paraxial 0.9.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/paraxial/checker.rb +54 -18
  3. data/lib/paraxial/cli.rb +6 -1
  4. data/lib/paraxial/helpers.rb +8 -0
  5. data/lib/paraxial/version.rb +1 -1
  6. data/lib/paraxial.rb +12 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0a6510720489f0277f96eef42e60e10e7f3958ab6a3763aa3941c022c497a314
4
- data.tar.gz: 497e56a5048f7b6cbb5d2238e5d9059a66cec676dde27d9474faaaee6a5d0fb6
3
+ metadata.gz: 51de7f085eec9d82f197fbad24ff3f18554f3faf16218a6fcbc0181815b9eb92
4
+ data.tar.gz: 577e903cbdb3a2730b47fb0078046c9e808737dac5b7538e2b02dd7d02a46db1
5
5
  SHA512:
6
- metadata.gz: 64182cfa8039d867bbc5e113e5f421a3e1141e833790222c52ae6191099289fbd056cef3163442c949db576d1de76402c8d5196fd05da46169e34f64de77ab71
7
- data.tar.gz: 7fbc2ed7db3b3afb3d43a935e667d4ffc26464034c7070f8d15ba28db03c9ee5fb1fc327d56005ecefd615a39845cc8fe5f5e5aa92975186b3c9f3b615c1410b
6
+ metadata.gz: d77946aedb02e58860ce5be2c651acf438e77189c4349f0847e5a5fb32f560b366d31b376f66f880bc2e52c8cee37cfbd2a62f80a72c900a5923c7353a915abe
7
+ data.tar.gz: 3cf38d2d6726f074f7fc38898942030c820d51338109549ce73f2f832ab41d9f703026019ef1e9f8f7e68ad2ed8d4426a561ad34fa2f805fb1481eb5cd3b686c
data/lib/paraxial/checker.rb CHANGED
@@ -5,6 +5,7 @@ module Paraxial
5
5
  @bans = { 'v4' => Patricia.new, 'v6' => Patricia.new(:AF_INET6) }
6
6
  @buffer = Queue.new
7
7
  @mutex = Mutex.new
8
+ @headers = { 'Content-Type': 'application/json' }
8
9
 
9
10
  if Paraxial::Helpers.get_api_key
10
11
  @thread = Thread.new do
@@ -44,11 +45,8 @@ module Paraxial
44
45
  puts "[Paraxial] HTTP ingest not supported on free tier"
45
46
  else
46
47
  Thread.new do
47
- uri = URI.parse(Paraxial::Helpers.get_ingest_url) # Replace with your endpoint
48
- headers = { 'Content-Type': 'application/json' }
49
- resp = Net::HTTP.post(uri, body.to_json, headers)
50
- puts "ingest_url resp.code: #{resp.code}"
51
- puts resp.body
48
+ uri = URI.parse(Paraxial::Helpers.get_ingest_url)
49
+ Net::HTTP.post(uri, body.to_json, @headers)
52
50
  end
53
51
  end
54
52
  end
@@ -56,11 +54,10 @@ module Paraxial
56
54
 
57
55
  def self.get_abr
58
56
  uri = URI.parse(Paraxial::Helpers.get_abr_url)
59
- headers = { 'Content-Type': 'application/json' }
60
57
 
61
58
  body = { api_key: Paraxial::Helpers.get_api_key }
62
59
  begin
63
- r = Net::HTTP.post(uri, body.to_json, headers)
60
+ r = Net::HTTP.post(uri, body.to_json, @headers)
64
61
  if r.code == '200'
65
62
  put_abr(JSON.parse(r.body))
66
63
  else
@@ -132,7 +129,57 @@ module Paraxial
132
129
  end
133
130
  end
134
131
 
132
+ def self.ban_ip_msg(ip, length, msg)
133
+ if allow_ip?(ip) == true
134
+ local_ban(ip)
135
+
136
+ uri = URI.parse(Paraxial::Helpers.get_ruby_ban_url)
137
+ body =
138
+ {
139
+ bad_ip: ip,
140
+ ban_length: length,
141
+ msg: msg,
142
+ api_key: Paraxial::Helpers.get_api_key
143
+ }
144
+ r = Net::HTTP.post(uri, body.to_json, @headers)
145
+ if r.code == '200'
146
+ :ok
147
+ else
148
+ :error
149
+ end
150
+ else
151
+ :already_banned
152
+ end
153
+ end
154
+
155
+ def self.honeypot_ban(ip, length)
156
+ local_ban(ip)
157
+
158
+ uri = URI.parse(Paraxial::Helpers.get_honeypot_url)
159
+
160
+ body = { api_key: Paraxial::Helpers.get_api_key, bad_ip: ip, ban_length: length }
161
+ r = Net::HTTP.post(uri, body.to_json, @headers)
162
+ if r.code == '200'
163
+ :ok
164
+ else
165
+ :error
166
+ end
167
+ end
168
+
135
169
  def self.ban_ip(ip)
170
+ local_ban(ip)
171
+ uri = URI.parse(Paraxial::Helpers.get_ban_url)
172
+
173
+ body = { api_key: Paraxial::Helpers.get_api_key, ip_address: ip }
174
+ r = Net::HTTP.post(uri, body.to_json, @headers)
175
+ if r.code == '200'
176
+ :ok
177
+ else
178
+ :error
179
+ end
180
+ end
181
+
182
+ def self.local_ban(ip)
136
183
  if ip.include?('.')
137
184
  # IPv4
138
185
  current_t = @bans['v4']
@@ -144,17 +191,6 @@ module Paraxial
144
191
  current_t.add(ip)
145
192
  @bans['v6'] = current_t
146
193
  end
147
-
148
- uri = URI.parse(Paraxial::Helpers.get_ban_url)
149
- headers = { 'Content-Type': 'application/json' }
150
-
151
- body = { api_key: Paraxial::Helpers.get_api_key, ip_address: ip }
152
- r = Net::HTTP.post(uri, body.to_json, headers)
153
- if r.code == '200'
154
- :ok
155
- else
156
- :error
157
- end
158
194
  end
159
195
 
160
196
  def self.allow_ip?(ip)
data/lib/paraxial/cli.rb CHANGED
@@ -15,6 +15,7 @@ module Paraxial
15
15
  option :repo_owner, type: :string, desc: 'Repository owner'
16
16
  option :repo_name, type: :string, desc: 'Repository name'
17
17
  option :pr_number, type: :numeric, desc: 'Pull request number'
18
+ option :exit_code, type: :boolean, default: false, desc: 'Non-zero exit code if findings > 0'
18
19
 
19
20
  def scan
20
21
  puts '[Paraxial] Scan starting...'
@@ -27,7 +28,6 @@ module Paraxial
27
28
  puts '- rubocop-erb'
28
29
  end
29
30
 
30
-
31
31
  if Paraxial::Helpers.get_api_key.nil?
32
32
  puts '[Paraxial] Environment variable PARAXIAL_API_KEY not found'
33
33
  else
@@ -36,6 +36,7 @@ module Paraxial
36
36
  repo_owner = options[:repo_owner]
37
37
  repo_name = options[:repo_name]
38
38
  pr_number = options[:pr_number]
39
+ exit_code = options[:exit_code]
39
40
 
40
41
  cops = 'Paraxial,Security/Eval,Security/IoMethods,Security/JSONLoad,Security/MarshalLoad,Security/Open,Security/YAMLLoad'
41
42
  rubocop = `rubocop --require paraxial --only #{cops} --disable-pending-cops --format json`
@@ -95,6 +96,10 @@ module Paraxial
95
96
  else
96
97
  :ok
97
98
  end
99
+
100
+ if exit_code and (findings.length > 0)
101
+ exit(1)
102
+ end
98
103
  end
99
104
  end
100
105
 
data/lib/paraxial/helpers.rb CHANGED
@@ -24,6 +24,14 @@ module Paraxial
24
24
  get_paraxial_url + '/api/ingest'
25
25
  end
26
26
 
27
+ def self.get_honeypot_url
28
+ get_paraxial_url + '/api/honeypot_ban_x'
29
+ end
30
+
31
+ def self.get_ruby_ban_url
32
+ get_paraxial_url + '/api/ruby_ban_x'
33
+ end
34
+
27
35
  def self.get_api_key
28
36
  @paraxial_api_key ||= ENV['PARAXIAL_API_KEY']
29
37
  end
data/lib/paraxial/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Paraxial
4
- VERSION = '0.9.0'
4
+ VERSION = '1.0.0'
5
5
  end
data/lib/paraxial.rb CHANGED
@@ -59,7 +59,6 @@ module Paraxial
59
59
  cloud_ip: request.env['paraxial.cloud_ip'],
60
60
  host: request.host
61
61
  }
62
- puts req_hash
63
62
  Paraxial::Checker.req_to_buff(req_hash)
64
63
  end
65
64
 
@@ -127,6 +126,18 @@ module Paraxial
127
126
  Paraxial::Checker.ban_ip(ip)
128
127
  end
129
128
 
129
+ def self.ban_ip_msg(ip, length, msg)
130
+ return if Paraxial::Helpers.get_api_key.nil?
131
+
132
+ Paraxial::Checker.ban_ip_msg(ip, length, msg)
133
+ end
134
+
135
+ def self.honeypot_ban(ip, length = :week)
136
+ return if Paraxial::Helpers.get_api_key.nil?
137
+
138
+ Paraxial::Checker.honeypot_ban(ip, length)
139
+ end
140
+
130
141
  def self.allow_ip?(ip)
131
142
  return if Paraxial::Helpers.get_api_key.nil?
132
143
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: paraxial
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.0
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael Lubas
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-09-21 00:00:00.000000000 Z
11
+ date: 2024-09-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec