File tree Expand file tree Collapse file tree 7 files changed +119
-1
lines changed Expand file tree Collapse file tree 7 files changed +119
-1
lines changed Original file line number Diff line number Diff line change @@ -2,6 +2,7 @@ source 'https://rubygems.org'
2
2
3
3
gem 'faraday'
4
4
gem 'rake'
5
+ gem 'kwalify'
5
6
gem 'rspec'
6
7
7
8
group :development do
Original file line number Diff line number Diff line change 5
5
diff-lcs (1.3 )
6
6
faraday (0.15.4 )
7
7
multipart-post (>= 1.2 , < 3 )
8
+ kwalify (0.7.2 )
8
9
method_source (0.9.0 )
9
10
mini_portile2 (2.4.0 )
10
11
multipart-post (2.1.1 )
@@ -33,6 +34,7 @@ PLATFORMS
33
34
34
35
DEPENDENCIES
35
36
faraday
37
+ kwalify
36
38
nokogiri
37
39
pry
38
40
rake
Original file line number Diff line number Diff line change 5
5
include_examples 'Advisory' , path
6
6
7
7
advisory = YAML . load_file ( path )
8
+ schema = YAML . load_file ( File . join ( File . dirname ( __FILE__ ) , 'schemas/gem.yml' ) )
9
+ validator = Kwalify ::Validator . new ( schema )
8
10
9
11
describe path do
10
12
let ( :gem ) { File . basename ( File . dirname ( path ) ) }
33
35
end
34
36
end
35
37
end
38
+
39
+ it "should have valid schema" do
40
+ errors = validator . validate ( advisory )
41
+ expect ( errors ) . to be_empty
42
+ end
36
43
end
37
44
end
Original file line number Diff line number Diff line change 3
3
4
4
shared_examples_for "Rubies Advisory" do |path |
5
5
include_examples 'Advisory' , path
6
-
6
+
7
7
advisory = YAML . load_file ( path )
8
+ schema = YAML . load_file ( File . join ( File . dirname ( __FILE__ ) , 'schemas/ruby.yml' ) )
9
+ validator = Kwalify ::Validator . new ( schema )
8
10
9
11
describe path do
10
12
let ( :engine ) { File . basename ( File . dirname ( path ) ) }
17
19
expect ( subject . downcase ) . to eq ( engine . downcase )
18
20
end
19
21
end
22
+
23
+ it "should have valid schema" do
24
+ errors = validator . validate ( advisory )
25
+ expect ( errors ) . to be_empty
26
+ end
20
27
end
21
28
end
22
29
Original file line number Diff line number Diff line change
1
+ type : map
2
+ mapping :
3
+ " gem " :
4
+ type : str
5
+ required : yes
6
+ " library " :
7
+ type : str
8
+ " framework " :
9
+ type : str
10
+ " platform " :
11
+ type : str
12
+ " cve " :
13
+ type : str
14
+ pattern : /\d+-\d+/
15
+ " osvdb " :
16
+ type : int
17
+ " ghsa " :
18
+ type : str
19
+ " url " :
20
+ type : str
21
+ required : true
22
+ pattern : /https?:\/\//
23
+ " title " :
24
+ type : str
25
+ required : true
26
+ " date " :
27
+ type : date
28
+ required : true
29
+ " description " :
30
+ type : str
31
+ required : true
32
+ " cvss_v2 " :
33
+ type : float
34
+ " cvss_v3 " :
35
+ type : float
36
+ " unaffected_versions " :
37
+ type : seq
38
+ sequence :
39
+ - type : str
40
+ " patched_versions " :
41
+ type : seq
42
+ sequence :
43
+ - type : str
44
+ " vendor_patch " :
45
+ type : seq
46
+ sequence :
47
+ - type : str
48
+ pattern : /https?:\/\//
49
+ " related " :
50
+ type : map
51
+ mapping :
52
+ " cve " :
53
+ type : seq
54
+ sequence :
55
+ - type : str
56
+ " osvdb " :
57
+ type : seq
58
+ sequence :
59
+ - type : int
60
+ " url " :
61
+ type : seq
62
+ sequence :
63
+ - type : str
64
+ pattern : /https?:\/\//
Original file line number Diff line number Diff line change
1
+ type : map
2
+ mapping :
3
+ " engine " :
4
+ type : str
5
+ required : yes
6
+ enum : [jruby, rbx, ruby]
7
+ " cve " :
8
+ type : str
9
+ pattern : /\d+-\d+/
10
+ " osvdb " :
11
+ type : int
12
+ " url " :
13
+ type : str
14
+ required : true
15
+ pattern : /https?:\/\//
16
+ " title " :
17
+ type : str
18
+ required : true
19
+ " date " :
20
+ type : date
21
+ required : true
22
+ " description " :
23
+ type : str
24
+ required : true
25
+ " cvss_v2 " :
26
+ type : float
27
+ " cvss_v3 " :
28
+ type : float
29
+ " unaffected_versions " :
30
+ type : seq
31
+ sequence :
32
+ - type : str
33
+ " patched_versions " :
34
+ type : seq
35
+ sequence :
36
+ - type : str
Original file line number Diff line number Diff line change
1
+ require 'kwalify'
1
2
require 'rspec'
You can’t perform that action at this time.
0 commit comments