hakiri 0.5.3 → 0.6.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +14 -14
  3. data/bin/hakiri +2 -2
  4. data/hakiri.gemspec +2 -2
  5. data/lib/hakiri/cli/gemfile.rb +3 -3
  6. data/lib/hakiri/cli/system.rb +4 -4
  7. data/lib/hakiri/http_client.rb +1 -1
  8. data/lib/hakiri/version.rb +1 -1
  9. metadata +26 -46
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 903381bdef6f8fc43e898af6b63cc35ea052884b
4
+ data.tar.gz: 46ae15ff762eb0802c2b54dbaa86bfb0069c8a87
5
+ SHA512:
6
+ metadata.gz: 1bcf79eeac13432363eef4a006083d1e8556847e8a1a9278d9210a6e18faa7eaabcd32a81408b3b7415c46d180f01690feb88658fba3abb0ac1d870484621463
7
+ data.tar.gz: 621c7da5695ac7cfa8d2a6a77e958b3a8be2a6fe041e7a6e8855a2140f5265c2e6aa2fddc63be11597c13513daf67ab5826e563ac07a96233c5bc6c6c62d89c6
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # Secure Rails with Hakiri
2
2
 
3
- Hakiri is a command line interface (CLI) for the Hakiri platform. It allows Ruby on Rails developers to automate version scraping of Ruby gems, servers, databases and other technologies used in their stacks. For each technology Hakiri shows CVE vulnerabilities. Here is a snippet of how it works:
3
+ Hakiri Toolbelt is a command line interface for the Hakiri platform. It allows Ruby on Rails developers to automate version scraping of Ruby gems, servers, databases and other technologies used in their stacks. For each technology Hakiri shows CVE vulnerabilities. Here is a snippet of how it works:
4
4
 
5
5
  ~~~
6
6
  $ hakiri system:scan
@@ -21,7 +21,7 @@ Wanna try it on your system?
21
21
 
22
22
  ## Installation
23
23
 
24
- Hakiri CLI is a Ruby gem that can be installed by
24
+ Hakiri Toolbelt is a Ruby gem that can be installed by
25
25
 
26
26
  ~~~
27
27
  $ gem install hakiri
@@ -31,7 +31,7 @@ After it's installed, restart your command line and you should be good to go. Ha
31
31
 
32
32
  ## Test Your System in 2 Minutes
33
33
 
34
- Once you have Hakiri CLI installed, it's really easy to start using it. You can scan your Rails stack in a matter of seconds.
34
+ Once you have Hakiri Toolbelt installed, it's really easy to start using it. You can scan your Rails stack in a matter of seconds.
35
35
 
36
36
  One way to do so is to run a command line wizard that will ask you about your technologies in 5 steps:
37
37
 
@@ -39,11 +39,11 @@ One way to do so is to run a command line wizard that will ask you about your te
39
39
  $ hakiri system:steps
40
40
  ~~~
41
41
 
42
- After you are done, Hakiri CLI will scrape versions of technologies in your stack and show you all active CVE vulnerabilities.
42
+ After you are done, Hakiri Toolbelt will scrape versions of technologies in your stack and show you all active CVE vulnerabilities.
43
43
 
44
44
  The wizard is a good way to get a taste of Hakiri but it's not really useful for real work. A much better setup suitable for production is a manifest file that the user can configure with technologies that are part of the stack and then run tests against it.
45
45
 
46
- Hakiri CLI can generate a generic manifest file with the following command:
46
+ Hakiri Toolbelt can generate a generic manifest file with the following command:
47
47
 
48
48
  ~~~
49
49
  $ hakiri manifest:generate
@@ -57,7 +57,7 @@ Once you are done, run the following command in the directory where you've creat
57
57
  $ hakiri system:scan
58
58
  ~~~
59
59
 
60
- It will attempt to scrape versions of technologies in your current directory and then make a request to the Hakiri API to see if there are open CVE vulnerabilities. If any vulnerabilities are found, Hakiri CLI will ask you whether you want to see all of them. The output will look something like this:
60
+ It will attempt to scrape versions of technologies in your current directory and then make a request to the Hakiri API to see if there are open CVE vulnerabilities. If any vulnerabilities are found, Hakiri Toolbelt will ask you whether you want to see all of them. The output will look something like this:
61
61
 
62
62
  ~~~
63
63
  -----> Scanning system for software versions...
@@ -80,11 +80,11 @@ Simple, right? If you manifest file is in a different directory or named differe
80
80
  $ hakiri system:scan -m ../my_stack.json
81
81
  ~~~
82
82
 
83
- You can learn more about configuring the manifest in [Hakiri docs](https://www.hakiriup.com/docs/manifest-file).
83
+ You can learn more about configuring the manifest in [Hakiri docs](https://hakiri.io/docs/manifest-file).
84
84
 
85
85
  ## Test Your Gemfile
86
86
 
87
- Hakiri supports vulnerability detection for a collection of gems listed in [the docs](https://www.hakiriup.com/docs/supported-gems). To scan a `Gemfile.lock` for vulnerabilities in the current directory do the following:
87
+ Hakiri supports vulnerability detection for a collection of gems listed in [the docs](https://hakiri.io/docs/supported-gems). To scan a `Gemfile.lock` for vulnerabilities in the current directory do the following:
88
88
 
89
89
  ~~~
90
90
  $ hakiri gemfile:scan
@@ -96,18 +96,18 @@ To scan a specific `Gemfile.lock` add the `-g` parameter at the end:
96
96
  $ hakiri gemfile:scan -g ../Gemfile.lock
97
97
  ~~~
98
98
 
99
- This will scan your `Gemfile.lock` and check with the server whether it has any vulnerable gems. It only checks gems that are [supported by Hakiri](https://www.hakiriup.com/docs/manifest-file).
99
+ This will scan your `Gemfile.lock` and check with the server whether it has any vulnerable gems. It only checks gems that are [supported by Hakiri](https://hakiri.io/docs/manifest-file).
100
100
 
101
- You can also [sync your gems](https://www.hakiriup.com/docs/syncing-with-the-cloud) with the cloud and get notified when new vulnerabilities come out.
101
+ You can also [sync your gems](https://hakiri.io/docs/syncing-with-the-cloud) with the cloud and get notified when new vulnerabilities come out.
102
102
 
103
103
  ## Advanced Usage
104
104
 
105
105
  We just went through the most basic Hakiri use case. Here are links to docs describing how to do more:
106
106
 
107
- - [Learn about](https://www.hakiriup.com/docs/manifest-file) advanced manifest file options.
108
- - [Setup your](https://www.hakiriup.com/docs/authentication-token) authentication token.
109
- - [Sync your technologies and gems](https://www.hakiriup.com/docs/syncing-with-the-cloud) with the cloud and get notified when new vulnerabilities come out.
110
- - [Check out technologies](https://www.hakiriup.com/docs/technologies-version-formats) the list of supported technologies and version formats.
107
+ - [Learn about](https://hakiri.io/docs/manifest-file) advanced manifest file options.
108
+ - [Setup your](https://hakiri.io/docs/authentication-token) authentication token.
109
+ - [Sync your technologies and gems](https://hakiri.io/docs/syncing-with-the-cloud) with the cloud and get notified when new vulnerabilities come out.
110
+ - [Check out technologies](https://hakiri.io/docs/technologies-version-formats) the list of supported technologies and version formats.
111
111
 
112
112
  ## Contribute
113
113
 
data/bin/hakiri CHANGED
@@ -36,7 +36,7 @@ end
36
36
  command 'system:sync' do |c|
37
37
  c.syntax = 'hakiri system:sync [options]'
38
38
  c.summary = 'Sync your system\'s software versions with the cloud.'
39
- c.description = 'This command grabs your custom stack JSON file, and syncs it with your project on www.hakiriup.com.'
39
+ c.description = 'This command grabs your custom stack JSON file, and syncs it with your project on hakiri.io.'
40
40
  c.option '--manifest STRING', String, 'Path to your manifest JSON file stack'
41
41
  c.option '--stack INTEGER', Integer, 'Your stack ID.'
42
42
  c.option '--force', 'Force syncing without asking for it first.'
@@ -78,7 +78,7 @@ end
78
78
  command 'gemfile:sync' do |c|
79
79
  c.syntax = 'hakiri gemfile:sync [options]'
80
80
  c.summary = 'Sync your system\'s Gemfile.lock gem versions with the cloud.'
81
- c.description = 'This command grabs your Gemfile.lock file, and syncs it with your project on www.hakiriup.com.'
81
+ c.description = 'This command grabs your Gemfile.lock file, and syncs it with your project on hakiri.io.'
82
82
  c.option '--gemfile STRING', String, 'Path to your Gemfile.lock'
83
83
  c.option '--stack INTEGER', Integer, 'Your stack ID.'
84
84
  c.option '--force', 'Force syncing without asking for it first.'
data/hakiri.gemspec CHANGED
@@ -5,13 +5,13 @@ Gem::Specification.new do |s|
5
5
  s.name = 'hakiri'
6
6
  s.version = Hakiri::VERSION
7
7
  s.summary = 'Secure Rails with Hakiri'
8
- s.description = 'Hakiri is a CLI for www.hakiriup.com—a cloud security platform for Ruby on Rails apps.'
8
+ s.description = 'Hakiri is a CLI for hakiri.io—a cloud security platform for Ruby on Rails apps.'
9
9
  s.authors = ['Vasily Vasinov']
10
10
  s.email = 'vasinov@me.com'
11
11
  s.files = `git ls-files`.split("\n")
12
12
  s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
13
13
  s.require_paths = ['lib']
14
- s.homepage = 'https://www.hakiriup.com'
14
+ s.homepage = 'https://hakiri.io'
15
15
  s.license = 'MIT'
16
16
 
17
17
  s.add_dependency 'bundler'
data/lib/hakiri/cli/gemfile.rb CHANGED
@@ -46,7 +46,7 @@ class Hakiri::Gemfile < Hakiri::Cli
46
46
  end
47
47
 
48
48
  unless authenticated
49
- say '****** Signup on www.hakiriup.com to get notified when new vulnerabilities come out.'
49
+ say '****** Signup on hakiri.io to get notified when new vulnerabilities come out.'
50
50
  end
51
51
  end
52
52
  end
@@ -74,7 +74,7 @@ class Hakiri::Gemfile < Hakiri::Cli
74
74
 
75
75
  # CHECK VERSIONS ON THE SERVER
76
76
  params = { :technologies => @stack.technologies }
77
- say '-----> Checking software versions on www.hakiriup.com...'
77
+ say '-----> Checking software versions on hakiri.io...'
78
78
  response = @http_client.check_versions_diff(@options.stack, params)
79
79
 
80
80
  if response[:errors]
@@ -108,7 +108,7 @@ class Hakiri::Gemfile < Hakiri::Cli
108
108
  end
109
109
 
110
110
  if update or @options.force
111
- say '-----> Syncing versions with www.hakiriup.com...'
111
+ say '-----> Syncing versions with hakiri.io...'
112
112
  params = { :stack => @options.stack, :technologies => @stack.technologies }
113
113
  response = @http_client.sync_stack_versions(response[:project][:stack][:id], params)
114
114
 
data/lib/hakiri/cli/system.rb CHANGED
@@ -50,7 +50,7 @@ class Hakiri::System < Hakiri::Cli
50
50
  end
51
51
 
52
52
  unless authenticated
53
- say '****** Signup on www.hakiriup.com to get notified when new vulnerabilities come out.'
53
+ say '****** Signup on hakiri.io to get notified when new vulnerabilities come out.'
54
54
  end
55
55
  end
56
56
  end
@@ -80,7 +80,7 @@ class Hakiri::System < Hakiri::Cli
80
80
 
81
81
  # CHECK VERSIONS ON THE SERVER
82
82
  params = { :technologies => @stack.technologies }
83
- say '-----> Checking software versions on www.hakiriup.com...'
83
+ say '-----> Checking software versions on hakiri.io...'
84
84
  response = @http_client.check_versions_diff(@options.stack, params)
85
85
 
86
86
  if response[:errors]
@@ -114,7 +114,7 @@ class Hakiri::System < Hakiri::Cli
114
114
  end
115
115
 
116
116
  if update or @options.force
117
- say '-----> Syncing versions with www.hakiriup.com...'
117
+ say '-----> Syncing versions with hakiri.io...'
118
118
  params = { :stack => @options.stack, :technologies => @stack.technologies }
119
119
  response = @http_client.sync_stack_versions(response[:project][:stack][:id], params)
120
120
 
@@ -225,7 +225,7 @@ class Hakiri::System < Hakiri::Cli
225
225
  end
226
226
 
227
227
  unless authenticated
228
- say '****** Signup on www.hakiriup.com to get notified when new vulnerabilities come out.'
228
+ say '****** Signup on hakiri.io to get notified when new vulnerabilities come out.'
229
229
  end
230
230
  end
231
231
  end
data/lib/hakiri/http_client.rb CHANGED
@@ -8,7 +8,7 @@ class Hakiri::HttpClient
8
8
  #
9
9
  def initialize
10
10
  @auth_token = (ENV['HAKIRI_AUTH_TOKEN'] or nil)
11
- @api_url = (ENV['HAKIRI_API_URL'] or 'https://www.hakiriup.com/api/v1')
11
+ @api_url = (ENV['HAKIRI_API_URL'] or 'https://hakiri.io/api/v1')
12
12
  end
13
13
 
14
14
  #
data/lib/hakiri/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Hakiri
2
- VERSION = '0.5.3'
2
+ VERSION = '0.6.0'
3
3
  end
metadata CHANGED
@@ -1,148 +1,130 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hakiri
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.3
5
- prerelease:
4
+ version: 0.6.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - Vasily Vasinov
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2013-09-15 00:00:00.000000000 Z
11
+ date: 2013-11-15 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: bundler
16
15
  requirement: !ruby/object:Gem::Requirement
17
- none: false
18
16
  requirements:
19
- - - ! '>='
17
+ - - '>='
20
18
  - !ruby/object:Gem::Version
21
19
  version: '0'
22
20
  type: :runtime
23
21
  prerelease: false
24
22
  version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
23
  requirements:
27
- - - ! '>='
24
+ - - '>='
28
25
  - !ruby/object:Gem::Version
29
26
  version: '0'
30
27
  - !ruby/object:Gem::Dependency
31
28
  name: rake
32
29
  requirement: !ruby/object:Gem::Requirement
33
- none: false
34
30
  requirements:
35
- - - ! '>='
31
+ - - '>='
36
32
  - !ruby/object:Gem::Version
37
33
  version: '0'
38
34
  type: :runtime
39
35
  prerelease: false
40
36
  version_requirements: !ruby/object:Gem::Requirement
41
- none: false
42
37
  requirements:
43
- - - ! '>='
38
+ - - '>='
44
39
  - !ruby/object:Gem::Version
45
40
  version: '0'
46
41
  - !ruby/object:Gem::Dependency
47
42
  name: commander
48
43
  requirement: !ruby/object:Gem::Requirement
49
- none: false
50
44
  requirements:
51
- - - ! '>='
45
+ - - '>='
52
46
  - !ruby/object:Gem::Version
53
47
  version: '0'
54
48
  type: :runtime
55
49
  prerelease: false
56
50
  version_requirements: !ruby/object:Gem::Requirement
57
- none: false
58
51
  requirements:
59
- - - ! '>='
52
+ - - '>='
60
53
  - !ruby/object:Gem::Version
61
54
  version: '0'
62
55
  - !ruby/object:Gem::Dependency
63
56
  name: terminal-table
64
57
  requirement: !ruby/object:Gem::Requirement
65
- none: false
66
58
  requirements:
67
- - - ! '>='
59
+ - - '>='
68
60
  - !ruby/object:Gem::Version
69
61
  version: '0'
70
62
  type: :runtime
71
63
  prerelease: false
72
64
  version_requirements: !ruby/object:Gem::Requirement
73
- none: false
74
65
  requirements:
75
- - - ! '>='
66
+ - - '>='
76
67
  - !ruby/object:Gem::Version
77
68
  version: '0'
78
69
  - !ruby/object:Gem::Dependency
79
70
  name: activesupport
80
71
  requirement: !ruby/object:Gem::Requirement
81
- none: false
82
72
  requirements:
83
- - - ! '>='
73
+ - - '>='
84
74
  - !ruby/object:Gem::Version
85
75
  version: '0'
86
76
  type: :runtime
87
77
  prerelease: false
88
78
  version_requirements: !ruby/object:Gem::Requirement
89
- none: false
90
79
  requirements:
91
- - - ! '>='
80
+ - - '>='
92
81
  - !ruby/object:Gem::Version
93
82
  version: '0'
94
83
  - !ruby/object:Gem::Dependency
95
84
  name: i18n
96
85
  requirement: !ruby/object:Gem::Requirement
97
- none: false
98
86
  requirements:
99
- - - ! '>='
87
+ - - '>='
100
88
  - !ruby/object:Gem::Version
101
89
  version: '0'
102
90
  type: :runtime
103
91
  prerelease: false
104
92
  version_requirements: !ruby/object:Gem::Requirement
105
- none: false
106
93
  requirements:
107
- - - ! '>='
94
+ - - '>='
108
95
  - !ruby/object:Gem::Version
109
96
  version: '0'
110
97
  - !ruby/object:Gem::Dependency
111
98
  name: rest-client
112
99
  requirement: !ruby/object:Gem::Requirement
113
- none: false
114
100
  requirements:
115
- - - ! '>='
101
+ - - '>='
116
102
  - !ruby/object:Gem::Version
117
103
  version: '0'
118
104
  type: :runtime
119
105
  prerelease: false
120
106
  version_requirements: !ruby/object:Gem::Requirement
121
- none: false
122
107
  requirements:
123
- - - ! '>='
108
+ - - '>='
124
109
  - !ruby/object:Gem::Version
125
110
  version: '0'
126
111
  - !ruby/object:Gem::Dependency
127
112
  name: json_pure
128
113
  requirement: !ruby/object:Gem::Requirement
129
- none: false
130
114
  requirements:
131
- - - ! '>='
115
+ - - '>='
132
116
  - !ruby/object:Gem::Version
133
117
  version: '0'
134
118
  type: :runtime
135
119
  prerelease: false
136
120
  version_requirements: !ruby/object:Gem::Requirement
137
- none: false
138
121
  requirements:
139
- - - ! '>='
122
+ - - '>='
140
123
  - !ruby/object:Gem::Version
141
124
  version: '0'
142
125
  - !ruby/object:Gem::Dependency
143
126
  name: minitest
144
127
  requirement: !ruby/object:Gem::Requirement
145
- none: false
146
128
  requirements:
147
129
  - - ~>
148
130
  - !ruby/object:Gem::Version
@@ -150,13 +132,12 @@ dependencies:
150
132
  type: :development
151
133
  prerelease: false
152
134
  version_requirements: !ruby/object:Gem::Requirement
153
- none: false
154
135
  requirements:
155
136
  - - ~>
156
137
  - !ruby/object:Gem::Version
157
138
  version: 5.0.0
158
- description: Hakiri is a CLI for www.hakiriup.com—a cloud security platform for Ruby
159
- on Rails apps.
139
+ description: Hakiri is a CLI for hakiri.io—a cloud security platform for Ruby on Rails
140
+ apps.
160
141
  email: vasinov@me.com
161
142
  executables:
162
143
  - hakiri
@@ -210,29 +191,28 @@ files:
210
191
  - test/hakiri/technology_test.rb
211
192
  - test/hakiri_test.rb
212
193
  - test/test_helper.rb
213
- homepage: https://www.hakiriup.com
194
+ homepage: https://hakiri.io
214
195
  licenses:
215
196
  - MIT
197
+ metadata: {}
216
198
  post_install_message:
217
199
  rdoc_options: []
218
200
  require_paths:
219
201
  - lib
220
202
  required_ruby_version: !ruby/object:Gem::Requirement
221
- none: false
222
203
  requirements:
223
- - - ! '>='
204
+ - - '>='
224
205
  - !ruby/object:Gem::Version
225
206
  version: '0'
226
207
  required_rubygems_version: !ruby/object:Gem::Requirement
227
- none: false
228
208
  requirements:
229
- - - ! '>='
209
+ - - '>='
230
210
  - !ruby/object:Gem::Version
231
211
  version: '0'
232
212
  requirements: []
233
213
  rubyforge_project:
234
- rubygems_version: 1.8.23
214
+ rubygems_version: 2.0.3
235
215
  signing_key:
236
- specification_version: 3
216
+ specification_version: 4
237
217
  summary: Secure Rails with Hakiri
238
218
  test_files: []