legendary 0.1.1 → 0.1.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: aefc6fb0972728426c4b38469b838777b894b75f
4
- data.tar.gz: acd7ba7e9fd48ccd4e8a27e3c1b32ce28a7d77e4
3
+ metadata.gz: 5ac4b3cc8c9d05fbbff30808ba7771c78bc1f841
4
+ data.tar.gz: 14440bea8e2dcd757aab109d4d522c77483f61c2
5
5
  SHA512:
6
- metadata.gz: d59631179eb07b3d1a4df5611fa58c3a4a222b90c020e5bdc42053de5d85af55c0e4b8ebc6b013c75243dc96850a178743b93fec72ebd6d0b06b4dd7830e426d
7
- data.tar.gz: 841f9db731f28697c5fbdeeb8c24e99fd98db89fb8b29b54c7aed3e2f612975453a87eaa6dbf381a45c11a57cebb8ef1c42af090f1f8f74400e0684f69601e8d
6
+ metadata.gz: 5fe704860adfdabafb77c69a0ce1643f7058010432438f705638f1076221afa629350910fcf690ed2ff11e3678de13632ac60c80192c0002a20ab6b3bd193a7d
7
+ data.tar.gz: 1f4f4c7706692d6ca059e043165eb02606a5c8a60b8e75cfd89416269e2aad710eb5e8e21244ec9c52ed45cd3746cfd7d5ef1484f23a61cb8bf88f19398545a8
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2015 John D'Agostino
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md CHANGED
@@ -30,11 +30,11 @@ RSpec integration (in your spec/spec_helper.rb)
30
30
 
31
31
  in a spec file
32
32
 
33
- ```ruby
34
- describe Project::Application do
35
- specify { is_expected.to be_secure }
36
- end
37
- ```
33
+ ```ruby
34
+ describe Project::Application do
35
+ specify { is_expected.to be_secure }
36
+ end
37
+ ```
38
38
 
39
39
  ## Development
40
40
 
@@ -31,8 +31,8 @@ module Legendary
31
31
  def vulnerable?
32
32
  # FIXME: speeds things up, but in theory a
33
33
  # a gem might not have a release, but have vulnerable
34
- return false unless (outdated? || git_outdated?)
35
- return vulnerabilities.any?
34
+ # return false unless (outdated? || git_outdated?)
35
+ return vulnerabilities.to_a.size > 0
36
36
  end
37
37
 
38
38
  def vulnerabilities
@@ -4,8 +4,8 @@ module Legendary
4
4
 
5
5
  attr_accessor :path
6
6
 
7
- def initialize(path)
8
- @path = path
7
+ def initialize(path=nil)
8
+ @path = path || '/tmp/.legendary-repo'
9
9
  end
10
10
 
11
11
  def repo_exists?
@@ -1,13 +1,23 @@
1
1
  require 'rspec/matchers'
2
2
 
3
+ $GEMS = Legendary::Gems.new
3
4
 
4
5
  RSpec::Matchers.define :be_secure do
5
- match do
6
- gems = Legendary::Gems.new
7
- vulnerable_gems = gems.collect do |gem|
6
+ match do |thing|
7
+ vulnerable_gems = $GEMS.collect do |gem|
8
8
  gem.vulnerable?
9
9
  end
10
10
 
11
- expect(vulnerable_gems.nil?).to be_truthy
11
+ expect(vulnerable_gems.empty?).to be_truthy
12
+ end
13
+ end
14
+
15
+ RSpec::Matchers.define :be_updated do
16
+ match do |thing|
17
+ outdated = $GEMS.collect do |gem|
18
+ gem.outdated?
19
+ end
20
+
21
+ expect(outdated.empty?).to be_truthy
12
22
  end
13
23
  end
@@ -1,6 +1,6 @@
1
1
  module Legendary
2
2
  class Runner
3
- def initialize(path='/tmp/.legendary-repo')
3
+ def initialize(path=nil)
4
4
  Legendary.repository = Repository.new(path)
5
5
  end
6
6
 
@@ -1,3 +1,3 @@
1
1
  module Legendary
2
- VERSION = "0.1.1"
2
+ VERSION = "0.1.2"
3
3
  end
@@ -8,7 +8,7 @@ module Legendary
8
8
 
9
9
  def path
10
10
  @path ||= File.join(Legendary.repository.path,
11
- @info.name)
11
+ "/gems/#{@info.name}")
12
12
  end
13
13
 
14
14
  def exists?
@@ -21,24 +21,22 @@ module Legendary
21
21
  Legendary.logger.info("#{@info.name} : #{path}")
22
22
 
23
23
  Dir.foreach(path) do |yaml_file|
24
- info = YAML.load(yaml_file)
24
+ next if yaml_file =~ /\A\./
25
25
 
26
- Legendary.logger.info("#{@info.name}: #{info}")
26
+ info = YAML.load(File.read(File.join(path, yaml_file)))
27
27
 
28
- affected = (vulnerability.patched_versions || []).none?(satisfied_version)
29
- patched = (vulnerability.unaffected_versions || []).none?(satisfied_version)
28
+ satisfied_version = lambda do |version|
29
+ Gem::Requirement.new(version.split(',')).satisfied_by?(@info.version)
30
+ end
31
+
32
+ affected = (info["patched_versions"] || []).none?(&satisfied_version)
33
+ patched = (info["unaffected_versions"] || []).none?(&satisfied_version)
30
34
 
31
35
  if affected || patched
32
36
  yield info
33
37
  end
34
38
  end
35
39
  end
36
-
37
- private
38
-
39
- def satisfied_version(version)
40
- Gem::Requirement.new(version.split(',')).satisfied_by?(@info.version)
41
- end
42
40
  end
43
41
  end
44
42
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: legendary
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - John D'Agostino
@@ -107,6 +107,7 @@ files:
107
107
  - ".rspec"
108
108
  - ".travis.yml"
109
109
  - Gemfile
110
+ - LICENSE.txt
110
111
  - README.md
111
112
  - Rakefile
112
113
  - bin/console