nvd_feed_api 0.0.1.rc1 → 0.0.1.rc2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitlab/CONTRIBUTING.md +62 -0
- data/.gitlab/issue_templates/Bug.md +55 -0
- data/.gitlab/issue_templates/Feature_proposal.md +9 -0
- data/.gitlab/merge_request_templates/MR.md +33 -0
- data/.yardopts +2 -0
- data/README.md +25 -0
- data/lib/nvd_feed_api/version.rb +1 -1
- data/nvd_feed_api.gemspec +1 -1
- data/pages/CHANGELOG.md +13 -0
- data/pages/FEATURES.md +4 -1
- metadata +7 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 399f43e1084ccaf37e24f3e6ae3120ac46d996cd
|
4
|
+
data.tar.gz: ae571e859af8dd3ab2ebf513ed47d2c8378ae3a3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7c72c2f54e450767e66cc5160d14e65926657965f03b15203672b626b4ce4ef8e9e40a10cfaf9c889aea519ecc4a82b693cfcc8a9d85de030a2e5987ab2bab67
|
7
|
+
data.tar.gz: a69171db74778011170bca420c7a4b215ad1313db7163b3f1f745e659f48980e9ab4bebcd54627dc7595b43d8c44f844fd71e97eaff741f4c2904b308c51ddcc
|
@@ -0,0 +1,62 @@
|
|
1
|
+
# Contributing
|
2
|
+
|
3
|
+
We love contributions from everyone.
|
4
|
+
By participating in this project,
|
5
|
+
you agree to abide by the [thoughtbot][covenant] code of conduct and the [covenant][covenant] code of conduct.
|
6
|
+
|
7
|
+
[thoughtbot]: https://thoughtbot.com/open-source-code-of-conduct
|
8
|
+
[covenant]: https://www.contributor-covenant.org/
|
9
|
+
|
10
|
+
# Issue
|
11
|
+
|
12
|
+
See [bug](issue_templates/Bug.md) or [Feature proposal](issue_templates/Feature_proposal.md) issue templates.
|
13
|
+
|
14
|
+
I borrow the [issue guidelines of the YARD project](https://github.com/lsegal/yard/blob/master/CONTRIBUTING.md).
|
15
|
+
|
16
|
+
## Filing a Bug Report
|
17
|
+
|
18
|
+
If you believe you have found a bug, please include a few things in your report:
|
19
|
+
|
20
|
+
1. **A minimal reproduction of the issue.** Providing a huge blob of code is better than nothing, but providing the shortest possible set of instructions is even better. Take out any instructions or code that, when removed, have no effect on the problematic behavior. The easier your bug is to triage and diagnose, the higher up in the priority list it will go. We can do this stuff, but limited time means this may not happen immediately. Make your bug report extremely accessible and you will almost guarantee a quick fix.
|
21
|
+
2. **Your environment and relevant versions.** Please include your Ruby, nvd_feed_api, and system versions (including OS) when reporting a bug. This makes it easier to diagnose problems. If the issue or stack trace includes another library, consider also listing any dependencies that may be affecting the issue. This is where a minimal reproduction case helps a lot.
|
22
|
+
3. **Your expected result.** Tell us what you think should happen. This helps us to understand the context of your problem. Many complex features can contain ambiguous usage, and your use case may differ from the intended one. If we know your expectations, we can more easily determine if the behavior is intentional or not.
|
23
|
+
|
24
|
+
Finally, please **DO NOT** submit a report that states a feature simply "does not work" without any additional information in the report. Consider the issue from the maintainer's perspective: in order to fix your bug, we need to drill down to the broken line of code, and in order to do this, we must be able to reproduce the issue on our end to find that line of code. The easier we can do this, the quicker your bug gets fixed. Help us help you by providing as much information as you possibly can. We may not have the tools or environment to properly diagnose your issue, so your help may be required to debug the issue.
|
25
|
+
|
26
|
+
Also **consider opening a merge request** to fix the issue yourself if you can. This will likely speed up the fix time significantly.
|
27
|
+
|
28
|
+
## Asking a Question
|
29
|
+
|
30
|
+
Question or discussion about an idea are accepted.
|
31
|
+
|
32
|
+
## Asking for a Feature
|
33
|
+
|
34
|
+
Feature proposal are accepted.
|
35
|
+
|
36
|
+
Also **consider opening a merge request** to fix the issue yourself if you can. This will likely speed up the fix time significantly.
|
37
|
+
|
38
|
+
# Merge Request
|
39
|
+
|
40
|
+
See the [merge request](merge_request_templates/MR.md) template.
|
41
|
+
|
42
|
+
I borrow the [merge request guidelines of the YARD project](https://github.com/lsegal/yard/blob/master/CONTRIBUTING.md).
|
43
|
+
|
44
|
+
## Making a Change via Merge Request
|
45
|
+
|
46
|
+
If you've been working on a patch or feature that you want in nvd_feed_api, here are some tips to ensure the quickest turnaround time on getting it merged in:
|
47
|
+
|
48
|
+
1. **Keep your changes small.** If your feature is large, consider splitting it up into smaller portions and submit pull requests for each component individually. Feel free to describe this in your first MR or on the mailing list, but note that it will be much easier to review changes if they affect smaller portions of code at a time.
|
49
|
+
2. **Keep commits brief and clean**: nvd_feed_api uses Git and tries to maintain a clean repository. Please ensure that you use commit conventions to make things nice and neat both in the description and commit history. Specifically, consider squashing commits if you have partial or complete reverts of code. Each commit should provide an atomic change that moves the project forwards, not back. Any changes that only fix other parts of your MR should be hidden from the commit history.
|
50
|
+
3. **Follow our coding conventions.** nvd_feed_api uses typical Ruby source formatting, though it occasionally has minor differences with other projects you may have seen. Please look through a few files (at least the file you are editing) to ensure that you are consistent in the formatting your MR is using.
|
51
|
+
4. **Make sure you have tests.** Not all changes require tests, but if your changes involve code, you should consider adding at least one new test case for your change (and ideally a couple of tests). This will add confidence when reviewing and will make accepting the change much easier.
|
52
|
+
5. **Make sure ALL the tests pass.** nvd_feed_api has a fairly large suite of tests. Please make sure you can run all of the tests (bundle exec rake) prior to submitting your MR. Please also remember that nvd_feed_api supports a number of environments, and a number of older Ruby versions, so if you can test under these environments, that helps (but is not required). At the very least, be aware of this fact when submitting code.
|
53
|
+
|
54
|
+
If your change is large, consider opening an issue to ask a question or starting a discussion; we will be happy to have a conversation and let you know if the feature would be considered. They usually are, but it might be prudent to ask first!
|
55
|
+
|
56
|
+
## Security vulnerability disclosure
|
57
|
+
|
58
|
+
Please report suspected security vulnerabilities in private to `alexandre.zanni@europe.com`. Please do NOT create publicly viewable issues for suspected security vulnerabilities or open an issue and be sure to check the box **This issue is confidential and should only be visible to team members with at least Reporter access.**.
|
59
|
+
|
60
|
+
## Maintainers
|
61
|
+
|
62
|
+
**Interested in helping to maintain nvd_feed_api?** Email `alexandre.zanni@europe.com` for more information. Offering to be a project maintainer is an important contribution to open source software, and your work will be highly valued in the community. If you have been a contributor, consider being a member of the core team to help handle day-to-day operations, such as releases, bug fixes, and triage. You can do some of this as a non-maintainer too, but if you like this project, we can always use more hands on deck!
|
@@ -0,0 +1,55 @@
|
|
1
|
+
Provide a general summary of the issue in the Title above
|
2
|
+
|
3
|
+
Please read this!
|
4
|
+
|
5
|
+
Before opening a new issue, make sure to search for keywords in the issues
|
6
|
+
filtered by the "regression" or "bug" label, and verify the issue you're about to submit isn't a duplicate.
|
7
|
+
|
8
|
+
Please remove this notice if you're confident your issue isn't a duplicate.
|
9
|
+
|
10
|
+
------
|
11
|
+
|
12
|
+
### Summary
|
13
|
+
|
14
|
+
(Summarize the bug encountered concisely)
|
15
|
+
|
16
|
+
### Steps to reproduce
|
17
|
+
|
18
|
+
(How one can reproduce the issue - this is very important)
|
19
|
+
|
20
|
+
### What is the current *bug* behavior?
|
21
|
+
|
22
|
+
(What actually happens)
|
23
|
+
|
24
|
+
### What is the expected *correct* behavior?
|
25
|
+
|
26
|
+
(What you should see instead)
|
27
|
+
|
28
|
+
### Relevant logs and/or screenshots
|
29
|
+
|
30
|
+
(Paste any relevant logs - please use code blocks (```) to format console output,
|
31
|
+
logs, and code as it's very hard to read otherwise.)
|
32
|
+
|
33
|
+
### Possible fixes
|
34
|
+
|
35
|
+
(If you can, link to the line of code that might be responsible for the problem,
|
36
|
+
suggest a fix/reason for the bug, or ideas how to implement the addition
|
37
|
+
or change )
|
38
|
+
|
39
|
+
## Context
|
40
|
+
|
41
|
+
(How has this issue affected you? What are you trying to accomplish?)
|
42
|
+
(Providing context helps us come up with a solution that is most useful in the real world)
|
43
|
+
|
44
|
+
## Your Environment
|
45
|
+
|
46
|
+
(Include as many relevant details about the environment you experienced the bug in)
|
47
|
+
* Version used:
|
48
|
+
+ Version (stable release) `gem query nvd_feed_api`
|
49
|
+
+ Commit ID (development release) `git --no-pager log -1`
|
50
|
+
* Ruby version: `ruby -v`
|
51
|
+
* Operating System and version:
|
52
|
+
* Relevant software dependency/versions:
|
53
|
+
* Any 3rd party libs required to reproduce, omit if none
|
54
|
+
|
55
|
+
/label ~bug
|
@@ -0,0 +1,33 @@
|
|
1
|
+
### What does this MR do?
|
2
|
+
|
3
|
+
### Are there points in the code the reviewer needs to double check?
|
4
|
+
|
5
|
+
### Why was this MR needed?
|
6
|
+
|
7
|
+
### Screenshots (if relevant)
|
8
|
+
|
9
|
+
## Types of changes
|
10
|
+
|
11
|
+
What types of changes does your code introduce? Put an `x` in all the boxes that apply:
|
12
|
+
- [ ] Bug fix (non-breaking change which fixes an issue)
|
13
|
+
- [ ] New feature (non-breaking change which adds functionality)
|
14
|
+
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
|
15
|
+
|
16
|
+
### Does this MR meet the acceptance criteria?
|
17
|
+
|
18
|
+
(Go over all the following points, and put an `x` in all the boxes that apply.)
|
19
|
+
(If you're unsure about any of these, don't hesitate to ask. We're here to help!)
|
20
|
+
|
21
|
+
* [ ] I have read the [**CONTRIBUTING**](../CONTRIBUTING.md) document.
|
22
|
+
* [ ] Changelog entry added, if necessary
|
23
|
+
* [ ] Documentation created/updated
|
24
|
+
* [ ] Tests added for this feature/bug
|
25
|
+
* [ ] All new and existing tests passed
|
26
|
+
* [ ] Conform by the style guides (0 issue with rubocop / codacy)
|
27
|
+
* [ ] [Squashed related commits together](https://git-scm.com/book/en/v2/Git-Tools-Rewriting-History#_squashing)
|
28
|
+
|
29
|
+
### Related issues
|
30
|
+
|
31
|
+
(This project only accepts pull requests related to open issues)
|
32
|
+
(If suggesting a new feature or change, please discuss it in an issue first)
|
33
|
+
(If fixing a bug, there should be an issue describing it with steps to reproduce)
|
data/.yardopts
CHANGED
data/README.md
CHANGED
@@ -1,11 +1,36 @@
|
|
1
1
|
[![Codacy Badge](https://api.codacy.com/project/badge/Grade/e595382d940a4c6b9439325b9e50d398)](https://www.codacy.com/app/noraj1337/nvd_api?utm_source=github.com&utm_medium=referral&utm_content=noraj1337/nvd_api&utm_campaign=Badge_Grade)
|
2
|
+
[![Gem Version](https://badge.fury.io/rb/nvd_feed_api.svg)](https://badge.fury.io/rb/nvd_feed_api)
|
2
3
|
|
3
4
|
# nvd_feed_api
|
4
5
|
|
6
|
+
**nvd_feed_api** is a simple ruby API for NVD CVE feeds.
|
7
|
+
|
8
|
+
The API will help you to download and manage NVD Data Feeds, search for CVEs, build your vulerability assesment platform or vulnerability database.
|
9
|
+
|
5
10
|
Name | Link
|
6
11
|
--- | ---
|
7
12
|
Website | [link](#)
|
13
|
+
Documentation | [link](http://www.rubydoc.info/gems/nvd_feed_api/)
|
14
|
+
Gem | [link](https://rubygems.org/gems/nvd_feed_api)
|
8
15
|
Git repository | [link](https://gitlab.com/noraj/nvd_api)
|
9
16
|
Merge Requests | [link](https://gitlab.com/noraj/nvd_api/merge_requests)
|
10
17
|
Issues | [link](https://gitlab.com/noraj/nvd_api/issues)
|
11
18
|
Wiki | [link](https://gitlab.com/noraj/nvd_api/wikis/home)
|
19
|
+
|
20
|
+
{include:file:pages/FEATURES.md}
|
21
|
+
|
22
|
+
# Installation
|
23
|
+
|
24
|
+
See installation steps for {file:pages/INSTALL.md#Production production / users} or {file:pages/INSTALL.md#Development development / developers}.
|
25
|
+
|
26
|
+
# Examples
|
27
|
+
|
28
|
+
Some frequent use cases can be found on the {file:pages/EXAMPLES.md example page}.
|
29
|
+
|
30
|
+
# Contributing
|
31
|
+
|
32
|
+
See {file:.gitlab/CONTRIBUTING.md the contribution guidelines}.
|
33
|
+
|
34
|
+
# License
|
35
|
+
|
36
|
+
See {file:LICENSE.txt}.
|
data/lib/nvd_feed_api/version.rb
CHANGED
data/nvd_feed_api.gemspec
CHANGED
@@ -23,7 +23,7 @@ Gem::Specification.new do |s|
|
|
23
23
|
'yard.run' => 'yard',
|
24
24
|
'bug_tracker_uri' => 'https://gitlab.com/noraj/nvd_api/issues',
|
25
25
|
'changelog_uri' => '',
|
26
|
-
'documentation_uri' => '',
|
26
|
+
'documentation_uri' => 'http://www.rubydoc.info/gems/nvd_feed_api/',
|
27
27
|
'homepage_uri' => '',
|
28
28
|
'source_code_uri' => 'https://gitlab.com/noraj/nvd_api/tree/master',
|
29
29
|
'wiki_uri' => 'https://gitlab.com/noraj/nvd_api/wikis/home'
|
data/pages/CHANGELOG.md
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
# [0.0.1.rc2] - 4 Jauary 2017
|
2
|
+
|
3
|
+
[0.0.1.rc2]: https://gitlab.com/noraj/nvd_api/tags/v0.0.1.rc2
|
4
|
+
|
5
|
+
- Add some contribution guidelines, issue and MR templates.
|
6
|
+
- Improve the README to be a good entrypoint.
|
7
|
+
- Improve the FEATURES.
|
8
|
+
|
9
|
+
# [0.0.1.rc1] - 4 Jauary 2017
|
10
|
+
|
11
|
+
[0.0.1.rc1]: https://gitlab.com/noraj/nvd_api/tags/v0.0.1.rc1
|
12
|
+
|
13
|
+
- First release.
|
data/pages/FEATURES.md
CHANGED
@@ -2,8 +2,11 @@
|
|
2
2
|
|
3
3
|
More than data feed file management and downloading `nvd_feed_api` let you search for CVEs and automate a lot of tasks.
|
4
4
|
|
5
|
-
+ **
|
5
|
+
+ **24/7**: the scraper can run 24/7 without being restarted thanks to update methods
|
6
6
|
+ **Documentation**: an API documentation with example is provided
|
7
|
+
+ **FOSS**: Free and open-source software of course
|
7
8
|
+ **Offline loading**: JSON feed files can be manually downloaded from the NVD website and put in the `destination_path` so:
|
8
9
|
- you can safely restart the scraper without having to re-download all feeds
|
9
10
|
- you can re-use already downloaded files in case of several scraper deployment
|
11
|
+
+ **Quality**: we use [rubocop](http://rubocop.readthedocs.io/) and [codacy](https://www.codacy.com/)
|
12
|
+
+ **Simple**: available as a gem and easy to install
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nvd_feed_api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.1.
|
4
|
+
version: 0.0.1.rc2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Alexandre ZANNI
|
@@ -160,6 +160,10 @@ extensions: []
|
|
160
160
|
extra_rdoc_files: []
|
161
161
|
files:
|
162
162
|
- ".gitignore"
|
163
|
+
- ".gitlab/CONTRIBUTING.md"
|
164
|
+
- ".gitlab/issue_templates/Bug.md"
|
165
|
+
- ".gitlab/issue_templates/Feature_proposal.md"
|
166
|
+
- ".gitlab/merge_request_templates/MR.md"
|
163
167
|
- ".rubocop.yml"
|
164
168
|
- ".yardopts"
|
165
169
|
- Gemfile
|
@@ -172,6 +176,7 @@ files:
|
|
172
176
|
- lib/nvd_feed_api.rb
|
173
177
|
- lib/nvd_feed_api/version.rb
|
174
178
|
- nvd_feed_api.gemspec
|
179
|
+
- pages/CHANGELOG.md
|
175
180
|
- pages/EXAMPLES.md
|
176
181
|
- pages/FEATURES.md
|
177
182
|
- pages/INSTALL.md
|
@@ -183,7 +188,7 @@ metadata:
|
|
183
188
|
yard.run: yard
|
184
189
|
bug_tracker_uri: https://gitlab.com/noraj/nvd_api/issues
|
185
190
|
changelog_uri: ''
|
186
|
-
documentation_uri:
|
191
|
+
documentation_uri: http://www.rubydoc.info/gems/nvd_feed_api/
|
187
192
|
homepage_uri: ''
|
188
193
|
source_code_uri: https://gitlab.com/noraj/nvd_api/tree/master
|
189
194
|
wiki_uri: https://gitlab.com/noraj/nvd_api/wikis/home
|