RubyGems - yavdb - Versions diffs - 0.5.1 → 0.5.2 - Mend

yavdb 0.5.1 → 0.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: f7756e8fbc8d584989454331f21dfb6767c55b09
-  data.tar.gz: 9ae89dfb16c7dca2cea1c21b51ab104e5a8cefe5
+SHA256:
+  metadata.gz: e8af50e09446ce3b10fc4ab040d61051d822580e08b4c115ac070a88e67cdfab
+  data.tar.gz: fdffb83c5bbd1f1aa8f4ae78e8c181d16ba11c76f40ac6d5665f379bc54c7741
 SHA512:
-  metadata.gz: 6dc03d4d46b62f2f0daacb3a7a1fad2d7bd12c2ef7b3c916e00f86401085709ad0a3952c910b508f53fef8fdbca09cc73955064fb40499ac03e8340f8b8de007
-  data.tar.gz: 96a2687468ebf390ff5ba3236a66973adccdd4ffb245ec7a1f9b7e105082dec3466cb50dbb203435ddfe2fabb839a906aa71f4e817e4106de1017c0a462ae572
+  metadata.gz: bef0e177ea672587d23ea447324d33c783bd0467976406b596b088a5356698874af77d196ccadbd564aa5faa0b5dad649622cd0f52d1fdb85fa1e9796cefd4f2
+  data.tar.gz: f17925ffe91e7ef516d79798ebd54e6a6cfd725a0758b32f253af2a000e909c69d6711d7fd2125a0a9b7a5d3950f03a8f1cf587df6ad89d1a4c9f006743c7d8b

data/.circleci/config.yml CHANGED Viewed

@@ -4,7 +4,7 @@ jobs:
   build-lint-test:
     working_directory: ~/yavdb
     docker:
-    - image: circleci/ruby:2.3.7
+    - image: circleci/ruby:2.5.5
     steps:
     - checkout

data/.rubocop.yml CHANGED Viewed

@@ -57,7 +57,7 @@ AllCops:
   DefaultFormatter: progress
   UseCache: false
   DisplayCopNames: false
-  TargetRubyVersion: 2.3.7
+  TargetRubyVersion: 2.5.5
 Gemspec/OrderedDependencies:
   Enabled: true
@@ -94,18 +94,18 @@ Layout/EmptyLinesAroundModuleBody:
 Layout/ExtraSpacing:
   Enabled: true
-Layout/FirstParameterIndentation:
+Layout/IndentFirstArgument:
   Enabled: true
   EnforcedStyle: consistent
   IndentationWidth: 2
-Layout/IndentArray:
+Layout/IndentFirstArrayElement:
   Enabled: true
 Layout/IndentAssignment:
   Enabled: true
-Layout/IndentHash:
+Layout/IndentFirstHashElement:
   Enabled: true
 Layout/MultilineHashBraceLayout:

data/.ruby-version CHANGED Viewed

	@@ -1 +1 @@
1	- 2.3.7
1	+ 2.5.5

data/Gemfile.lock CHANGED Viewed

@@ -1,10 +1,10 @@
 PATH
   remote: .
   specs:
-    yavdb (0.5.1)
-      execjs (~> 2.7.0)
-      json (~> 2.1)
-      kramdown (~> 1.17)
+    yavdb (0.5.2)
+      execjs (~> 2.7)
+      json (~> 2.2)
+      kramdown (~> 2.1)
       oga (~> 2.15)
       semantic_interval (~> 0.1)
       therubyracer (~> 0.12)
@@ -16,23 +16,46 @@ GEM
   specs:
     ansi (1.5.0)
     ast (2.4.0)
+    bibliothecary (6.6.0)
+      commander
+      deb_control
+      librariesio-gem-parser
+      ox (>= 2.8.1)
+      sdl4r
+      toml-rb (~> 1.0)
+      typhoeus
     citrus (3.0.2)
     codacy-coverage (2.1.0)
       simplecov
+    colorize (0.8.1)
+    commander (4.4.7)
+      highline (~> 2.0.0)
+    deb_control (0.0.1)
+    dependency_spy (0.4.1)
+      bibliothecary (~> 6.6)
+      colorize (= 0.8.1)
+      semantic_range (~> 2.2)
+      thor (~> 0.20)
+      yavdb (~> 0.5)
     diff-lcs (1.3)
     docile (1.3.1)
+    ethon (0.12.0)
+      ffi (>= 1.3.0)
     execjs (2.7.0)
+    ffi (1.11.0)
+    highline (2.0.2)
     jaro_winkler (1.5.2)
-    json (2.1.0)
-    kramdown (1.17.0)
-    libv8 (3.16.14.19-x86_64-linux)
+    json (2.2.0)
+    kramdown (2.1.0)
+    librariesio-gem-parser (1.0.0)
+    libv8 (3.16.14.19)
     oga (2.15)
       ast
       ruby-ll (~> 2.1)
-    parallel (1.13.0)
-    parser (2.6.0.0)
+    ox (2.10.0)
+    parallel (1.17.0)
+    parser (2.6.3.0)
       ast (~> 2.4.0)
-    powerpack (0.1.2)
     rainbow (3.0.0)
     rake (12.3.2)
     ref (2.0.0)
@@ -42,7 +65,7 @@ GEM
       rspec-mocks (~> 3.8.0)
     rspec-core (3.8.0)
       rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.2)
+    rspec-expectations (3.8.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-mocks (3.8.0)
@@ -51,21 +74,22 @@ GEM
     rspec-support (3.8.0)
     rspec_junit_formatter (0.4.1)
       rspec-core (>= 2, < 4, != 2.12.0)
-    rubocop (0.64.0)
+    rubocop (0.69.0)
       jaro_winkler (~> 1.5.1)
       parallel (~> 1.10)
-      parser (>= 2.5, != 2.5.1.1)
-      powerpack (~> 0.1)
+      parser (>= 2.6)
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (~> 1.4.0)
-    rubocop-rspec (1.32.0)
+      unicode-display_width (>= 1.4.0, < 1.7)
+    rubocop-rspec (1.33.0)
       rubocop (>= 0.60.0)
     ruby-ll (2.1.2)
       ansi
       ast
     ruby-progressbar (1.10.0)
+    sdl4r (0.9.11)
     semantic_interval (0.1.0)
+    semantic_range (2.2.1)
     simplecov (0.16.1)
       docile (~> 1.1)
       json (>= 1.8, < 3)
@@ -77,18 +101,21 @@ GEM
     thor (0.20.3)
     toml-rb (1.1.2)
       citrus (~> 3.0, > 3.0)
-    unicode-display_width (1.4.1)
+    typhoeus (1.3.1)
+      ethon (>= 0.9.0)
+    unicode-display_width (1.6.0)
 PLATFORMS
   ruby
 DEPENDENCIES
   codacy-coverage
+  dependency_spy (~> 0.4)
   rake (~> 12.3)
   rspec (~> 3.8)
   rspec_junit_formatter (~> 0.4)
-  rubocop (~> 0.59)
-  rubocop-rspec (~> 1.29)
+  rubocop (~> 0.69)
+  rubocop-rspec (~> 1.33)
   simplecov
   yavdb!

data/lib/yavdb/constants.rb CHANGED Viewed

@@ -17,7 +17,7 @@
 module YAVDB
   module Constants
-    DEBUG = ENV['debug'].freeze
+    DEBUG = ENV['debug']
     YAVDB_DB_URL    = 'https://github.com/rtfpessoa/yavdb.git'
     YAVDB_DB_BRANCH = 'database'

data/lib/yavdb/sources/rustsec.rb CHANGED Viewed

@@ -51,12 +51,14 @@ module YAVDB
             vuln_id = "rustsec:cargo:#{advisory_hash['package']}:#{advisory_hash['id']}"
+            vulnerable_versions = (['*'] if (advisory_hash['unaffected_versions'].nil? || advisory_hash['unaffected_versions'].empty?) && (advisory_hash['patched_versions'].nil? || advisory_hash['patched_versions'].empty?))
             YAVDB::Advisory.new(
               vuln_id,
               advisory_hash['title'],
               advisory_hash['description'],
               advisory_hash['package'],
-              nil,
+              vulnerable_versions,
               advisory_hash['unaffected_versions'],
               advisory_hash['patched_versions'],
               severity,

data/lib/yavdb/utils/http.rb CHANGED Viewed

@@ -52,8 +52,8 @@ module YAVDB
               else
                 response.body.lines
             end
-          rescue StandardError => exception
-            raise exception if retries.zero?
+          rescue StandardError => e
+            raise e if retries.zero?
             puts "Going to retry #{url}"
             retries -= 1

data/lib/yavdb/version.rb CHANGED Viewed

@@ -16,6 +16,6 @@
 module YAVDB
-  VERSION = '0.5.1'
+  VERSION = '0.5.2'
 end

data/yavdb.gemspec CHANGED Viewed

@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
   spec.executables = ['yavdb', 'vulndb', 'vulnerabilitydb']
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.3.7'
+  spec.required_ruby_version = '>= 2.5.5'
   # Development
   spec.add_development_dependency 'codacy-coverage'
@@ -31,13 +31,14 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'simplecov'
   # Linters
-  spec.add_development_dependency 'rubocop', ['~> 0.59']
-  spec.add_development_dependency 'rubocop-rspec', ['~> 1.29']
+  spec.add_development_dependency 'dependency_spy', ['~> 0.4']
+  spec.add_development_dependency 'rubocop', ['~> 0.69']
+  spec.add_development_dependency 'rubocop-rspec', ['~> 1.33']
   # Runtime
-  spec.add_runtime_dependency 'execjs', ['~> 2.7.0']
-  spec.add_runtime_dependency 'json', ['~> 2.1']
-  spec.add_runtime_dependency 'kramdown', ['~> 1.17']
+  spec.add_runtime_dependency 'execjs', ['~> 2.7']
+  spec.add_runtime_dependency 'json', ['~> 2.2']
+  spec.add_runtime_dependency 'kramdown', ['~> 2.1']
   spec.add_runtime_dependency 'oga', ['~> 2.15']
   spec.add_runtime_dependency 'semantic_interval', ['~> 0.1']
   spec.add_runtime_dependency 'therubyracer', ['~> 0.12']

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: yavdb
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.5.2
 platform: ruby
 authors:
 - Rodrigo Fernandes
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-03-04 00:00:00.000000000 Z
+date: 2019-05-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: codacy-coverage
@@ -80,76 +80,90 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: dependency_spy
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.59'
+        version: '0.69'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.59'
+        version: '0.69'
 - !ruby/object:Gem::Dependency
   name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.29'
+        version: '1.33'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.29'
+        version: '1.33'
 - !ruby/object:Gem::Dependency
   name: execjs
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.0
+        version: '2.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.0
+        version: '2.7'
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '2.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: kramdown
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.17'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.17'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: oga
   requirement: !ruby/object:Gem::Requirement
@@ -280,7 +294,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.7
+      version: 2.5.5
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -288,7 +302,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.5.2.3
+rubygems_version: 2.7.6.2
 signing_key:
 specification_version: 4
 summary: The Free and Open Source vulnerability database.