RubyGems - nvd_feed_api - Versions diffs - 0.3.1 → 0.5.0 - Mend

nvd_feed_api 0.3.1 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 158649a33021b95393055afc6861185443aeae4665cc6acd86814f29a866d8f0
-  data.tar.gz: 75ca47cdcece6352581ed8ddfe9339ce393e48199ba4c895e6e49e05e959b08b
+  metadata.gz: 0365df5462570fa4b9483e27ef5d6b7edf48cde8599c199932b86bda75c7790d
+  data.tar.gz: 52c270979c88f7154edd2c06f9dcec28c9fccffd3ff0606f6bda817a2f6ffd6a
 SHA512:
-  metadata.gz: 66c08b3167c12da6168331f84caa557d945ebb16c76e565cefa6ac44c7960e5eb8bae840a2231c16d2cc9ef982bd13eb9b68289dff66dbee4af0c115a45e20f4
-  data.tar.gz: 2729e066d04f9f29e9fd3fbd76c88cb3c208c2a82eab331e3202fca9a42a7f658d7645f7d3c17f5df770c54b1eb8e084b611f6e23eefab90c7e4cada90e114f0
+  metadata.gz: aceb9c1aa76e74ad7d87329900417abccd5c01f47a9fb76cdddf870e00654257dacf9506eb3b87e4cb9148a2ae2829191e2357ae56f4af4cd35b904073bb89fe
+  data.tar.gz: cfb064247356ab4f559d6b50cb997a7f332ab26f1172dafab8baf2ab5d30c204da7594a438b710e671204633cc77c6ca66a1c5f1056f2da721a69760b65faab8

data/.github/FUNDING.yml ADDED Viewed

@@ -0,0 +1,3 @@
+github: noraj
+issuehunt: noraj
+ko_fi: noraj

data/.gitlab-ci.yml CHANGED Viewed

@@ -15,7 +15,8 @@ before_script:
   # install make, gcc for building gem native extension (commonmarker)
   # libc-dev for musl-dev dependency (stdlib.h) needed by gcc
   - apk --no-cache add coreutils git make gcc libc-dev
-  - bundle install -j $(nproc) --path vendor # Install dependencies into ./vendor/ruby
+  - bundle config set path 'vendor' # Set dependencies install dir to ./vendor/ruby
+  - bundle install -j $(nproc) # Install dependencies into ./vendor/ruby
   - bundle exec rake install # install the gem
 # Anchors: https://docs.gitlab.com/ee/ci/yaml/README.html#anchors
@@ -25,25 +26,13 @@ before_script:
   - bundle exec rubocop
   - bundle exec rake test
-test:2.4:
+test:3.4:
   <<: *job_definition
-  image: ruby:2.4-alpine
-test:2.5:
-  <<: *job_definition
-  image: ruby:2.5-alpine
-test:2.6:
-  <<: *job_definition
-  image: ruby:2.6-alpine
-test:2.7:
-  <<: *job_definition
-  image: ruby:2.7-alpine
+  image: ruby:3.4-alpine
 pages:
   stage: deploy
-  image: ruby:2.4-alpine
+  image: ruby:3.4-alpine
   script:
     - bundle exec yard doc
     - mkdir public

data/.rubocop.yml CHANGED Viewed

@@ -1,6 +1,10 @@
 AllCops:
-  TargetRubyVersion: 2.7
+  TargetRubyVersion: 3.1
   NewCops: enable
+  SuggestExtensions: false
+plugins:
+  - rubocop-minitest
 Layout/HashAlignment:
   EnforcedHashRocketStyle: table
@@ -25,7 +29,7 @@ Metrics/ClassLength:
   Enabled: false
 Metrics/CyclomaticComplexity:
-  Max: 20
+  Max: 25
 Metrics/MethodLength:
   Max: 100
@@ -33,14 +37,17 @@ Metrics/MethodLength:
 Metrics/PerceivedComplexity:
   Enabled: false
+Minitest/MultipleAssertions:
+  Enabled: false
 Naming/VariableName:
   EnforcedStyle: snake_case
 Security/JSONLoad:
   Enabled: false
-Style/FrozenStringLiteralComment:
-  EnforcedStyle: never
+Style/CaseLikeIf:
+  Enabled: true
 Style/PerlBackrefs:
   AutoCorrect: false

data/.tool-versions CHANGED Viewed

	@@ -1 +1 @@
1	- ruby 2.7.1
1	+ ruby 3.4.1

data/.yardopts CHANGED Viewed

@@ -1,6 +1,8 @@
 --protected
 --private
 --output-dir doc/
+--markup markdown
+--markup-provider commonmarker
 -
 --main README.md
 LICENSE.txt

data/Gemfile CHANGED Viewed

@@ -1,4 +1,33 @@
+# frozen_string_literal: true
 source 'https://rubygems.org'
-# Specify your gem's dependencies in .gemspec
 gemspec
+group :runtime, :cli do
+  gem 'archive-zip', '~> 0.11'
+  gem 'nokogiri', '~> 1.11'
+  gem 'oj', '>= 3.7.8', '<4'
+end
+group :development, :install do
+  gem 'bundler', '~> 2.1'
+end
+group :development, :test do
+  gem 'minitest', '~> 5.25'
+  gem 'rake', '~> 13.2'
+end
+group :development, :lint do
+  gem 'rubocop', '~> 1.71'
+  gem 'rubocop-minitest', '~> 0.36'
+end
+group :development, :docs do
+  gem 'commonmarker', '~> 2.0' # for markdown support in YARD
+  gem 'logger', '< 2.0'
+  # gem 'yard', ['>= 0.9.27', '< 0.10']
+  # https://github.com/lsegal/yard/issues/1528
+  gem 'yard', github: 'ParadoxV5/yard', ref: '9e869c940859570b07b81c5eadd6070e76f6291e', branch: 'commonmarker-1.0'
+end

data/Gemfile.lock CHANGED Viewed

@@ -1,9 +1,17 @@
+GIT
+  remote: https://github.com/ParadoxV5/yard.git
+  revision: 9e869c940859570b07b81c5eadd6070e76f6291e
+  ref: 9e869c940859570b07b81c5eadd6070e76f6291e
+  branch: commonmarker-1.0
+  specs:
+    yard (0.9.36)
 PATH
   remote: .
   specs:
-    nvd_feed_api (0.3.1)
+    nvd_feed_api (0.5.0)
       archive-zip (~> 0.11)
-      nokogiri (~> 1.10)
+      nokogiri (~> 1.11)
       oj (>= 3.7.8, < 4)
 GEM
@@ -11,57 +19,100 @@ GEM
   specs:
     archive-zip (0.12.0)
       io-like (~> 0.3.0)
-    ast (2.4.1)
-    commonmarker (0.21.0)
-      ruby-enum (~> 0.5)
-    concurrent-ruby (1.1.7)
-    github-markup (3.0.4)
-    i18n (1.8.5)
-      concurrent-ruby (~> 1.0)
+    ast (2.4.3)
+    bigdecimal (3.1.9)
+    commonmarker (2.2.0)
+      rb_sys (~> 0.9)
+    commonmarker (2.2.0-aarch64-linux)
+    commonmarker (2.2.0-aarch64-linux-musl)
+    commonmarker (2.2.0-arm64-darwin)
+    commonmarker (2.2.0-x86_64-darwin)
+    commonmarker (2.2.0-x86_64-linux)
+    commonmarker (2.2.0-x86_64-linux-musl)
     io-like (0.3.1)
-    mini_portile2 (2.4.0)
-    minitest (5.14.2)
-    nokogiri (1.10.10)
-      mini_portile2 (~> 2.4.0)
-    oj (3.10.14)
-    parallel (1.19.2)
-    parser (2.7.1.5)
+    json (2.10.2)
+    language_server-protocol (3.17.0.4)
+    lint_roller (1.1.0)
+    logger (1.6.6)
+    minitest (5.25.5)
+    nokogiri (1.18.6-aarch64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.6-aarch64-linux-musl)
+      racc (~> 1.4)
+    nokogiri (1.18.6-arm-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.6-arm-linux-musl)
+      racc (~> 1.4)
+    nokogiri (1.18.6-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.18.6-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.18.6-x86_64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.6-x86_64-linux-musl)
+      racc (~> 1.4)
+    oj (3.16.10)
+      bigdecimal (>= 3.0)
+      ostruct (>= 0.2)
+    ostruct (0.6.1)
+    parallel (1.26.3)
+    parser (3.3.7.3)
       ast (~> 2.4.1)
-    rainbow (3.0.0)
-    rake (13.0.1)
-    redcarpet (3.5.0)
-    regexp_parser (1.8.1)
-    rexml (3.2.4)
-    rubocop (0.92.0)
+      racc
+    prism (1.4.0)
+    racc (1.8.1)
+    rainbow (3.1.1)
+    rake (13.2.1)
+    rake-compiler-dock (1.9.1)
+    rb_sys (0.9.111)
+      rake-compiler-dock (= 1.9.1)
+    regexp_parser (2.10.0)
+    rubocop (1.75.1)
+      json (~> 2.3)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.1.0)
       parallel (~> 1.10)
-      parser (>= 2.7.1.5)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.7)
-      rexml
-      rubocop-ast (>= 0.5.0)
+      regexp_parser (>= 2.9.3, < 3.0)
+      rubocop-ast (>= 1.43.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (0.7.1)
-      parser (>= 2.7.1.5)
-    ruby-enum (0.8.0)
-      i18n
-    ruby-progressbar (1.10.1)
-    unicode-display_width (1.7.0)
-    yard (0.9.25)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.43.0)
+      parser (>= 3.3.7.2)
+      prism (~> 1.4)
+    rubocop-minitest (0.37.1)
+      lint_roller (~> 1.1)
+      rubocop (>= 1.72.1, < 2.0)
+      rubocop-ast (>= 1.38.0, < 2.0)
+    ruby-progressbar (1.13.0)
+    unicode-display_width (3.1.4)
+      unicode-emoji (~> 4.0, >= 4.0.4)
+    unicode-emoji (4.0.4)
 PLATFORMS
-  ruby
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux-gnu
+  arm-linux-musl
+  arm64-darwin
+  x86_64-darwin
+  x86_64-linux-gnu
+  x86_64-linux-musl
 DEPENDENCIES
+  archive-zip (~> 0.11)
   bundler (~> 2.1)
-  commonmarker (~> 0.21)
-  github-markup (~> 3.0)
-  minitest (~> 5.14)
+  commonmarker (~> 2.0)
+  logger (< 2.0)
+  minitest (~> 5.25)
+  nokogiri (~> 1.11)
   nvd_feed_api!
-  rake (~> 13.0)
-  redcarpet (~> 3.5)
-  rubocop (~> 0.92)
-  yard (~> 0.9)
+  oj (>= 3.7.8, < 4)
+  rake (~> 13.2)
+  rubocop (~> 1.71)
+  rubocop-minitest (~> 0.36)
+  yard!
 BUNDLED WITH
-   2.1.4
+   2.6.2

data/Rakefile CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rake/testtask'
 require 'bundler/gem_tasks'

data/bin/nvd_feed_api CHANGED Viewed

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 require 'nvd_feed_api'

data/bin/nvd_feed_api_console CHANGED Viewed

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 require 'bundler/setup'
 require 'nvd_feed_api'

data/lib/nvd_feed_api/feed.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # Ruby internal
 require 'digest'
 require 'net/https'
@@ -13,7 +15,7 @@ class NVDFeedScraper
   class Feed
     class << self
       # Get / set default feed storage location, where will be stored JSON feeds and archives by default.
-      # @return [String] default feed storage location. Default to +/tmp/+.
+      # @return [String] default feed storage location. Default to `/tmp/`.
       # @example
       #   NVDFeedScraper::Feed.default_storage_location = '/srv/downloads/'
       attr_accessor :default_storage_location
@@ -69,11 +71,11 @@ class NVDFeedScraper
     #   f.json_file # => "/tmp/nvdcve-1.0-2014.json"
     attr_reader :json_file
-    # @return [String] the type of the feed, should always be +CVE+.
+    # @return [String] the type of the feed, should always be `CVE`.
     # @note Return nil if not previously loaded by {#json_pull}.
     attr_reader :data_type
-    # @return [String] the format of the feed, should always be +MITRE+.
+    # @return [String] the format of the feed, should always be `MITRE`.
     # @note Return nil if not previously loaded by {#json_pull}.
     attr_reader :data_format
@@ -96,7 +98,7 @@ class NVDFeedScraper
     # @param gz_url [String] see {#gz_url}.
     # @param zip_url [String] see {#zip_url}.
     def initialize(name, updated, meta_url, gz_url, zip_url)
-      # Frome meta file
+      # From meta file
       @name = name
       @updated = updated
       @meta_url = meta_url
@@ -146,7 +148,7 @@ class NVDFeedScraper
     # Download the JSON feed and fill the attribute.
     # @param opts [Hash] see {#download_file}.
     # @return [String] the path of the saved JSON file. Default use {Feed#default_storage_location}.
-    # @note Will downlaod and save the zip of the JSON file, unzip and save it. This massively consume time.
+    # @note Will download and save the zip of the JSON file, unzip and save it. This massively consume time.
     # @see #json_file
     def json_pull(opts = {})
       opts[:destination_path] ||= Feed.default_storage_location
@@ -229,7 +231,8 @@ class NVDFeedScraper
       raise 'no argument provided, 1 or more expected' if arg_cve.empty?
       if arg_cve.length == 1
-        if arg_cve[0].is_a?(String)
+        case arg_cve[0]
+        when String
           raise "bad CVE name (#{arg_cve[0]})" unless /^CVE-[0-9]{4}-[0-9]{4,}$/i.match?(arg_cve[0])
           doc = Oj::Doc.open(File.read(@json_file))
@@ -241,7 +244,7 @@ class NVDFeedScraper
             end
           end
           doc.close
-        elsif arg_cve[0].is_a?(Array)
+        when Array
           return_value = []
           # Sorting CVE can allow us to parse quicker
           # Upcase to be sure include? works
@@ -363,27 +366,23 @@ class NVDFeedScraper
       uri = URI(file_url)
       filename = uri.path.split('/').last
       destination_file = destination_path + filename
-      unless opts[:sha256].nil?
-        if File.file?(destination_file)
-          # Verify hash to see if it is the latest
-          computed_h = Digest::SHA256.file(destination_file)
-          skip_download = true if opts[:sha256].casecmp(computed_h.hexdigest).zero?
-        end
+      if !opts[:sha256].nil? && File.file?(destination_file)
+        # Verify hash to see if it is the latest
+        computed_h = Digest::SHA256.file(destination_file)
+        skip_download = true if opts[:sha256].casecmp(computed_h.hexdigest).zero?
       end
       unless skip_download
         res = Net::HTTP.get_response(uri)
         raise "#{file_url} ended with #{res.code} #{res.message}" unless res.is_a?(Net::HTTPSuccess)
-        File.open(destination_file, 'wb') do |file|
-          file.write(res.body)
-        end
+        File.binwrite(destination_file, res.body)
       end
       return destination_file
     end
     # Update the feed
     # @param fresh_feed [Feed] the fresh feed from which the feed will be updated.
-    # @return [Boolean] +true+ if the feed was updated, +false+ if it wasn't.
+    # @return [Boolean] `true` if the feed was updated, `false` if it wasn't.
     # @note Is not intended to be used directly, use {NVDFeedScraper#update_feeds} instead.
     def update!(fresh_feed)
       return_value = false

data/lib/nvd_feed_api/meta.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # Ruby internal
 require 'net/https'
@@ -76,17 +78,16 @@ class NVDFeedScraper
     # Parse the meta file from the URL and set the attributes.
     # @overload parse
     #   Parse the meta file from the URL and set the attributes.
-    #   @return [Integer] Returns +0+ when there is no error.
+    #   @return [Integer] Returns `0` when there is no error.
     # @overload parse(url)
     #   Set the URL of the meta file of the feed and
     #   parse the meta file from the URL and set the attributes.
     #   @param url [String] see {Feed.meta_url}
-    #   @return [Integer] Returns +0+ when there is no error.
+    #   @return [Integer] Returns `0` when there is no error.
     def parse(*arg)
-      if arg.empty?
-      elsif arg.length == 1 # arg = url
+      if arg.length == 1 # arg = url
         self.url = arg[0]
-      else
+      elsif arg.length > 1
         raise 'Too much arguments'
       end
@@ -96,7 +97,7 @@ class NVDFeedScraper
       meta = Net::HTTP.get(uri)
-      meta = Hash[meta.split.map { |x| x.split(':', 2) }]
+      meta = meta.split.to_h { |x| x.split(':', 2) }
       raise 'no lastModifiedDate attribute found' unless meta['lastModifiedDate']
       raise 'no valid size attribute found' unless /[0-9]+/.match?(meta['size'])

data/lib/nvd_feed_api/version.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module NvdFeedApi
-  VERSION = '0.3.1'.freeze
+  VERSION = '0.5.0'
 end

data/lib/nvd_feed_api.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # @author Alexandre ZANNI <alexandre.zanni@engineer.com>
 # Ruby internal
@@ -18,7 +20,7 @@ require 'nvd_feed_api/feed'
 #   scraper.feeds("CVE-2007")
 #   cve2007, cve2015 = scraper.feeds("CVE-2007", "CVE-2015")
 class NVDFeedScraper
-  BASE = 'https://nvd.nist.gov'.freeze
+  BASE = 'https://nvd.nist.gov'
   # The NVD url where is located the data feeds.
   URL = "#{BASE}/vuln/data-feeds".freeze
   # Load constants
@@ -42,14 +44,15 @@ class NVDFeedScraper
     tmp_feeds = {}
     doc.css('#vuln-feed-table table.xml-feed-table tr[data-testid]').each do |tr|
       num, type = tr.attr('data-testid')[13..].split('-')
-      if type == 'meta'
+      case type
+      when 'meta'
         tmp_feeds[num] = {}
         tmp_feeds[num][:name] = tr.css('td')[0].text
         tmp_feeds[num][:updated] = tr.css('td')[1].text
         tmp_feeds[num][:meta] = BASE + tr.css('td')[2].css('> a').attr('href').value
-      elsif type == 'gz'
+      when 'gz'
         tmp_feeds[num][:gz] = BASE + tr.css('td > a').attr('href').value
-      elsif type == 'zip'
+      when 'zip'
         tmp_feeds[num][:zip] = BASE + tr.css('td > a').attr('href').value
         @feeds.push(Feed.new(tmp_feeds[num][:name],
                              tmp_feeds[num][:updated],
@@ -90,12 +93,13 @@ class NVDFeedScraper
     if arg_feeds.empty?
       return_value = @feeds
     elsif arg_feeds.length == 1
-      if arg_feeds[0].is_a?(String)
+      case arg_feeds[0]
+      when String
         @feeds.each do |feed| # feed is an object
           return_value = feed if arg_feeds.include?(feed.name)
         end
         # if nothing found return nil
-      elsif arg_feeds[0].is_a?(Array)
+      when Array
         raise 'one of the provided arguments is not a String' unless arg_feeds[0].all? { |x| x.is_a?(String) }
         # Sorting CVE can allow us to parse quicker
@@ -130,11 +134,7 @@ class NVDFeedScraper
   def available_feeds
     raise 'call scrap method before using available_feeds method' if @feeds.nil?
-    feed_names = []
-    @feeds.each do |feed| # feed is an objet
-      feed_names.push(feed.name)
-    end
-    feed_names
+    @feeds.map(&:name)
   end
   # Search for CVE in all year feeds.
@@ -164,7 +164,8 @@ class NVDFeedScraper
     raise 'no argument provided, 1 or more expected' if arg_cve.empty?
     if arg_cve.length == 1
-      if arg_cve[0].is_a?(String)
+      case arg_cve[0]
+      when String
         raise 'bad CVE name' unless /^CVE-[0-9]{4}-[0-9]{4,}$/i.match?(arg_cve[0])
         year = /^CVE-([0-9]{4})-[0-9]{4,}$/i.match(arg_cve[0]).captures[0]
@@ -185,7 +186,7 @@ class NVDFeedScraper
         f = feeds(matched_feed)
         f.json_pull
         return_value = f.cve(arg_cve[0])
-      elsif arg_cve[0].is_a?(Array)
+      when Array
         raise 'one of the provided arguments is not a String' unless arg_cve[0].all? { |x| x.is_a?(String) }
         raise 'bad CVE name' unless arg_cve[0].all? { |x| /^CVE-[0-9]{4}-[0-9]{4,}$/i.match?(x) }
@@ -208,7 +209,7 @@ class NVDFeedScraper
         matched_feeds = feeds_to_match.intersection(feed_names)
         # and now that the intersection is done remove those virtual feeds and add CVE-2002 instead if needed
-        unless matched_feeds.intersection(virtual_feeds.to_set).empty?
+        if matched_feeds.intersect?(virtual_feeds.to_set)
           matched_feeds.subtract(virtual_feeds)
           matched_feeds.add('CVE-2002')
         end
@@ -216,9 +217,10 @@ class NVDFeedScraper
         feeds_arr.each do |feed|
           feed.json_pull
           cves_obj = feed.cve(cves_to_find.select { |cve| cve.include?(feed.name) })
-          if cves_obj.is_a?(Hash)
+          case cves_obj
+          when Hash
             return_value.push(cves_obj)
-          elsif cves_obj.is_a?(Array)
+          when Array
             return_value.push(*cves_obj)
           else
             raise 'cve() method of the feed instance returns wrong value'
@@ -238,16 +240,16 @@ class NVDFeedScraper
   # @overload update_feeds(feed)
   #   One feed.
   #   @param feed [Feed] feed object to update.
-  #   @return [Boolean] +true+ if the feed was updated, +false+ if it wasn't.
+  #   @return [Boolean] `true` if the feed was updated, `false` if it wasn't.
   # @overload update_feeds(feed_arr)
   #   An array of feed.
   #   @param feed_arr [Array<Feed>] array of feed objects to update.
-  #   @return [Array<Boolean>] +true+ if the feed was updated, +false+ if it wasn't.
+  #   @return [Array<Boolean>] `true` if the feed was updated, `false` if it wasn't.
   # @overload update_feeds(feed, *)
   #   Multiple feeds.
   #   @param feed [Feed] feed object to update.
   #   @param * [Feed] As many feed objects as you want.
-  #   @return [Array<Boolean>] +true+ if the feed was updated, +false+ if it wasn't.
+  #   @return [Array<Boolean>] `true` if the feed was updated, `false` if it wasn't.
   # @example
   #   s = NVDFeedScraper.new
   #   s.scrap
@@ -259,11 +261,12 @@ class NVDFeedScraper
     scrap
     if arg_feed.length == 1
-      if arg_feed[0].is_a?(Feed)
+      case arg_feed[0]
+      when Feed
         new_feed = feeds(arg_feed[0].name)
         # update attributes
         return_value = arg_feed[0].update!(new_feed)
-      elsif arg_feed[0].is_a?(Array)
+      when Array
         return_value = []
         arg_feed[0].each do |f|
           res = update_feeds(f)

data/nvd_feed_api.gemspec CHANGED Viewed

@@ -1,12 +1,11 @@
-lib = File.expand_path('lib', __dir__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'nvd_feed_api/version'
+# frozen_string_literal: true
+require_relative 'lib/nvd_feed_api/version'
 Gem::Specification.new do |s|
   s.name          = 'nvd_feed_api'
   s.version       = NvdFeedApi::VERSION
   s.platform      = Gem::Platform::RUBY
-  s.date          = '2020-10-03'
   s.summary       = 'API for NVD CVE feeds'
   s.description   = 'A simple API for NVD CVE feeds'
   s.authors       = ['Alexandre ZANNI']
@@ -16,31 +15,23 @@ Gem::Specification.new do |s|
   s.files         = `git ls-files`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
-  s.test_files    = s.files.grep(%r{^(test)/})
   s.require_paths = ['lib']
   s.metadata = {
-    'yard.run'          => 'yard',
-    'bug_tracker_uri'   => 'https://gitlab.com/noraj/nvd_api/issues',
-    'changelog_uri'     => 'https://noraj.gitlab.io/nvd_api/file.CHANGELOG.html',
-    'documentation_uri' => 'https://noraj.gitlab.io/nvd_api/',
-    'homepage_uri'      => 'https://noraj.gitlab.io/nvd_api/',
-    'source_code_uri'   => 'https://gitlab.com/noraj/nvd_api/tree/master',
-    'wiki_uri'          => 'https://gitlab.com/noraj/nvd_api/wikis/home'
+    'yard.run'              => 'yard',
+    'bug_tracker_uri'       => 'https://gitlab.com/noraj/nvd_api/issues',
+    'changelog_uri'         => 'https://noraj.gitlab.io/nvd_api/file.CHANGELOG.html',
+    'documentation_uri'     => 'https://noraj.gitlab.io/nvd_api/',
+    'homepage_uri'          => 'https://noraj.gitlab.io/nvd_api/',
+    'source_code_uri'       => 'https://gitlab.com/noraj/nvd_api/tree/master',
+    'wiki_uri'              => 'https://gitlab.com/noraj/nvd_api/wikis/home',
+    'funding_uri'           => 'https://github.com/sponsors/noraj',
+    'rubygems_mfa_required' => 'true'
   }
-  s.required_ruby_version = '~> 2.4'
+  s.required_ruby_version = ['>= 3.1.0', '< 4.0']
   s.add_dependency('archive-zip', '~> 0.11')
-  s.add_dependency('nokogiri', '~> 1.10')
+  s.add_dependency('nokogiri', '~> 1.11')
   s.add_dependency('oj', '>= 3.7.8', '<4')
-  s.add_development_dependency('bundler', '~> 2.1')
-  s.add_development_dependency('commonmarker', '~> 0.21') # for GMF support in YARD
-  s.add_development_dependency('github-markup', '~> 3.0') # for GMF support in YARD
-  s.add_development_dependency('minitest', '~> 5.14')
-  s.add_development_dependency('rake', '~> 13.0')
-  s.add_development_dependency('redcarpet', '~> 3.5') # for GMF support in YARD
-  s.add_development_dependency('rubocop', '~> 0.92')
-  s.add_development_dependency('yard', '~> 0.9')
 end

data/pages/CHANGELOG.md CHANGED Viewed

@@ -1,4 +1,24 @@
-# [0.3.0] - 22 January 2019
+# [0.5.0] - 30 March 2025
+- Breaking changes:
+  - Drop support for Ruby 2.7 and 3.0
+- Chore:
+  - Add support for Ruby 3.2 & 3.3 & 3.4
+  - Update dependencies
+  - Add freeze literal string comment
+# [0.4.0] - 31 January 2021
+- Dependencies:
+  - Update to yard [v0.9.27](https://github.com/lsegal/yard/releases/tag/v0.9.27)
+    - Move from Redcarpet to CommonMarker markdown provider
+    - Move doc syntax from Rdoc to markdown
+  - Move dev dependencies from gemspec to gemfile
+- Chore:
+  - Add support for Ruby 3.1
+  - Update rubocop rules
+# [0.3.1] - 13 October 2020
 [0.3.1]: https://gitlab.com/noraj/nvd_api/tags/v0.3.1
@@ -6,6 +26,8 @@
 - update dependencies
 - update rubocop rules
+# [0.3.0] - 22 January 2019
 [0.3.0]: https://gitlab.com/noraj/nvd_api/tags/v0.3.0
 - update dependencies: updated gemspec, ruby 2.6 support, fix gem doc flag, fix oj crash (seg fault)

data/test/test_nvd_feed_api.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'minitest/autorun'
 require 'nvd_feed_api'
 require 'date'
@@ -78,7 +80,7 @@ class NVDAPITest < Minitest::Test
     f2017, f2016, f_modified = @s.feeds('CVE-2017', 'CVE-2016', 'CVE-Modified')
     # one arg
     # can't use assert_instance_of because there is no boolean class
-    assert(['TrueClass', 'FalseClass'].include?(@s.update_feeds(f2017).class.to_s), "update_feeds doesn't return a boolean")
+    assert_includes(['TrueClass', 'FalseClass'], @s.update_feeds(f2017).class.to_s, "update_feeds doesn't return a boolean")
     # two args
     assert_instance_of(Array, @s.update_feeds(f2017, f2016), "update_feeds doesn't return an array")
     refute_empty(@s.update_feeds(f2017, f2016), 'update_feeds returns an empty array')
@@ -90,7 +92,7 @@ class NVDAPITest < Minitest::Test
     err = assert_raises(RuntimeError) do
       @s.update_feeds(1)
     end
-    assert_equal(err.message, 'the provided argument 1 is not a Feed or an Array')
+    assert_equal('the provided argument 1 is not a Feed or an Array', err.message)
     ## empty array
     assert_empty(@s.update_feeds([]))
   end
@@ -102,6 +104,7 @@ class NVDAPITest < Minitest::Test
     assert_instance_of(String, default_val, "default_storage_location doesn't return a string")
     # check new value
     new_val = '/srv/downloads/'
     assert_equal(new_val, NVDFeedScraper::Feed.default_storage_location = new_val, 'the new value was not set properly')
     # put the default value back / restore context
     NVDFeedScraper::Feed.default_storage_location = default_val
@@ -137,10 +140,12 @@ class NVDAPITest < Minitest::Test
     # Test json_file
     assert_nil(f.json_file)
     f.json_pull
     assert_instance_of(String, f.json_file, "json_file doesn't return a string")
     refute_empty(f.json_file, 'json_file is empty')
     # Test meta (after json_pull)
     f.meta_pull
     assert_instance_of(NVDFeedScraper::Meta, f.meta, "meta doesn't return a Meta object")
     # Test data (require json_pull)
@@ -161,6 +166,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_available_cves
     f = @s.feeds('CVE-2011')
     f.json_pull
     assert_instance_of(Array, f.available_cves, "available_cves doesn't return an array")
     refute_empty(f.available_cves, 'available_cves returns an empty array')
   end
@@ -199,6 +205,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_download_gz
     f = @s.feeds('CVE-2013')
     return_value = f.download_gz
     assert_instance_of(String, return_value, "download_gz doesn't return a string")
     refute_empty(return_value, 'download_gz returns an empty string')
     assert(File.file?(return_value), 'download_gz returns an unexisting file')
@@ -207,6 +214,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_download_zip
     f = @s.feeds('CVE-2003')
     return_value = f.download_zip
     assert_instance_of(String, return_value, "download_zip doesn't return a string")
     refute_empty(return_value, 'download_zip returns an empty string')
     assert(File.file?(return_value), 'download_zip returns an unexisting file')
@@ -215,6 +223,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_json_pull
     f = @s.feeds('CVE-2004')
     return_value = f.json_pull
     assert_instance_of(String, return_value, "json_pull doesn't return a string")
     refute_empty(return_value, 'json_pull returns an empty string')
     assert(File.file?(return_value), 'json_pull returns an unexisting file')
@@ -222,6 +231,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_meta_pull
     f = @s.feeds('CVE-2005')
     assert_instance_of(NVDFeedScraper::Meta, f.meta_pull, "meta_pull doesn't return a Meta object")
   end
@@ -231,7 +241,7 @@ class NVDAPITest < Minitest::Test
     f_new = @s.feeds('CVE-2006')
     # Right arg
     # can't use assert_instance_of because there is no boolean class
-    assert(['TrueClass', 'FalseClass'].include?(f.update!(f_new).class.to_s), "update! doesn't return a boolean")
+    assert_includes(['TrueClass', 'FalseClass'], f.update!(f_new).class.to_s, "update! doesn't return a boolean")
     # Bad arg
     err = assert_raises(RuntimeError) do
       f.update!('bad_arg')
@@ -241,18 +251,21 @@ class NVDAPITest < Minitest::Test
   def test_meta_parse_noarg
     m = NVDFeedScraper::Meta.new('https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.meta')
     assert_equal(0, m.parse, 'parse method return nothing')
   end
   def test_meta_parse_witharg
     m = NVDFeedScraper::Meta.new
     meta_url = 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.meta'
     assert_equal(0, m.parse(meta_url), 'parse method return nothing')
   end
   def test_meta_url_setter
     m = NVDFeedScraper::Meta.new
     meta_url = 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.meta'
     assert_equal(meta_url, m.url = meta_url, 'the meta URL is not set correctly')
   end
@@ -263,22 +276,22 @@ class NVDAPITest < Minitest::Test
     m.parse
     # Test gz_size
     assert_instance_of(String, m.gz_size, "Meta gz_size method doesn't return a string")
-    assert(m.gz_size.match?(/[0-9]+/), 'Meta gz_size is not an integer')
+    assert_match(/[0-9]+/, m.gz_size, 'Meta gz_size is not an integer')
     # Test last_modified_date
     assert_instance_of(String, m.last_modified_date, "Meta last_modified_date method doesn't return a string")
     ## Date and time of day for calendar date (extended) '%FT%T%:z'
     assert(Date.rfc3339(m.last_modified_date), 'Meta last_modified_date is not a rfc3339 date')
     # Test sha256
     assert_instance_of(String, m.sha256, "Meta sha256 method doesn't return a string")
-    assert(m.sha256.match?(/[0-9A-F]{64}/), 'Meta sha256 is not a sha256 string matching /[0-9A-F]{64}/')
+    assert_match(/[0-9A-F]{64}/, m.sha256, 'Meta sha256 is not a sha256 string matching /[0-9A-F]{64}/')
     # Test size
     assert_instance_of(String, m.size, "Meta size method doesn't return a string")
-    assert(m.size.match?(/[0-9]+/), 'Meta size is not an integer')
+    assert_match(/[0-9]+/, m.size, 'Meta size is not an integer')
     # Test url
     assert_instance_of(String, m.url, "Meta url method doesn't return a string")
     assert_equal(meta_url, m.url, 'The Meta url was modified')
     # Test zip_size
     assert_instance_of(String, m.zip_size, "Meta zip_size method doesn't return a string")
-    assert(m.zip_size.match?(/[0-9]+/), 'Meta zip_size is not an integer')
+    assert_match(/[0-9]+/, m.zip_size, 'Meta zip_size is not an integer')
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: nvd_feed_api
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.5.0
 platform: ruby
 authors:
 - Alexandre ZANNI
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-10-03 00:00:00.000000000 Z
+date: 2025-03-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: archive-zip
@@ -30,14 +29,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.10'
+        version: '1.11'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.10'
+        version: '1.11'
 - !ruby/object:Gem::Dependency
   name: oj
   requirement: !ruby/object:Gem::Requirement
@@ -58,118 +57,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '4'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
-- !ruby/object:Gem::Dependency
-  name: commonmarker
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.21'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.21'
-- !ruby/object:Gem::Dependency
-  name: github-markup
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.14'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.14'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '13.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '13.0'
-- !ruby/object:Gem::Dependency
-  name: redcarpet
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.92'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.92'
-- !ruby/object:Gem::Dependency
-  name: yard
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.9'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.9'
 description: A simple API for NVD CVE feeds
 email: alexandre.zanni@europe.com
 executables:
@@ -179,6 +66,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/FUNDING.yml"
 - ".gitignore"
 - ".gitlab-ci.yml"
 - ".gitlab/CONTRIBUTING.md"
@@ -218,24 +106,26 @@ metadata:
   homepage_uri: https://noraj.gitlab.io/nvd_api/
   source_code_uri: https://gitlab.com/noraj/nvd_api/tree/master
   wiki_uri: https://gitlab.com/noraj/nvd_api/wikis/home
-post_install_message:
+  funding_uri: https://github.com/sponsors/noraj
+  rubygems_mfa_required: 'true'
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - "~>"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: 3.1.0
+  - - "<"
+    - !ruby/object:Gem::Version
+      version: '4.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key:
+rubygems_version: 3.6.2
 specification_version: 4
 summary: API for NVD CVE feeds
-test_files:
-- test/test_nvd_feed_api.rb
+test_files: []