dawnscanner 2.1.0 → 2.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Changelog.md +5 -1
  3. data/Rakefile +6 -6
  4. data/VERSION +1 -1
  5. data/checksum/dawnscanner-2.1.0.gem.sha1 +1 -0
  6. data/features/step_definition/dawn_steps.rb +4 -5
  7. data/lib/dawn/knowledge_base.rb +4 -4
  8. data/lib/dawn/version.rb +4 -4
  9. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b54d897767ce4e5a5e565205cafb15af72ae9bf92079718dfa416d8fcc4900cb
4
- data.tar.gz: 17d4cba48fb33fb04c473b0cb9e9f85c1aa40c84f16a39c1df34332695e0435b
3
+ metadata.gz: fbb231ba7ae0542ffa5a4df93bf1957ca989e4073129f8c57894b2f6d5813973
4
+ data.tar.gz: 833442b38e833db16ee550a56e26ce67b69cc77ee4ff2b69389bd1dab7ff16b3
5
5
  SHA512:
6
- metadata.gz: c689915e7a17e4db223a9ef587a3c70ab1e6f748d54dec0463da7cf728770a77f9a298995959befbe77f322771de1c1eefb5bdd9e6c27352c389e2789d4d05e9
7
- data.tar.gz: be77801fb48251c860b2b07341927dbc704eb34f28951f082d0971aa23c96cdf90d70bff219b946e67facea7022948ac9aa3353e0a87a4441ab6f7ea5f7fa19f
6
+ metadata.gz: 157a7aaf188e55b35027cae52ae7f7a71146d2b490ab5d31b8eaf3dcfc29a10de0dc3ef646e0d9b8f30330ec3b73412df62bdb4467233046b92a98f2ba4bb81a
7
+ data.tar.gz: 012e8a07b7d8bdde1947b8c0ccd6fee4bd31336c72481934ec74d4f252847fb26a0bcbab60550c2221d9716d2e51bdefeff140425c99a82e7af4df5e15a7b074
data/Changelog.md CHANGED
@@ -5,7 +5,11 @@ It supports [Sinatra](http://www.sinatrarb.com),
5
5
  [Padrino](http://www.padrinorb.com) and [Ruby on Rails](http://rubyonrails.org)
6
6
  frameworks.
7
7
 
8
- _latest update: thu 13 apr 2023, 16:54:52, CEST_
8
+ _latest update: fri 14 apr 2023, 16:36:56, CEST_
9
+
10
+ ## Version 2.1.1 (2023-04-14)
11
+
12
+ * Issue #252 fix was uncomplete.
9
13
 
10
14
  ## Version 2.1.0 (2023-04-13)
11
15
 
data/Rakefile CHANGED
@@ -160,35 +160,35 @@ namespace :rubysec do
160
160
  end
161
161
 
162
162
  def __kb_pack
163
- if Dir.exists? "#{YAML_KB}/bulletin"
163
+ if Dir.exist? "#{YAML_KB}/bulletin"
164
164
  system "tar cfvz #{YAML_KB}/bulletin.tar.gz -C #{YAML_KB} bulletin"
165
165
  system "rm -rf #{YAML_KB}/bulletin"
166
166
  system "shasum -a 256 #{YAML_KB}/bulletin.tar.gz > #{YAML_KB}/bulletin.tar.gz.sig"
167
167
  end
168
168
 
169
- if Dir.exists? "#{YAML_KB}/generic_check"
169
+ if Dir.exist? "#{YAML_KB}/generic_check"
170
170
  system "tar cfvz #{YAML_KB}/generic_check.tar.gz -C #{YAML_KB} generic_check"
171
171
  system "rm -rf #{YAML_KB}/generic_check"
172
172
  system "shasum -a 256 #{YAML_KB}/generic_check.tar.gz > #{YAML_KB}/generic_check.tar.gz.sig"
173
173
  end
174
174
 
175
- if Dir.exists? "#{YAML_KB}/owasp_ror_cheatsheet"
175
+ if Dir.exist? "#{YAML_KB}/owasp_ror_cheatsheet"
176
176
  system "tar cfvz #{YAML_KB}/owasp_ror_cheatsheet.tar.gz -C #{YAML_KB} owasp_ror_cheatsheet"
177
177
  system "rm -rf #{YAML_KB}/owasp_ror_cheatsheet"
178
178
  system "shasum -a 256 #{YAML_KB}/owasp_ror_cheatsheet.tar.gz > #{YAML_KB}/owasp_ror_cheatsheet.tar.gz.sig"
179
179
  end
180
180
 
181
- if Dir.exists? "#{YAML_KB}/code_style"
181
+ if Dir.exist? "#{YAML_KB}/code_style"
182
182
  system "tar cfvz #{YAML_KB}/code_style.tar.gz -C #{YAML_KB} code_style"
183
183
  system "rm -rf #{YAML_KB}/code_style"
184
184
  system "shasum -a 256 #{YAML_KB}/code_style.tar.gz > #{YAML_KB}/code_style.tar.gz.sig"
185
185
  end
186
- if Dir.exists? "#{YAML_KB}/code_quality"
186
+ if Dir.exist? "#{YAML_KB}/code_quality"
187
187
  system "tar cfvz #{YAML_KB}/code_quality.tar.gz -C #{YAML_KB} code_quality"
188
188
  system "rm -rf #{YAML_KB}/code_quality"
189
189
  system "shasum -a 256 #{YAML_KB}/code_quality.tar.gz > #{YAML_KB}/code_quality.tar.gz.sig"
190
190
  end
191
- if Dir.exists? "#{YAML_KB}/owasp_top_10"
191
+ if Dir.exist? "#{YAML_KB}/owasp_top_10"
192
192
  system "tar cfvz #{YAML_KB}/owasp_top_10.tar.gz -C #{YAML_KB} owasp_top_10"
193
193
  system "rm -rf #{YAML_KB}/owasp_top_10"
194
194
  system "shasum -a 256 #{YAML_KB}/owasp_top_10.tar.gz > #{YAML_KB}/owasp_top_10.tar.gz.sig"
data/VERSION CHANGED
@@ -1,3 +1,3 @@
1
1
  # I removed codenames :-)
2
2
  # Code review is fun
3
- 2.1.0
3
+ 2.1.1
data/checksum/dawnscanner-2.1.0.gem.sha1 ADDED
@@ -0,0 +1 @@
1
+ e463c7c3f54c900752f3b9be47da3f311cddd941
data/features/step_definition/dawn_steps.rb CHANGED
@@ -1,19 +1,18 @@
1
1
  Given /^the generic project "(.*?)" doesn't exist$/ do |file|
2
- FileUtils.rm(file) if File.exists?(file)
2
+ FileUtils.rm(file) if File.exist?(file)
3
3
  end
4
4
 
5
5
  Given /^the hello world rails project does exist$/ do
6
6
  system("rm -rf /tmp/hello_world_3.2.13")
7
- system("cp -a ./spec/support/hello_world_3.2.13 /tmp")
7
+ system("cp -a ./spec/support/hello_world_3.2.13 /tmp")
8
8
  end
9
9
 
10
10
  Given /^a safe sinatra application exists$/ do
11
11
  system("rm -rf /tmp/sinatra-safe")
12
- system("cp -a ./spec/support/sinatra-safe /tmp")
12
+ system("cp -a ./spec/support/sinatra-safe /tmp")
13
13
  end
14
14
 
15
15
  Given /^a vulnerable sinatra application exists$/ do
16
16
  system("rm -rf /tmp/sinatra-vulnerable")
17
- system("cp -a ./spec/support/sinatra-vulnerable /tmp")
17
+ system("cp -a ./spec/support/sinatra-vulnerable /tmp")
18
18
  end
19
-
data/lib/dawn/knowledge_base.rb CHANGED
@@ -244,7 +244,7 @@ module Dawn
244
244
  # Please note that if we enter in this branch, it means someone
245
245
  # tampered the KB between the previous __valid? check and this point.
246
246
  # Of course this is a very rare situation, but we must handle it.
247
- unless Dir.exists?(dir)
247
+ unless Dir.exist?(dir)
248
248
  $logger.warn "Missing check directory #{dir}"
249
249
  else
250
250
  Dir.glob(dir+"/**/*.yml").each do |f|
@@ -311,12 +311,12 @@ module Dawn
311
311
 
312
312
  lines = ""
313
313
 
314
- unless File.exists?(File.join(@path, "kb.yaml"))
314
+ unless File.exist?(File.join(@path, "kb.yaml"))
315
315
  $logger.error "Missing kb.yaml in #{path}. Giving up"
316
316
  return false
317
317
  end
318
318
 
319
- unless File.exists?(File.join(@path, "kb.yaml.sig"))
319
+ unless File.exist?(File.join(@path, "kb.yaml.sig"))
320
320
  $logger.error "Missing kb.yaml signature in #{path}. Giving up"
321
321
  return false
322
322
  end
@@ -343,7 +343,7 @@ module Dawn
343
343
  # local DB path
344
344
  def __packed?
345
345
  FILES.each do |fn|
346
- return true if fn.end_with? 'tar.gz' and File.exists?(File.join(@path, fn))
346
+ return true if fn.end_with? 'tar.gz' and File.exist?(File.join(@path, fn))
347
347
  end
348
348
  return false
349
349
  end
data/lib/dawn/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module Dawn
2
- VERSION = "2.1.0"
3
- RELEASE = "20230413"
4
- BUILD = "3"
5
- COMMIT = "gc8a1ac6"
2
+ VERSION = "2.1.1"
3
+ RELEASE = "20230414"
4
+ BUILD = "1"
5
+ COMMIT = "gbb3ea6d"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dawnscanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 2.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Paolo Perego
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-04-13 00:00:00.000000000 Z
11
+ date: 2023-04-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: cvss
@@ -277,6 +277,7 @@ files:
277
277
  - checksum/dawnscanner-2.0.0.rc2.gem.sha1
278
278
  - checksum/dawnscanner-2.0.0.rc3.gem.sha1
279
279
  - checksum/dawnscanner-2.0.0.rc5.gem.sha1
280
+ - checksum/dawnscanner-2.1.0.gem.sha1
280
281
  - code_of_conduct.md
281
282
  - dawnscanner.gemspec
282
283
  - doc/change.sh