securitytxt 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +14 -0
- data/bin/securitytxt +70 -0
- data/lib/securitytxt/version.rb +1 -1
- metadata +6 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7ccb7ac4366e494d85af320fd89b39c75b603ec6
|
|
4
|
+
data.tar.gz: 2ce31783e42d90c7b137cbbd9b85e3d6402c576c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6872ad70a0d1ff677acff4c7fb9aa229b7d0e393a62e3a68a7edc3bca6357d59266d45011bf12f1a891248752d474b2053f85c0655636633cfb18feafe34a7f4
|
|
7
|
+
data.tar.gz: 0d9fbf51c1f8b106335a8ead278bf42f450966b46a2f344eebc4393ae352d84b32eb648b77b1166ace9b1be2a2e52be1a8ecd563239e32f52ed37db6d305c1a6
|
data/README.md
CHANGED
|
@@ -65,5 +65,19 @@ puts SecurityTxt::Generator.new({"contact"=>"https://hackerone.com/ed", "encrypt
|
|
|
65
65
|
# Acknowledgements: https://hackerone.com/ed/thanks
|
|
66
66
|
```
|
|
67
67
|
|
|
68
|
+
## CLI usage
|
|
69
|
+
|
|
70
|
+
```
|
|
71
|
+
Securitytxt - A CLI tool to parse and generate securitytxt content.
|
|
72
|
+
|
|
73
|
+
Help menu:
|
|
74
|
+
-p, --parse FILE | URL Parse securitytxt file or URL
|
|
75
|
+
-g, --generate Generate a securitytxt string.
|
|
76
|
+
-c, --contact DETAILS List of contact details separated by comma(,) without spaces. (used with -g/--generate)
|
|
77
|
+
-e, --encryption URL Link to a page which contains your key.(used with -g/--generate)
|
|
78
|
+
-a, --acknowledgements URL Link to a page where security researchers are recognized for their reports.(used with -g/--generate)
|
|
79
|
+
-h, --help Show this help message
|
|
80
|
+
```
|
|
81
|
+
|
|
68
82
|
## License
|
|
69
83
|
The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
|
data/bin/securitytxt
ADDED
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
# Securitytxt command-line tool
|
|
3
|
+
#
|
|
4
|
+
require 'optparse'
|
|
5
|
+
require 'open-uri'
|
|
6
|
+
require 'securitytxt/parser'
|
|
7
|
+
require 'securitytxt/generator'
|
|
8
|
+
|
|
9
|
+
class String
|
|
10
|
+
def red; colorize(self, "\e[1m\e[31m"); end
|
|
11
|
+
def dark_green; colorize(self, "\e[32m"); end
|
|
12
|
+
def underline; colorize(self, "\e[4m"); end
|
|
13
|
+
def bold; colorize(self, "\e[1m"); end
|
|
14
|
+
def colorize(text, color_code) "#{color_code}#{text}\e[0m" end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
options = {}
|
|
18
|
+
option_parser = OptionParser.new
|
|
19
|
+
option_parser.banner = "#{"Securitytxt".bold} - A CLI tool to parse and generate securitytxt content."
|
|
20
|
+
option_parser.set_summary_indent ' '
|
|
21
|
+
option_parser.separator "\nHelp menu:".underline
|
|
22
|
+
option_parser.on('-p', '--parse FILE | URL', 'Parse securitytxt file or URL') {|v| options[:parse] = v}
|
|
23
|
+
option_parser.on('-g', '--generate', 'Generate a securitytxt string.') {|v| options[:generate] = v}
|
|
24
|
+
option_parser.on('-c', '--contact DETAILS', Array, 'List of contact details separated by comma(,) without spaces. (used with -g/--generate)') {|v| options[:contact] = v}
|
|
25
|
+
option_parser.on('-e', '--encryption URL', 'Link to a page which contains your key.(used with -g/--generate)') {|v| options[:encryption] = v}
|
|
26
|
+
option_parser.on('-a', '--acknowledgements URL', 'Link to a page where security researchers are recognized for their reports.(used with -g/--generate)') {|v| options[:ack] = v}
|
|
27
|
+
option_parser.on('-h', '--help', 'Show this help message') {|v| option_parser}
|
|
28
|
+
option_parser.on_tail "\nExample:".underline
|
|
29
|
+
option_parser.on_tail" securitytxt --parse https://securitytxt.org/.well-known/security.txt"
|
|
30
|
+
option_parser.on_tail" securitytxt --generate -c https://hackerone.com/ed -e https://keybase.pub/edoverflow/pgp_key.asc -a https://hackerone.com/ed/thanks"
|
|
31
|
+
|
|
32
|
+
begin
|
|
33
|
+
option_parser.parse!
|
|
34
|
+
case
|
|
35
|
+
when options[:parse]
|
|
36
|
+
securitytxt = SecurityTxt::Parser.new.parse(open(options[:parse]).read)
|
|
37
|
+
securitytxt.each do |key, val|
|
|
38
|
+
puts "- #{key.ljust(16).bold} : #{[val].join(', ')}"
|
|
39
|
+
end
|
|
40
|
+
puts "\n-[".bold + "Hash".dark_green + "]---".bold
|
|
41
|
+
puts securitytxt
|
|
42
|
+
when options[:generate] && options[:contact] && options[:encryption] && options[:ack]
|
|
43
|
+
data = {"contact" => options[:contact], "encryption" => options[:encryption], "acknowledgements" => options[:ack]}
|
|
44
|
+
generated = SecurityTxt::Generator.new(data).generate
|
|
45
|
+
puts generated
|
|
46
|
+
puts "\n-[".bold + "Hash".dark_green + "]---".bold
|
|
47
|
+
puts SecurityTxt::Parser.new.parse(generated)
|
|
48
|
+
when options[:generate] && (options[:contact] || options[:encryption] || options[:akc]).nil?
|
|
49
|
+
puts '[!] '.red + "Missing mandatory options, -g/--generate requires '-c/--contact', '-e/--encrytion', '-a/--ack' options."
|
|
50
|
+
when options[:generate] && options[:contact].nil?
|
|
51
|
+
puts '[!] '.red + "Missing mandatory option '-c/--contact'"
|
|
52
|
+
when options[:generate] && options[:encryption].nil?
|
|
53
|
+
puts '[!] '.red + "Missing mandatory option '-e/--encryption'"
|
|
54
|
+
when options[:generate] && options[:ack].nil?
|
|
55
|
+
puts '[!] '.red + "Missing mandatory option '-a/--ack'"
|
|
56
|
+
else
|
|
57
|
+
puts option_parser
|
|
58
|
+
end
|
|
59
|
+
rescue OptionParser::MissingArgument => e
|
|
60
|
+
e.args.each {|arg| puts '[!] '.red + "#{e.reason.capitalize} for '#{arg}' option."}
|
|
61
|
+
puts option_parser
|
|
62
|
+
rescue OptionParser::InvalidOption => e
|
|
63
|
+
puts '[!] '.red + "#{e}"
|
|
64
|
+
puts option_parser
|
|
65
|
+
rescue Exception => e
|
|
66
|
+
puts e.backtrace
|
|
67
|
+
puts e.backtrace_locations
|
|
68
|
+
puts e
|
|
69
|
+
end
|
|
70
|
+
|
data/lib/securitytxt/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: securitytxt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Benoit Larroque
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-02-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -42,13 +42,15 @@ description: 'This gems includes various tools about security.txt for Ruby: A ra
|
|
|
42
42
|
engine, A Rack MiddleWare, a simple parser and generator '
|
|
43
43
|
email:
|
|
44
44
|
- benoit@sqreen.io
|
|
45
|
-
executables:
|
|
45
|
+
executables:
|
|
46
|
+
- securitytxt
|
|
46
47
|
extensions: []
|
|
47
48
|
extra_rdoc_files: []
|
|
48
49
|
files:
|
|
49
50
|
- MIT-LICENSE
|
|
50
51
|
- README.md
|
|
51
52
|
- Rakefile
|
|
53
|
+
- bin/securitytxt
|
|
52
54
|
- lib/securitytxt.rb
|
|
53
55
|
- lib/securitytxt/generator.rb
|
|
54
56
|
- lib/securitytxt/middleware.rb
|
|
@@ -78,5 +80,5 @@ rubyforge_project:
|
|
|
78
80
|
rubygems_version: 2.6.13
|
|
79
81
|
signing_key:
|
|
80
82
|
specification_version: 4
|
|
81
|
-
summary: Provides
|
|
83
|
+
summary: Provides tools about security.txt for Ruby
|
|
82
84
|
test_files: []
|