yavdb 0.5.3 → 0.5.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +1 -0
  3. data/.rubocop.yml +23 -9
  4. data/.rubocop_todo.yml +13 -0
  5. data/Gemfile.lock +44 -39
  6. data/lib/yavdb/crawler.rb +1 -1
  7. data/lib/yavdb/sources/npmjs.rb +1 -1
  8. data/lib/yavdb/sources/snyk_io.rb +6 -5
  9. data/lib/yavdb/version.rb +1 -1
  10. data/yavdb.gemspec +6 -5
  11. metadata +33 -12
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ff43836b6a4618939c8acc53519a9cbc49157a4a0af5767ea10b75173f1208b9
4
- data.tar.gz: a44416d1a831f5eeb760bb8f28bd51f3a37c0dc0da494d512a097676f0a88011
3
+ metadata.gz: b4285bfc996c1742c698fe08f4caaefadaa3c6b36f0457fcad4ac0db2f078263
4
+ data.tar.gz: e493cc1b6e7e63d8baeaecfc4348769756f39c1d1d5d7ec6dfb551a44ea9e0fe
5
5
  SHA512:
6
- metadata.gz: de6a6753b1ab427ecd5265f6d813f0d94e2f14bfa80f9b06863ffe2a265afd1531a38aa81b266b319792bd14cc13c5c8dbf55c8efad8600c19cda5e0e43e02c9
7
- data.tar.gz: 636de41a1dc02772fe0aabfec7fe1cd32849a3fb1fa7e801a3d2a5796657a6bcf8d97d72be7f6886688d841359526cfe71f1468b9a6d05d5156f2b5e775c6be4
6
+ metadata.gz: ecdd29dc31defd78750db49332b026176ba91260d0f7efbccebe62150b73a66f9e3ea20754211a3f3f1c70029ec305b7f050d4833105ccbc6b287f9bd1582863
7
+ data.tar.gz: 06a387d1cacdaf675e49f80625dea45c99b06d2a910ead202bb179cb07108dbd919917b17f7a8e4876fa1dbcc4a140a19a0795cd6312217a22723172626437e7
data/.circleci/config.yml CHANGED
@@ -27,6 +27,7 @@ jobs:
27
27
  type: shell
28
28
  command: |
29
29
  sudo gem update --system
30
+ gem install bundler
30
31
  bundle install --path /tmp/vendor/bundle
31
32
 
32
33
  - name: Save bundler cache
data/.rubocop.yml CHANGED
@@ -1,3 +1,9 @@
1
+ inherit_from: .rubocop_todo.yml
2
+
3
+ require:
4
+ - rubocop-performance
5
+ - rubocop-rspec
6
+
1
7
  AllCops:
2
8
  # Include common Ruby source files.
3
9
  Include:
@@ -94,18 +100,18 @@ Layout/EmptyLinesAroundModuleBody:
94
100
  Layout/ExtraSpacing:
95
101
  Enabled: true
96
102
 
97
- Layout/IndentFirstArgument:
103
+ Layout/FirstArgumentIndentation:
98
104
  Enabled: true
99
105
  EnforcedStyle: consistent
100
106
  IndentationWidth: 2
101
107
 
102
- Layout/IndentFirstArrayElement:
108
+ Layout/FirstArrayElementIndentation:
103
109
  Enabled: true
104
110
 
105
- Layout/IndentAssignment:
111
+ Layout/AssignmentIndentation:
106
112
  Enabled: true
107
113
 
108
- Layout/IndentFirstHashElement:
114
+ Layout/FirstHashElementIndentation:
109
115
  Enabled: true
110
116
 
111
117
  Layout/MultilineHashBraceLayout:
@@ -122,7 +128,7 @@ Layout/MultilineOperationIndentation:
122
128
  Layout/SpaceAfterComma:
123
129
  Enabled: true
124
130
 
125
- Layout/AlignParameters:
131
+ Layout/ParameterAlignment:
126
132
  Enabled: true
127
133
  EnforcedStyle: with_fixed_indentation
128
134
 
@@ -155,7 +161,7 @@ Lint/UselessAccessModifier:
155
161
  Lint/UselessAssignment:
156
162
  Enabled: true
157
163
 
158
- Lint/HandleExceptions:
164
+ Lint/SuppressedException:
159
165
  Enabled: true
160
166
  Exclude:
161
167
  - "lib/yavdb/sources/snyk_io.rb"
@@ -168,7 +174,7 @@ Metrics/BlockLength:
168
174
  Enabled: true
169
175
  Max: 51
170
176
  Exclude:
171
- - "spec/snyk_io_spec.rb"
177
+ - "spec/**/*"
172
178
 
173
179
  Metrics/ClassLength:
174
180
  Enabled: false
@@ -202,6 +208,14 @@ Metrics/ParameterLists:
202
208
  Performance/RedundantBlockCall:
203
209
  Enabled: true
204
210
 
211
+ RSpec/ExampleLength:
212
+ Enabled: true
213
+ Max: 15
214
+
215
+ RSpec/MultipleExpectations:
216
+ Enabled: true
217
+ Max: 14
218
+
205
219
  Security/MarshalLoad:
206
220
  Enabled: true
207
221
  Exclude:
@@ -324,10 +338,10 @@ Style/TrailingCommaInHashLiteral:
324
338
  Enabled: true
325
339
  EnforcedStyleForMultiline: no_comma
326
340
 
327
- Style/UnneededInterpolation:
341
+ Style/RedundantInterpolation:
328
342
  Enabled: true
329
343
 
330
- Style/UnneededPercentQ:
344
+ Style/RedundantPercentQ:
331
345
  Enabled: true
332
346
 
333
347
  Style/WhileUntilDo:
data/.rubocop_todo.yml ADDED
@@ -0,0 +1,13 @@
1
+ # This configuration was generated by
2
+ # `rubocop --auto-gen-config`
3
+ # on 2019-10-09 19:40:20 +0300 using RuboCop version 0.75.0.
4
+ # The point is for the user to remove these configuration records
5
+ # one by one as the offenses are removed from the code base.
6
+ # Note that changes in the inspected code, or installation of new
7
+ # versions of RuboCop, may require this file to be generated again.
8
+
9
+ # Offense count: 1
10
+ # Configuration parameters: Max.
11
+ RSpec/ExampleLength:
12
+ Exclude:
13
+ - 'spec/crawler_spec.rb'
data/Gemfile.lock CHANGED
@@ -1,11 +1,11 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- yavdb (0.5.3)
4
+ yavdb (0.5.8)
5
5
  execjs (~> 2.7)
6
6
  json (~> 2.2)
7
- kramdown (~> 2.1)
8
- oga (~> 2.15)
7
+ kramdown (~> 2.3)
8
+ oga (>= 2.15, < 4.0)
9
9
  semantic_interval (~> 0.1)
10
10
  therubyracer (~> 0.12)
11
11
  thor (~> 0.20)
@@ -16,7 +16,7 @@ GEM
16
16
  specs:
17
17
  ansi (1.5.0)
18
18
  ast (2.4.0)
19
- bibliothecary (6.8.1)
19
+ bibliothecary (6.8.5)
20
20
  commander
21
21
  deb_control
22
22
  librariesio-gem-parser
@@ -27,13 +27,13 @@ GEM
27
27
  toml-rb (~> 1.0)
28
28
  typhoeus
29
29
  citrus (3.0.2)
30
- codacy-coverage (2.1.0)
30
+ codacy-coverage (2.2.0)
31
31
  simplecov
32
32
  colorize (0.8.1)
33
33
  commander (4.4.7)
34
34
  highline (~> 2.0.0)
35
35
  deb_control (0.0.1)
36
- dependency_spy (0.5.0)
36
+ dependency_spy (0.6.0)
37
37
  bibliothecary (~> 6.6)
38
38
  colorize (= 0.8.1)
39
39
  semantic_range (~> 2.2)
@@ -44,47 +44,51 @@ GEM
44
44
  ethon (0.12.0)
45
45
  ffi (>= 1.3.0)
46
46
  execjs (2.7.0)
47
- ffi (1.11.1)
48
- highline (2.0.2)
49
- jaro_winkler (1.5.3)
50
- json (2.2.0)
51
- kramdown (2.1.0)
47
+ ffi (1.11.3)
48
+ highline (2.0.3)
49
+ jaro_winkler (1.5.4)
50
+ json (2.3.0)
51
+ kramdown (2.3.0)
52
+ rexml
52
53
  librariesio-gem-parser (1.0.0)
53
- libv8 (3.16.14.19)
54
- oga (2.15)
54
+ libv8 (3.16.14.19-x86_64-linux)
55
+ oga (3.3)
55
56
  ast
56
57
  ruby-ll (~> 2.1)
57
- ox (2.11.0)
58
- parallel (1.17.0)
59
- parser (2.6.4.0)
58
+ ox (2.12.0)
59
+ parallel (1.19.1)
60
+ parser (2.7.0.2)
60
61
  ast (~> 2.4.0)
61
62
  rainbow (3.0.0)
62
- rake (12.3.3)
63
+ rake (13.0.1)
63
64
  ref (2.0.0)
64
- rspec (3.8.0)
65
- rspec-core (~> 3.8.0)
66
- rspec-expectations (~> 3.8.0)
67
- rspec-mocks (~> 3.8.0)
68
- rspec-core (3.8.2)
69
- rspec-support (~> 3.8.0)
70
- rspec-expectations (3.8.4)
65
+ rexml (3.2.4)
66
+ rspec (3.9.0)
67
+ rspec-core (~> 3.9.0)
68
+ rspec-expectations (~> 3.9.0)
69
+ rspec-mocks (~> 3.9.0)
70
+ rspec-core (3.9.1)
71
+ rspec-support (~> 3.9.1)
72
+ rspec-expectations (3.9.0)
71
73
  diff-lcs (>= 1.2.0, < 2.0)
72
- rspec-support (~> 3.8.0)
73
- rspec-mocks (3.8.1)
74
+ rspec-support (~> 3.9.0)
75
+ rspec-mocks (3.9.1)
74
76
  diff-lcs (>= 1.2.0, < 2.0)
75
- rspec-support (~> 3.8.0)
76
- rspec-support (3.8.2)
77
+ rspec-support (~> 3.9.0)
78
+ rspec-support (3.9.2)
77
79
  rspec_junit_formatter (0.4.1)
78
80
  rspec-core (>= 2, < 4, != 2.12.0)
79
- rubocop (0.74.0)
81
+ rubocop (0.79.0)
80
82
  jaro_winkler (~> 1.5.1)
81
83
  parallel (~> 1.10)
82
- parser (>= 2.6)
84
+ parser (>= 2.7.0.1)
83
85
  rainbow (>= 2.2.2, < 4.0)
84
86
  ruby-progressbar (~> 1.7)
85
87
  unicode-display_width (>= 1.4.0, < 1.7)
86
- rubocop-rspec (1.35.0)
87
- rubocop (>= 0.60.0)
88
+ rubocop-performance (1.5.2)
89
+ rubocop (>= 0.71.0)
90
+ rubocop-rspec (1.37.1)
91
+ rubocop (>= 0.68.1)
88
92
  ruby-ll (2.1.2)
89
93
  ansi
90
94
  ast
@@ -92,16 +96,16 @@ GEM
92
96
  sdl4r (0.9.11)
93
97
  semantic_interval (0.1.0)
94
98
  semantic_range (2.2.1)
95
- simplecov (0.17.0)
99
+ simplecov (0.17.1)
96
100
  docile (~> 1.1)
97
101
  json (>= 1.8, < 3)
98
102
  simplecov-html (~> 0.10.0)
99
103
  simplecov-html (0.10.2)
100
- strings (0.1.6)
104
+ strings (0.1.8)
101
105
  strings-ansi (~> 0.1)
102
106
  unicode-display_width (~> 1.5)
103
107
  unicode_utils (~> 1.4)
104
- strings-ansi (0.1.0)
108
+ strings-ansi (0.2.0)
105
109
  therubyracer (0.12.3)
106
110
  libv8 (~> 3.16.14.15)
107
111
  ref
@@ -119,13 +123,14 @@ PLATFORMS
119
123
  DEPENDENCIES
120
124
  codacy-coverage
121
125
  dependency_spy
122
- rake (~> 12.3)
126
+ rake (~> 13.0)
123
127
  rspec (~> 3.8)
124
128
  rspec_junit_formatter (~> 0.4)
125
- rubocop (~> 0.74)
126
- rubocop-rspec (~> 1.35)
129
+ rubocop (~> 0.75)
130
+ rubocop-performance (~> 1.5.0)
131
+ rubocop-rspec (~> 1.36)
127
132
  simplecov
128
133
  yavdb!
129
134
 
130
135
  BUNDLED WITH
131
- 1.17.3
136
+ 2.1.2
data/lib/yavdb/crawler.rb CHANGED
@@ -14,7 +14,7 @@
14
14
  # You should have received a copy of the GNU Affero General Public License
15
15
  # along with this program. If not, see <http://www.gnu.org/licenses/>.
16
16
 
17
- Dir[File.expand_path('sources/*.rb', __dir__)].each do |file|
17
+ Dir[File.expand_path('sources/*.rb', __dir__)].sort.each do |file|
18
18
  require file
19
19
  end
20
20
 
data/lib/yavdb/sources/npmjs.rb CHANGED
@@ -103,7 +103,7 @@ module YAVDB
103
103
  end
104
104
 
105
105
  def get_page_url(page)
106
- "#{API_URL}/advisories?page=#{page}&perPage=300&order=-id"
106
+ "#{API_URL}/advisories?page=#{page}&perPage=100&order=-id"
107
107
  end
108
108
 
109
109
  def parse_severity(severity)
data/lib/yavdb/sources/snyk_io.rb CHANGED
@@ -47,7 +47,7 @@ module YAVDB
47
47
  urls.map do |advisory_url|
48
48
  advisory_page = get_page_html(advisory_url, true, 'snyk.io/advisories')
49
49
  create(advisory_url, advisory_page)
50
- end
50
+ end.reject(&:nil?)
51
51
  end
52
52
 
53
53
  class << self
@@ -66,7 +66,7 @@ module YAVDB
66
66
  page_vuln_urls = snykio
67
67
  .css('table tbody tr td span a')
68
68
  .map { |anchor| anchor.get('href') }
69
- .map { |link| link if link =~ %r{\/vuln\/.+} }.compact
69
+ .map { |link| link if %r{\/vuln\/.+}.match?(link) }.compact
70
70
 
71
71
  next_urls = if page_vuln_urls.any?
72
72
  next_url = snykio.css('a.pagination__next')
@@ -92,15 +92,16 @@ module YAVDB
92
92
  severity = advisory_page.css('span.label__text').text.gsub(%r{(.*?) severity}, '\1')
93
93
 
94
94
  package_manager = advisory_page.css('.breadcrumbs__list-item')[1].text.gsub(%r{\s+}, '').downcase
95
- package_manager = PACKAGE_MANAGER_ALIAS[package_manager] || raise("Could not find alias for package manager #{package_manager}")
95
+ package_manager = PACKAGE_MANAGER_ALIAS[package_manager] || return
96
96
 
97
97
  title = utf8(advisory_page.css('h1.header__title span.header__title__text').text)
98
98
 
99
99
  affected_package = advisory_page.css('.custom-package-name').text
100
100
  affected_package = advisory_page.css('.header__lede .breadcrumbs__list-item__link').text if affected_package.empty?
101
101
 
102
- vulnerable_versions = advisory_page.css('.custom-affected-versions').text.strip
103
- vulnerable_versions = if vulnerable_versions.empty? || vulnerable_versions == 'ALL'
102
+ vulnerable_versions = (advisory_page.css('.custom-affected-versions') ||
103
+ advisory_page.css('.header__lede strong').drop(1).first).text.strip
104
+ vulnerable_versions = if vulnerable_versions.empty? || vulnerable_versions == 'ALL' || vulnerable_versions == '(,)'
104
105
  ['*']
105
106
  elsif ['maven', 'nuget', 'pypi'].include?(package_manager)
106
107
  [vulnerable_versions]
data/lib/yavdb/version.rb CHANGED
@@ -16,6 +16,6 @@
16
16
 
17
17
  module YAVDB
18
18
 
19
- VERSION = '0.5.3'
19
+ VERSION = '0.5.8'
20
20
 
21
21
  end
data/yavdb.gemspec CHANGED
@@ -25,21 +25,22 @@ Gem::Specification.new do |spec|
25
25
 
26
26
  # Development
27
27
  spec.add_development_dependency 'codacy-coverage'
28
- spec.add_development_dependency 'rake', ['~> 12.3']
28
+ spec.add_development_dependency 'rake', '~> 13.0'
29
29
  spec.add_development_dependency 'rspec', ['~> 3.8']
30
30
  spec.add_development_dependency 'rspec_junit_formatter', ['~> 0.4']
31
31
  spec.add_development_dependency 'simplecov'
32
32
 
33
33
  # Linters
34
34
  spec.add_development_dependency 'dependency_spy'
35
- spec.add_development_dependency 'rubocop', ['~> 0.74']
36
- spec.add_development_dependency 'rubocop-rspec', ['~> 1.35']
35
+ spec.add_development_dependency 'rubocop', ['~> 0.75']
36
+ spec.add_development_dependency 'rubocop-performance', ['~> 1.5.0']
37
+ spec.add_development_dependency 'rubocop-rspec', ['~> 1.36']
37
38
 
38
39
  # Runtime
39
40
  spec.add_runtime_dependency 'execjs', ['~> 2.7']
40
41
  spec.add_runtime_dependency 'json', ['~> 2.2']
41
- spec.add_runtime_dependency 'kramdown', ['~> 2.1']
42
- spec.add_runtime_dependency 'oga', ['~> 2.15']
42
+ spec.add_runtime_dependency 'kramdown', ['~> 2.3']
43
+ spec.add_runtime_dependency 'oga', '>= 2.15', '< 4.0'
43
44
  spec.add_runtime_dependency 'semantic_interval', ['~> 0.1']
44
45
  spec.add_runtime_dependency 'therubyracer', ['~> 0.12']
45
46
  spec.add_runtime_dependency 'thor', ['~> 0.20']
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: yavdb
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.3
4
+ version: 0.5.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rodrigo Fernandes
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-09-01 00:00:00.000000000 Z
11
+ date: 2020-08-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: codacy-coverage
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: '12.3'
33
+ version: '13.0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: '12.3'
40
+ version: '13.0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rspec
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -100,28 +100,42 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: '0.74'
103
+ version: '0.75'
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: '0.74'
110
+ version: '0.75'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rubocop-performance
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: 1.5.0
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: 1.5.0
111
125
  - !ruby/object:Gem::Dependency
112
126
  name: rubocop-rspec
113
127
  requirement: !ruby/object:Gem::Requirement
114
128
  requirements:
115
129
  - - "~>"
116
130
  - !ruby/object:Gem::Version
117
- version: '1.35'
131
+ version: '1.36'
118
132
  type: :development
119
133
  prerelease: false
120
134
  version_requirements: !ruby/object:Gem::Requirement
121
135
  requirements:
122
136
  - - "~>"
123
137
  - !ruby/object:Gem::Version
124
- version: '1.35'
138
+ version: '1.36'
125
139
  - !ruby/object:Gem::Dependency
126
140
  name: execjs
127
141
  requirement: !ruby/object:Gem::Requirement
@@ -156,28 +170,34 @@ dependencies:
156
170
  requirements:
157
171
  - - "~>"
158
172
  - !ruby/object:Gem::Version
159
- version: '2.1'
173
+ version: '2.3'
160
174
  type: :runtime
161
175
  prerelease: false
162
176
  version_requirements: !ruby/object:Gem::Requirement
163
177
  requirements:
164
178
  - - "~>"
165
179
  - !ruby/object:Gem::Version
166
- version: '2.1'
180
+ version: '2.3'
167
181
  - !ruby/object:Gem::Dependency
168
182
  name: oga
169
183
  requirement: !ruby/object:Gem::Requirement
170
184
  requirements:
171
- - - "~>"
185
+ - - ">="
172
186
  - !ruby/object:Gem::Version
173
187
  version: '2.15'
188
+ - - "<"
189
+ - !ruby/object:Gem::Version
190
+ version: '4.0'
174
191
  type: :runtime
175
192
  prerelease: false
176
193
  version_requirements: !ruby/object:Gem::Requirement
177
194
  requirements:
178
- - - "~>"
195
+ - - ">="
179
196
  - !ruby/object:Gem::Version
180
197
  version: '2.15'
198
+ - - "<"
199
+ - !ruby/object:Gem::Version
200
+ version: '4.0'
181
201
  - !ruby/object:Gem::Dependency
182
202
  name: semantic_interval
183
203
  requirement: !ruby/object:Gem::Requirement
@@ -251,6 +271,7 @@ files:
251
271
  - ".gitignore"
252
272
  - ".rspec"
253
273
  - ".rubocop.yml"
274
+ - ".rubocop_todo.yml"
254
275
  - ".ruby-version"
255
276
  - CODE_OF_CONDUCT.md
256
277
  - CONTRIBUTING.md