hakiri 0.5.3 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/README.md +14 -14
- data/bin/hakiri +2 -2
- data/hakiri.gemspec +2 -2
- data/lib/hakiri/cli/gemfile.rb +3 -3
- data/lib/hakiri/cli/system.rb +4 -4
- data/lib/hakiri/http_client.rb +1 -1
- data/lib/hakiri/version.rb +1 -1
- metadata +26 -46
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 903381bdef6f8fc43e898af6b63cc35ea052884b
|
4
|
+
data.tar.gz: 46ae15ff762eb0802c2b54dbaa86bfb0069c8a87
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 1bcf79eeac13432363eef4a006083d1e8556847e8a1a9278d9210a6e18faa7eaabcd32a81408b3b7415c46d180f01690feb88658fba3abb0ac1d870484621463
|
7
|
+
data.tar.gz: 621c7da5695ac7cfa8d2a6a77e958b3a8be2a6fe041e7a6e8855a2140f5265c2e6aa2fddc63be11597c13513daf67ab5826e563ac07a96233c5bc6c6c62d89c6
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Secure Rails with Hakiri
|
2
2
|
|
3
|
-
Hakiri is a command line interface
|
3
|
+
Hakiri Toolbelt is a command line interface for the Hakiri platform. It allows Ruby on Rails developers to automate version scraping of Ruby gems, servers, databases and other technologies used in their stacks. For each technology Hakiri shows CVE vulnerabilities. Here is a snippet of how it works:
|
4
4
|
|
5
5
|
~~~
|
6
6
|
$ hakiri system:scan
|
@@ -21,7 +21,7 @@ Wanna try it on your system?
|
|
21
21
|
|
22
22
|
## Installation
|
23
23
|
|
24
|
-
Hakiri
|
24
|
+
Hakiri Toolbelt is a Ruby gem that can be installed by
|
25
25
|
|
26
26
|
~~~
|
27
27
|
$ gem install hakiri
|
@@ -31,7 +31,7 @@ After it's installed, restart your command line and you should be good to go. Ha
|
|
31
31
|
|
32
32
|
## Test Your System in 2 Minutes
|
33
33
|
|
34
|
-
Once you have Hakiri
|
34
|
+
Once you have Hakiri Toolbelt installed, it's really easy to start using it. You can scan your Rails stack in a matter of seconds.
|
35
35
|
|
36
36
|
One way to do so is to run a command line wizard that will ask you about your technologies in 5 steps:
|
37
37
|
|
@@ -39,11 +39,11 @@ One way to do so is to run a command line wizard that will ask you about your te
|
|
39
39
|
$ hakiri system:steps
|
40
40
|
~~~
|
41
41
|
|
42
|
-
After you are done, Hakiri
|
42
|
+
After you are done, Hakiri Toolbelt will scrape versions of technologies in your stack and show you all active CVE vulnerabilities.
|
43
43
|
|
44
44
|
The wizard is a good way to get a taste of Hakiri but it's not really useful for real work. A much better setup suitable for production is a manifest file that the user can configure with technologies that are part of the stack and then run tests against it.
|
45
45
|
|
46
|
-
Hakiri
|
46
|
+
Hakiri Toolbelt can generate a generic manifest file with the following command:
|
47
47
|
|
48
48
|
~~~
|
49
49
|
$ hakiri manifest:generate
|
@@ -57,7 +57,7 @@ Once you are done, run the following command in the directory where you've creat
|
|
57
57
|
$ hakiri system:scan
|
58
58
|
~~~
|
59
59
|
|
60
|
-
It will attempt to scrape versions of technologies in your current directory and then make a request to the Hakiri API to see if there are open CVE vulnerabilities. If any vulnerabilities are found, Hakiri
|
60
|
+
It will attempt to scrape versions of technologies in your current directory and then make a request to the Hakiri API to see if there are open CVE vulnerabilities. If any vulnerabilities are found, Hakiri Toolbelt will ask you whether you want to see all of them. The output will look something like this:
|
61
61
|
|
62
62
|
~~~
|
63
63
|
-----> Scanning system for software versions...
|
@@ -80,11 +80,11 @@ Simple, right? If you manifest file is in a different directory or named differe
|
|
80
80
|
$ hakiri system:scan -m ../my_stack.json
|
81
81
|
~~~
|
82
82
|
|
83
|
-
You can learn more about configuring the manifest in [Hakiri docs](https://
|
83
|
+
You can learn more about configuring the manifest in [Hakiri docs](https://hakiri.io/docs/manifest-file).
|
84
84
|
|
85
85
|
## Test Your Gemfile
|
86
86
|
|
87
|
-
Hakiri supports vulnerability detection for a collection of gems listed in [the docs](https://
|
87
|
+
Hakiri supports vulnerability detection for a collection of gems listed in [the docs](https://hakiri.io/docs/supported-gems). To scan a `Gemfile.lock` for vulnerabilities in the current directory do the following:
|
88
88
|
|
89
89
|
~~~
|
90
90
|
$ hakiri gemfile:scan
|
@@ -96,18 +96,18 @@ To scan a specific `Gemfile.lock` add the `-g` parameter at the end:
|
|
96
96
|
$ hakiri gemfile:scan -g ../Gemfile.lock
|
97
97
|
~~~
|
98
98
|
|
99
|
-
This will scan your `Gemfile.lock` and check with the server whether it has any vulnerable gems. It only checks gems that are [supported by Hakiri](https://
|
99
|
+
This will scan your `Gemfile.lock` and check with the server whether it has any vulnerable gems. It only checks gems that are [supported by Hakiri](https://hakiri.io/docs/manifest-file).
|
100
100
|
|
101
|
-
You can also [sync your gems](https://
|
101
|
+
You can also [sync your gems](https://hakiri.io/docs/syncing-with-the-cloud) with the cloud and get notified when new vulnerabilities come out.
|
102
102
|
|
103
103
|
## Advanced Usage
|
104
104
|
|
105
105
|
We just went through the most basic Hakiri use case. Here are links to docs describing how to do more:
|
106
106
|
|
107
|
-
- [Learn about](https://
|
108
|
-
- [Setup your](https://
|
109
|
-
- [Sync your technologies and gems](https://
|
110
|
-
- [Check out technologies](https://
|
107
|
+
- [Learn about](https://hakiri.io/docs/manifest-file) advanced manifest file options.
|
108
|
+
- [Setup your](https://hakiri.io/docs/authentication-token) authentication token.
|
109
|
+
- [Sync your technologies and gems](https://hakiri.io/docs/syncing-with-the-cloud) with the cloud and get notified when new vulnerabilities come out.
|
110
|
+
- [Check out technologies](https://hakiri.io/docs/technologies-version-formats) the list of supported technologies and version formats.
|
111
111
|
|
112
112
|
## Contribute
|
113
113
|
|
data/bin/hakiri
CHANGED
@@ -36,7 +36,7 @@ end
|
|
36
36
|
command 'system:sync' do |c|
|
37
37
|
c.syntax = 'hakiri system:sync [options]'
|
38
38
|
c.summary = 'Sync your system\'s software versions with the cloud.'
|
39
|
-
c.description = 'This command grabs your custom stack JSON file, and syncs it with your project on
|
39
|
+
c.description = 'This command grabs your custom stack JSON file, and syncs it with your project on hakiri.io.'
|
40
40
|
c.option '--manifest STRING', String, 'Path to your manifest JSON file stack'
|
41
41
|
c.option '--stack INTEGER', Integer, 'Your stack ID.'
|
42
42
|
c.option '--force', 'Force syncing without asking for it first.'
|
@@ -78,7 +78,7 @@ end
|
|
78
78
|
command 'gemfile:sync' do |c|
|
79
79
|
c.syntax = 'hakiri gemfile:sync [options]'
|
80
80
|
c.summary = 'Sync your system\'s Gemfile.lock gem versions with the cloud.'
|
81
|
-
c.description = 'This command grabs your Gemfile.lock file, and syncs it with your project on
|
81
|
+
c.description = 'This command grabs your Gemfile.lock file, and syncs it with your project on hakiri.io.'
|
82
82
|
c.option '--gemfile STRING', String, 'Path to your Gemfile.lock'
|
83
83
|
c.option '--stack INTEGER', Integer, 'Your stack ID.'
|
84
84
|
c.option '--force', 'Force syncing without asking for it first.'
|
data/hakiri.gemspec
CHANGED
@@ -5,13 +5,13 @@ Gem::Specification.new do |s|
|
|
5
5
|
s.name = 'hakiri'
|
6
6
|
s.version = Hakiri::VERSION
|
7
7
|
s.summary = 'Secure Rails with Hakiri'
|
8
|
-
s.description = 'Hakiri is a CLI for
|
8
|
+
s.description = 'Hakiri is a CLI for hakiri.io—a cloud security platform for Ruby on Rails apps.'
|
9
9
|
s.authors = ['Vasily Vasinov']
|
10
10
|
s.email = 'vasinov@me.com'
|
11
11
|
s.files = `git ls-files`.split("\n")
|
12
12
|
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
13
13
|
s.require_paths = ['lib']
|
14
|
-
s.homepage = 'https://
|
14
|
+
s.homepage = 'https://hakiri.io'
|
15
15
|
s.license = 'MIT'
|
16
16
|
|
17
17
|
s.add_dependency 'bundler'
|
data/lib/hakiri/cli/gemfile.rb
CHANGED
@@ -46,7 +46,7 @@ class Hakiri::Gemfile < Hakiri::Cli
|
|
46
46
|
end
|
47
47
|
|
48
48
|
unless authenticated
|
49
|
-
say '****** Signup on
|
49
|
+
say '****** Signup on hakiri.io to get notified when new vulnerabilities come out.'
|
50
50
|
end
|
51
51
|
end
|
52
52
|
end
|
@@ -74,7 +74,7 @@ class Hakiri::Gemfile < Hakiri::Cli
|
|
74
74
|
|
75
75
|
# CHECK VERSIONS ON THE SERVER
|
76
76
|
params = { :technologies => @stack.technologies }
|
77
|
-
say '-----> Checking software versions on
|
77
|
+
say '-----> Checking software versions on hakiri.io...'
|
78
78
|
response = @http_client.check_versions_diff(@options.stack, params)
|
79
79
|
|
80
80
|
if response[:errors]
|
@@ -108,7 +108,7 @@ class Hakiri::Gemfile < Hakiri::Cli
|
|
108
108
|
end
|
109
109
|
|
110
110
|
if update or @options.force
|
111
|
-
say '-----> Syncing versions with
|
111
|
+
say '-----> Syncing versions with hakiri.io...'
|
112
112
|
params = { :stack => @options.stack, :technologies => @stack.technologies }
|
113
113
|
response = @http_client.sync_stack_versions(response[:project][:stack][:id], params)
|
114
114
|
|
data/lib/hakiri/cli/system.rb
CHANGED
@@ -50,7 +50,7 @@ class Hakiri::System < Hakiri::Cli
|
|
50
50
|
end
|
51
51
|
|
52
52
|
unless authenticated
|
53
|
-
say '****** Signup on
|
53
|
+
say '****** Signup on hakiri.io to get notified when new vulnerabilities come out.'
|
54
54
|
end
|
55
55
|
end
|
56
56
|
end
|
@@ -80,7 +80,7 @@ class Hakiri::System < Hakiri::Cli
|
|
80
80
|
|
81
81
|
# CHECK VERSIONS ON THE SERVER
|
82
82
|
params = { :technologies => @stack.technologies }
|
83
|
-
say '-----> Checking software versions on
|
83
|
+
say '-----> Checking software versions on hakiri.io...'
|
84
84
|
response = @http_client.check_versions_diff(@options.stack, params)
|
85
85
|
|
86
86
|
if response[:errors]
|
@@ -114,7 +114,7 @@ class Hakiri::System < Hakiri::Cli
|
|
114
114
|
end
|
115
115
|
|
116
116
|
if update or @options.force
|
117
|
-
say '-----> Syncing versions with
|
117
|
+
say '-----> Syncing versions with hakiri.io...'
|
118
118
|
params = { :stack => @options.stack, :technologies => @stack.technologies }
|
119
119
|
response = @http_client.sync_stack_versions(response[:project][:stack][:id], params)
|
120
120
|
|
@@ -225,7 +225,7 @@ class Hakiri::System < Hakiri::Cli
|
|
225
225
|
end
|
226
226
|
|
227
227
|
unless authenticated
|
228
|
-
say '****** Signup on
|
228
|
+
say '****** Signup on hakiri.io to get notified when new vulnerabilities come out.'
|
229
229
|
end
|
230
230
|
end
|
231
231
|
end
|
data/lib/hakiri/http_client.rb
CHANGED
data/lib/hakiri/version.rb
CHANGED
metadata
CHANGED
@@ -1,148 +1,130 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hakiri
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
5
|
-
prerelease:
|
4
|
+
version: 0.6.0
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Vasily Vasinov
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date: 2013-
|
11
|
+
date: 2013-11-15 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: bundler
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
17
|
-
none: false
|
18
16
|
requirements:
|
19
|
-
- -
|
17
|
+
- - '>='
|
20
18
|
- !ruby/object:Gem::Version
|
21
19
|
version: '0'
|
22
20
|
type: :runtime
|
23
21
|
prerelease: false
|
24
22
|
version_requirements: !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
23
|
requirements:
|
27
|
-
- -
|
24
|
+
- - '>='
|
28
25
|
- !ruby/object:Gem::Version
|
29
26
|
version: '0'
|
30
27
|
- !ruby/object:Gem::Dependency
|
31
28
|
name: rake
|
32
29
|
requirement: !ruby/object:Gem::Requirement
|
33
|
-
none: false
|
34
30
|
requirements:
|
35
|
-
- -
|
31
|
+
- - '>='
|
36
32
|
- !ruby/object:Gem::Version
|
37
33
|
version: '0'
|
38
34
|
type: :runtime
|
39
35
|
prerelease: false
|
40
36
|
version_requirements: !ruby/object:Gem::Requirement
|
41
|
-
none: false
|
42
37
|
requirements:
|
43
|
-
- -
|
38
|
+
- - '>='
|
44
39
|
- !ruby/object:Gem::Version
|
45
40
|
version: '0'
|
46
41
|
- !ruby/object:Gem::Dependency
|
47
42
|
name: commander
|
48
43
|
requirement: !ruby/object:Gem::Requirement
|
49
|
-
none: false
|
50
44
|
requirements:
|
51
|
-
- -
|
45
|
+
- - '>='
|
52
46
|
- !ruby/object:Gem::Version
|
53
47
|
version: '0'
|
54
48
|
type: :runtime
|
55
49
|
prerelease: false
|
56
50
|
version_requirements: !ruby/object:Gem::Requirement
|
57
|
-
none: false
|
58
51
|
requirements:
|
59
|
-
- -
|
52
|
+
- - '>='
|
60
53
|
- !ruby/object:Gem::Version
|
61
54
|
version: '0'
|
62
55
|
- !ruby/object:Gem::Dependency
|
63
56
|
name: terminal-table
|
64
57
|
requirement: !ruby/object:Gem::Requirement
|
65
|
-
none: false
|
66
58
|
requirements:
|
67
|
-
- -
|
59
|
+
- - '>='
|
68
60
|
- !ruby/object:Gem::Version
|
69
61
|
version: '0'
|
70
62
|
type: :runtime
|
71
63
|
prerelease: false
|
72
64
|
version_requirements: !ruby/object:Gem::Requirement
|
73
|
-
none: false
|
74
65
|
requirements:
|
75
|
-
- -
|
66
|
+
- - '>='
|
76
67
|
- !ruby/object:Gem::Version
|
77
68
|
version: '0'
|
78
69
|
- !ruby/object:Gem::Dependency
|
79
70
|
name: activesupport
|
80
71
|
requirement: !ruby/object:Gem::Requirement
|
81
|
-
none: false
|
82
72
|
requirements:
|
83
|
-
- -
|
73
|
+
- - '>='
|
84
74
|
- !ruby/object:Gem::Version
|
85
75
|
version: '0'
|
86
76
|
type: :runtime
|
87
77
|
prerelease: false
|
88
78
|
version_requirements: !ruby/object:Gem::Requirement
|
89
|
-
none: false
|
90
79
|
requirements:
|
91
|
-
- -
|
80
|
+
- - '>='
|
92
81
|
- !ruby/object:Gem::Version
|
93
82
|
version: '0'
|
94
83
|
- !ruby/object:Gem::Dependency
|
95
84
|
name: i18n
|
96
85
|
requirement: !ruby/object:Gem::Requirement
|
97
|
-
none: false
|
98
86
|
requirements:
|
99
|
-
- -
|
87
|
+
- - '>='
|
100
88
|
- !ruby/object:Gem::Version
|
101
89
|
version: '0'
|
102
90
|
type: :runtime
|
103
91
|
prerelease: false
|
104
92
|
version_requirements: !ruby/object:Gem::Requirement
|
105
|
-
none: false
|
106
93
|
requirements:
|
107
|
-
- -
|
94
|
+
- - '>='
|
108
95
|
- !ruby/object:Gem::Version
|
109
96
|
version: '0'
|
110
97
|
- !ruby/object:Gem::Dependency
|
111
98
|
name: rest-client
|
112
99
|
requirement: !ruby/object:Gem::Requirement
|
113
|
-
none: false
|
114
100
|
requirements:
|
115
|
-
- -
|
101
|
+
- - '>='
|
116
102
|
- !ruby/object:Gem::Version
|
117
103
|
version: '0'
|
118
104
|
type: :runtime
|
119
105
|
prerelease: false
|
120
106
|
version_requirements: !ruby/object:Gem::Requirement
|
121
|
-
none: false
|
122
107
|
requirements:
|
123
|
-
- -
|
108
|
+
- - '>='
|
124
109
|
- !ruby/object:Gem::Version
|
125
110
|
version: '0'
|
126
111
|
- !ruby/object:Gem::Dependency
|
127
112
|
name: json_pure
|
128
113
|
requirement: !ruby/object:Gem::Requirement
|
129
|
-
none: false
|
130
114
|
requirements:
|
131
|
-
- -
|
115
|
+
- - '>='
|
132
116
|
- !ruby/object:Gem::Version
|
133
117
|
version: '0'
|
134
118
|
type: :runtime
|
135
119
|
prerelease: false
|
136
120
|
version_requirements: !ruby/object:Gem::Requirement
|
137
|
-
none: false
|
138
121
|
requirements:
|
139
|
-
- -
|
122
|
+
- - '>='
|
140
123
|
- !ruby/object:Gem::Version
|
141
124
|
version: '0'
|
142
125
|
- !ruby/object:Gem::Dependency
|
143
126
|
name: minitest
|
144
127
|
requirement: !ruby/object:Gem::Requirement
|
145
|
-
none: false
|
146
128
|
requirements:
|
147
129
|
- - ~>
|
148
130
|
- !ruby/object:Gem::Version
|
@@ -150,13 +132,12 @@ dependencies:
|
|
150
132
|
type: :development
|
151
133
|
prerelease: false
|
152
134
|
version_requirements: !ruby/object:Gem::Requirement
|
153
|
-
none: false
|
154
135
|
requirements:
|
155
136
|
- - ~>
|
156
137
|
- !ruby/object:Gem::Version
|
157
138
|
version: 5.0.0
|
158
|
-
description: Hakiri is a CLI for
|
159
|
-
|
139
|
+
description: Hakiri is a CLI for hakiri.io—a cloud security platform for Ruby on Rails
|
140
|
+
apps.
|
160
141
|
email: vasinov@me.com
|
161
142
|
executables:
|
162
143
|
- hakiri
|
@@ -210,29 +191,28 @@ files:
|
|
210
191
|
- test/hakiri/technology_test.rb
|
211
192
|
- test/hakiri_test.rb
|
212
193
|
- test/test_helper.rb
|
213
|
-
homepage: https://
|
194
|
+
homepage: https://hakiri.io
|
214
195
|
licenses:
|
215
196
|
- MIT
|
197
|
+
metadata: {}
|
216
198
|
post_install_message:
|
217
199
|
rdoc_options: []
|
218
200
|
require_paths:
|
219
201
|
- lib
|
220
202
|
required_ruby_version: !ruby/object:Gem::Requirement
|
221
|
-
none: false
|
222
203
|
requirements:
|
223
|
-
- -
|
204
|
+
- - '>='
|
224
205
|
- !ruby/object:Gem::Version
|
225
206
|
version: '0'
|
226
207
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
227
|
-
none: false
|
228
208
|
requirements:
|
229
|
-
- -
|
209
|
+
- - '>='
|
230
210
|
- !ruby/object:Gem::Version
|
231
211
|
version: '0'
|
232
212
|
requirements: []
|
233
213
|
rubyforge_project:
|
234
|
-
rubygems_version:
|
214
|
+
rubygems_version: 2.0.3
|
235
215
|
signing_key:
|
236
|
-
specification_version:
|
216
|
+
specification_version: 4
|
237
217
|
summary: Secure Rails with Hakiri
|
238
218
|
test_files: []
|