RubyGems - quayio-scanner - Versions diffs - 0.2.3 → 0.3.0 - Mend

quayio-scanner 0.2.3 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/Gemfile.lock +29 -29
data/lib/quayio/scanner/image.rb +1 -1
data/lib/quayio/scanner/repository.rb +8 -8
data/lib/quayio/scanner/version.rb +1 -1
data/quayio-scanner.gemspec +1 -1
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ec3e0ce31e72f8fb58ce5bb62ec17af8395f8cbb0dfe6825bd8409e8388167a3
-  data.tar.gz: af37eec22d47077ad5c6cdb761b18071864ab628d459b15ed7130c645a09edc4
+  metadata.gz: 1eacf83494b11fb31f062ba8e916628d2477ba13ec76cc83ef8f98091c2b0313
+  data.tar.gz: 3bdf57c972fa6e1aa5e500cc3e887e7f4ea33498644dcd7b8a90ed0e93d9d24a
 SHA512:
-  metadata.gz: 194cca2abb4781442a8730a9ad0afb5097bc0e63d9dcd1a4c1dc0c92c6832af5020fd3e8dceb44fa5cd9c56da8bff986669146cd2ba8c141c165203fa5d09ee2
-  data.tar.gz: 4ac42a474343fae8c5ce01141cf85ebf514a3d37050fc93f28f7cb5202c231ab1976b94112f7aff278a00c3fac3082a7f1f454e0291ac60b9e7be764689a8d1c
+  metadata.gz: b7ffabd2e0523bce627fd779519c25828546e6591c6cbdbbc536ffcd783b1898f3c88eab366d84bca14b1ed6b51f62cafd258bad6ab83e1cc5364db22c92c5b5
+  data.tar.gz: 4dc30215d24326a4494cc06edd31cfb226682060c819d1d972c5bf114e569ca9978871072ab20382bdc7126d84050e027dd2c2bbe9b8e538546fc2d3b5a36484

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    quayio-scanner (0.2.3)
+    quayio-scanner (0.3.0)
       docker-api (~> 1.33)
       rest-client (~> 2.1)
       sensu-plugin (~> 4.0)
@@ -9,49 +9,49 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    ast (2.4.1)
-    diff-lcs (1.4.4)
+    ast (2.4.2)
+    diff-lcs (1.5.0)
     docker-api (1.34.2)
       excon (>= 0.47.0)
       multi_json
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
-    excon (0.85.0)
+    excon (0.92.1)
     http-accept (1.7.0)
     http-cookie (1.0.4)
       domain_name (~> 0.5)
-    json (2.5.1)
-    mime-types (3.3.1)
+    json (2.6.1)
+    mime-types (3.4.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2021.0704)
+    mime-types-data (3.2022.0105)
     mixlib-cli (1.7.0)
     multi_json (1.15.0)
     netrc (0.11.0)
-    parallel (1.19.2)
-    parser (2.7.2.0)
+    parallel (1.22.1)
+    parser (3.1.1.0)
       ast (~> 2.4.1)
-    rainbow (3.0.0)
+    rainbow (3.1.1)
     rake (10.5.0)
-    regexp_parser (1.8.2)
+    regexp_parser (2.2.1)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rexml (3.2.4)
-    rspec (3.9.0)
-      rspec-core (~> 3.9.0)
-      rspec-expectations (~> 3.9.0)
-      rspec-mocks (~> 3.9.0)
-    rspec-core (3.9.3)
-      rspec-support (~> 3.9.3)
-    rspec-expectations (3.9.3)
+    rexml (3.2.5)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.1)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-support (3.9.4)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.0)
     rubocop (0.93.1)
       parallel (~> 1.10)
       parser (>= 2.7.1.5)
@@ -61,22 +61,22 @@ GEM
       rubocop-ast (>= 0.6.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (1.1.0)
-      parser (>= 2.7.1.5)
-    ruby-progressbar (1.10.1)
+    rubocop-ast (1.16.0)
+      parser (>= 3.1.1.0)
+    ruby-progressbar (1.11.0)
     sensu-plugin (4.0.0)
       json (< 3.0.0)
       mixlib-cli (~> 1.5)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.7)
-    unicode-display_width (1.7.0)
+    unf_ext (0.0.8.1)
+    unicode-display_width (1.8.0)
 PLATFORMS
   ruby
 DEPENDENCIES
-  bundler (~> 2.2)
+  bundler (~> 2.1)
   quayio-scanner!
   rake (~> 10.0)
   rspec (~> 3.7)

data/lib/quayio/scanner/image.rb CHANGED Viewed

@@ -2,7 +2,7 @@ module Quayio
   module Scanner
     class Image
       RELEVANT_SEVERITIES = %w[High Critical].freeze
-      QUAY_IO_REPO_NAME = %r{quay.io\/(?<org>[\w-]+)\/(?<repo>[\w-]+):(?<tag>[\w\.-]+)}.freeze
+      QUAY_IO_REPO_NAME = %r{quay.io\/(?<org>[\w-]+)\/(?<repo>[\w-]+):(?<tag>[\w.-]+)}.freeze
       attr_reader :name, :whitelist, :repository

data/lib/quayio/scanner/repository.rb CHANGED Viewed

@@ -6,19 +6,19 @@ module Quayio
     Repository = Struct.new(:quayio_token, :org, :repo, :tag) do
       MAX_ATTEMPTS = 5
-      def id
-        @id ||= fetch_id
-      end
       def scan
-        api_call("/image/#{id}/security?vulnerabilities=true")
+        api_call("/manifest/#{manifest_ref}/security?vulnerabilities=true")
       end
       private
-      def fetch_id
-        result = api_call("/tag/#{tag}/images")
-        (result['images'].first)['id']
+      def manifest_ref
+        @manifest_ref ||= fetch_manifest_ref
+      end
+      def fetch_manifest_ref
+        result = api_call("/tag/?specificTag=#{tag}&onlyActiveTags=1")
+        (result['tags'].first)['manifest_digest']
       end
       def api_call(uri)

data/lib/quayio/scanner/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Quayio
   module Scanner
-    VERSION = '0.2.3'.freeze
+    VERSION = '0.3.0'.freeze
   end
 end

data/quayio-scanner.gemspec CHANGED Viewed

@@ -23,7 +23,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'docker-api', '~> 1.33'
   spec.add_dependency 'rest-client', '~> 2.1'
   spec.add_dependency 'sensu-plugin', '~> 4.0'
-  spec.add_development_dependency 'bundler', '~> 2.2'
+  spec.add_development_dependency 'bundler', '~> 2.1'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec', '~> 3.7'
   spec.add_development_dependency 'rubocop', '~> 0.49'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: quayio-scanner
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.3.0
 platform: ruby
 authors:
 - Benjamin Meichsner
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-08-03 00:00:00.000000000 Z
+date: 2022-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: docker-api
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement