neetob 0.5.32 → 0.5.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bdc4b3fcccf8922a0af4103b623e59450fe925a70895acb4775e2529d43c62a5
4
- data.tar.gz: d6174c39ae93a4d3b02269c33783b066084b8fd313e9990aeb49cdbe0e6f7070
3
+ metadata.gz: 7d1e81ad19b7fc0000a78ee52943577368c4eb26ee7fa8765cefdd7c48184be0
4
+ data.tar.gz: 64bdf65d26eeefa1c8f7282ad6f5b33be88df114cc4b24e2ac661a3fb7975a9e
5
5
  SHA512:
6
- metadata.gz: 36c2cecc7209321eeea50e5f1567483156717719e2230aa12fc49cfd7b67e44801766c061b6c7a7473c300d59d14d234f975ad64778af30d31b2787a31911b1c
7
- data.tar.gz: b03fcafed7e88cc22f0608e10c3a9259fee735f3801394ece26deee34cf402722cb3731f1060a3c4daf44f5fec6049d9d39f668c761ae949a3484535bd4aff48
6
+ metadata.gz: ba217948009c17afa6ed22ff558d7edf585b2a9f8beb5bb8786c967cc52ff9f8f11ccd9d26467c0b7cd8350afc102341e4a2513fdd29e25c752edb2a78b3dc1e
7
+ data.tar.gz: 5cb907b16d2508c4fbac786eeb9567fe54f35e1a750c8366d1f3590bbb9d1705c997c6a992775761bc152b5282634faf479c533a6f306ab3c6abc34400f22c64
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- neetob (0.5.32)
4
+ neetob (0.5.34)
5
5
  brakeman (~> 5.0)
6
6
  chronic
7
7
  dotenv (~> 2.8.1)
@@ -32,16 +32,32 @@ module Neetob
32
32
  end
33
33
 
34
34
  def get(username:, password:, headers: { "Accept" => "application/json" })
35
- uri = URI(MONITORS_URL)
36
- request = Net::HTTP::Get.new(uri)
37
- headers.each { |key, value| request[key] = value }
38
- request.basic_auth(username, password)
35
+ monitors = []
36
+ move_to_next_page = true
37
+ page = 1
38
+ while move_to_next_page
39
+ url_to_fetch_from = MONITORS_URL
40
+ url_to_fetch_from += "?page=#{page}" if page > 1
41
+ uri = URI(url_to_fetch_from)
42
+ request = Net::HTTP::Get.new(uri)
43
+ headers.each { |key, value| request[key] = value }
44
+ request.basic_auth(username, password)
39
45
 
40
- response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
41
- http.request(request)
42
- end
46
+ response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
47
+ http.request(request)
48
+ end
43
49
 
44
- parse_response(response)
50
+ parsed_response = parse_response(response)
51
+ total_monitor_count = parsed_response[:total_monitor_count]
52
+ page_size = parsed_response[:page_size]
53
+ if total_monitor_count > (page * page_size)
54
+ page += 1
55
+ else
56
+ move_to_next_page = false
57
+ end
58
+ monitors += parsed_response[:monitors]
59
+ end
60
+ monitors
45
61
  end
46
62
  end
47
63
  end
@@ -11,8 +11,8 @@ module Neetob
11
11
  end
12
12
 
13
13
  def run
14
- cronitor_one_monitors = get(username: ENV["CRONITOR_ONE_API_KEY"], password: "")[:monitors]
15
- cronitor_three_monitors = get(username: ENV["CRONITOR_THREE_API_KEY"], password: "")[:monitors]
14
+ cronitor_one_monitors = get(username: ENV["CRONITOR_ONE_API_KEY"], password: "")
15
+ cronitor_three_monitors = get(username: ENV["CRONITOR_THREE_API_KEY"], password: "")
16
16
  cronitor_one_monitors + cronitor_three_monitors
17
17
  end
18
18
  end
@@ -0,0 +1,59 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "./make_pr/base"
4
+
5
+ module Neetob
6
+ class CLI
7
+ module Github
8
+ class ActiveRecordDoctor < MakePr::Base
9
+ DESCRIPTION = "Fix vulnerabilities reported by active_record_doctor"
10
+ attr_accessor :repos, :sandbox
11
+
12
+ def initialize(repos, sandbox = false)
13
+ super()
14
+ @repos = repos
15
+ @sandbox = sandbox
16
+ end
17
+
18
+ def run
19
+ matching_repos = find_all_matching_apps_or_repos(repos, :github, sandbox)
20
+ report = nil
21
+ matching_repos.each do |repo|
22
+ begin
23
+ ui.info("\nWorking on repo #{repo}", print_to_audit_log: false)
24
+ clone_repo_in_tmp_dir(repo)
25
+ bundle_install!(repo)
26
+ setup_db!(repo)
27
+ report = run_active_record_doctor(repo)
28
+ ui.success("Successfully executed active_record_doctor for #{repo}", print_to_audit_log: false)
29
+
30
+ report = report.lines.reject { |line| line.start_with?("**") }.join("\n")
31
+ if !report.blank? && !Thread.current[:audit_mode]
32
+ issue = client.create_issue(repo, DESCRIPTION, parse_description(warnings))
33
+ ui.success("Issue created at #{issue.html_url}")
34
+ end
35
+ rescue StandardError => e
36
+ ExceptionHandler.new(e).process
37
+ end
38
+ end
39
+ `rm -rf /tmp/neetob` unless Thread.current[:audit_mode]
40
+ if Thread.current[:audit_mode]
41
+ report
42
+ end
43
+ end
44
+
45
+ private
46
+
47
+ def run_active_record_doctor(repo)
48
+ `#{cd_to_repo(repo)} && bundle exec rake active_record_doctor`
49
+ end
50
+
51
+ def setup_db!(repo)
52
+ `#{cd_to_repo(repo)} && cp config/database.yml.postgresql config/database.yml`
53
+ `#{cd_to_repo(repo)} && sed -i '' 's/_development/_development_audit/g' config/database.yml`
54
+ `#{cd_to_repo(repo)} && bundle exec rake setup`
55
+ end
56
+ end
57
+ end
58
+ end
59
+ end
@@ -10,16 +10,19 @@ module Neetob
10
10
  module InstancesAndAddons
11
11
  module Cronitor
12
12
  class Main < CLI::Base
13
+ attr_accessor :cumulative_monitors_data
14
+
13
15
  def initialize
14
16
  super()
17
+ @cumulative_monitors_data = Neetob::CLI::Cronitor::GetAllMonitors.new.run
15
18
  end
16
19
 
17
20
  def run
18
- SetupCorrectlyForApps.new.run
21
+ SetupCorrectlyForApps.new(cumulative_monitors_data).run
19
22
  ui.info "\n"
20
- SetupCorrectlyForHelpCenter.new.run
23
+ SetupCorrectlyForHelpCenter.new(cumulative_monitors_data).run
21
24
  ui.info "\n"
22
- SetupCorrectlyForLandingPages.new.run
25
+ SetupCorrectlyForLandingPages.new(cumulative_monitors_data).run
23
26
  end
24
27
  end
25
28
  end
@@ -8,15 +8,16 @@ module Neetob
8
8
  module InstancesAndAddons
9
9
  module Cronitor
10
10
  class SetupCorrectlyForApps < CLI::Base
11
- def initialize
11
+ attr_reader :all_monitors
12
+
13
+ def initialize(cumulative_monitors_data)
12
14
  super()
15
+ @all_monitors = cumulative_monitors_data
13
16
  end
14
17
 
15
18
  def run
16
19
  ui.success "### 3.3.1. Checking whether Cronitor monitors are set up correctly for apps"
17
20
 
18
- all_monitors = Neetob::CLI::Cronitor::GetAllMonitors.new.run
19
-
20
21
  apps_data = [["App", "Monitor for Application present", "Monitor for Application enabled", "Comments",
21
22
  "Audit Passed"]]
22
23
  ui.info("\n", print_to_audit_log: false)
@@ -10,15 +10,16 @@ module Neetob
10
10
  "NeetoTower"
11
11
  ]
12
12
 
13
- def initialize
13
+ attr_reader :all_monitors
14
+
15
+ def initialize(cumulative_monitors_data)
14
16
  super()
17
+ @all_monitors = cumulative_monitors_data
15
18
  end
16
19
 
17
20
  def run
18
21
  ui.success "### 3.3.2. Checking whether Cronitor monitors are set up correctly for Help Centers"
19
22
 
20
- all_monitors = Neetob::CLI::Cronitor::GetAllMonitors.new.run
21
-
22
23
  apps_data = [["App", "Monitor for Application help center present",
23
24
  "Monitor for Application help center enabled", "Comments", "Audit Passed"]]
24
25
  ui.info("\n", print_to_audit_log: false)
@@ -11,15 +11,16 @@ module Neetob
11
11
  "NeetoTower"
12
12
  ]
13
13
 
14
- def initialize
14
+ attr_reader :all_monitors
15
+
16
+ def initialize(cumulative_monitors_data)
15
17
  super()
18
+ @all_monitors = cumulative_monitors_data
16
19
  end
17
20
 
18
21
  def run
19
22
  ui.success "### 3.3.3. Checking whether Cronitor monitors are set up correctly for landing pages"
20
23
 
21
- all_monitors = Neetob::CLI::Cronitor::GetAllMonitors.new.run
22
-
23
24
  apps_data = [["App", "Monitor for Application landing page present",
24
25
  "Monitor for Application landing page enabled", "Comments", "Audit Passed"]]
25
26
  ui.info("\n", print_to_audit_log: false)
@@ -0,0 +1,40 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "../../../github/active_record_doctor"
4
+
5
+ module Neetob
6
+ class CLI
7
+ module MonthlyAudit
8
+ module Security
9
+ module Code
10
+ class ActiveRecordDoctor < CLI::Base
11
+ def initialize
12
+ super()
13
+ end
14
+
15
+ def run
16
+ ui.success("### 1.1.4. Checking whether running `rake active_record_doctor` throws any vulnerabilities")
17
+ repo_data = [["Repository", "Issues Found", "Comments", "Audit Passed"]]
18
+ ui.info "\n"
19
+ NeetoCompliance::NeetoRepos.products.keys.take(5).each do |repo|
20
+ ui.info("Checking ActiveRecordDoctor run results for #{repo}", print_to_audit_log: false)
21
+ active_record_doctor_run_result = Neetob::CLI::Github::ActiveRecordDoctor.new([repo]).run
22
+
23
+ if active_record_doctor_run_result.blank?
24
+ issues_found = "No"
25
+ comments = nil
26
+ else
27
+ issues_found = "Yes"
28
+ comments = "#{active_record_doctor_run_result.lines.first.strip} ..."
29
+ end
30
+ audit_passed = issues_found == "No" ? "Yes" : "No"
31
+ repo_data << [repo, issues_found, comments, audit_passed]
32
+ end
33
+ ui.print_table(repo_data)
34
+ end
35
+ end
36
+ end
37
+ end
38
+ end
39
+ end
40
+ end
@@ -3,6 +3,7 @@
3
3
  require_relative "bundle_audit"
4
4
  require_relative "yarn_audit"
5
5
  require_relative "brakeman"
6
+ require_relative "active_record_doctor"
6
7
 
7
8
  module Neetob
8
9
  class CLI
@@ -20,6 +21,8 @@ module Neetob
20
21
  YarnAudit.new.run
21
22
  ui.info "\n"
22
23
  Brakeman.new.run
24
+ ui.info "\n"
25
+ ActiveRecordDoctor.new.run
23
26
  end
24
27
  end
25
28
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Neetob
4
- VERSION = "0.5.32"
4
+ VERSION = "0.5.34"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: neetob
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.32
4
+ version: 0.5.34
5
5
  platform: ruby
6
6
  authors:
7
7
  - Udai Gupta
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2025-01-28 00:00:00.000000000 Z
11
+ date: 2025-01-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -185,6 +185,7 @@ files:
185
185
  - lib/neetob/cli/cronitor/base.rb
186
186
  - lib/neetob/cli/cronitor/get_all_monitors.rb
187
187
  - lib/neetob/cli/fetchorupdate_repos/execute.rb
188
+ - lib/neetob/cli/github/active_record_doctor.rb
188
189
  - lib/neetob/cli/github/auth.rb
189
190
  - lib/neetob/cli/github/base.rb
190
191
  - lib/neetob/cli/github/brakeman.rb
@@ -260,6 +261,7 @@ files:
260
261
  - lib/neetob/cli/monthly_audit/misc/sparkpost_sub_account_used_for_all_apps.rb
261
262
  - lib/neetob/cli/monthly_audit/misc/ssl_certs_setup_for_auto_renewal.rb
262
263
  - lib/neetob/cli/monthly_audit/perform.rb
264
+ - lib/neetob/cli/monthly_audit/security/code/active_record_doctor.rb
263
265
  - lib/neetob/cli/monthly_audit/security/code/brakeman.rb
264
266
  - lib/neetob/cli/monthly_audit/security/code/bundle_audit.rb
265
267
  - lib/neetob/cli/monthly_audit/security/code/main.rb