RubyGems - yavdb - Versions diffs - 0.5.3 → 0.5.8 - Mend

yavdb 0.5.3 → 0.5.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ff43836b6a4618939c8acc53519a9cbc49157a4a0af5767ea10b75173f1208b9
-  data.tar.gz: a44416d1a831f5eeb760bb8f28bd51f3a37c0dc0da494d512a097676f0a88011
+  metadata.gz: b4285bfc996c1742c698fe08f4caaefadaa3c6b36f0457fcad4ac0db2f078263
+  data.tar.gz: e493cc1b6e7e63d8baeaecfc4348769756f39c1d1d5d7ec6dfb551a44ea9e0fe
 SHA512:
-  metadata.gz: de6a6753b1ab427ecd5265f6d813f0d94e2f14bfa80f9b06863ffe2a265afd1531a38aa81b266b319792bd14cc13c5c8dbf55c8efad8600c19cda5e0e43e02c9
-  data.tar.gz: 636de41a1dc02772fe0aabfec7fe1cd32849a3fb1fa7e801a3d2a5796657a6bcf8d97d72be7f6886688d841359526cfe71f1468b9a6d05d5156f2b5e775c6be4
+  metadata.gz: ecdd29dc31defd78750db49332b026176ba91260d0f7efbccebe62150b73a66f9e3ea20754211a3f3f1c70029ec305b7f050d4833105ccbc6b287f9bd1582863
+  data.tar.gz: 06a387d1cacdaf675e49f80625dea45c99b06d2a910ead202bb179cb07108dbd919917b17f7a8e4876fa1dbcc4a140a19a0795cd6312217a22723172626437e7

data/.circleci/config.yml CHANGED

@@ -27,6 +27,7 @@ jobs:
       type: shell
       command: |
         sudo gem update --system
+        gem install bundler
         bundle install --path /tmp/vendor/bundle
     - name: Save bundler cache

data/.rubocop.yml CHANGED

@@ -1,3 +1,9 @@
+inherit_from: .rubocop_todo.yml
+require:
+  - rubocop-performance
+  - rubocop-rspec
 AllCops:
   # Include common Ruby source files.
   Include:
@@ -94,18 +100,18 @@ Layout/EmptyLinesAroundModuleBody:
 Layout/ExtraSpacing:
   Enabled: true
-Layout/IndentFirstArgument:
+Layout/FirstArgumentIndentation:
   Enabled: true
   EnforcedStyle: consistent
   IndentationWidth: 2
-Layout/IndentFirstArrayElement:
+Layout/FirstArrayElementIndentation:
   Enabled: true
-Layout/IndentAssignment:
+Layout/AssignmentIndentation:
   Enabled: true
-Layout/IndentFirstHashElement:
+Layout/FirstHashElementIndentation:
   Enabled: true
 Layout/MultilineHashBraceLayout:
@@ -122,7 +128,7 @@ Layout/MultilineOperationIndentation:
 Layout/SpaceAfterComma:
   Enabled: true
-Layout/AlignParameters:
+Layout/ParameterAlignment:
   Enabled: true
   EnforcedStyle: with_fixed_indentation
@@ -155,7 +161,7 @@ Lint/UselessAccessModifier:
 Lint/UselessAssignment:
   Enabled: true
-Lint/HandleExceptions:
+Lint/SuppressedException:
   Enabled: true
   Exclude:
   - "lib/yavdb/sources/snyk_io.rb"
@@ -168,7 +174,7 @@ Metrics/BlockLength:
   Enabled: true
   Max: 51
   Exclude:
-  - "spec/snyk_io_spec.rb"
+  - "spec/**/*"
 Metrics/ClassLength:
   Enabled: false
@@ -202,6 +208,14 @@ Metrics/ParameterLists:
 Performance/RedundantBlockCall:
   Enabled: true
+RSpec/ExampleLength:
+  Enabled: true
+  Max: 15
+RSpec/MultipleExpectations:
+  Enabled: true
+  Max: 14
 Security/MarshalLoad:
   Enabled: true
   Exclude:
@@ -324,10 +338,10 @@ Style/TrailingCommaInHashLiteral:
   Enabled: true
   EnforcedStyleForMultiline: no_comma
-Style/UnneededInterpolation:
+Style/RedundantInterpolation:
   Enabled: true
-Style/UnneededPercentQ:
+Style/RedundantPercentQ:
   Enabled: true
 Style/WhileUntilDo:

data/.rubocop_todo.yml ADDED

@@ -0,0 +1,13 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2019-10-09 19:40:20 +0300 using RuboCop version 0.75.0.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+# Offense count: 1
+# Configuration parameters: Max.
+RSpec/ExampleLength:
+  Exclude:
+    - 'spec/crawler_spec.rb'

data/Gemfile.lock CHANGED

@@ -1,11 +1,11 @@
 PATH
   remote: .
   specs:
-    yavdb (0.5.3)
+    yavdb (0.5.8)
       execjs (~> 2.7)
       json (~> 2.2)
-      kramdown (~> 2.1)
-      oga (~> 2.15)
+      kramdown (~> 2.3)
+      oga (>= 2.15, < 4.0)
       semantic_interval (~> 0.1)
       therubyracer (~> 0.12)
       thor (~> 0.20)
@@ -16,7 +16,7 @@ GEM
   specs:
     ansi (1.5.0)
     ast (2.4.0)
-    bibliothecary (6.8.1)
+    bibliothecary (6.8.5)
       commander
       deb_control
       librariesio-gem-parser
@@ -27,13 +27,13 @@ GEM
       toml-rb (~> 1.0)
       typhoeus
     citrus (3.0.2)
-    codacy-coverage (2.1.0)
+    codacy-coverage (2.2.0)
       simplecov
     colorize (0.8.1)
     commander (4.4.7)
       highline (~> 2.0.0)
     deb_control (0.0.1)
-    dependency_spy (0.5.0)
+    dependency_spy (0.6.0)
       bibliothecary (~> 6.6)
       colorize (= 0.8.1)
       semantic_range (~> 2.2)
@@ -44,47 +44,51 @@ GEM
     ethon (0.12.0)
       ffi (>= 1.3.0)
     execjs (2.7.0)
-    ffi (1.11.1)
-    highline (2.0.2)
-    jaro_winkler (1.5.3)
-    json (2.2.0)
-    kramdown (2.1.0)
+    ffi (1.11.3)
+    highline (2.0.3)
+    jaro_winkler (1.5.4)
+    json (2.3.0)
+    kramdown (2.3.0)
+      rexml
     librariesio-gem-parser (1.0.0)
-    libv8 (3.16.14.19)
-    oga (2.15)
+    libv8 (3.16.14.19-x86_64-linux)
+    oga (3.3)
       ast
       ruby-ll (~> 2.1)
-    ox (2.11.0)
-    parallel (1.17.0)
-    parser (2.6.4.0)
+    ox (2.12.0)
+    parallel (1.19.1)
+    parser (2.7.0.2)
       ast (~> 2.4.0)
     rainbow (3.0.0)
-    rake (12.3.3)
+    rake (13.0.1)
     ref (2.0.0)
-    rspec (3.8.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-    rspec-core (3.8.2)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.4)
+    rexml (3.2.4)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.1)
+      rspec-support (~> 3.9.1)
+    rspec-expectations (3.9.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.1)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.2)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.2)
     rspec_junit_formatter (0.4.1)
       rspec-core (>= 2, < 4, != 2.12.0)
-    rubocop (0.74.0)
+    rubocop (0.79.0)
       jaro_winkler (~> 1.5.1)
       parallel (~> 1.10)
-      parser (>= 2.6)
+      parser (>= 2.7.0.1)
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 1.7)
-    rubocop-rspec (1.35.0)
-      rubocop (>= 0.60.0)
+    rubocop-performance (1.5.2)
+      rubocop (>= 0.71.0)
+    rubocop-rspec (1.37.1)
+      rubocop (>= 0.68.1)
     ruby-ll (2.1.2)
       ansi
       ast
@@ -92,16 +96,16 @@ GEM
     sdl4r (0.9.11)
     semantic_interval (0.1.0)
     semantic_range (2.2.1)
-    simplecov (0.17.0)
+    simplecov (0.17.1)
       docile (~> 1.1)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)
-    strings (0.1.6)
+    strings (0.1.8)
       strings-ansi (~> 0.1)
       unicode-display_width (~> 1.5)
       unicode_utils (~> 1.4)
-    strings-ansi (0.1.0)
+    strings-ansi (0.2.0)
     therubyracer (0.12.3)
       libv8 (~> 3.16.14.15)
       ref
@@ -119,13 +123,14 @@ PLATFORMS
 DEPENDENCIES
   codacy-coverage
   dependency_spy
-  rake (~> 12.3)
+  rake (~> 13.0)
   rspec (~> 3.8)
   rspec_junit_formatter (~> 0.4)
-  rubocop (~> 0.74)
-  rubocop-rspec (~> 1.35)
+  rubocop (~> 0.75)
+  rubocop-performance (~> 1.5.0)
+  rubocop-rspec (~> 1.36)
   simplecov
   yavdb!
 BUNDLED WITH
-   1.17.3
+   2.1.2

data/lib/yavdb/crawler.rb CHANGED

@@ -14,7 +14,7 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
-Dir[File.expand_path('sources/*.rb', __dir__)].each do |file|
+Dir[File.expand_path('sources/*.rb', __dir__)].sort.each do |file|
   require file
 end

data/lib/yavdb/sources/npmjs.rb CHANGED

@@ -103,7 +103,7 @@ module YAVDB
           end
           def get_page_url(page)
-            "#{API_URL}/advisories?page=#{page}&perPage=300&order=-id"
+            "#{API_URL}/advisories?page=#{page}&perPage=100&order=-id"
           end
           def parse_severity(severity)

data/lib/yavdb/sources/snyk_io.rb CHANGED

@@ -47,7 +47,7 @@ module YAVDB
           urls.map do |advisory_url|
             advisory_page = get_page_html(advisory_url, true, 'snyk.io/advisories')
             create(advisory_url, advisory_page)
-          end
+          end.reject(&:nil?)
         end
         class << self
@@ -66,7 +66,7 @@ module YAVDB
             page_vuln_urls = snykio
                                .css('table tbody tr td span a')
                                .map { |anchor| anchor.get('href') }
-                               .map { |link| link if link =~ %r{\/vuln\/.+} }.compact
+                               .map { |link| link if %r{\/vuln\/.+}.match?(link) }.compact
             next_urls = if page_vuln_urls.any?
                           next_url = snykio.css('a.pagination__next')
@@ -92,15 +92,16 @@ module YAVDB
             severity = advisory_page.css('span.label__text').text.gsub(%r{(.*?) severity}, '\1')
             package_manager = advisory_page.css('.breadcrumbs__list-item')[1].text.gsub(%r{\s+}, '').downcase
-            package_manager = PACKAGE_MANAGER_ALIAS[package_manager] || raise("Could not find alias for package manager #{package_manager}")
+            package_manager = PACKAGE_MANAGER_ALIAS[package_manager] || return
             title = utf8(advisory_page.css('h1.header__title span.header__title__text').text)
             affected_package = advisory_page.css('.custom-package-name').text
             affected_package = advisory_page.css('.header__lede .breadcrumbs__list-item__link').text if affected_package.empty?
-            vulnerable_versions = advisory_page.css('.custom-affected-versions').text.strip
-            vulnerable_versions = if vulnerable_versions.empty? || vulnerable_versions == 'ALL'
+            vulnerable_versions = (advisory_page.css('.custom-affected-versions') ||
+              advisory_page.css('.header__lede strong').drop(1).first).text.strip
+            vulnerable_versions = if vulnerable_versions.empty? || vulnerable_versions == 'ALL' || vulnerable_versions == '(,)'
                                     ['*']
                                   elsif ['maven', 'nuget', 'pypi'].include?(package_manager)
                                     [vulnerable_versions]

data/lib/yavdb/version.rb CHANGED

@@ -16,6 +16,6 @@
 module YAVDB
-  VERSION = '0.5.3'
+  VERSION = '0.5.8'
 end

data/yavdb.gemspec CHANGED

@@ -25,21 +25,22 @@ Gem::Specification.new do |spec|
   # Development
   spec.add_development_dependency 'codacy-coverage'
-  spec.add_development_dependency 'rake', ['~> 12.3']
+  spec.add_development_dependency 'rake', '~> 13.0'
   spec.add_development_dependency 'rspec', ['~> 3.8']
   spec.add_development_dependency 'rspec_junit_formatter', ['~> 0.4']
   spec.add_development_dependency 'simplecov'
   # Linters
   spec.add_development_dependency 'dependency_spy'
-  spec.add_development_dependency 'rubocop', ['~> 0.74']
-  spec.add_development_dependency 'rubocop-rspec', ['~> 1.35']
+  spec.add_development_dependency 'rubocop', ['~> 0.75']
+  spec.add_development_dependency 'rubocop-performance', ['~> 1.5.0']
+  spec.add_development_dependency 'rubocop-rspec', ['~> 1.36']
   # Runtime
   spec.add_runtime_dependency 'execjs', ['~> 2.7']
   spec.add_runtime_dependency 'json', ['~> 2.2']
-  spec.add_runtime_dependency 'kramdown', ['~> 2.1']
-  spec.add_runtime_dependency 'oga', ['~> 2.15']
+  spec.add_runtime_dependency 'kramdown', ['~> 2.3']
+  spec.add_runtime_dependency 'oga', '>= 2.15', '< 4.0'
   spec.add_runtime_dependency 'semantic_interval', ['~> 0.1']
   spec.add_runtime_dependency 'therubyracer', ['~> 0.12']
   spec.add_runtime_dependency 'thor', ['~> 0.20']

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: yavdb
 version: !ruby/object:Gem::Version
-  version: 0.5.3
+  version: 0.5.8
 platform: ruby
 authors:
 - Rodrigo Fernandes
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-09-01 00:00:00.000000000 Z
+date: 2020-08-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: codacy-coverage
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -100,28 +100,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.74'
+        version: '0.75'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.74'
+        version: '0.75'
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.5.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.5.0
 - !ruby/object:Gem::Dependency
   name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.35'
+        version: '1.36'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.35'
+        version: '1.36'
 - !ruby/object:Gem::Dependency
   name: execjs
   requirement: !ruby/object:Gem::Requirement
@@ -156,28 +170,34 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '2.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '2.3'
 - !ruby/object:Gem::Dependency
   name: oga
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '2.15'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '2.15'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: semantic_interval
   requirement: !ruby/object:Gem::Requirement
@@ -251,6 +271,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
+- ".rubocop_todo.yml"
 - ".ruby-version"
 - CODE_OF_CONDUCT.md
 - CONTRIBUTING.md