iron_dome 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +17 -0
- data/lib/iron_dome/reader.rb +17 -17
- data/lib/iron_dome/version.rb +1 -1
- data/lib/iron_dome.rb +16 -0
- metadata +3 -4
- data/sig/iron_dome.rbs +0 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9c889cd53f074999e647537c26d7a3d8556a50e6275f0ff151e56a9d628b9707
|
|
4
|
+
data.tar.gz: 519d8c5edc3da20ca618e9f083d75e92c78fa5eac5942a78cc4bb6ab216b6d15
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1f296bbadbe9c5a68564adcb25afc812695e4d4c538a16ef036e0d0dd356745348dd5639ad03fb18e338437ee85b2a17e028dc14ea82de8d7f8f18f78a20c9b4
|
|
7
|
+
data.tar.gz: 836b9813c0c3c24b07d8f22a6ffbceef01293c429e647d7974fafa50a64595dbeb4084ff9a174f26f829c47013cc34bdbb36155646549618a4784462c3a09f2e
|
data/README.md
CHANGED
|
@@ -14,10 +14,27 @@ this directory must have the Gemfile.lock, you can also run on a ci/cd pipeline.
|
|
|
14
14
|
|
|
15
15
|
$ iron_dome
|
|
16
16
|
|
|
17
|
+
### Theres some optional params you can use, like, -o or --output and -d or --detail
|
|
18
|
+
|
|
19
|
+
This will generate a sarif file format.
|
|
20
|
+
|
|
21
|
+
$ iron_dome -o
|
|
22
|
+
$ iron_dome --output
|
|
23
|
+
|
|
24
|
+
This will show details on the current shell session like the output example below.
|
|
25
|
+
|
|
26
|
+
$ iron_dome -d
|
|
27
|
+
$ iron_dome --detail
|
|
28
|
+
|
|
17
29
|
## Output Example
|
|
18
30
|
|
|
19
31
|
|
|
20
32
|
|
|
33
|
+
## Supported language and lockfile format
|
|
34
|
+
|
|
35
|
+
| Ruby | Gemfile.lock |
|
|
36
|
+
|-----------|-----------------|
|
|
37
|
+
|
|
21
38
|
## Development
|
|
22
39
|
|
|
23
40
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
data/lib/iron_dome/reader.rb
CHANGED
|
@@ -27,7 +27,7 @@ module IronDome
|
|
|
27
27
|
puts "Verifying vulnerabilities on osv database ..."
|
|
28
28
|
results = Requester.osv_request(packages_and_versions)
|
|
29
29
|
results.compact!
|
|
30
|
-
system_output(results)
|
|
30
|
+
system_output(results) unless options[:sarif_output] == true
|
|
31
31
|
output_sarif_file_format(results) if options[:sarif_output] == true
|
|
32
32
|
end
|
|
33
33
|
|
|
@@ -35,7 +35,7 @@ module IronDome
|
|
|
35
35
|
# method to call the module to generate the sarif report
|
|
36
36
|
puts "Generating the sarif output ..."
|
|
37
37
|
IronDome::Sarif::Output.new.output_report(results)
|
|
38
|
-
puts "Sarif file
|
|
38
|
+
puts "Sarif file outputted"
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def system_output(results)
|
|
@@ -50,35 +50,35 @@ module IronDome
|
|
|
50
50
|
|
|
51
51
|
def build_output(results)
|
|
52
52
|
# Build the terminal output but maybe we will need to improve this methods.
|
|
53
|
-
|
|
53
|
+
total_vulnerabilities = 0
|
|
54
54
|
|
|
55
|
-
puts ":: Vulnerabilities found:"
|
|
55
|
+
puts ":: Vulnerabilities found:".colorize(:red)
|
|
56
56
|
results.each do |result|
|
|
57
|
-
result["vulns"].each do |
|
|
58
|
-
print_vulnerability_info(
|
|
59
|
-
|
|
57
|
+
result["vulns"].each do |vulnerability|
|
|
58
|
+
print_vulnerability_info(vulnerability)
|
|
59
|
+
total_vulnerabilities += 1
|
|
60
60
|
end
|
|
61
61
|
end
|
|
62
62
|
|
|
63
|
-
puts "#{
|
|
63
|
+
puts "#{total_vulnerabilities} vulnerabilities founded.".colorize(:light_red)
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
-
def print_vulnerability_info(
|
|
67
|
-
package_name = extract_package_name(
|
|
68
|
-
version_fixed = extract_version_fixed(
|
|
69
|
-
summary =
|
|
70
|
-
details =
|
|
66
|
+
def print_vulnerability_info(vulnerabilities)
|
|
67
|
+
package_name = extract_package_name(vulnerabilities)
|
|
68
|
+
version_fixed = extract_version_fixed(vulnerabilities)
|
|
69
|
+
summary = vulnerabilities["summary"]
|
|
70
|
+
details = vulnerabilities["details"]
|
|
71
71
|
|
|
72
72
|
print_info(package_name, version_fixed, summary, details)
|
|
73
73
|
end
|
|
74
74
|
|
|
75
|
-
def extract_package_name(
|
|
76
|
-
affected_package =
|
|
75
|
+
def extract_package_name(vulnerability)
|
|
76
|
+
affected_package = vulnerability["affected"].first
|
|
77
77
|
affected_package["package"]["name"]
|
|
78
78
|
end
|
|
79
79
|
|
|
80
|
-
def extract_version_fixed(
|
|
81
|
-
affected_package =
|
|
80
|
+
def extract_version_fixed(vulnerability)
|
|
81
|
+
affected_package = vulnerability["affected"].first
|
|
82
82
|
version_ranges = affected_package["ranges"].first
|
|
83
83
|
version_ranges["events"].last["fixed"]
|
|
84
84
|
end
|
data/lib/iron_dome/version.rb
CHANGED
data/lib/iron_dome.rb
CHANGED
|
@@ -16,7 +16,10 @@ module IronDome
|
|
|
16
16
|
|
|
17
17
|
# class entry, this is the entrypoint of the gem.
|
|
18
18
|
class Entry
|
|
19
|
+
# rubocop:disable Metrics/MethodLength
|
|
19
20
|
def main
|
|
21
|
+
puts display_ascii_art
|
|
22
|
+
|
|
20
23
|
options = {}
|
|
21
24
|
OptionParser.new do |opts|
|
|
22
25
|
opts.on("-o", "--output", "Generate a sarif format file report.") do |output|
|
|
@@ -30,5 +33,18 @@ module IronDome
|
|
|
30
33
|
|
|
31
34
|
Reader.new(options).call
|
|
32
35
|
end
|
|
36
|
+
# rubocop:enable Metrics/MethodLength
|
|
37
|
+
|
|
38
|
+
def display_ascii_art
|
|
39
|
+
<<-ART
|
|
40
|
+
██╗██████╗ ██████╗ ███╗ ██╗██████╗ ██████╗ ███╗ ███╗███████╗
|
|
41
|
+
██║██╔══██╗██╔═══██╗████╗ ██║██╔══██╗██╔═══██╗████╗ ████║██╔════╝
|
|
42
|
+
██║██████╔╝██║ ██║██╔██╗ ██║██║ ██║██║ ██║██╔████╔██║█████╗
|
|
43
|
+
██║██╔══██╗██║ ██║██║╚██╗██║██║ ██║██║ ██║██║╚██╔╝██║██╔══╝
|
|
44
|
+
██║██║ ██║╚██████╔╝██║ ╚████║██████╔╝╚██████╔╝██║ ╚═╝ ██║███████╗
|
|
45
|
+
╚═╝╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══╝╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝ v#{IronDome::VERSION}
|
|
46
|
+
|
|
47
|
+
ART
|
|
48
|
+
end
|
|
33
49
|
end
|
|
34
50
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: iron_dome
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jose Augusto
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-02
|
|
11
|
+
date: 2024-03-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: colorize
|
|
@@ -89,7 +89,6 @@ files:
|
|
|
89
89
|
- lib/iron_dome/requester.rb
|
|
90
90
|
- lib/iron_dome/sarif/output.rb
|
|
91
91
|
- lib/iron_dome/version.rb
|
|
92
|
-
- sig/iron_dome.rbs
|
|
93
92
|
homepage: https://github.com/JAugusto42/iron_dome
|
|
94
93
|
licenses:
|
|
95
94
|
- MIT
|
|
@@ -112,7 +111,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
112
111
|
- !ruby/object:Gem::Version
|
|
113
112
|
version: '0'
|
|
114
113
|
requirements: []
|
|
115
|
-
rubygems_version: 3.5.
|
|
114
|
+
rubygems_version: 3.5.3
|
|
116
115
|
signing_key:
|
|
117
116
|
specification_version: 4
|
|
118
117
|
summary: A vulnerability scanner for ruby projects dependencies
|
data/sig/iron_dome.rbs
DELETED