RubyGems - hrw - Versions diffs - 0.1.0 → 0.2.0 - Mend

Files changed (11) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 670978eb8167255d8fbe62416a0a4b2bc8915074b34e4c4cc75091d2cc6cd3d3
-  data.tar.gz: 26d18f588f3145076d70d7ba2bac78badcb35169a16e2c8af917ac8299bb0238
+  metadata.gz: 8fe6651b90c24ea35a9d817ec3b8d7ec647a948b152ce4680bdc05ae5c064278
+  data.tar.gz: 73c5dee0d9cb315cb836047b11d6ea08071c26201589bd308e8eada78f6bf68a
 SHA512:
-  metadata.gz: d0b77d983c3036917919aac670ed757c7660de56bd151f3141b83227a5afa5e391e765dbbef7676b5ddbe60602f78707db86e2ca6aed0f29e53c51478a311ddd
-  data.tar.gz: 28ad93ca22a29c4239f76b609a6a077878a563e93bf84a3b390a3178d2bbd045ab2659b1880794269435ef0999aba2c8037f8c13c36602b85319a190c26217e2
+  metadata.gz: 1e216592af1cd152ecca7f5c4a69c8d23abb7bf29be8f599f01068583e8c18664885fe15df21a9024a0e80b8a7458a94aedab98eb6afa6d921b0c0c5e78e8b88
+  data.tar.gz: 14406bff727ff378ef77d2f231bd4f11165be7266e3c526cc46e42498d91aff82e9a174e790ee783bdb9e290721142086ad56d9b668e9b57ce74705b4b0b3ef7

data/.gitignore CHANGED Viewed

@@ -11,3 +11,4 @@
 .rspec_status
 .idea
+*.gem

data/Gemfile.lock ADDED Viewed

@@ -0,0 +1,65 @@
+PATH
+  remote: .
+  specs:
+    hrw (0.1.0)
+      http (~> 4.1, >= 4.1.1)
+      pry-byebug (~> 3.7)
+      rainbow (~> 3.0)
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.6.0)
+      public_suffix (>= 2.0.2, < 4.0)
+    byebug (11.0.1)
+    coderay (1.1.2)
+    diff-lcs (1.3)
+    domain_name (0.5.20180417)
+      unf (>= 0.0.5, < 1.0.0)
+    http (4.1.1)
+      addressable (~> 2.3)
+      http-cookie (~> 1.0)
+      http-form_data (~> 2.0)
+      http_parser.rb (~> 0.6.0)
+    http-cookie (1.0.3)
+      domain_name (~> 0.5)
+    http-form_data (2.1.1)
+    http_parser.rb (0.6.0)
+    method_source (0.9.2)
+    pry (0.12.2)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    pry-byebug (3.7.0)
+      byebug (~> 11.0)
+      pry (~> 0.10)
+    public_suffix (3.0.3)
+    rainbow (3.0.0)
+    rake (10.5.0)
+    rspec (3.8.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+    rspec-core (3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-mocks (3.8.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-support (3.8.0)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.5)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  bundler (~> 2.0)
+  hrw!
+  rake (~> 10.0)
+  rspec (~> 3.0)
+BUNDLED WITH
+   2.0.1

data/exe/hrw CHANGED Viewed

@@ -23,23 +23,17 @@ if options.url.nil?
   end
 end
-begin
-  scanner = Hrw::Detector.detect
-  specs = scanner.scan
+scanner = Hrw::Detector.detect
+specs = scanner.scan
-  api = Hrw::API.new(options.url)
-  hash = api.submit(specs)
-  result = api.retrieve(hash)
+api = Hrw::API.new(options.url)
+hash = api.submit(specs)
+result = api.retrieve(hash)
-  formatter = Hrw::Formatter.new
-  vulnerable_deps = formatter.format(result)
+formatter = Hrw::Formatter.new
+vulnerable_deps = formatter.format(result)
-  unless vulnerable_deps.empty?
-    formatter.print_vulnerable_deps(vulnerable_deps)
-    exit(1)
-  end
-rescue StandardError => ex
-  require 'pry-byebug'
-  binding.pry
-  puts ex.message
-end
+unless vulnerable_deps.empty?
+  formatter.print_vulnerable_deps(vulnerable_deps)
+  exit(1)
+ end

data/hrw.gemspec CHANGED Viewed

@@ -29,5 +29,4 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'http', '~> 4.1', '>= 4.1.1'
   spec.add_runtime_dependency 'rainbow', '~> 3.0'
-  spec.add_runtime_dependency 'pry-byebug', '~> 3.7'
 end

data/lib/hrw/detector.rb CHANGED Viewed

@@ -14,7 +14,8 @@ module Hrw
     # Constants
     #
     DETECTABLE_FILES = {
-      'Gemfile.lock': Scanner::Gemfile
+      'Gemfile.lock': Scanner::Gemfile,
+      'Pipfile.lock': Scanner::Pipfile
     }.freeze
     # Detect package manager in root dir

data/lib/hrw/formatter.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require 'json'
 # Third-party libraries
 #
 require 'rainbow'
+require 'rainbow/ext/string'
 module Hrw
   #
@@ -41,7 +42,7 @@ module Hrw
           puts "Advisory: #{vuln['name']}"
           puts "Severity: #{vuln['severity']}"
           puts "Link: #{vuln['link']}"
-          puts "Patched version: #{patched_version['spec'].join(', ')}"
+          puts "Patched: #{patched_version['spec'].join(', ')}"
           puts
         end
       end

data/lib/hrw/scanner/pipfile.rb ADDED Viewed

@@ -0,0 +1,37 @@
+require 'json'
+module Hrw
+  module Scanner
+    #
+    # Used to scan gem lock file
+    #
+    class Pipfile
+      # Class constructor
+      #
+      # @param [String] root The path to the project root
+      # @param [String] lockfile
+      #   The name for the lock file, default is `Pipfile.lock`
+      def initialize(root = Dir.pwd, lockfile = 'Pipfile.lock')
+        @root = root
+        @lockfile = lockfile
+      end
+      # Scan the lock file
+      # @return [Hash] Dependencies
+      def scan
+        deps = []
+        lock = JSON.parse(File.read(File.join(@root, @lockfile)))
+        lock['default'].each_pair do |name, info|
+          deps << {
+            name: name,
+            version: info['version']
+          }
+        end
+        deps
+      end
+    end
+  end
+end

data/lib/hrw/scanner.rb CHANGED Viewed

@@ -4,5 +4,6 @@ module Hrw
   #
   module Scanner
     require 'hrw/scanner/gemfile'
+    require 'hrw/scanner/pipfile'
   end
 end

data/lib/hrw/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Hrw
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hrw
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - hi_ztz
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-03-28 00:00:00.000000000 Z
+date: 2019-04-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -86,20 +86,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: pry-byebug
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.7'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.7'
 description: Hrw helps you to secure your ruby apps.
 email:
 - hi_ztz@protonmail.com
@@ -112,6 +98,7 @@ files:
 - ".rspec"
 - ".travis.yml"
 - Gemfile
+- Gemfile.lock
 - LICENSE.txt
 - README.md
 - Rakefile
@@ -125,6 +112,7 @@ files:
 - lib/hrw/formatter.rb
 - lib/hrw/scanner.rb
 - lib/hrw/scanner/gemfile.rb
+- lib/hrw/scanner/pipfile.rb
 - lib/hrw/version.rb
 homepage: https://github.com/zt2/hrw
 licenses:

hrw 0.1.0 → 0.2.0