Updated dependencies

Arachni · Aug 28, 2018 · 246aecc · 246aecc
1 parent 7813393
commit 246aecc
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 29 deletions.
diff --git a/arachni.gemspec b/arachni.gemspec
@@ -10,7 +10,7 @@
 Gem::Specification.new do |s|
     require File.expand_path( File.dirname( __FILE__ ) ) + '/lib/arachni/version'
 
-    s.required_ruby_version = '>= 2.2.0'
+    s.required_ruby_version = '>= 2.3.0'
 
     s.name              = 'arachni'
     s.version           = Arachni::VERSION
@@ -49,8 +49,8 @@ Gem::Specification.new do |s|
     # latest one.
     s.add_dependency 'bundler'
 
-    s.add_dependency 'concurrent-ruby',     '1.0.2'
-    s.add_dependency 'concurrent-ruby-ext', '1.0.2'
+    s.add_dependency 'concurrent-ruby',     '1.0.5'
+    s.add_dependency 'concurrent-ruby-ext', '1.0.5'
 
     # For compressing/decompressing system state archives.
     s.add_dependency 'rubyzip',             '1.2.1'
@@ -59,21 +59,21 @@ Gem::Specification.new do |s|
     s.add_dependency 'http_parser.rb',      '0.6.0'
 
     # HTML report
-    s.add_dependency 'coderay',             '1.1.0'
+    s.add_dependency 'coderay',             '1.1.2'
 
-    s.add_dependency 'childprocess',        '0.5.3'
+    s.add_dependency 'childprocess',        '0.9.0'
 
     # RPC serialization.
-    s.add_dependency 'msgpack',             '0.7.0'
+    s.add_dependency 'msgpack',             '1.2.4'
 
     if RUBY_PLATFORM != 'java'
         # Optimized JSON.
-        s.add_dependency 'oj',              '2.15.0'
+        s.add_dependency 'oj',              '3.6.5'
         s.add_dependency 'oj_mimic_json',   '1.0.1'
     end
 
     # Web server
-    s.add_dependency 'puma',                '2.14.0'
+    s.add_dependency 'puma',                '3.12.0'
 
     # REST API
     s.add_dependency 'sinatra',             '1.4.6'
@@ -83,34 +83,34 @@ Gem::Specification.new do |s|
     s.add_dependency 'arachni-rpc',         '~> 0.2.1.4'
 
     # HTTP client.
-    s.add_dependency 'typhoeus',            '1.0.2'
+    s.add_dependency 'typhoeus',            '1.3.0'
 
     # Fallback URI parsing and encoding utilities.
-    s.add_dependency 'addressable',         '2.3.6'
+    s.add_dependency 'addressable',         '2.5.2'
 
     # E-mail plugin.
-    s.add_dependency 'pony',                '1.11'
+    s.add_dependency 'pony',                '1.12'
 
     # For the Arachni console (arachni_console).
-    s.add_dependency 'rb-readline',         '0.5.1'
+    s.add_dependency 'rb-readline',         '0.5.5'
 
     # Markup parsing, for reports and Element::XML.
-    s.add_dependency 'nokogiri',            '1.7.2'
+    s.add_dependency 'nokogiri',            '1.8.4'
     # Really fast and lightweight markup parsing, for pages.
-    s.add_dependency 'ox',                  '2.4.11'
+    s.add_dependency 'ox',                  '2.9.4'
 
     # Outputting data in table format (arachni_rpcd_monitor).
-    s.add_dependency 'terminal-table',      '1.4.5'
+    s.add_dependency 'terminal-table',      '1.8.0'
 
     # Browser support for DOM/JS/AJAX analysis stuff.
-    s.add_dependency 'watir',               '6.2.1'
+    s.add_dependency 'watir',               '6.12.0'
 
     # Markdown to HTML conversion, used by the HTML report for component
     # descriptions.
-    s.add_dependency 'kramdown',            '1.4.1'
+    s.add_dependency 'kramdown',            '1.17.0'
 
     # Used to scrub Markdown for XSS etc.
-    s.add_dependency 'loofah',              '2.0.3'
+    s.add_dependency 'loofah',              '2.2.2'
 
     s.post_install_message = <<MSG
 
@@ -127,7 +127,7 @@ License            - Arachni Public Source License v1.0
                         (https://github.com/Arachni/arachni/blob/master/LICENSE.md)
 Author             - Tasos "Zapotek" Laskos (http://twitter.com/Zap0tek)
 Twitter            - http://twitter.com/ArachniScanner
-Copyright          - 2010-2017 Sarosys LLC (http://www.sarosys.com)
+Copyright          - 2010-2018 Sarosys LLC (http://www.sarosys.com)
 
 Please do not hesitate to ask for assistance (via the support portal)
 or report a bug (via GitHub Issues) if you come across any problem.

diff --git a/spec/arachni/browser_spec.rb b/spec/arachni/browser_spec.rb
@@ -1440,15 +1440,15 @@ def clear_hit_count
                 Arachni::Options.url = @url
                 subject.load @url
 
-                subject.javascript.run( 'window.location = "http://google.com/";' )
+                subject.javascript.run( 'window.location = "http://www.google.com/";' )
                 sleep 1
 
                 page = subject.to_page
 
                 expect(page.code).to eq(0)
-                expect(page.url).to  eq('http://google.com/')
+                expect(page.url).to  eq('http://www.google.com/')
                 expect(page.body).to be_empty
-                expect(page.dom.url).to eq('http://google.com/')
+                expect(page.dom.url).to eq('http://www.google.com/')
             end
         end
     end

diff --git a/spec/arachni/http/client_spec.rb b/spec/arachni/http/client_spec.rb
@@ -612,7 +612,7 @@
         it "fills in #{Arachni::HTTP::Request}#headers_string" do
             host = "#{Arachni::URI(@url).host}:#{Arachni::URI(@url).port}"
             expect(subject.request( @url, mode: :sync ).request.headers_string).to eq(
-                "GET / HTTP/1.1\r\nHost: #{host}\r\nAccept-Encoding: gzip, " +
+                "GET / HTTP/1.1\r\nHost: #{host}\r\nAuthorization: Basic Og==\r\nAccept-Encoding: gzip, " +
                     "deflate\r\nUser-Agent: Arachni/v#{Arachni::VERSION}\r\nAccept: text/html," +
                     "application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n" +
                     "Accept-Language: en-US,en;q=0.8,he;q=0.6\r\n" +
@@ -803,29 +803,29 @@
                                          response_max_size: 0
                         )
 
-                        expect(r.headers).not_to include 'Content-Type'
+                        expect(r.headers['Content-Type']).to be_empty
                         expect(r.body).to be_empty
 
                         r = subject.request( @url + '/http_response_max_size/without_content_length',
                                          mode: :sync,
                                          response_max_size: 1
                         )
-                        expect(r.headers).not_to include 'Content-Type'
+                        expect(r.headers['Content-Type']).to be_empty
                         expect(r.body).to be_empty
 
                         r = subject.request( @url + '/http_response_max_size/without_content_length',
                                          mode: :sync,
                                          response_max_size: 999999
                         )
-                        expect(r.headers).not_to include 'Content-Type'
+                        expect(r.headers['Content-Type']).to be_empty
                         expect(r.body).to be_empty
 
                         r = subject.request( @url + '/http_response_max_size/without_content_length',
                                          mode: :sync,
                                          response_max_size: 1000000
                         )
 
-                        expect(r.headers).not_to include 'Content-Type'
+                        expect(r.headers['Content-Type']).to be_empty
                         expect(r.body).not_to be_empty
                     end
                 end

diff --git a/spec/arachni/http/proxy_server_spec.rb b/spec/arachni/http/proxy_server_spec.rb
@@ -202,6 +202,7 @@ def test_proxy( proxy )
 
                 expect(request.headers_string.split( "\r\n" ).sort).to eq(
                     ("POST / HTTP/1.1\r\n" <<
+                    "Authorization: Basic Og==\r\n" <<
                     "Host: #{request.parsed_url.host}:#{request.parsed_url.port}\r\n" <<
                     "Accept-Encoding: gzip, deflate\r\n" <<
                     "User-Agent: Typhoeus - https://github.com/typhoeus/typhoeus\r\n" <<

diff --git a/spec/arachni/http/request_spec.rb b/spec/arachni/http/request_spec.rb
@@ -323,8 +323,9 @@
         it "fills in #{Arachni::HTTP::Request}#headers_string" do
             host = "#{Arachni::URI(@url).host}:#{Arachni::URI(@url).port}"
             expect(described_class.new( url: @url ).run.request.headers_string).to eq(
-                "GET / HTTP/1.1\r\nHost: #{host}\r\nAccept-Encoding: gzip, " +
-                    "deflate\r\nUser-Agent: Arachni/v#{Arachni::VERSION}\r\nAccept: text/html," +
+                "GET / HTTP/1.1\r\nHost: #{host}\r\nAuthorization: Basic Og==\r\n" +
+                    "Accept-Encoding: gzip, deflate\r\n" +
+                    "User-Agent: Arachni/v#{Arachni::VERSION}\r\nAccept: text/html," +
                     "application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n" +
                     "Accept-Language: en-US,en;q=0.8,he;q=0.6\r\n\r\n"
             )

diff --git a/spec/support/servers/arachni/element/form/form_dom.rb b/spec/support/servers/arachni/element/form/form_dom.rb
@@ -1,4 +1,5 @@
 require 'sinatra'
+require 'yaml'
 
 get '/' do
     <<-EOHTML