puppet-lint-infrasecure 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +81 -0
  3. data/lib/puppet-lint/linter.rb +132 -0
  4. data/lib/puppet-lint/plugins/check_admin_by_default.rb +26 -0
  5. data/lib/puppet-lint/plugins/check_cyrillic_homograph_attack.rb +19 -0
  6. data/lib/puppet-lint/plugins/check_empty_password.rb +26 -0
  7. data/lib/puppet-lint/plugins/check_hard_coded_secret.rb +31 -0
  8. data/lib/puppet-lint/plugins/check_invalid_ip_addr_binding.rb +23 -0
  9. data/lib/puppet-lint/plugins/check_malicious_dependency.rb +24 -0
  10. data/lib/puppet-lint/plugins/check_suspicious_comment.rb +19 -0
  11. data/lib/puppet-lint/plugins/check_use_http_without_tls.rb +27 -0
  12. data/lib/puppet-lint/plugins/check_use_of_weak_crypto_algorithm.rb +21 -0
  13. data/lib/puppet-lint/plugins/check_weak_password.rb +27 -0
  14. data/lib/puppet-lint-infrasecure/config/dependencies.yml +33 -0
  15. data/lib/puppet-lint-infrasecure/config/whitelist +19 -0
  16. data/lib/puppet-lint-infrasecure/dependencies/activemq.json +407 -0
  17. data/lib/puppet-lint-infrasecure/dependencies/apt.json +453 -0
  18. data/lib/puppet-lint-infrasecure/dependencies/cassandra.json +122 -0
  19. data/lib/puppet-lint-infrasecure/dependencies/docker.json +200 -0
  20. data/lib/puppet-lint-infrasecure/dependencies/elasticsearch.json +32 -0
  21. data/lib/puppet-lint-infrasecure/dependencies/gitlab.json +1161 -0
  22. data/lib/puppet-lint-infrasecure/dependencies/grafana.json +31 -0
  23. data/lib/puppet-lint-infrasecure/dependencies/haproxy.json +159 -0
  24. data/lib/puppet-lint-infrasecure/dependencies/jenkins.json +876 -0
  25. data/lib/puppet-lint-infrasecure/dependencies/jira.json +460 -0
  26. data/lib/puppet-lint-infrasecure/dependencies/kafka.json +32 -0
  27. data/lib/puppet-lint-infrasecure/dependencies/kubernetes.json +123 -0
  28. data/lib/puppet-lint-infrasecure/dependencies/mongodb.json +156 -0
  29. data/lib/puppet-lint-infrasecure/dependencies/mysql.json +14549 -0
  30. data/lib/puppet-lint-infrasecure/dependencies/nagios_core.json +8 -0
  31. data/lib/puppet-lint-infrasecure/dependencies/nginx.json +1322 -0
  32. data/lib/puppet-lint-infrasecure/dependencies/nodejs.json +247 -0
  33. data/lib/puppet-lint-infrasecure/dependencies/ntp.json +2163 -0
  34. data/lib/puppet-lint-infrasecure/dependencies/openstack.json +447 -0
  35. data/lib/puppet-lint-infrasecure/dependencies/openvpn.json +816 -0
  36. data/lib/puppet-lint-infrasecure/dependencies/postgresql.json +4256 -0
  37. data/lib/puppet-lint-infrasecure/dependencies/puppet_agent.json +23 -0
  38. data/lib/puppet-lint-infrasecure/dependencies/python.json +1134 -0
  39. data/lib/puppet-lint-infrasecure/dependencies/rabbitmq.json +602 -0
  40. data/lib/puppet-lint-infrasecure/dependencies/redis.json +51 -0
  41. data/lib/puppet-lint-infrasecure/dependencies/ruby.json +487 -0
  42. data/lib/puppet-lint-infrasecure/dependencies/sqlite.json +52 -0
  43. data/lib/puppet-lint-infrasecure/dependencies/systemd.json +180 -0
  44. data/lib/puppet-lint-infrasecure/dependencies/tomcat.json +8635 -0
  45. data/lib/puppet-lint-infrasecure/dependencies/vault.json +14 -0
  46. data/lib/puppet-lint-infrasecure/dependencies/wget.json +129 -0
  47. data/lib/puppet-lint-infrasecure/dependencies/yum.json +14 -0
  48. data/lib/puppet-lint-infrasecure/dependencies/zabbix.json +940 -0
  49. data/lib/puppet-lint-infrasecure/regex.rb +18 -0
  50. data/lib/puppet-lint-infrasecure/rules.rb +51 -0
  51. data/lib/puppet-lint-infrasecure/version.rb +3 -0
  52. data/lib/puppet-lint-infrasecure.rb +62 -0
  53. data/spec/puppet-lint/plugins/check_admin_by_default_spec.rb +34 -0
  54. data/spec/puppet-lint/plugins/check_cyrillic_homograph_attack_spec.rb +22 -0
  55. data/spec/puppet-lint/plugins/check_empty_password_spec.rb +55 -0
  56. data/spec/puppet-lint/plugins/check_hard_coded_secret_spec.rb +53 -0
  57. data/spec/puppet-lint/plugins/check_invalid_ip_addr_binding_spec.rb +46 -0
  58. data/spec/puppet-lint/plugins/check_malicious_dependency_spec.rb +39 -0
  59. data/spec/puppet-lint/plugins/check_suspicious_comment_spec.rb +50 -0
  60. data/spec/puppet-lint/plugins/check_use_http_without_tls_spec.rb +100 -0
  61. data/spec/puppet-lint/plugins/check_use_of_weak_crypto_algorithm_spec.rb +42 -0
  62. data/spec/puppet-lint/plugins/check_weak_password_spec.rb +29 -0
  63. data/spec/spec_helper.rb +3 -0
  64. metadata +284 -0
data/lib/puppet-lint-infrasecure/dependencies/nodejs.json ADDED
@@ -0,0 +1,247 @@
1
+ {
2
+ "0.8.6": [
3
+ "CVE-2013-4450",
4
+ "CVE-2014-5256"
5
+ ],
6
+ "0.8.7": [
7
+ "CVE-2013-4450",
8
+ "CVE-2014-5256"
9
+ ],
10
+ "0.8.15": [
11
+ "CVE-2013-4450",
12
+ "CVE-2014-5256"
13
+ ],
14
+ "0.8.16": [
15
+ "CVE-2013-4450",
16
+ "CVE-2014-5256"
17
+ ],
18
+ "0.8.23": [
19
+ "CVE-2013-4450",
20
+ "CVE-2014-5256"
21
+ ],
22
+ "0.8.24": [
23
+ "CVE-2013-4450",
24
+ "CVE-2014-5256"
25
+ ],
26
+ "0.10.5": [
27
+ "CVE-2013-4450",
28
+ "CVE-2014-5256"
29
+ ],
30
+ "0.10.6": [
31
+ "CVE-2013-4450",
32
+ "CVE-2014-5256"
33
+ ],
34
+ "0.10.14": [
35
+ "CVE-2013-4450",
36
+ "CVE-2014-5256"
37
+ ],
38
+ "0.10.15": [
39
+ "CVE-2013-4450",
40
+ "CVE-2014-5256"
41
+ ],
42
+ "0.8.0": [
43
+ "CVE-2013-4450",
44
+ "CVE-2014-5256"
45
+ ],
46
+ "0.8.1": [
47
+ "CVE-2013-4450",
48
+ "CVE-2014-5256"
49
+ ],
50
+ "0.8.8": [
51
+ "CVE-2013-4450",
52
+ "CVE-2014-5256"
53
+ ],
54
+ "0.8.9": [
55
+ "CVE-2013-4450",
56
+ "CVE-2014-5256"
57
+ ],
58
+ "0.8.17": [
59
+ "CVE-2013-4450",
60
+ "CVE-2014-5256"
61
+ ],
62
+ "0.8.18": [
63
+ "CVE-2013-4450",
64
+ "CVE-2014-5256"
65
+ ],
66
+ "0.8.25": [
67
+ "CVE-2013-4450",
68
+ "CVE-2014-5256"
69
+ ],
70
+ "0.10.0": [
71
+ "CVE-2013-4450",
72
+ "CVE-2014-5256"
73
+ ],
74
+ "0.10.7": [
75
+ "CVE-2013-4450",
76
+ "CVE-2014-5256"
77
+ ],
78
+ "0.10.8": [
79
+ "CVE-2013-4450",
80
+ "CVE-2014-5256"
81
+ ],
82
+ "0.10.9": [
83
+ "CVE-2013-4450",
84
+ "CVE-2014-5256"
85
+ ],
86
+ "0.10.16": [
87
+ "CVE-2013-4450",
88
+ "CVE-2014-5256"
89
+ ],
90
+ "0.10.17": [
91
+ "CVE-2013-4450",
92
+ "CVE-2014-5256"
93
+ ],
94
+ "0.8.4": [
95
+ "CVE-2013-4450",
96
+ "CVE-2014-5256"
97
+ ],
98
+ "0.8.5": [
99
+ "CVE-2013-4450",
100
+ "CVE-2014-5256"
101
+ ],
102
+ "0.8.13": [
103
+ "CVE-2013-4450",
104
+ "CVE-2014-5256"
105
+ ],
106
+ "0.8.14": [
107
+ "CVE-2013-4450",
108
+ "CVE-2014-5256"
109
+ ],
110
+ "0.8.21": [
111
+ "CVE-2013-4450",
112
+ "CVE-2014-5256"
113
+ ],
114
+ "0.8.22": [
115
+ "CVE-2013-4450",
116
+ "CVE-2014-5256"
117
+ ],
118
+ "0.10.3": [
119
+ "CVE-2013-4450",
120
+ "CVE-2014-5256"
121
+ ],
122
+ "0.10.4": [
123
+ "CVE-2013-4450",
124
+ "CVE-2014-5256"
125
+ ],
126
+ "0.10.12": [
127
+ "CVE-2013-4450",
128
+ "CVE-2014-5256"
129
+ ],
130
+ "0.10.13": [
131
+ "CVE-2013-4450",
132
+ "CVE-2014-5256"
133
+ ],
134
+ "0.10.20": [
135
+ "CVE-2013-4450",
136
+ "CVE-2014-5256"
137
+ ],
138
+ "0.8.2": [
139
+ "CVE-2013-4450",
140
+ "CVE-2014-5256"
141
+ ],
142
+ "0.8.3": [
143
+ "CVE-2013-4450",
144
+ "CVE-2014-5256"
145
+ ],
146
+ "0.8.10": [
147
+ "CVE-2013-4450",
148
+ "CVE-2014-5256"
149
+ ],
150
+ "0.8.11": [
151
+ "CVE-2013-4450",
152
+ "CVE-2014-5256"
153
+ ],
154
+ "0.8.12": [
155
+ "CVE-2013-4450",
156
+ "CVE-2014-5256"
157
+ ],
158
+ "0.8.19": [
159
+ "CVE-2013-4450",
160
+ "CVE-2014-5256"
161
+ ],
162
+ "0.8.20": [
163
+ "CVE-2013-4450",
164
+ "CVE-2014-5256"
165
+ ],
166
+ "0.10.1": [
167
+ "CVE-2013-4450",
168
+ "CVE-2014-5256"
169
+ ],
170
+ "0.10.2": [
171
+ "CVE-2013-4450",
172
+ "CVE-2014-5256"
173
+ ],
174
+ "0.10.10": [
175
+ "CVE-2013-4450",
176
+ "CVE-2014-5256"
177
+ ],
178
+ "0.10.11": [
179
+ "CVE-2013-4450",
180
+ "CVE-2014-5256"
181
+ ],
182
+ "0.10.18": [
183
+ "CVE-2013-4450",
184
+ "CVE-2014-5256"
185
+ ],
186
+ "0.10.19": [
187
+ "CVE-2013-4450",
188
+ "CVE-2014-5256"
189
+ ],
190
+ "0.7.0": [
191
+ "CVE-2012-2330"
192
+ ],
193
+ "0.7.7": [
194
+ "CVE-2012-2330"
195
+ ],
196
+ "0.7.1": [
197
+ "CVE-2012-2330"
198
+ ],
199
+ "0.7.2": [
200
+ "CVE-2012-2330"
201
+ ],
202
+ "0.7.3": [
203
+ "CVE-2012-2330"
204
+ ],
205
+ "0.7.4": [
206
+ "CVE-2012-2330"
207
+ ],
208
+ "0.7.5": [
209
+ "CVE-2012-2330"
210
+ ],
211
+ "0.7.6": [
212
+ "CVE-2012-2330"
213
+ ],
214
+ "0.8.27": [
215
+ "CVE-2014-5256"
216
+ ],
217
+ "0.10.24": [
218
+ "CVE-2014-5256"
219
+ ],
220
+ "0.10.25": [
221
+ "CVE-2014-5256"
222
+ ],
223
+ "0.10.21": [
224
+ "CVE-2014-5256"
225
+ ],
226
+ "0.10.29": [
227
+ "CVE-2014-5256"
228
+ ],
229
+ "0.10.26": [
230
+ "CVE-2014-5256"
231
+ ],
232
+ "0.10.27": [
233
+ "CVE-2014-5256"
234
+ ],
235
+ "0.10.28": [
236
+ "CVE-2014-5256"
237
+ ],
238
+ "0.8.26": [
239
+ "CVE-2014-5256"
240
+ ],
241
+ "0.10.22": [
242
+ "CVE-2014-5256"
243
+ ],
244
+ "0.10.23": [
245
+ "CVE-2014-5256"
246
+ ]
247
+ }