yavdb 0.5.1 → 0.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: f7756e8fbc8d584989454331f21dfb6767c55b09
-  data.tar.gz: 9ae89dfb16c7dca2cea1c21b51ab104e5a8cefe5
+SHA256:
+  metadata.gz: e8af50e09446ce3b10fc4ab040d61051d822580e08b4c115ac070a88e67cdfab
+  data.tar.gz: fdffb83c5bbd1f1aa8f4ae78e8c181d16ba11c76f40ac6d5665f379bc54c7741
 SHA512:
-  metadata.gz: 6dc03d4d46b62f2f0daacb3a7a1fad2d7bd12c2ef7b3c916e00f86401085709ad0a3952c910b508f53fef8fdbca09cc73955064fb40499ac03e8340f8b8de007
-  data.tar.gz: 96a2687468ebf390ff5ba3236a66973adccdd4ffb245ec7a1f9b7e105082dec3466cb50dbb203435ddfe2fabb839a906aa71f4e817e4106de1017c0a462ae572
+  metadata.gz: bef0e177ea672587d23ea447324d33c783bd0467976406b596b088a5356698874af77d196ccadbd564aa5faa0b5dad649622cd0f52d1fdb85fa1e9796cefd4f2
+  data.tar.gz: f17925ffe91e7ef516d79798ebd54e6a6cfd725a0758b32f253af2a000e909c69d6711d7fd2125a0a9b7a5d3950f03a8f1cf587df6ad89d1a4c9f006743c7d8b

data/.circleci/config.yml

@@ -4,7 +4,7 @@ jobs:
   build-lint-test:
     working_directory: ~/yavdb
     docker:
-    - image: circleci/ruby:2.3.7
+    - image: circleci/ruby:2.5.5
     steps:
     - checkout
 

data/.rubocop.yml

@@ -57,7 +57,7 @@ AllCops:
   DefaultFormatter: progress
   UseCache: false
   DisplayCopNames: false
-  TargetRubyVersion: 2.3.7
+  TargetRubyVersion: 2.5.5
 
 Gemspec/OrderedDependencies:
   Enabled: true
@@ -94,18 +94,18 @@ Layout/EmptyLinesAroundModuleBody:
 Layout/ExtraSpacing:
   Enabled: true
 
-Layout/FirstParameterIndentation:
+Layout/IndentFirstArgument:
   Enabled: true
   EnforcedStyle: consistent
   IndentationWidth: 2
 
-Layout/IndentArray:
+Layout/IndentFirstArrayElement:
   Enabled: true
 
 Layout/IndentAssignment:
   Enabled: true
 
-Layout/IndentHash:
+Layout/IndentFirstHashElement:
   Enabled: true
 
 Layout/MultilineHashBraceLayout:

data/.ruby-version

@@ -1 +1 @@
-2.3.7
+2.5.5

data/Gemfile.lock

@@ -1,10 +1,10 @@
 PATH
   remote: .
   specs:
-    yavdb (0.5.1)
-      execjs (~> 2.7.0)
-      json (~> 2.1)
-      kramdown (~> 1.17)
+    yavdb (0.5.2)
+      execjs (~> 2.7)
+      json (~> 2.2)
+      kramdown (~> 2.1)
       oga (~> 2.15)
       semantic_interval (~> 0.1)
       therubyracer (~> 0.12)
@@ -16,23 +16,46 @@ GEM
   specs:
     ansi (1.5.0)
     ast (2.4.0)
+    bibliothecary (6.6.0)
+      commander
+      deb_control
+      librariesio-gem-parser
+      ox (>= 2.8.1)
+      sdl4r
+      toml-rb (~> 1.0)
+      typhoeus
     citrus (3.0.2)
     codacy-coverage (2.1.0)
       simplecov
+    colorize (0.8.1)
+    commander (4.4.7)
+      highline (~> 2.0.0)
+    deb_control (0.0.1)
+    dependency_spy (0.4.1)
+      bibliothecary (~> 6.6)
+      colorize (= 0.8.1)
+      semantic_range (~> 2.2)
+      thor (~> 0.20)
+      yavdb (~> 0.5)
     diff-lcs (1.3)
     docile (1.3.1)
+    ethon (0.12.0)
+      ffi (>= 1.3.0)
     execjs (2.7.0)
+    ffi (1.11.0)
+    highline (2.0.2)
     jaro_winkler (1.5.2)
-    json (2.1.0)
-    kramdown (1.17.0)
-    libv8 (3.16.14.19-x86_64-linux)
+    json (2.2.0)
+    kramdown (2.1.0)
+    librariesio-gem-parser (1.0.0)
+    libv8 (3.16.14.19)
     oga (2.15)
       ast
       ruby-ll (~> 2.1)
-    parallel (1.13.0)
-    parser (2.6.0.0)
+    ox (2.10.0)
+    parallel (1.17.0)
+    parser (2.6.3.0)
       ast (~> 2.4.0)
-    powerpack (0.1.2)
     rainbow (3.0.0)
     rake (12.3.2)
     ref (2.0.0)
@@ -42,7 +65,7 @@ GEM
       rspec-mocks (~> 3.8.0)
     rspec-core (3.8.0)
       rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.2)
+    rspec-expectations (3.8.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-mocks (3.8.0)
@@ -51,21 +74,22 @@ GEM
     rspec-support (3.8.0)
     rspec_junit_formatter (0.4.1)
       rspec-core (>= 2, < 4, != 2.12.0)
-    rubocop (0.64.0)
+    rubocop (0.69.0)
       jaro_winkler (~> 1.5.1)
       parallel (~> 1.10)
-      parser (>= 2.5, != 2.5.1.1)
-      powerpack (~> 0.1)
+      parser (>= 2.6)
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (~> 1.4.0)
-    rubocop-rspec (1.32.0)
+      unicode-display_width (>= 1.4.0, < 1.7)
+    rubocop-rspec (1.33.0)
       rubocop (>= 0.60.0)
     ruby-ll (2.1.2)
       ansi
       ast
     ruby-progressbar (1.10.0)
+    sdl4r (0.9.11)
     semantic_interval (0.1.0)
+    semantic_range (2.2.1)
     simplecov (0.16.1)
       docile (~> 1.1)
       json (>= 1.8, < 3)
@@ -77,18 +101,21 @@ GEM
     thor (0.20.3)
     toml-rb (1.1.2)
       citrus (~> 3.0, > 3.0)
-    unicode-display_width (1.4.1)
+    typhoeus (1.3.1)
+      ethon (>= 0.9.0)
+    unicode-display_width (1.6.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   codacy-coverage
+  dependency_spy (~> 0.4)
   rake (~> 12.3)
   rspec (~> 3.8)
   rspec_junit_formatter (~> 0.4)
-  rubocop (~> 0.59)
-  rubocop-rspec (~> 1.29)
+  rubocop (~> 0.69)
+  rubocop-rspec (~> 1.33)
   simplecov
   yavdb!
 

data/lib/yavdb/constants.rb

@@ -17,7 +17,7 @@
 module YAVDB
   module Constants
 
-    DEBUG = ENV['debug'].freeze
+    DEBUG = ENV['debug']
 
     YAVDB_DB_URL    = 'https://github.com/rtfpessoa/yavdb.git'
     YAVDB_DB_BRANCH = 'database'

data/lib/yavdb/sources/rustsec.rb

@@ -51,12 +51,14 @@ module YAVDB
 
             vuln_id = "rustsec:cargo:#{advisory_hash['package']}:#{advisory_hash['id']}"
 
+            vulnerable_versions = (['*'] if (advisory_hash['unaffected_versions'].nil? || advisory_hash['unaffected_versions'].empty?) && (advisory_hash['patched_versions'].nil? || advisory_hash['patched_versions'].empty?))
+
             YAVDB::Advisory.new(
               vuln_id,
               advisory_hash['title'],
               advisory_hash['description'],
               advisory_hash['package'],
-              nil,
+              vulnerable_versions,
               advisory_hash['unaffected_versions'],
               advisory_hash['patched_versions'],
               severity,

data/lib/yavdb/utils/http.rb

@@ -52,8 +52,8 @@ module YAVDB
               else
                 response.body.lines
             end
-          rescue StandardError => exception
-            raise exception if retries.zero?
+          rescue StandardError => e
+            raise e if retries.zero?
 
             puts "Going to retry #{url}"
             retries -= 1

data/lib/yavdb/version.rb

@@ -16,6 +16,6 @@
 
 module YAVDB
 
-  VERSION = '0.5.1'
+  VERSION = '0.5.2'
 
 end

data/yavdb.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
   spec.executables = ['yavdb', 'vulndb', 'vulnerabilitydb']
   spec.require_paths = ['lib']
 
-  spec.required_ruby_version = '>= 2.3.7'
+  spec.required_ruby_version = '>= 2.5.5'
 
   # Development
   spec.add_development_dependency 'codacy-coverage'
@@ -31,13 +31,14 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'simplecov'
 
   # Linters
-  spec.add_development_dependency 'rubocop', ['~> 0.59']
-  spec.add_development_dependency 'rubocop-rspec', ['~> 1.29']
+  spec.add_development_dependency 'dependency_spy', ['~> 0.4']
+  spec.add_development_dependency 'rubocop', ['~> 0.69']
+  spec.add_development_dependency 'rubocop-rspec', ['~> 1.33']
 
   # Runtime
-  spec.add_runtime_dependency 'execjs', ['~> 2.7.0']
-  spec.add_runtime_dependency 'json', ['~> 2.1']
-  spec.add_runtime_dependency 'kramdown', ['~> 1.17']
+  spec.add_runtime_dependency 'execjs', ['~> 2.7']
+  spec.add_runtime_dependency 'json', ['~> 2.2']
+  spec.add_runtime_dependency 'kramdown', ['~> 2.1']
   spec.add_runtime_dependency 'oga', ['~> 2.15']
   spec.add_runtime_dependency 'semantic_interval', ['~> 0.1']
   spec.add_runtime_dependency 'therubyracer', ['~> 0.12']

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: yavdb
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.5.2
 platform: ruby
 authors:
 - Rodrigo Fernandes
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-03-04 00:00:00.000000000 Z
+date: 2019-05-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: codacy-coverage
@@ -80,76 +80,90 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: dependency_spy
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.59'
+        version: '0.69'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.59'
+        version: '0.69'
 - !ruby/object:Gem::Dependency
   name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.29'
+        version: '1.33'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.29'
+        version: '1.33'
 - !ruby/object:Gem::Dependency
   name: execjs
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.0
+        version: '2.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.0
+        version: '2.7'
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '2.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: kramdown
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.17'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.17'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: oga
   requirement: !ruby/object:Gem::Requirement
@@ -280,7 +294,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.7
+      version: 2.5.5
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -288,7 +302,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2.3
+rubygems_version: 2.7.6.2
 signing_key: 
 specification_version: 4
 summary: The Free and Open Source vulnerability database.