securitytxt 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +14 -0
- data/bin/securitytxt +70 -0
- data/lib/securitytxt/version.rb +1 -1
- metadata +6 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7ccb7ac4366e494d85af320fd89b39c75b603ec6
|
|
4
|
+
data.tar.gz: 2ce31783e42d90c7b137cbbd9b85e3d6402c576c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6872ad70a0d1ff677acff4c7fb9aa229b7d0e393a62e3a68a7edc3bca6357d59266d45011bf12f1a891248752d474b2053f85c0655636633cfb18feafe34a7f4
|
|
7
|
+
data.tar.gz: 0d9fbf51c1f8b106335a8ead278bf42f450966b46a2f344eebc4393ae352d84b32eb648b77b1166ace9b1be2a2e52be1a8ecd563239e32f52ed37db6d305c1a6
|
data/README.md
CHANGED
|
@@ -65,5 +65,19 @@ puts SecurityTxt::Generator.new({"contact"=>"https://hackerone.com/ed", "encrypt
|
|
|
65
65
|
# Acknowledgements: https://hackerone.com/ed/thanks
|
|
66
66
|
```
|
|
67
67
|
|
|
68
|
+
## CLI usage
|
|
69
|
+
|
|
70
|
+
```
|
|
71
|
+
Securitytxt - A CLI tool to parse and generate securitytxt content.
|
|
72
|
+
|
|
73
|
+
Help menu:
|
|
74
|
+
-p, --parse FILE | URL Parse securitytxt file or URL
|
|
75
|
+
-g, --generate Generate a securitytxt string.
|
|
76
|
+
-c, --contact DETAILS List of contact details separated by comma(,) without spaces. (used with -g/--generate)
|
|
77
|
+
-e, --encryption URL Link to a page which contains your key.(used with -g/--generate)
|
|
78
|
+
-a, --acknowledgements URL Link to a page where security researchers are recognized for their reports.(used with -g/--generate)
|
|
79
|
+
-h, --help Show this help message
|
|
80
|
+
```
|
|
81
|
+
|
|
68
82
|
## License
|
|
69
83
|
The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
|
data/bin/securitytxt
ADDED
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
# Securitytxt command-line tool
|
|
3
|
+
#
|
|
4
|
+
require 'optparse'
|
|
5
|
+
require 'open-uri'
|
|
6
|
+
require 'securitytxt/parser'
|
|
7
|
+
require 'securitytxt/generator'
|
|
8
|
+
|
|
9
|
+
class String
|
|
10
|
+
def red; colorize(self, "\e[1m\e[31m"); end
|
|
11
|
+
def dark_green; colorize(self, "\e[32m"); end
|
|
12
|
+
def underline; colorize(self, "\e[4m"); end
|
|
13
|
+
def bold; colorize(self, "\e[1m"); end
|
|
14
|
+
def colorize(text, color_code) "#{color_code}#{text}\e[0m" end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
options = {}
|
|
18
|
+
option_parser = OptionParser.new
|
|
19
|
+
option_parser.banner = "#{"Securitytxt".bold} - A CLI tool to parse and generate securitytxt content."
|
|
20
|
+
option_parser.set_summary_indent ' '
|
|
21
|
+
option_parser.separator "\nHelp menu:".underline
|
|
22
|
+
option_parser.on('-p', '--parse FILE | URL', 'Parse securitytxt file or URL') {|v| options[:parse] = v}
|
|
23
|
+
option_parser.on('-g', '--generate', 'Generate a securitytxt string.') {|v| options[:generate] = v}
|
|
24
|
+
option_parser.on('-c', '--contact DETAILS', Array, 'List of contact details separated by comma(,) without spaces. (used with -g/--generate)') {|v| options[:contact] = v}
|
|
25
|
+
option_parser.on('-e', '--encryption URL', 'Link to a page which contains your key.(used with -g/--generate)') {|v| options[:encryption] = v}
|
|
26
|
+
option_parser.on('-a', '--acknowledgements URL', 'Link to a page where security researchers are recognized for their reports.(used with -g/--generate)') {|v| options[:ack] = v}
|
|
27
|
+
option_parser.on('-h', '--help', 'Show this help message') {|v| option_parser}
|
|
28
|
+
option_parser.on_tail "\nExample:".underline
|
|
29
|
+
option_parser.on_tail" securitytxt --parse https://securitytxt.org/.well-known/security.txt"
|
|
30
|
+
option_parser.on_tail" securitytxt --generate -c https://hackerone.com/ed -e https://keybase.pub/edoverflow/pgp_key.asc -a https://hackerone.com/ed/thanks"
|
|
31
|
+
|
|
32
|
+
begin
|
|
33
|
+
option_parser.parse!
|
|
34
|
+
case
|
|
35
|
+
when options[:parse]
|
|
36
|
+
securitytxt = SecurityTxt::Parser.new.parse(open(options[:parse]).read)
|
|
37
|
+
securitytxt.each do |key, val|
|
|
38
|
+
puts "- #{key.ljust(16).bold} : #{[val].join(', ')}"
|
|
39
|
+
end
|
|
40
|
+
puts "\n-[".bold + "Hash".dark_green + "]---".bold
|
|
41
|
+
puts securitytxt
|
|
42
|
+
when options[:generate] && options[:contact] && options[:encryption] && options[:ack]
|
|
43
|
+
data = {"contact" => options[:contact], "encryption" => options[:encryption], "acknowledgements" => options[:ack]}
|
|
44
|
+
generated = SecurityTxt::Generator.new(data).generate
|
|
45
|
+
puts generated
|
|
46
|
+
puts "\n-[".bold + "Hash".dark_green + "]---".bold
|
|
47
|
+
puts SecurityTxt::Parser.new.parse(generated)
|
|
48
|
+
when options[:generate] && (options[:contact] || options[:encryption] || options[:akc]).nil?
|
|
49
|
+
puts '[!] '.red + "Missing mandatory options, -g/--generate requires '-c/--contact', '-e/--encrytion', '-a/--ack' options."
|
|
50
|
+
when options[:generate] && options[:contact].nil?
|
|
51
|
+
puts '[!] '.red + "Missing mandatory option '-c/--contact'"
|
|
52
|
+
when options[:generate] && options[:encryption].nil?
|
|
53
|
+
puts '[!] '.red + "Missing mandatory option '-e/--encryption'"
|
|
54
|
+
when options[:generate] && options[:ack].nil?
|
|
55
|
+
puts '[!] '.red + "Missing mandatory option '-a/--ack'"
|
|
56
|
+
else
|
|
57
|
+
puts option_parser
|
|
58
|
+
end
|
|
59
|
+
rescue OptionParser::MissingArgument => e
|
|
60
|
+
e.args.each {|arg| puts '[!] '.red + "#{e.reason.capitalize} for '#{arg}' option."}
|
|
61
|
+
puts option_parser
|
|
62
|
+
rescue OptionParser::InvalidOption => e
|
|
63
|
+
puts '[!] '.red + "#{e}"
|
|
64
|
+
puts option_parser
|
|
65
|
+
rescue Exception => e
|
|
66
|
+
puts e.backtrace
|
|
67
|
+
puts e.backtrace_locations
|
|
68
|
+
puts e
|
|
69
|
+
end
|
|
70
|
+
|
data/lib/securitytxt/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: securitytxt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Benoit Larroque
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-02-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -42,13 +42,15 @@ description: 'This gems includes various tools about security.txt for Ruby: A ra
|
|
|
42
42
|
engine, A Rack MiddleWare, a simple parser and generator '
|
|
43
43
|
email:
|
|
44
44
|
- benoit@sqreen.io
|
|
45
|
-
executables:
|
|
45
|
+
executables:
|
|
46
|
+
- securitytxt
|
|
46
47
|
extensions: []
|
|
47
48
|
extra_rdoc_files: []
|
|
48
49
|
files:
|
|
49
50
|
- MIT-LICENSE
|
|
50
51
|
- README.md
|
|
51
52
|
- Rakefile
|
|
53
|
+
- bin/securitytxt
|
|
52
54
|
- lib/securitytxt.rb
|
|
53
55
|
- lib/securitytxt/generator.rb
|
|
54
56
|
- lib/securitytxt/middleware.rb
|
|
@@ -78,5 +80,5 @@ rubyforge_project:
|
|
|
78
80
|
rubygems_version: 2.6.13
|
|
79
81
|
signing_key:
|
|
80
82
|
specification_version: 4
|
|
81
|
-
summary: Provides
|
|
83
|
+
summary: Provides tools about security.txt for Ruby
|
|
82
84
|
test_files: []
|