diff --git a/Rakefile b/Rakefile index bc9aa3e980..4f9b52bc19 100644 --- a/Rakefile +++ b/Rakefile @@ -1,4 +1,6 @@ require 'yaml' +require 'nokogiri' +require 'open-uri' namespace :lint do begin @@ -22,5 +24,38 @@ namespace :lint do end end +config = YAML.load(File.read("./config.yml")) +namespace :db do + # TODO: sleep after each generation + desc "generate files" + task :update => config.select {|k,attrs| attrs["exec"]}.keys.map { |name| "db:update:#{name}"} + + namespace :update do + config.each do |name, attrs| + next unless attrs["exec"] + desc "generate #{name} files" + task name do + doc = open(attrs["url"]) { |f| Nokogiri::XML(f) } + doc.xpath(attrs["entry_condition"]).each do |elem| + h = attrs["base_attributes"].merge(attrs["attribute_conditions"].map {|k, conds| + if conds.kind_of?(Array) + # FIXME + [k, elem.xpath(conds[0]).first.xpath(conds[1]).to_s] + else + [k, elem.xpath(conds).first.content] + end + }.to_h) + path = File.join(attrs["path"], "CVE-" + h["cve"] + ".yml") + if !File.exists?(path) + File.open(path, "w") do |f| + f.write(h.to_yaml) + end + end + end + end + end + end +end + task :lint => ['lint:yaml', 'lint:cve'] task :default => :lint diff --git a/config.yml b/config.yml new file mode 100644 index 0000000000..f9f74ad1c9 --- /dev/null +++ b/config.yml @@ -0,0 +1,86 @@ +ruby: + # TODO: from CVE DB if possible + url: https://www.ruby-lang.org/en/feeds/news.rss + entry_condition: '//item[contains(title, "CVE")]' + path: rubies/ruby/ + base_attributes: + engine: ruby + attribute_conditions: + cve: ['title/text()', 'substring-after(substring-before(., ":"), "CVE-")'] + url: link + title: ['title/text()', 'substring-after(., ": ")'] + date: pubDate + description: description + exec: true + +rails_base: &rails_base + url: "https://groups.google.com/forum/feed/rubyonrails-security/msgs/rss.xml?num=15" + attribute_conditions: + cve: ['title/text()', 'substring-after(substring-before(., "]"), "CVE-")'] + url: link + title: ['title/text()', 'substring-after(., "] ")'] + # TODO: fix date format + date: pubDate + description: description + exec: false + +activerecord: + <<: *rails_base + entry_condition: '//item[contains(title, "Active Record")]' + path: gems/activerecord/ + base_attributes: + # TODO: move to rails_base + framework: rails + gem: activerecord + exec: true + +actionpack: + <<: *rails_base + entry_condition: '//item[contains(title, "Action Pack")]' + path: gems/actionpack/ + base_attributes: + # TODO: move to rails_base + framework: rails + gem: actionpack + exec: true + +actionview: + <<: *rails_base + entry_condition: '//item[contains(title, "Action View")]' + path: gems/actionview/ + base_attributes: + # TODO: move to rails_base + framework: rails + gem: actionview + exec: true + +activesupport: + <<: *rails_base + entry_condition: '//item[contains(title, "Active Support")]' + path: gems/activesupport/ + base_attributes: + # TODO: move to rails_base + framework: rails + gem: activesupport + exec: true + +activemodel: + <<: *rails_base + entry_condition: '//item[contains(title, "Active Model")]' + path: gems/activemodel/ + base_attributes: + # TODO: move to rails_base + framework: rails + gem: activemodel + exec: true + +# TODO: move to actionpack +actioncontroller: + <<: *rails_base + entry_condition: '//item[contains(title, "Action Controller")]' + path: gems/actionpack/ + base_attributes: + # TODO: move to rails_base + framework: rails + gem: actionpack + exec: true