nvd_feed_api 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d03fa81fd296a62aba7a9356b3c41135851febb254af4db13758c5b76475739f
-  data.tar.gz: c0d716121dccaeaee6944ccd3e0d85cf59854084ae68d0f7347fb678dc4760bf
+  metadata.gz: 0365df5462570fa4b9483e27ef5d6b7edf48cde8599c199932b86bda75c7790d
+  data.tar.gz: 52c270979c88f7154edd2c06f9dcec28c9fccffd3ff0606f6bda817a2f6ffd6a
 SHA512:
-  metadata.gz: b5bef50a5709e8bd53a138110e80f6a5ee34d02f5849e1a3d9add0c9573e963926adbdf6eeb610b75d04d25d285b4450b8e99aa724582d382ed072ef46c89a8a
-  data.tar.gz: 7be0a9191d6efb0e7a80e7a868d8d019186268008473e3e731fe9e4e3e1d21b85b7cc6189c912d5315495dbb12dbaaa688ca077823ba844a01d91b11696ae954
+  metadata.gz: aceb9c1aa76e74ad7d87329900417abccd5c01f47a9fb76cdddf870e00654257dacf9506eb3b87e4cb9148a2ae2829191e2357ae56f4af4cd35b904073bb89fe
+  data.tar.gz: cfb064247356ab4f559d6b50cb997a7f332ab26f1172dafab8baf2ab5d30c204da7594a438b710e671204633cc77c6ca66a1c5f1056f2da721a69760b65faab8

data/.gitlab-ci.yml

@@ -15,7 +15,8 @@ before_script:
   # install make, gcc for building gem native extension (commonmarker)
   # libc-dev for musl-dev dependency (stdlib.h) needed by gcc
   - apk --no-cache add coreutils git make gcc libc-dev
-  - bundle install -j $(nproc) --path vendor # Install dependencies into ./vendor/ruby
+  - bundle config set path 'vendor' # Set dependencies install dir to ./vendor/ruby
+  - bundle install -j $(nproc) # Install dependencies into ./vendor/ruby
   - bundle exec rake install # install the gem
 
 # Anchors: https://docs.gitlab.com/ee/ci/yaml/README.html#anchors
@@ -25,17 +26,13 @@ before_script:
   - bundle exec rubocop
   - bundle exec rake test
 
-#test:2.4:
-#  <<: *job_definition
-#  image: ruby:2.4-alpine
-
-test:3.1:
+test:3.4:
   <<: *job_definition
-  image: ruby:3.1-alpine
+  image: ruby:3.4-alpine
 
 pages:
   stage: deploy
-  image: ruby:3.1-alpine
+  image: ruby:3.4-alpine
   script:
     - bundle exec yard doc
     - mkdir public

data/.rubocop.yml

@@ -1,6 +1,10 @@
 AllCops:
-  TargetRubyVersion: 2.7
+  TargetRubyVersion: 3.1
   NewCops: enable
+  SuggestExtensions: false
+
+plugins:
+  - rubocop-minitest
 
 Layout/HashAlignment:
   EnforcedHashRocketStyle: table
@@ -33,6 +37,9 @@ Metrics/MethodLength:
 Metrics/PerceivedComplexity:
   Enabled: false
 
+Minitest/MultipleAssertions:
+  Enabled: false
+
 Naming/VariableName:
   EnforcedStyle: snake_case
 
@@ -42,9 +49,6 @@ Security/JSONLoad:
 Style/CaseLikeIf:
   Enabled: true
 
-Style/FrozenStringLiteralComment:
-  EnforcedStyle: never
-
 Style/PerlBackrefs:
   AutoCorrect: false
 

data/.tool-versions

@@ -1 +1 @@
-ruby 3.1.0
+ruby 3.4.1

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 gemspec
@@ -13,15 +15,19 @@ group :development, :install do
 end
 
 group :development, :test do
-  gem 'minitest', '~> 5.12'
-  gem 'rake', '~> 13.0'
+  gem 'minitest', '~> 5.25'
+  gem 'rake', '~> 13.2'
 end
 
 group :development, :lint do
-  gem 'rubocop', '~> 1.23'
+  gem 'rubocop', '~> 1.71'
+  gem 'rubocop-minitest', '~> 0.36'
 end
 
 group :development, :docs do
-  gem 'commonmarker', '~> 0.21' # for markdown support in YARD
-  gem 'yard', ['>= 0.9.27', '< 0.10']
+  gem 'commonmarker', '~> 2.0' # for markdown support in YARD
+  gem 'logger', '< 2.0'
+  # gem 'yard', ['>= 0.9.27', '< 0.10']
+  # https://github.com/lsegal/yard/issues/1528
+  gem 'yard', github: 'ParadoxV5/yard', ref: '9e869c940859570b07b81c5eadd6070e76f6291e', branch: 'commonmarker-1.0'
 end

data/Gemfile.lock

@@ -1,7 +1,15 @@
+GIT
+  remote: https://github.com/ParadoxV5/yard.git
+  revision: 9e869c940859570b07b81c5eadd6070e76f6291e
+  ref: 9e869c940859570b07b81c5eadd6070e76f6291e
+  branch: commonmarker-1.0
+  specs:
+    yard (0.9.36)
+
 PATH
   remote: .
   specs:
-    nvd_feed_api (0.4.0)
+    nvd_feed_api (0.5.0)
       archive-zip (~> 0.11)
       nokogiri (~> 1.11)
       oj (>= 3.7.8, < 4)
@@ -11,54 +19,100 @@ GEM
   specs:
     archive-zip (0.12.0)
       io-like (~> 0.3.0)
-    ast (2.4.2)
-    commonmarker (0.23.2)
+    ast (2.4.3)
+    bigdecimal (3.1.9)
+    commonmarker (2.2.0)
+      rb_sys (~> 0.9)
+    commonmarker (2.2.0-aarch64-linux)
+    commonmarker (2.2.0-aarch64-linux-musl)
+    commonmarker (2.2.0-arm64-darwin)
+    commonmarker (2.2.0-x86_64-darwin)
+    commonmarker (2.2.0-x86_64-linux)
+    commonmarker (2.2.0-x86_64-linux-musl)
     io-like (0.3.1)
-    mini_portile2 (2.7.1)
-    minitest (5.15.0)
-    nokogiri (1.13.1)
-      mini_portile2 (~> 2.7.0)
+    json (2.10.2)
+    language_server-protocol (3.17.0.4)
+    lint_roller (1.1.0)
+    logger (1.6.6)
+    minitest (5.25.5)
+    nokogiri (1.18.6-aarch64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.6-aarch64-linux-musl)
+      racc (~> 1.4)
+    nokogiri (1.18.6-arm-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.6-arm-linux-musl)
+      racc (~> 1.4)
+    nokogiri (1.18.6-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.18.6-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.18.6-x86_64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.18.6-x86_64-linux-musl)
       racc (~> 1.4)
-    oj (3.13.10)
-    parallel (1.21.0)
-    parser (3.0.3.2)
+    oj (3.16.10)
+      bigdecimal (>= 3.0)
+      ostruct (>= 0.2)
+    ostruct (0.6.1)
+    parallel (1.26.3)
+    parser (3.3.7.3)
       ast (~> 2.4.1)
-    racc (1.6.0)
-    rainbow (3.0.0)
-    rake (13.0.6)
-    regexp_parser (2.2.0)
-    rexml (3.2.5)
-    rubocop (1.24.1)
+      racc
+    prism (1.4.0)
+    racc (1.8.1)
+    rainbow (3.1.1)
+    rake (13.2.1)
+    rake-compiler-dock (1.9.1)
+    rb_sys (0.9.111)
+      rake-compiler-dock (= 1.9.1)
+    regexp_parser (2.10.0)
+    rubocop (1.75.1)
+      json (~> 2.3)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.1.0)
       parallel (~> 1.10)
-      parser (>= 3.0.0.0)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.15.1, < 2.0)
+      regexp_parser (>= 2.9.3, < 3.0)
+      rubocop-ast (>= 1.43.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.15.1)
-      parser (>= 3.0.1.1)
-    ruby-progressbar (1.11.0)
-    unicode-display_width (2.1.0)
-    webrick (1.7.0)
-    yard (0.9.27)
-      webrick (~> 1.7.0)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.43.0)
+      parser (>= 3.3.7.2)
+      prism (~> 1.4)
+    rubocop-minitest (0.37.1)
+      lint_roller (~> 1.1)
+      rubocop (>= 1.72.1, < 2.0)
+      rubocop-ast (>= 1.38.0, < 2.0)
+    ruby-progressbar (1.13.0)
+    unicode-display_width (3.1.4)
+      unicode-emoji (~> 4.0, >= 4.0.4)
+    unicode-emoji (4.0.4)
 
 PLATFORMS
-  ruby
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux-gnu
+  arm-linux-musl
+  arm64-darwin
+  x86_64-darwin
+  x86_64-linux-gnu
+  x86_64-linux-musl
 
 DEPENDENCIES
   archive-zip (~> 0.11)
   bundler (~> 2.1)
-  commonmarker (~> 0.21)
-  minitest (~> 5.12)
+  commonmarker (~> 2.0)
+  logger (< 2.0)
+  minitest (~> 5.25)
   nokogiri (~> 1.11)
   nvd_feed_api!
   oj (>= 3.7.8, < 4)
-  rake (~> 13.0)
-  rubocop (~> 1.23)
-  yard (>= 0.9.27, < 0.10)
+  rake (~> 13.2)
+  rubocop (~> 1.71)
+  rubocop-minitest (~> 0.36)
+  yard!
 
 BUNDLED WITH
-   2.3.6
+   2.6.2

data/Rakefile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rake/testtask'
 require 'bundler/gem_tasks'
 

data/bin/nvd_feed_api

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
 require 'nvd_feed_api'
 

data/bin/nvd_feed_api_console

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
 require 'bundler/setup'
 require 'nvd_feed_api'

data/lib/nvd_feed_api/feed.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Ruby internal
 require 'digest'
 require 'net/https'

data/lib/nvd_feed_api/meta.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Ruby internal
 require 'net/https'
 

data/lib/nvd_feed_api/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module NvdFeedApi
-  VERSION = '0.4.0'.freeze
+  VERSION = '0.5.0'
 end

data/lib/nvd_feed_api.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # @author Alexandre ZANNI <alexandre.zanni@engineer.com>
 
 # Ruby internal
@@ -18,7 +20,7 @@ require 'nvd_feed_api/feed'
 #   scraper.feeds("CVE-2007")
 #   cve2007, cve2015 = scraper.feeds("CVE-2007", "CVE-2015")
 class NVDFeedScraper
-  BASE = 'https://nvd.nist.gov'.freeze
+  BASE = 'https://nvd.nist.gov'
   # The NVD url where is located the data feeds.
   URL = "#{BASE}/vuln/data-feeds".freeze
   # Load constants
@@ -132,11 +134,7 @@ class NVDFeedScraper
   def available_feeds
     raise 'call scrap method before using available_feeds method' if @feeds.nil?
 
-    feed_names = []
-    @feeds.each do |feed| # feed is an objet
-      feed_names.push(feed.name)
-    end
-    feed_names
+    @feeds.map(&:name)
   end
 
   # Search for CVE in all year feeds.
@@ -211,7 +209,7 @@ class NVDFeedScraper
 
         matched_feeds = feeds_to_match.intersection(feed_names)
         # and now that the intersection is done remove those virtual feeds and add CVE-2002 instead if needed
-        unless matched_feeds.intersection(virtual_feeds.to_set).empty?
+        if matched_feeds.intersect?(virtual_feeds.to_set)
           matched_feeds.subtract(virtual_feeds)
           matched_feeds.add('CVE-2002')
         end

data/nvd_feed_api.gemspec

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative 'lib/nvd_feed_api/version'
 
 Gem::Specification.new do |s|
@@ -13,7 +15,6 @@ Gem::Specification.new do |s|
 
   s.files         = `git ls-files`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
-  s.test_files    = s.files.grep(%r{^(test)/})
   s.require_paths = ['lib']
 
   s.metadata = {
@@ -24,10 +25,11 @@ Gem::Specification.new do |s|
     'homepage_uri'          => 'https://noraj.gitlab.io/nvd_api/',
     'source_code_uri'       => 'https://gitlab.com/noraj/nvd_api/tree/master',
     'wiki_uri'              => 'https://gitlab.com/noraj/nvd_api/wikis/home',
+    'funding_uri'           => 'https://github.com/sponsors/noraj',
     'rubygems_mfa_required' => 'true'
   }
 
-  s.required_ruby_version = ['>= 2.7.0', '< 3.2']
+  s.required_ruby_version = ['>= 3.1.0', '< 4.0']
 
   s.add_dependency('archive-zip', '~> 0.11')
   s.add_dependency('nokogiri', '~> 1.11')

data/pages/CHANGELOG.md

@@ -1,4 +1,11 @@
-# [unreleased]
+# [0.5.0] - 30 March 2025
+
+- Breaking changes:
+  - Drop support for Ruby 2.7 and 3.0
+- Chore:
+  - Add support for Ruby 3.2 & 3.3 & 3.4
+  - Update dependencies
+  - Add freeze literal string comment
 
 # [0.4.0] - 31 January 2021
 

data/test/test_nvd_feed_api.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'minitest/autorun'
 require 'nvd_feed_api'
 require 'date'
@@ -78,7 +80,7 @@ class NVDAPITest < Minitest::Test
     f2017, f2016, f_modified = @s.feeds('CVE-2017', 'CVE-2016', 'CVE-Modified')
     # one arg
     # can't use assert_instance_of because there is no boolean class
-    assert(['TrueClass', 'FalseClass'].include?(@s.update_feeds(f2017).class.to_s), "update_feeds doesn't return a boolean")
+    assert_includes(['TrueClass', 'FalseClass'], @s.update_feeds(f2017).class.to_s, "update_feeds doesn't return a boolean")
     # two args
     assert_instance_of(Array, @s.update_feeds(f2017, f2016), "update_feeds doesn't return an array")
     refute_empty(@s.update_feeds(f2017, f2016), 'update_feeds returns an empty array')
@@ -90,7 +92,7 @@ class NVDAPITest < Minitest::Test
     err = assert_raises(RuntimeError) do
       @s.update_feeds(1)
     end
-    assert_equal(err.message, 'the provided argument 1 is not a Feed or an Array')
+    assert_equal('the provided argument 1 is not a Feed or an Array', err.message)
     ## empty array
     assert_empty(@s.update_feeds([]))
   end
@@ -102,6 +104,7 @@ class NVDAPITest < Minitest::Test
     assert_instance_of(String, default_val, "default_storage_location doesn't return a string")
     # check new value
     new_val = '/srv/downloads/'
+
     assert_equal(new_val, NVDFeedScraper::Feed.default_storage_location = new_val, 'the new value was not set properly')
     # put the default value back / restore context
     NVDFeedScraper::Feed.default_storage_location = default_val
@@ -137,10 +140,12 @@ class NVDAPITest < Minitest::Test
     # Test json_file
     assert_nil(f.json_file)
     f.json_pull
+
     assert_instance_of(String, f.json_file, "json_file doesn't return a string")
     refute_empty(f.json_file, 'json_file is empty')
     # Test meta (after json_pull)
     f.meta_pull
+
     assert_instance_of(NVDFeedScraper::Meta, f.meta, "meta doesn't return a Meta object")
 
     # Test data (require json_pull)
@@ -161,6 +166,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_available_cves
     f = @s.feeds('CVE-2011')
     f.json_pull
+
     assert_instance_of(Array, f.available_cves, "available_cves doesn't return an array")
     refute_empty(f.available_cves, 'available_cves returns an empty array')
   end
@@ -199,6 +205,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_download_gz
     f = @s.feeds('CVE-2013')
     return_value = f.download_gz
+
     assert_instance_of(String, return_value, "download_gz doesn't return a string")
     refute_empty(return_value, 'download_gz returns an empty string')
     assert(File.file?(return_value), 'download_gz returns an unexisting file')
@@ -207,6 +214,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_download_zip
     f = @s.feeds('CVE-2003')
     return_value = f.download_zip
+
     assert_instance_of(String, return_value, "download_zip doesn't return a string")
     refute_empty(return_value, 'download_zip returns an empty string')
     assert(File.file?(return_value), 'download_zip returns an unexisting file')
@@ -215,6 +223,7 @@ class NVDAPITest < Minitest::Test
   def test_feed_json_pull
     f = @s.feeds('CVE-2004')
     return_value = f.json_pull
+
     assert_instance_of(String, return_value, "json_pull doesn't return a string")
     refute_empty(return_value, 'json_pull returns an empty string')
     assert(File.file?(return_value), 'json_pull returns an unexisting file')
@@ -222,6 +231,7 @@ class NVDAPITest < Minitest::Test
 
   def test_feed_meta_pull
     f = @s.feeds('CVE-2005')
+
     assert_instance_of(NVDFeedScraper::Meta, f.meta_pull, "meta_pull doesn't return a Meta object")
   end
 
@@ -231,7 +241,7 @@ class NVDAPITest < Minitest::Test
     f_new = @s.feeds('CVE-2006')
     # Right arg
     # can't use assert_instance_of because there is no boolean class
-    assert(['TrueClass', 'FalseClass'].include?(f.update!(f_new).class.to_s), "update! doesn't return a boolean")
+    assert_includes(['TrueClass', 'FalseClass'], f.update!(f_new).class.to_s, "update! doesn't return a boolean")
     # Bad arg
     err = assert_raises(RuntimeError) do
       f.update!('bad_arg')
@@ -241,18 +251,21 @@ class NVDAPITest < Minitest::Test
 
   def test_meta_parse_noarg
     m = NVDFeedScraper::Meta.new('https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.meta')
+
     assert_equal(0, m.parse, 'parse method return nothing')
   end
 
   def test_meta_parse_witharg
     m = NVDFeedScraper::Meta.new
     meta_url = 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.meta'
+
     assert_equal(0, m.parse(meta_url), 'parse method return nothing')
   end
 
   def test_meta_url_setter
     m = NVDFeedScraper::Meta.new
     meta_url = 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.meta'
+
     assert_equal(meta_url, m.url = meta_url, 'the meta URL is not set correctly')
   end
 
@@ -263,22 +276,22 @@ class NVDAPITest < Minitest::Test
     m.parse
     # Test gz_size
     assert_instance_of(String, m.gz_size, "Meta gz_size method doesn't return a string")
-    assert(m.gz_size.match?(/[0-9]+/), 'Meta gz_size is not an integer')
+    assert_match(/[0-9]+/, m.gz_size, 'Meta gz_size is not an integer')
     # Test last_modified_date
     assert_instance_of(String, m.last_modified_date, "Meta last_modified_date method doesn't return a string")
     ## Date and time of day for calendar date (extended) '%FT%T%:z'
     assert(Date.rfc3339(m.last_modified_date), 'Meta last_modified_date is not a rfc3339 date')
     # Test sha256
     assert_instance_of(String, m.sha256, "Meta sha256 method doesn't return a string")
-    assert(m.sha256.match?(/[0-9A-F]{64}/), 'Meta sha256 is not a sha256 string matching /[0-9A-F]{64}/')
+    assert_match(/[0-9A-F]{64}/, m.sha256, 'Meta sha256 is not a sha256 string matching /[0-9A-F]{64}/')
     # Test size
     assert_instance_of(String, m.size, "Meta size method doesn't return a string")
-    assert(m.size.match?(/[0-9]+/), 'Meta size is not an integer')
+    assert_match(/[0-9]+/, m.size, 'Meta size is not an integer')
     # Test url
     assert_instance_of(String, m.url, "Meta url method doesn't return a string")
     assert_equal(meta_url, m.url, 'The Meta url was modified')
     # Test zip_size
     assert_instance_of(String, m.zip_size, "Meta zip_size method doesn't return a string")
-    assert(m.zip_size.match?(/[0-9]+/), 'Meta zip_size is not an integer')
+    assert_match(/[0-9]+/, m.zip_size, 'Meta zip_size is not an integer')
   end
 end

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: nvd_feed_api
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Alexandre ZANNI
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-01-31 00:00:00.000000000 Z
+date: 2025-03-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: archive-zip
@@ -107,8 +106,8 @@ metadata:
   homepage_uri: https://noraj.gitlab.io/nvd_api/
   source_code_uri: https://gitlab.com/noraj/nvd_api/tree/master
   wiki_uri: https://gitlab.com/noraj/nvd_api/wikis/home
+  funding_uri: https://github.com/sponsors/noraj
   rubygems_mfa_required: 'true'
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -116,19 +115,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.7.0
+      version: 3.1.0
   - - "<"
     - !ruby/object:Gem::Version
-      version: '3.2'
+      version: '4.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.3
-signing_key:
+rubygems_version: 3.6.2
 specification_version: 4
 summary: API for NVD CVE feeds
-test_files:
-- test/test_nvd_feed_api.rb
+test_files: []