iron_dome 0.1.1 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +17 -0
- data/lib/iron_dome/reader.rb +18 -18
- data/lib/iron_dome/requester.rb +1 -1
- data/lib/iron_dome/version.rb +1 -1
- data/lib/iron_dome.rb +16 -0
- metadata +3 -5
- data/iron_dome.gemspec +0 -38
- data/sig/iron_dome.rbs +0 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9c889cd53f074999e647537c26d7a3d8556a50e6275f0ff151e56a9d628b9707
|
|
4
|
+
data.tar.gz: 519d8c5edc3da20ca618e9f083d75e92c78fa5eac5942a78cc4bb6ab216b6d15
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1f296bbadbe9c5a68564adcb25afc812695e4d4c538a16ef036e0d0dd356745348dd5639ad03fb18e338437ee85b2a17e028dc14ea82de8d7f8f18f78a20c9b4
|
|
7
|
+
data.tar.gz: 836b9813c0c3c24b07d8f22a6ffbceef01293c429e647d7974fafa50a64595dbeb4084ff9a174f26f829c47013cc34bdbb36155646549618a4784462c3a09f2e
|
data/README.md
CHANGED
|
@@ -14,10 +14,27 @@ this directory must have the Gemfile.lock, you can also run on a ci/cd pipeline.
|
|
|
14
14
|
|
|
15
15
|
$ iron_dome
|
|
16
16
|
|
|
17
|
+
### Theres some optional params you can use, like, -o or --output and -d or --detail
|
|
18
|
+
|
|
19
|
+
This will generate a sarif file format.
|
|
20
|
+
|
|
21
|
+
$ iron_dome -o
|
|
22
|
+
$ iron_dome --output
|
|
23
|
+
|
|
24
|
+
This will show details on the current shell session like the output example below.
|
|
25
|
+
|
|
26
|
+
$ iron_dome -d
|
|
27
|
+
$ iron_dome --detail
|
|
28
|
+
|
|
17
29
|
## Output Example
|
|
18
30
|
|
|
19
31
|
|
|
20
32
|
|
|
33
|
+
## Supported language and lockfile format
|
|
34
|
+
|
|
35
|
+
| Ruby | Gemfile.lock |
|
|
36
|
+
|-----------|-----------------|
|
|
37
|
+
|
|
21
38
|
## Development
|
|
22
39
|
|
|
23
40
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
data/lib/iron_dome/reader.rb
CHANGED
|
@@ -27,7 +27,7 @@ module IronDome
|
|
|
27
27
|
puts "Verifying vulnerabilities on osv database ..."
|
|
28
28
|
results = Requester.osv_request(packages_and_versions)
|
|
29
29
|
results.compact!
|
|
30
|
-
system_output(results)
|
|
30
|
+
system_output(results) unless options[:sarif_output] == true
|
|
31
31
|
output_sarif_file_format(results) if options[:sarif_output] == true
|
|
32
32
|
end
|
|
33
33
|
|
|
@@ -35,13 +35,13 @@ module IronDome
|
|
|
35
35
|
# method to call the module to generate the sarif report
|
|
36
36
|
puts "Generating the sarif output ..."
|
|
37
37
|
IronDome::Sarif::Output.new.output_report(results)
|
|
38
|
-
puts "Sarif file
|
|
38
|
+
puts "Sarif file outputted"
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def system_output(results)
|
|
42
42
|
# method to call module to output the results on current shell.
|
|
43
43
|
if results.empty?
|
|
44
|
-
puts "No
|
|
44
|
+
puts "No vulnerabilities founded".colorize(:green)
|
|
45
45
|
return
|
|
46
46
|
end
|
|
47
47
|
|
|
@@ -50,35 +50,35 @@ module IronDome
|
|
|
50
50
|
|
|
51
51
|
def build_output(results)
|
|
52
52
|
# Build the terminal output but maybe we will need to improve this methods.
|
|
53
|
-
|
|
53
|
+
total_vulnerabilities = 0
|
|
54
54
|
|
|
55
|
-
puts ":: Vulnerabilities found:"
|
|
55
|
+
puts ":: Vulnerabilities found:".colorize(:red)
|
|
56
56
|
results.each do |result|
|
|
57
|
-
result["vulns"].each do |
|
|
58
|
-
print_vulnerability_info(
|
|
59
|
-
|
|
57
|
+
result["vulns"].each do |vulnerability|
|
|
58
|
+
print_vulnerability_info(vulnerability)
|
|
59
|
+
total_vulnerabilities += 1
|
|
60
60
|
end
|
|
61
61
|
end
|
|
62
62
|
|
|
63
|
-
puts "#{
|
|
63
|
+
puts "#{total_vulnerabilities} vulnerabilities founded.".colorize(:light_red)
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
-
def print_vulnerability_info(
|
|
67
|
-
package_name = extract_package_name(
|
|
68
|
-
version_fixed = extract_version_fixed(
|
|
69
|
-
summary =
|
|
70
|
-
details =
|
|
66
|
+
def print_vulnerability_info(vulnerabilities)
|
|
67
|
+
package_name = extract_package_name(vulnerabilities)
|
|
68
|
+
version_fixed = extract_version_fixed(vulnerabilities)
|
|
69
|
+
summary = vulnerabilities["summary"]
|
|
70
|
+
details = vulnerabilities["details"]
|
|
71
71
|
|
|
72
72
|
print_info(package_name, version_fixed, summary, details)
|
|
73
73
|
end
|
|
74
74
|
|
|
75
|
-
def extract_package_name(
|
|
76
|
-
affected_package =
|
|
75
|
+
def extract_package_name(vulnerability)
|
|
76
|
+
affected_package = vulnerability["affected"].first
|
|
77
77
|
affected_package["package"]["name"]
|
|
78
78
|
end
|
|
79
79
|
|
|
80
|
-
def extract_version_fixed(
|
|
81
|
-
affected_package =
|
|
80
|
+
def extract_version_fixed(vulnerability)
|
|
81
|
+
affected_package = vulnerability["affected"].first
|
|
82
82
|
version_ranges = affected_package["ranges"].first
|
|
83
83
|
version_ranges["events"].last["fixed"]
|
|
84
84
|
end
|
data/lib/iron_dome/requester.rb
CHANGED
|
@@ -5,7 +5,7 @@ require "faraday"
|
|
|
5
5
|
require "concurrent"
|
|
6
6
|
|
|
7
7
|
module IronDome
|
|
8
|
-
# The requester class
|
|
8
|
+
# The requester class responsible to deal with osv database request and result.
|
|
9
9
|
class Requester
|
|
10
10
|
URL = "https://api.osv.dev/v1/query"
|
|
11
11
|
FARADAY_OPTIONS = { headers: { "Content-Type" => "application/json" } }.freeze
|
data/lib/iron_dome/version.rb
CHANGED
data/lib/iron_dome.rb
CHANGED
|
@@ -16,7 +16,10 @@ module IronDome
|
|
|
16
16
|
|
|
17
17
|
# class entry, this is the entrypoint of the gem.
|
|
18
18
|
class Entry
|
|
19
|
+
# rubocop:disable Metrics/MethodLength
|
|
19
20
|
def main
|
|
21
|
+
puts display_ascii_art
|
|
22
|
+
|
|
20
23
|
options = {}
|
|
21
24
|
OptionParser.new do |opts|
|
|
22
25
|
opts.on("-o", "--output", "Generate a sarif format file report.") do |output|
|
|
@@ -30,5 +33,18 @@ module IronDome
|
|
|
30
33
|
|
|
31
34
|
Reader.new(options).call
|
|
32
35
|
end
|
|
36
|
+
# rubocop:enable Metrics/MethodLength
|
|
37
|
+
|
|
38
|
+
def display_ascii_art
|
|
39
|
+
<<-ART
|
|
40
|
+
██╗██████╗ ██████╗ ███╗ ██╗██████╗ ██████╗ ███╗ ███╗███████╗
|
|
41
|
+
██║██╔══██╗██╔═══██╗████╗ ██║██╔══██╗██╔═══██╗████╗ ████║██╔════╝
|
|
42
|
+
██║██████╔╝██║ ██║██╔██╗ ██║██║ ██║██║ ██║██╔████╔██║█████╗
|
|
43
|
+
██║██╔══██╗██║ ██║██║╚██╗██║██║ ██║██║ ██║██║╚██╔╝██║██╔══╝
|
|
44
|
+
██║██║ ██║╚██████╔╝██║ ╚████║██████╔╝╚██████╔╝██║ ╚═╝ ██║███████╗
|
|
45
|
+
╚═╝╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══╝╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝ v#{IronDome::VERSION}
|
|
46
|
+
|
|
47
|
+
ART
|
|
48
|
+
end
|
|
33
49
|
end
|
|
34
50
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: iron_dome
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jose Augusto
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-02
|
|
11
|
+
date: 2024-03-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: colorize
|
|
@@ -83,14 +83,12 @@ files:
|
|
|
83
83
|
- Rakefile
|
|
84
84
|
- exe/iron_dome
|
|
85
85
|
- image.png
|
|
86
|
-
- iron_dome.gemspec
|
|
87
86
|
- lib/iron_dome.rb
|
|
88
87
|
- lib/iron_dome/output.rb
|
|
89
88
|
- lib/iron_dome/reader.rb
|
|
90
89
|
- lib/iron_dome/requester.rb
|
|
91
90
|
- lib/iron_dome/sarif/output.rb
|
|
92
91
|
- lib/iron_dome/version.rb
|
|
93
|
-
- sig/iron_dome.rbs
|
|
94
92
|
homepage: https://github.com/JAugusto42/iron_dome
|
|
95
93
|
licenses:
|
|
96
94
|
- MIT
|
|
@@ -113,7 +111,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
113
111
|
- !ruby/object:Gem::Version
|
|
114
112
|
version: '0'
|
|
115
113
|
requirements: []
|
|
116
|
-
rubygems_version: 3.5.
|
|
114
|
+
rubygems_version: 3.5.3
|
|
117
115
|
signing_key:
|
|
118
116
|
specification_version: 4
|
|
119
117
|
summary: A vulnerability scanner for ruby projects dependencies
|
data/iron_dome.gemspec
DELETED
|
@@ -1,38 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require_relative "lib/iron_dome/version"
|
|
4
|
-
|
|
5
|
-
Gem::Specification.new do |spec|
|
|
6
|
-
spec.name = "iron_dome"
|
|
7
|
-
spec.version = IronDome::VERSION
|
|
8
|
-
spec.authors = ["Jose Augusto"]
|
|
9
|
-
spec.email = ["joseaugusto.881@outlook.com"]
|
|
10
|
-
|
|
11
|
-
spec.summary = "A vulnerability scanner for ruby projects dependencies"
|
|
12
|
-
spec.homepage = "https://github.com/JAugusto42/iron_dome"
|
|
13
|
-
spec.license = "MIT"
|
|
14
|
-
spec.required_ruby_version = ">= 2.6.0"
|
|
15
|
-
|
|
16
|
-
spec.metadata["homepage_uri"] = spec.homepage
|
|
17
|
-
spec.metadata["source_code_uri"] = "https://github.com/JAugusto42/iron_dome"
|
|
18
|
-
spec.metadata["changelog_uri"] = "https://github.com/JAugusto42/iron_dome/CHANGELOG.md"
|
|
19
|
-
|
|
20
|
-
spec.executables << "iron_dome"
|
|
21
|
-
|
|
22
|
-
# Specify which files should be added to the gem when it is released.
|
|
23
|
-
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
|
24
|
-
spec.files = Dir.chdir(__dir__) do
|
|
25
|
-
`git ls-files -z`.split("\x0").reject do |f|
|
|
26
|
-
(File.expand_path(f) == __FILE__) ||
|
|
27
|
-
f.start_with?(*%w[bin/ test/ spec/ features/ .git appveyor Gemfile])
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
spec.bindir = "exe"
|
|
31
|
-
spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
|
|
32
|
-
spec.require_paths = ["lib"]
|
|
33
|
-
|
|
34
|
-
spec.add_dependency "colorize", "~> 1.1"
|
|
35
|
-
spec.add_dependency "concurrent-ruby", "~> 1.2"
|
|
36
|
-
spec.add_dependency "faraday", "~> 2.9"
|
|
37
|
-
spec.add_dependency "rake", "~> 13.0"
|
|
38
|
-
end
|
data/sig/iron_dome.rbs
DELETED