nvd_feed_api 0.0.3 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/lib/nvd_feed_api.rb +11 -0
- data/lib/nvd_feed_api/version.rb +1 -1
- data/pages/CHANGELOG.md +11 -4
- data/pages/EXAMPLES.md +3 -5
- data/test/test_nvd_feed_api.rb +42 -42
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 421862fc8896856c94ac947b15d78b2538a9c13c
|
|
4
|
+
data.tar.gz: 23daab198d07a5da168a8884d2476a73feb21ee7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ddfcce9f3483fee3d46e70a7a9fcc839f22c15a1bbc9c8090df47bfda8de118d0f71ea21d639df8b54ea6efb0c19dfdae383e7b7c71bea026a009a1122fff888
|
|
7
|
+
data.tar.gz: b8f1755ce9de8c03da15699f4c17f57433d60a02b9b421a38ce420ba4188d59f79ec3cc4069600ee7ed99e63f2981994f511a74ffeebd13fcebc3b2118ba42ce
|
data/.rubocop.yml
CHANGED
data/lib/nvd_feed_api.rb
CHANGED
|
@@ -483,6 +483,8 @@ class NVDFeedScraper
|
|
|
483
483
|
break
|
|
484
484
|
end
|
|
485
485
|
end
|
|
486
|
+
# CVE-2002 feed (the 1st one) contains CVE from 1999 to 2002
|
|
487
|
+
matched_feed = 'CVE-2002' if matched_feed.nil? && ('1999'..'2001').to_a.include?(year)
|
|
486
488
|
raise "bad CVE year in #{arg_cve}" if matched_feed.nil?
|
|
487
489
|
f = feeds(matched_feed)
|
|
488
490
|
f.json_pull
|
|
@@ -501,8 +503,17 @@ class NVDFeedScraper
|
|
|
501
503
|
feed_names = available_feeds.to_set
|
|
502
504
|
feed_names.delete('CVE-Modified')
|
|
503
505
|
feed_names.delete('CVE-Recent')
|
|
506
|
+
# CVE-2002 feed (the 1st one) contains CVE from 1999 to 2002
|
|
507
|
+
virtual_feeds = ['CVE-1999', 'CVE-2000', 'CVE-2001']
|
|
508
|
+
# So virtually add those feed...
|
|
509
|
+
feed_names.merge(virtual_feeds)
|
|
504
510
|
raise 'unexisting CVE year was provided in some CVE' unless feeds_to_match.subset?(feed_names)
|
|
505
511
|
matched_feeds = feeds_to_match.intersection(feed_names)
|
|
512
|
+
# and now that the intersection is done remove those virtual feeds and add CVE-2002 instead if needed
|
|
513
|
+
unless matched_feeds.intersection(virtual_feeds.to_set).empty?
|
|
514
|
+
matched_feeds.subtract(virtual_feeds)
|
|
515
|
+
matched_feeds.add('CVE-2002')
|
|
516
|
+
end
|
|
506
517
|
feeds_arr = feeds(matched_feeds.to_a)
|
|
507
518
|
feeds_arr.each do |feed|
|
|
508
519
|
feed.json_pull
|
data/lib/nvd_feed_api/version.rb
CHANGED
data/pages/CHANGELOG.md
CHANGED
|
@@ -1,4 +1,11 @@
|
|
|
1
|
-
# [0.0
|
|
1
|
+
# [0.1.0] - 17 January 2018
|
|
2
|
+
|
|
3
|
+
[0.1.0]: https://gitlab.com/noraj/nvd_api/tags/v0.1.0
|
|
4
|
+
|
|
5
|
+
- add support for CVE from 1999 to 2001
|
|
6
|
+
- fix tests
|
|
7
|
+
|
|
8
|
+
# [0.0.3] - 6 January 2018
|
|
2
9
|
|
|
3
10
|
[0.0.3]: https://gitlab.com/noraj/nvd_api/tags/v0.0.3
|
|
4
11
|
|
|
@@ -6,14 +13,14 @@
|
|
|
6
13
|
- new badges on README
|
|
7
14
|
- As rubydoc.info seems bug, use gitlab pages instead for hosting YARD doc
|
|
8
15
|
|
|
9
|
-
# [0.0.2.pre] - 5 January
|
|
16
|
+
# [0.0.2.pre] - 5 January 2018
|
|
10
17
|
|
|
11
18
|
[0.0.2.pre]: https://gitlab.com/noraj/nvd_api/tags/v0.0.2.pre
|
|
12
19
|
|
|
13
20
|
- Test a new version number to fix a bug with rubygems.org
|
|
14
21
|
- Correct month name in the dates in the CHANGELOG
|
|
15
22
|
|
|
16
|
-
# [0.0.1.rc2] - 4 January
|
|
23
|
+
# [0.0.1.rc2] - 4 January 2018
|
|
17
24
|
|
|
18
25
|
[0.0.1.rc2]: https://gitlab.com/noraj/nvd_api/tags/v0.0.1.rc2
|
|
19
26
|
|
|
@@ -21,7 +28,7 @@
|
|
|
21
28
|
- Improve the README to be a good entrypoint.
|
|
22
29
|
- Improve the FEATURES.
|
|
23
30
|
|
|
24
|
-
# [0.0.1.rc1] - 4 January
|
|
31
|
+
# [0.0.1.rc1] - 4 January 2018
|
|
25
32
|
|
|
26
33
|
[0.0.1.rc1]: https://gitlab.com/noraj/nvd_api/tags/v0.0.1.rc1
|
|
27
34
|
|
data/pages/EXAMPLES.md
CHANGED
|
@@ -12,10 +12,8 @@ s.scrap
|
|
|
12
12
|
# Change the default feed storage location beacause default value is '/tmp/'.
|
|
13
13
|
# '/tmp/' is mounted as tmpFS and is cleaned at every start.
|
|
14
14
|
# This will considerably speed up your performance is you have to reboot.
|
|
15
|
-
NVDFeedScraper::Feed.default_storage_location = "/home/
|
|
15
|
+
NVDFeedScraper::Feed.default_storage_location = "/home/user/Dev/cve_feeds"
|
|
16
16
|
# Create a {Feed} object for all available feeds
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
f.json_pull
|
|
20
|
-
end
|
|
17
|
+
# and for each one download the JSON file and fill the attributes.
|
|
18
|
+
s.feeds(s.available_feeds).each(&:json_pull)
|
|
21
19
|
```
|
data/test/test_nvd_feed_api.rb
CHANGED
|
@@ -9,7 +9,7 @@ class NVDAPITest < Minitest::Test
|
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def test_scraper_scrap
|
|
12
|
-
assert_equal(@s.scrap,
|
|
12
|
+
assert_equal(0, @s.scrap, 'scrap method return nothing')
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def test_scraper_feeds_noarg
|
|
@@ -51,27 +51,27 @@ class NVDAPITest < Minitest::Test
|
|
|
51
51
|
refute_empty(@s.cve(['CVE-2014-0160', 'cve-2009-3555']), 'cve returns an empty array')
|
|
52
52
|
# bad arg
|
|
53
53
|
## string but not a CVE ID
|
|
54
|
-
assert_raises(RuntimeError) do
|
|
55
|
-
|
|
56
|
-
assert_equal(err.message, 'bad CVE name')
|
|
54
|
+
err = assert_raises(RuntimeError) do
|
|
55
|
+
@s.cve('e')
|
|
57
56
|
end
|
|
57
|
+
assert_equal('bad CVE name', err.message)
|
|
58
58
|
## correct CVE ID but bad year
|
|
59
|
-
assert_raises(RuntimeError) do
|
|
60
|
-
|
|
61
|
-
assert_equal(err.message, 'bad CVE year in ["CVE-2001-31337"]')
|
|
59
|
+
err = assert_raises(RuntimeError) do
|
|
60
|
+
@s.cve('CVE-1800-31337')
|
|
62
61
|
end
|
|
62
|
+
assert_equal('bad CVE year in ["CVE-1800-31337"]', err.message)
|
|
63
63
|
## correct CVE ID and year but unexisting CVE
|
|
64
64
|
assert_nil(@s.cve('CVE-2004-31337'))
|
|
65
65
|
## correct CVE ID and year but unexisting CVE with array arg
|
|
66
|
-
assert_raises(RuntimeError) do
|
|
67
|
-
|
|
68
|
-
assert_equal(err.message, 'CVE-2005-31337 are unexisting CVEs in this feed')
|
|
66
|
+
err = assert_raises(RuntimeError) do
|
|
67
|
+
@s.cve(['CVE-2004-31337', 'CVE-2005-31337'])
|
|
69
68
|
end
|
|
69
|
+
assert_equal('CVE-2005-31337 are unexisting CVEs in this feed', err.message)
|
|
70
70
|
## wrong arg type
|
|
71
|
-
assert_raises(RuntimeError) do
|
|
72
|
-
|
|
73
|
-
assert_equal(err.message, 'the provided argument (1) is nor a String or an Array')
|
|
71
|
+
err = assert_raises(RuntimeError) do
|
|
72
|
+
@s.cve(1)
|
|
74
73
|
end
|
|
74
|
+
assert_equal('the provided argument (1) is nor a String or an Array', err.message)
|
|
75
75
|
end
|
|
76
76
|
|
|
77
77
|
def test_scraper_update_feeds
|
|
@@ -87,10 +87,10 @@ class NVDAPITest < Minitest::Test
|
|
|
87
87
|
refute_empty(@s.update_feeds([f2017, f_modified]), 'update_feeds returns an empty array')
|
|
88
88
|
# bad arg
|
|
89
89
|
## wrong arg type
|
|
90
|
-
assert_raises(RuntimeError) do
|
|
91
|
-
|
|
92
|
-
assert_equal(err.message, 'the provided argument 1 is not a Feed or an Array')
|
|
90
|
+
err = assert_raises(RuntimeError) do
|
|
91
|
+
@s.update_feeds(1)
|
|
93
92
|
end
|
|
93
|
+
assert_equal(err.message, 'the provided argument 1 is not a Feed or an Array')
|
|
94
94
|
## empty array
|
|
95
95
|
assert_empty(@s.update_feeds([]))
|
|
96
96
|
end
|
|
@@ -102,7 +102,7 @@ class NVDAPITest < Minitest::Test
|
|
|
102
102
|
assert_instance_of(String, default_val, "default_storage_location doesn't return a string")
|
|
103
103
|
# check new value
|
|
104
104
|
new_val = '/srv/downloads/'
|
|
105
|
-
assert_equal(NVDFeedScraper::Feed.default_storage_location = new_val,
|
|
105
|
+
assert_equal(new_val, NVDFeedScraper::Feed.default_storage_location = new_val, 'the new value was not set properly')
|
|
106
106
|
# put the default value back / restore context
|
|
107
107
|
NVDFeedScraper::Feed.default_storage_location = default_val
|
|
108
108
|
end
|
|
@@ -116,7 +116,7 @@ class NVDAPITest < Minitest::Test
|
|
|
116
116
|
# Test name
|
|
117
117
|
assert_instance_of(String, f.name, "name doesn't return a string")
|
|
118
118
|
refute_empty(f.name, 'name is empty')
|
|
119
|
-
assert_equal(
|
|
119
|
+
assert_equal(name, f.name, 'The name of the feed was modified')
|
|
120
120
|
# Test updated
|
|
121
121
|
assert_instance_of(String, f.updated, "updated doesn't return a string")
|
|
122
122
|
refute_empty(f.updated, 'updated is empty')
|
|
@@ -127,15 +127,15 @@ class NVDAPITest < Minitest::Test
|
|
|
127
127
|
# Test gz_url
|
|
128
128
|
assert_instance_of(String, f.gz_url, "gz_url doesn't return a string")
|
|
129
129
|
refute_empty(f.gz_url, 'gz_url is empty')
|
|
130
|
-
assert_equal(
|
|
130
|
+
assert_equal(gz_url, f.gz_url, 'The gz_url of the feed was modified')
|
|
131
131
|
# Test zip_url
|
|
132
132
|
assert_instance_of(String, f.zip_url, "zip_url doesn't return a string")
|
|
133
133
|
refute_empty(f.zip_url, 'zip_url is empty')
|
|
134
|
-
assert_equal(
|
|
134
|
+
assert_equal(zip_url, f.zip_url, 'The zip_url url of the feed was modified')
|
|
135
135
|
# Test meta_url
|
|
136
136
|
assert_instance_of(String, f.meta_url, "meta_url doesn't return a string")
|
|
137
137
|
refute_empty(f.meta_url, 'meta_url is empty')
|
|
138
|
-
assert_equal(
|
|
138
|
+
assert_equal(meta_url, f.meta_url, 'The meta_url url of the feed was modified')
|
|
139
139
|
end
|
|
140
140
|
|
|
141
141
|
def test_feed_available_cves
|
|
@@ -149,31 +149,31 @@ class NVDAPITest < Minitest::Test
|
|
|
149
149
|
f = @s.feeds('CVE-2012')
|
|
150
150
|
f.json_pull
|
|
151
151
|
# one arg
|
|
152
|
-
assert_instance_of(Hash,
|
|
152
|
+
assert_instance_of(Hash, f.cve('CVE-2012-4969'), "cve doesn't return a hash")
|
|
153
153
|
# two args
|
|
154
|
-
assert_instance_of(Array,
|
|
155
|
-
refute_empty(
|
|
154
|
+
assert_instance_of(Array, f.cve('CVE-2012-4969', 'cve-2012-1889'), "cve doesn't return an array")
|
|
155
|
+
refute_empty(f.cve('CVE-2012-4969', 'cve-2012-1889'), 'cve returns an empty array')
|
|
156
156
|
# array arg
|
|
157
|
-
assert_instance_of(Array,
|
|
158
|
-
refute_empty(
|
|
157
|
+
assert_instance_of(Array, f.cve(['CVE-2012-4969', 'cve-2012-1889']), "cve doesn't return an array")
|
|
158
|
+
refute_empty(f.cve(['CVE-2012-4969', 'cve-2012-1889']), 'cve returns an empty array')
|
|
159
159
|
# bad arg
|
|
160
160
|
## string but not a CVE ID
|
|
161
|
-
assert_raises(RuntimeError) do
|
|
162
|
-
|
|
163
|
-
assert_equal(err.message, 'bad CVE name')
|
|
161
|
+
err = assert_raises(RuntimeError) do
|
|
162
|
+
f.cve('e')
|
|
164
163
|
end
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
164
|
+
assert_equal('bad CVE name (e)', err.message)
|
|
165
|
+
## bad year
|
|
166
|
+
assert_nil(f.cve('CVE-2004-31337'))
|
|
167
|
+
## bad year not in the feed with array arg
|
|
168
|
+
err = assert_raises(RuntimeError) do
|
|
169
|
+
f.cve(['CVE-2004-31337', 'CVE-2005-31337'])
|
|
171
170
|
end
|
|
171
|
+
assert_equal('CVE-2004-31337, CVE-2005-31337 are unexisting CVEs in this feed', err.message)
|
|
172
172
|
## wrong arg type
|
|
173
|
-
assert_raises(RuntimeError) do
|
|
174
|
-
|
|
175
|
-
assert_equal(err.message, 'the provided argument (1) is nor a String or an Array')
|
|
173
|
+
err = assert_raises(RuntimeError) do
|
|
174
|
+
f.cve(1)
|
|
176
175
|
end
|
|
176
|
+
assert_equal('the provided argument (1) is nor a String or an Array', err.message)
|
|
177
177
|
end
|
|
178
178
|
|
|
179
179
|
def test_feed_download_gz
|
|
@@ -208,19 +208,19 @@ class NVDAPITest < Minitest::Test
|
|
|
208
208
|
|
|
209
209
|
def test_meta_parse_noarg
|
|
210
210
|
m = NVDFeedScraper::Meta.new('https://static.nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2015.meta')
|
|
211
|
-
assert_equal(m.parse,
|
|
211
|
+
assert_equal(0, m.parse, 'parse method return nothing')
|
|
212
212
|
end
|
|
213
213
|
|
|
214
214
|
def test_meta_parse_witharg
|
|
215
215
|
m = NVDFeedScraper::Meta.new
|
|
216
216
|
meta_url = 'https://static.nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2015.meta'
|
|
217
|
-
assert_equal(m.parse(meta_url),
|
|
217
|
+
assert_equal(0, m.parse(meta_url), 'parse method return nothing')
|
|
218
218
|
end
|
|
219
219
|
|
|
220
220
|
def test_meta_url_setter
|
|
221
221
|
m = NVDFeedScraper::Meta.new
|
|
222
222
|
meta_url = 'https://static.nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2015.meta'
|
|
223
|
-
assert_equal(m.url = meta_url,
|
|
223
|
+
assert_equal(meta_url, m.url = meta_url, 'the meta URL is not set correctly')
|
|
224
224
|
end
|
|
225
225
|
|
|
226
226
|
def test_meta_attributes
|
|
@@ -243,7 +243,7 @@ class NVDAPITest < Minitest::Test
|
|
|
243
243
|
assert(m.size.match?(/[0-9]+/), 'Meta size is not an integer')
|
|
244
244
|
# Test url
|
|
245
245
|
assert_instance_of(String, m.url, "Meta url method doesn't return a string")
|
|
246
|
-
assert_equal(m.url,
|
|
246
|
+
assert_equal(meta_url, m.url, 'The Meta url was modified')
|
|
247
247
|
# Test zip_size
|
|
248
248
|
assert_instance_of(String, m.zip_size, "Meta zip_size method doesn't return a string")
|
|
249
249
|
assert(m.zip_size.match?(/[0-9]+/), 'Meta zip_size is not an integer')
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nvd_feed_api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 0.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Alexandre ZANNI
|
|
@@ -223,7 +223,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
223
223
|
version: '0'
|
|
224
224
|
requirements: []
|
|
225
225
|
rubyforge_project:
|
|
226
|
-
rubygems_version: 2.6.
|
|
226
|
+
rubygems_version: 2.6.14
|
|
227
227
|
signing_key:
|
|
228
228
|
specification_version: 4
|
|
229
229
|
summary: API for NVD CVE feeds
|