb
CHANGED
data/lib/hakiri/cli/code.rb
CHANGED
@@ -21,7 +21,7 @@ class Hakiri::Code < Hakiri::Cli
|
|
21
21
|
else
|
22
22
|
say "! #{response[:warnings_count]} warnings were found in the code"
|
23
23
|
|
24
|
-
if agree
|
24
|
+
if @options.force || agree('Show all of them? (yes or no) ')
|
25
25
|
puts ' '
|
26
26
|
response[:warnings].each do |warning|
|
27
27
|
say warning[:warning_type]
|
data/lib/hakiri/cli/gemfile.rb
CHANGED
@@ -10,11 +10,11 @@ class Hakiri::Gemfile < Hakiri::Cli
|
|
10
10
|
say ' No gems were found in your Gemfile.lock...'
|
11
11
|
else
|
12
12
|
@stack.technologies.each do |technology_slug, payload|
|
13
|
-
|
13
|
+
say_q " Found #{payload[:name]} #{payload[:version]}"
|
14
14
|
end
|
15
15
|
|
16
16
|
# GETTING VULNERABILITIES
|
17
|
-
|
17
|
+
say_q '-----> Searching for vulnerabilities...'
|
18
18
|
params = { :technologies => @stack.technologies }
|
19
19
|
response = @http_client.get_issues(params)
|
20
20
|
|
@@ -34,7 +34,7 @@ class Hakiri::Gemfile < Hakiri::Cli
|
|
34
34
|
end
|
35
35
|
end
|
36
36
|
|
37
|
-
if agree
|
37
|
+
if @options.force || agree('Show all of them? (yes or no) ')
|
38
38
|
puts ' '
|
39
39
|
response[:technologies].each do |technology|
|
40
40
|
technology[:issues].each do |issue|
|
data/lib/hakiri/cli/system.rb
CHANGED
@@ -8,17 +8,17 @@ class Hakiri::System < Hakiri::Cli
|
|
8
8
|
@stack.fetch_versions
|
9
9
|
|
10
10
|
# GETTING VERSIONS
|
11
|
-
|
11
|
+
say_q '-----> Scanning system for software versions...'
|
12
12
|
|
13
13
|
if @stack.technologies.empty?
|
14
14
|
say ' No versions were found...'
|
15
15
|
else
|
16
16
|
@stack.technologies.each do |technology_slug, payload|
|
17
|
-
|
17
|
+
say_q " Found #{payload[:name]} #{payload[:version]}"
|
18
18
|
end
|
19
19
|
|
20
20
|
# GETTING VULNERABILITIES
|
21
|
-
|
21
|
+
say_q '-----> Searching for vulnerabilities...'
|
22
22
|
params = { :technologies => @stack.technologies }
|
23
23
|
response = @http_client.get_issues(params)
|
24
24
|
|
@@ -38,7 +38,7 @@ class Hakiri::System < Hakiri::Cli
|
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
41
|
-
if agree
|
41
|
+
if @options.force || agree('Show all of them? (yes or no) ')
|
42
42
|
puts ' '
|
43
43
|
response[:technologies].each do |technology|
|
44
44
|
technology[:issues].each do |issue|
|
data/lib/hakiri/version.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
1
|
module Hakiri
|
2
|
-
VERSION = '0.7.
|
3
|
-
end
|
2
|
+
VERSION = '0.7.2'
|
3
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hakiri
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.7.
|
4
|
+
version: 0.7.2
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2014-
|
12
|
+
date: 2014-05-08 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|