RubyGems - rubion - Versions diffs - 0.3.11 → 0.3.12 - Mend

rubion 0.3.11 → 0.3.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 752260b2ea57b15d75df668a60d1e1a93734b3e86da997c57b852f6c77e0d292
-  data.tar.gz: 513e0b0af66f262f8998d481fdcf7eafd9652bb0d2c2381f49f868034cb6a597
+  metadata.gz: 7dc1bfbae3334e5454a9cc24e15284f6ea266e6ae39c0d897e834cdbd4a060b2
+  data.tar.gz: 99397bc977a084f856a850dbc32401a72d302ce3f55243b4a09f9660224168fd
 SHA512:
-  metadata.gz: 2b4c4b59d717ad577482a6da93ab5fda7cf42940ebcec8c3d695e889c81e63843b631f26324f2a64f9af5b67ab9126e4bb34c37b9bfdd03f55ed36069de928c6
-  data.tar.gz: 379406e86fb8989acbffdd1acf3252e5d1b726525e46b26b6b418e5e66bbe47620008589f0b5f8be56898617162333ba47d2e85885fbe052f3e417b1891bbf7a
+  metadata.gz: 78c7ccc9ac63d82a38d704d47f626e3ec1ba08976d10e3efbfe6ef35f5fb15d5424c61219d00034d11cee5e25f77b5a7b971406400e6744e5e005e9e9e9cf87a
+  data.tar.gz: ebda62b7ec502a9e834a41b45953996363289b5c63f3ce3b6da380beaf96dfd47f5476e56f65babca314c3cd01624a5601cf607c4e1bd4884ef704d1be270e99

data/lib/rubion/version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 module Rubion
-  VERSION = "0.3.11"
+  VERSION = "0.3.12"
 end

data/rubion.gemspec CHANGED Viewed

@@ -9,150 +9,7 @@ Gem::Specification.new do |spec|
   spec.email = ['bs_chapagain@hotmail.com']
   spec.summary = 'Security and version scanner for Ruby and JavaScript projects'
-  spec.description = <<~DESC
-    Rubion is a comprehensive security and version scanner for Ruby and JavaScript projects.
-    It helps you identify vulnerabilities and outdated dependencies in your Ruby gems and NPM/JavaScript packages.
-    ## Features
-    - 📛 Gem Vulnerabilities: Scans for known security vulnerabilities in Ruby gems using bundle-audit
-    - 📦 Gem Versions: Identifies outdated Ruby gems with release dates and version counts
-    - 📛 Package Vulnerabilities: Scans for known security vulnerabilities in NPM/JavaScript packages
-    - 📦 Package Versions: Identifies outdated NPM/JavaScript packages with release dates
-    - 🎯 Direct Dependencies: Highlights direct dependencies (from Gemfile/package.json) in bold text
-    - 🔍 Filtering: Option to show only direct dependencies with --exclude-dependencies flag
-    - 📊 Sorting: Sort results by any column (Name, Current, Date, Latest, Behind By(Time), Behind By(Versions))
-    - 🚀 Fast & Efficient: Parallel API processing (10 concurrent threads) for quick results
-    - 📦 Multi-Package Manager: Supports both npm and yarn with automatic detection
-    ## Installation
-    ```bash
-    gem install rubion
-    ```
-    Or add to your Gemfile:
-    ```ruby
-    gem 'rubion', '~> 0.3.10'
-    ```
-    ## Usage
-    ### Basic Scan
-    ```bash
-    rubion scan
-    ```
-    ### Scan Options
-    ```bash
-    # Scan only Ruby gems
-    rubion scan --gems-only
-    # or
-    rubion scan -g
-    # Scan only NPM packages
-    rubion scan --packages-only
-    # or
-    rubion scan -p
-    # Sort by column
-    rubion scan --sort-by Name
-    rubion scan --sort-by "Behind By(Time)" --desc
-    # Show only direct dependencies
-    rubion scan --exclude-dependencies
-    ```
-    ### Example Output
-    Complete Scan Output:
-    ```
-    🔍 Scanning project at: /path/to/project
-    📦 Checking Ruby gems... 139/139 ✓
-    Gem Vulnerabilities:
-    +----------+--------+---------+------------------------------------------+
-    | Level    | Name   | Version | Vulnerability                            |
-    +----------+--------+---------+------------------------------------------+
-    | 🔴 Critical | rexml | 3.4.1   | REXML has DoS condition when parsing... |
-    | 🟠 High  | rack   | 2.0.8   | Denial of Service vulnerability         |
-    | 🟡 Medium | nokogiri | 1.13.8 | XML parsing vulnerability              |
-    | 🟢 Low   | json   | 2.6.1   | JSON parsing issue                      |
-    +----------+--------+---------+------------------------------------------+
-    Gem Versions:
-    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    | Name             | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
-    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    | sidekiq          | 7.30    | 3/5/2024                 | 8.1     | 11/11/2025               | 1 year           | 15                |
-    | rails             | 7.0.0   | 12/15/2022               | 7.1.0   | 10/4/2024                | 1 year 10 months | 8                 |
-    | fastimage         | 2.2.7   | 2/2/2025                  | 2.3.2   | 9/9/2025                 | 7 months         | 3                 |
-    | nokogiri          | 1.13.8 | 5/10/2023                 | 1.15.0  | 8/20/2024                | 1 year 3 months  | 12                |
-    | redis             | 4.8.0  | 1/15/2023                 | 5.0.0   | 11/1/2024                | 1 year 9 months  | 20                |
-    | pg                | 1.4.0  | 3/20/2023                 | 1.5.0   | 9/15/2024                | 1 year 5 months  | 6                 |
-    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    📦 Checking NPM packages... 45/45 ✓
-    Package Vulnerabilities:
-    +----------+--------+---------+------------------------------------------+
-    | Level    | Name   | Version | Vulnerability                            |
-    +----------+--------+---------+------------------------------------------+
-    | 🔴 Critical | lodash | 4.17.20 | Prototype pollution vulnerability    |
-    | 🟠 High  | moment | 2.29.1  | Wrong timezone date calculation         |
-    | 🟡 Medium | axios  | 0.21.1  | Server-Side Request Forgery (SSRF)      |
-    | 🟢 Low   | debug  | 4.3.1   | Regular Expression Denial of Service   |
-    +----------+--------+---------+------------------------------------------+
-    Package Versions:
-    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    | Name             | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
-    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    | react             | 17.0.2 | 3/3/2021                  | 18.2.0  | 6/14/2023                | 2 years 3 months | 45                |
-    | vue               | 3.2.0  | 8/5/2021                  | 3.3.0   | 5/18/2023                | 1 year 9 months  | 8                 |
-    | jquery            | 3.7.1  | 4/5/2024                  | 3.9.1   | 10/11/2025               | 1 year           | 8                 |
-    | express           | 4.18.0 | 4/25/2022                 | 4.18.2  | 8/15/2023                | 1 year 3 months  | 2                 |
-    | webpack           | 5.70.0 | 3/1/2022                  | 5.88.0  | 6/1/2023                 | 1 year 3 months  | 18                |
-    | typescript        | 4.7.0  | 5/24/2022                 | 5.1.0   | 5/25/2023                | 1 year           | 12                |
-    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    ```
-    Direct Dependencies Only (with --exclude-dependencies):
-    ```
-    Gem Versions:
-    +----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    | Name     | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
-    +----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    | **rails**| 7.0.0   | 12/15/2022               | 7.1.0   | 10/4/2024                | 1 year 10 months | 8                 |
-    | **sidekiq**| 7.30  | 3/5/2024                 | 8.1     | 11/11/2025               | 1 year           | 15                |
-    | **pg**   | 1.4.0  | 3/20/2023                 | 1.5.0   | 9/15/2024                | 1 year 5 months  | 6                 |
-    +----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
-    ```
-    Note: Direct dependencies (from Gemfile or package.json) are displayed in bold text in the version tables.
-    ## Requirements
-    - Ruby 2.6 or higher
-    - Bundler (for Ruby gem scanning)
-    - NPM or Yarn (optional, for JavaScript package scanning)
-    - bundler-audit (optional, install with: gem install bundler-audit)
-    ## Documentation
-    For more information, visit: https://github.com/bipashant/rubion
-  DESC
+  spec.description = 'Rubion scans your project for Ruby gem vulnerabilities, outdated gems, NPM package vulnerabilities, and outdated packages. It provides a clean, organized report with actionable insights.'
   spec.homepage = 'https://github.com/bipashant/rubion'
   spec.license = 'MIT'
   spec.required_ruby_version = '>= 2.6.0'

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubion
 version: !ruby/object:Gem::Version
-  version: 0.3.11
+  version: 0.3.12
 platform: ruby
 authors:
 - bipashant
@@ -66,76 +66,9 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.21'
-description: "Rubion is a comprehensive security and version scanner for Ruby and
-  JavaScript projects.\nIt helps you identify vulnerabilities and outdated dependencies
-  in your Ruby gems and NPM/JavaScript packages.\n\n## Features\n\n- \U0001F4DB Gem
-  Vulnerabilities: Scans for known security vulnerabilities in Ruby gems using bundle-audit\n-
-  \U0001F4E6 Gem Versions: Identifies outdated Ruby gems with release dates and version
-  counts\n- \U0001F4DB Package Vulnerabilities: Scans for known security vulnerabilities
-  in NPM/JavaScript packages\n- \U0001F4E6 Package Versions: Identifies outdated NPM/JavaScript
-  packages with release dates\n- \U0001F3AF Direct Dependencies: Highlights direct
-  dependencies (from Gemfile/package.json) in bold text\n- \U0001F50D Filtering: Option
-  to show only direct dependencies with --exclude-dependencies flag\n- \U0001F4CA
-  Sorting: Sort results by any column (Name, Current, Date, Latest, Behind By(Time),
-  Behind By(Versions))\n- \U0001F680 Fast & Efficient: Parallel API processing (10
-  concurrent threads) for quick results\n- \U0001F4E6 Multi-Package Manager: Supports
-  both npm and yarn with automatic detection\n\n## Installation\n\n```bash\ngem install
-  rubion\n```\n\nOr add to your Gemfile:\n\n```ruby\ngem 'rubion', '~> 0.3.10'\n```\n\n##
-  Usage\n\n### Basic Scan\n\n```bash\nrubion scan\n```\n\n### Scan Options\n\n```bash\n#
-  Scan only Ruby gems\nrubion scan --gems-only\n# or\nrubion scan -g\n\n# Scan only
-  NPM packages\nrubion scan --packages-only\n# or\nrubion scan -p\n\n# Sort by column\nrubion
-  scan --sort-by Name\nrubion scan --sort-by \"Behind By(Time)\" --desc\n\n# Show
-  only direct dependencies\nrubion scan --exclude-dependencies\n```\n\n### Example
-  Output\n\nComplete Scan Output:\n\n```\n\U0001F50D Scanning project at: /path/to/project\n\n\U0001F4E6
-  Checking Ruby gems... 139/139 ✓\n\nGem Vulnerabilities:\n\n+----------+--------+---------+------------------------------------------+\n|
-  Level    | Name   | Version | Vulnerability                            |\n+----------+--------+---------+------------------------------------------+\n|
-  \U0001F534 Critical | rexml | 3.4.1   | REXML has DoS condition when parsing...
-  |\n| \U0001F7E0 High  | rack   | 2.0.8   | Denial of Service vulnerability         |\n|
-  \U0001F7E1 Medium | nokogiri | 1.13.8 | XML parsing vulnerability              |\n|
-  \U0001F7E2 Low   | json   | 2.6.1   | JSON parsing issue                      |\n+----------+--------+---------+------------------------------------------+\n\nGem
-  Versions:\n\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
-  Name             | Current | Current version released on | Latest  | Latest version
-  released on | Behind By(Time) ↓ | Behind By(Versions) |\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
-  sidekiq          | 7.30    | 3/5/2024                 | 8.1     | 11/11/2025               |
-  1 year           | 15                |\n| rails             | 7.0.0   | 12/15/2022
-  \              | 7.1.0   | 10/4/2024                | 1 year 10 months | 8                 |\n|
-  fastimage         | 2.2.7   | 2/2/2025                  | 2.3.2   | 9/9/2025                 |
-  7 months         | 3                 |\n| nokogiri          | 1.13.8 | 5/10/2023
-  \                | 1.15.0  | 8/20/2024                | 1 year 3 months  | 12                |\n|
-  redis             | 4.8.0  | 1/15/2023                 | 5.0.0   | 11/1/2024                |
-  1 year 9 months  | 20                |\n| pg                | 1.4.0  | 3/20/2023
-  \                | 1.5.0   | 9/15/2024                | 1 year 5 months  | 6                 |\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n\n\U0001F4E6
-  Checking NPM packages... 45/45 ✓\n\nPackage Vulnerabilities:\n\n+----------+--------+---------+------------------------------------------+\n|
-  Level    | Name   | Version | Vulnerability                            |\n+----------+--------+---------+------------------------------------------+\n|
-  \U0001F534 Critical | lodash | 4.17.20 | Prototype pollution vulnerability    |\n|
-  \U0001F7E0 High  | moment | 2.29.1  | Wrong timezone date calculation         |\n|
-  \U0001F7E1 Medium | axios  | 0.21.1  | Server-Side Request Forgery (SSRF)      |\n|
-  \U0001F7E2 Low   | debug  | 4.3.1   | Regular Expression Denial of Service   |\n+----------+--------+---------+------------------------------------------+\n\nPackage
-  Versions:\n\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
-  Name             | Current | Current version released on | Latest  | Latest version
-  released on | Behind By(Time) ↓ | Behind By(Versions) |\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
-  react             | 17.0.2 | 3/3/2021                  | 18.2.0  | 6/14/2023                |
-  2 years 3 months | 45                |\n| vue               | 3.2.0  | 8/5/2021
-  \                 | 3.3.0   | 5/18/2023                | 1 year 9 months  | 8                 |\n|
-  jquery            | 3.7.1  | 4/5/2024                  | 3.9.1   | 10/11/2025               |
-  1 year           | 8                 |\n| express           | 4.18.0 | 4/25/2022
-  \                | 4.18.2  | 8/15/2023                | 1 year 3 months  | 2                 |\n|
-  webpack           | 5.70.0 | 3/1/2022                  | 5.88.0  | 6/1/2023                 |
-  1 year 3 months  | 18                |\n| typescript        | 4.7.0  | 5/24/2022
-  \                | 5.1.0   | 5/25/2023                | 1 year           | 12                |\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n```\n\nDirect
-  Dependencies Only (with --exclude-dependencies):\n\n```\nGem Versions:\n\n+----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
-  Name     | Current | Current version released on | Latest  | Latest version released
-  on | Behind By(Time) ↓ | Behind By(Versions) |\n+----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
-  **rails**| 7.0.0   | 12/15/2022               | 7.1.0   | 10/4/2024                |
-  1 year 10 months | 8                 |\n| **sidekiq**| 7.30  | 3/5/2024                 |
-  8.1     | 11/11/2025               | 1 year           | 15                |\n| **pg**
-  \  | 1.4.0  | 3/20/2023                 | 1.5.0   | 9/15/2024                | 1
-  year 5 months  | 6                 |\n+----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n```\n\nNote:
-  Direct dependencies (from Gemfile or package.json) are displayed in bold text in
-  the version tables.\n\n## Requirements\n\n- Ruby 2.6 or higher\n- Bundler (for Ruby
-  gem scanning)\n- NPM or Yarn (optional, for JavaScript package scanning)\n- bundler-audit
-  (optional, install with: gem install bundler-audit)\n\n## Documentation\n\nFor more
-  information, visit: https://github.com/bipashant/rubion\n"
+description: Rubion scans your project for Ruby gem vulnerabilities, outdated gems,
+  NPM package vulnerabilities, and outdated packages. It provides a clean, organized
+  report with actionable insights.
 email:
 - bs_chapagain@hotmail.com
 executables: