jekyll-secinfo 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: db36616adf02913710e54b3ae0215749cea04314b2df6c9de1644b977d37b05d
4
+ data.tar.gz: 5feeff4c6bdb0403c5040607c8f855b732a69f1c5bb5ae483126cb5459337bc8
5
+ SHA512:
6
+ metadata.gz: 70436d3f1d3ea17ddf0bf9971b71f3537696872c08f7c7dc58e0ae79fe727953697d7d27dc490f31b7b27b2695743b438891f1bd146a252879478d25818b2ed7
7
+ data.tar.gz: d43d7d97f2ed4d16071189e871f9bec4644ac5f508ff6bec6c87212bbf1d54eb2fa363ddd2e8b13ee6a21f991e5f9a2d97593a47c3c4ee22092f220b1866b99f
@@ -0,0 +1,54 @@
1
+ version: 2
2
+ jobs:
3
+
4
+ test_and_build:
5
+ docker:
6
+ - image: ruby:latest
7
+ steps:
8
+ - run: (cd /root/;rm -rf project;mkdir project)
9
+ - checkout
10
+ - run:
11
+ name: Set up
12
+ command: |
13
+ bundle install --jobs 4
14
+ - run:
15
+ name: Rake :spec
16
+ command: |
17
+ rake
18
+
19
+ upload:
20
+ docker:
21
+ - image: ruby:latest
22
+ steps:
23
+ - run:
24
+ name: Install software
25
+ command: |
26
+ #apk update;
27
+ #apk add rsync openssh sshpass;
28
+ #echo "set ftp:passive-mode true" > ~/.lftprc
29
+ - restore_cache:
30
+ key: jekyll-{{ .Environment.CIRCLE_SHA1 }}
31
+ - run:
32
+ name: Upload
33
+ command: |
34
+ #mkdir ~/.ssh;
35
+ #echo "upload.bit.nl,213.136.12.217 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIVx+0N0LECcGHPywPCk9uz4/l3kNUVNe5QQRleIkMCTarkYauvRrPNPl49x3LIjF6cZsmQZX7jwgsJqEzfcF98=" > ~/.ssh/known_hosts;
36
+ #cd /root/project/;
37
+ #sshpass -e rsync -av .htaccess www-divd@upload.bit.nl:htdocs;
38
+ #cd /root/project/csirt.divd.nl/_site;
39
+ #sshpass -e rsync -av . www-divd@upload.bit.nl:htdocs/securitymeldpunt-nl;
40
+ #cd /root/project/www.divd.nl/_site;
41
+ #sshpass -e rsync -av . www-divd@upload.bit.nl:htdocs/divd-nl;
42
+
43
+ workflows:
44
+ version: 2
45
+ build_and_upload:
46
+ jobs:
47
+ - test_and_build
48
+ - upload:
49
+ requires:
50
+ - test_and_build
51
+ filters:
52
+ branches:
53
+ only:
54
+ - main
@@ -0,0 +1,12 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
10
+ .DS_Store
11
+ /spec/fixtures/.jekyll-cache
12
+ *.gem
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --color
2
+ --require spec_helper
3
+ #--order random
@@ -0,0 +1,5 @@
1
+ This project is inspirect by and contains code form the following projects:
2
+ * Jekyll-YouTube - https://github.com/dommmel/jekyll-youtube - Copyright (c) 2015 Dommmel - MIT license
3
+ * Jekyll-Spaceship - https://github.com/jeffreytse/jekyll-spaceship/ - Copyright (c) 2019 Jeffrey Tse - MIT license
4
+ * Jekyll-Mentions - https://github.com/jekyll/jekyll-mentions - Copyright (c) 2014-present GitHub, Inc. and the jekyll-mentions contributors
5
+ - MIT license
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in jekyllcontentful.gemspec
4
+ gemspec
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2015 Dommmel
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
@@ -0,0 +1,95 @@
1
+ # Jekyll Secinfo
2
+
3
+ This Jekyll pluging provides a tag and filter that turns references to security related info (currently only CVEs) into clickable links.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your Gemfile:
8
+
9
+ ```ruby
10
+ group :jekyll_plugins do
11
+ gem "jekyll-secinfo"
12
+ end
13
+ ```
14
+
15
+ And then execute:
16
+
17
+ $ bundle
18
+
19
+ Alternatively install the gem yourself as:
20
+
21
+ $ gem install jekyll-secinfo
22
+
23
+ and put this in your ``_config.yml``
24
+
25
+ ```yaml
26
+ plugins:
27
+ - jekyll-secinfo
28
+ # This will require each of these gems automatically.
29
+ ```
30
+
31
+ ## Usage
32
+
33
+ As a tag `{% cve CVE-2019-19781 %}` or as a filter `{{ "cve-2019-19781" | cve }}`
34
+
35
+ For CVE multiple formats are accepted:
36
+ * Full CVE in lower or upper case e.g. `CVE-2019-19781` or `cve-2019-19781`
37
+ * Just the number e.g. `2019-19781`
38
+
39
+ ## Result
40
+
41
+ By default the plugin will output the following code
42
+
43
+ ```markup
44
+ <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781" class="cve">CVE-2019-19781</a>
45
+ ```
46
+
47
+ ## Configuration
48
+
49
+ The behaviour of this plugin can be configured in `_config.yml`
50
+
51
+ ```yml
52
+ jekyll-secinfo:
53
+ cve:
54
+ style: mitre # Supported styles are mitre, nvd and cvedetails
55
+ url: # Style is ignored if a custom URL is defined.
56
+ ```
57
+
58
+ You can also put these values in the front matter of a page to override the values in `_config.yml` for a specific page.
59
+
60
+ ### Styles
61
+
62
+ For CVE's the style influences the way a tag or filter is rendered. This is how this input `{% cve CVE-2019-19781 %}` or as a filter `{{ "CVE-2019-19781" | cve }}` will be rendered in different styles:
63
+
64
+ mitre
65
+ ```markup
66
+ <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781" class="cve">CVE-2019-19781</a>
67
+ ```
68
+
69
+ mitre
70
+ ```markup
71
+ <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-19781" class="cve">CVE-2019-19781</a>
72
+ ```
73
+
74
+ mitre
75
+ ```markup
76
+ <a href="https://www.cvedetails.com/cve/CVE-2019-19781/" class="cve">CVE-2019-19781</a>
77
+ ```
78
+
79
+ ### Using your own URL
80
+
81
+ You can specify a custom URL to be used as well. If the url includes `%s` this will be substituted with the number part of the CVE once. Otherwise the number part of the CVE will be appended to the url.
82
+
83
+ ```markup
84
+ jekyll-secinfo:
85
+ cve:
86
+ url: http://localhost:4500/CVE-%s.html
87
+ ---
88
+ {% cve 1999-9999 %}
89
+ ```
90
+
91
+ Will reneder as
92
+ ```markup
93
+ <p><a href="http://localhost:4500/CVE-1999-99999.html" class="cve">CVE-1999-99999</a></p>
94
+ ```
95
+
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
+
6
+ RSpec::Core::RakeTask.new(:spec)
7
+
8
+ task :default => :spec
@@ -0,0 +1,27 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'jekyll-secinfo/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "jekyll-secinfo"
8
+ spec.version = Jekyll::Secinfo::VERSION
9
+ spec.authors = ["Frank Breedijk"]
10
+ spec.email = ["fbreedijk@schubergphilis.com"]
11
+
12
+ spec.summary = %q{jekyll plugin to generate html snippets various security info}
13
+ spec.description = %q{This Jekyll plugin to generate html snippets for clickable security information tags like CVEs and CWEs}
14
+ spec.homepage = "https://github.com/MrSeccubus/jekyll-secinfo"
15
+ spec.license = "MIT"
16
+
17
+ spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
18
+ spec.require_paths = ["lib"]
19
+
20
+ spec.add_dependency 'jekyll'
21
+ spec.add_dependency "rainbow", "~> 3.0"
22
+
23
+ spec.add_development_dependency "bundler", "~> 2.1"
24
+ spec.add_development_dependency "rake", "~> 10.0"
25
+ spec.add_development_dependency "rspec", "~> 3.0"
26
+ spec.add_development_dependency "rubocop-jekyll", "~> 0.4"
27
+ end
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ # External
4
+ require "jekyll"
5
+
6
+ # Support
7
+ require "jekyll-secinfo/logger"
8
+
9
+ # Core
10
+ require "jekyll-secinfo/cve"
11
+
12
+ module Jekyll::Secinfo
13
+ Logger.display_info
14
+ end
15
+
@@ -0,0 +1,47 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Support
4
+ require "jekyll-secinfo/logger"
5
+
6
+ CONFIG_NAME = 'jekyll-secinfo'
7
+ DEFAULT_CONFIG = {
8
+ CONFIG_NAME => {
9
+ "cve" => {
10
+ "style" => "mitre"
11
+ }
12
+ }
13
+ }
14
+
15
+
16
+ module Jekyll::Secinfo
17
+ class Config
18
+
19
+ def self.get(site_config, page)
20
+ config = DEFAULT_CONFIG
21
+ if site_config
22
+ config = config.merge(site_config) if site_config.key?(CONFIG_NAME)
23
+ end
24
+ if page.key?(CONFIG_NAME)
25
+ fromdoc = { CONFIG_NAME => page[CONFIG_NAME] }
26
+ config = config.merge(fromdoc)
27
+ end
28
+
29
+ if not config[CONFIG_NAME]["cve"].key?("url")
30
+ case config[CONFIG_NAME]["cve"]["style"]
31
+ when "mitre"
32
+ config[CONFIG_NAME]["cve"]["url"] = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-"
33
+ when "cvedetails"
34
+ config[CONFIG_NAME]["cve"]["url"] = "https://www.cvedetails.com/cve/CVE-%s/"
35
+ when "nvd"
36
+ config[CONFIG_NAME]["cve"]["url"] = "https://nvd.nist.gov/vuln/detail/CVE-"
37
+ else
38
+ # Unknown CVE style unsing 'mitre'-style instead
39
+ config[CONFIG_NAME]["cve"]["url"] = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-"
40
+ end
41
+ end
42
+
43
+ return config[CONFIG_NAME]
44
+ end #get_config
45
+
46
+ end #Config
47
+ end #module
@@ -0,0 +1,63 @@
1
+ # External
2
+ require "jekyll"
3
+ require "jekyll-secinfo/version"
4
+
5
+ # Support
6
+ require "jekyll-secinfo/logger"
7
+ require "jekyll-secinfo/config"
8
+
9
+ module Jekyll::Secinfo
10
+ class Cve
11
+
12
+ def self.cve_to_link(text, site, page)
13
+ #Logger.log(context)
14
+ config = Jekyll::Secinfo::Config.get(site, page)
15
+ m = text.match(/^(CVE-|cve-)?(\d{4}-\d{4,})/) # See https://cve.mitre.org/cve/identifiers/syntaxchange.html
16
+ if m
17
+ if config["cve"]["url"] =~ /\%s/
18
+ url=config["cve"]["url"] % m[2]
19
+ else
20
+ url="#{config["cve"]["url"]}#{m[2]}"
21
+ end
22
+ return "<a href='#{url}' class='cve'>CVE-#{m[2]}</a>"
23
+ else
24
+ return nil
25
+ end
26
+ end
27
+ end
28
+
29
+ class CveTag < Liquid::Tag
30
+
31
+ def initialize(tagName, text, tokens)
32
+ super
33
+ @text = text
34
+ end
35
+
36
+ def render(context)
37
+ cve_text = @text.strip
38
+ out = Cve.cve_to_link(cve_text, context["site"]["config"], context["page"])
39
+ return out if out
40
+ return @text
41
+ end
42
+
43
+ end
44
+
45
+ module CveFilter
46
+ def cve(cvetxt, niets = nil)
47
+ if cvetxt
48
+ link = Cve.cve_to_link(cvetxt, @context.registers[:site].config, @context.registers[:page])
49
+ if link
50
+ return link
51
+ else
52
+ return cvetxt
53
+ end
54
+ else
55
+ return ""
56
+ end
57
+ end
58
+ end
59
+
60
+ Liquid::Template.register_tag("cve", Jekyll::Secinfo::CveTag)
61
+ Liquid::Template.register_filter(CveFilter)
62
+
63
+ end
@@ -0,0 +1,41 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'jekyll-secinfo/version'
4
+ require 'rainbow/refinement'
5
+
6
+ using Rainbow
7
+
8
+
9
+ module Jekyll::Secinfo
10
+ class Logger
11
+ def initialize(namespace)
12
+ @namespace = namespace
13
+ end
14
+
15
+ def self.display_info
16
+ self.log "Jekyll-Secinfo #{Jekyll::Secinfo::VERSION}"
17
+ self.log 'A Jekyll plugin to provide clickability to security info like CVEs and CWEs.'
18
+ self.log 'https://github.com/MrSeccubus/jekyll-secinfo'.underline
19
+ end
20
+
21
+ def self.log(content)
22
+ if (content.is_a? String)
23
+ self.output 'Jekyll Secinfo', content.bright
24
+ else
25
+ self.output 'Jekyll Secinfo', content.inspect.bright
26
+ end
27
+ end
28
+
29
+ def self.output(title, content)
30
+ puts "#{title.rjust(18)}: #{content}"
31
+ end
32
+
33
+ def log(content)
34
+ if @namespace.nil?
35
+ self.class.log content
36
+ else
37
+ self.class.log "[#{@namespace}] #{content}"
38
+ end
39
+ end
40
+ end
41
+ end
@@ -0,0 +1,5 @@
1
+ module Jekyll
2
+ module Secinfo
3
+ VERSION = "0.0.1"
4
+ end
5
+ end
metadata ADDED
@@ -0,0 +1,142 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: jekyll-secinfo
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Frank Breedijk
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2021-01-29 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: jekyll
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rainbow
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '3.0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '3.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '2.1'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '2.1'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '10.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '10.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rspec
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '3.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '3.0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: rubocop-jekyll
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '0.4'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '0.4'
97
+ description: This Jekyll plugin to generate html snippets for clickable security information
98
+ tags like CVEs and CWEs
99
+ email:
100
+ - fbreedijk@schubergphilis.com
101
+ executables: []
102
+ extensions: []
103
+ extra_rdoc_files: []
104
+ files:
105
+ - ".circleci/config.yml"
106
+ - ".gitignore"
107
+ - ".rspec"
108
+ - ACKNOWLEDGEMENTS.md
109
+ - Gemfile
110
+ - LICENSE.txt
111
+ - README.md
112
+ - Rakefile
113
+ - jekyll-secinfo.gemspec
114
+ - lib/jekyll-secinfo.rb
115
+ - lib/jekyll-secinfo/config.rb
116
+ - lib/jekyll-secinfo/cve.rb
117
+ - lib/jekyll-secinfo/logger.rb
118
+ - lib/jekyll-secinfo/version.rb
119
+ homepage: https://github.com/MrSeccubus/jekyll-secinfo
120
+ licenses:
121
+ - MIT
122
+ metadata: {}
123
+ post_install_message:
124
+ rdoc_options: []
125
+ require_paths:
126
+ - lib
127
+ required_ruby_version: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ required_rubygems_version: !ruby/object:Gem::Requirement
133
+ requirements:
134
+ - - ">="
135
+ - !ruby/object:Gem::Version
136
+ version: '0'
137
+ requirements: []
138
+ rubygems_version: 3.1.2
139
+ signing_key:
140
+ specification_version: 4
141
+ summary: jekyll plugin to generate html snippets various security info
142
+ test_files: []