-
Notifications
You must be signed in to change notification settings - Fork 200
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate ruby to new importers #799
Conversation
some of ruby logs. Can you have a look at
|
@ziadhany what's the status on this ? |
I will work on it this week. 👍 |
Dependent on https://github.com/nexB/univers/pull/92/files |
@ziadhany invert functionality has been added to univers, please use https://pypi.org/project/univers/30.9.1/ |
@ziadhany gentle ping |
4e90f8d
to
2c50219
Compare
2fa6915
to
c6091c9
Compare
Ruby importer and improver logs : |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ziadhany Thanks++, some review comments for your consideration, please rebase your branch as well.
832fb3b
to
2ed17d6
Compare
logs : importer--improver-ruby.zip |
03e0b80
to
469df9f
Compare
almost there -- needs one more review |
@ziadhany please rebase your PR |
Done |
vulnerabilities/importers/ruby.py
Outdated
record = load_yaml(path) | ||
class RubyImporter(Importer): | ||
license_url = "https://github.com/rubysec/ruby-advisory-db/blob/master/LICENSE.txt" | ||
spdx_license_expression = "unknown" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ziadhany @pombredanne what should be done for this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ziadhany let's get some stats, how much data we can ingest once we filter out the data that is associated with OSVDB ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://scancode-licensedb.aboutcode.org/public-domain-disclaimer.html ,
spdx_license_expression = "LicenseRef-scancode-public-domain-disclaimer"
notice = """
If you submit code or data to the ruby-advisory-db that is copyrighted by
yourself, upon submission you hereby agree to release it into the public
domain.
The data imported from the ruby-advisory-db have been filtered to exclude
any non-public domain data from the data copyrighted by the Open
Source Vulnerability Database (http://osvdb.org).
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
"""
8678d54
to
850c5a7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ziadhany thanks++, minor nit for your consideration
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! thanks please do the suggested changes and feel free to squash and merge this PR : )
Drop cvss_v2 Add ruby importer_name and Rebase Resolve merge conflicts Add advisory_url to ruby importer Add a notice and the spdx_license_expression Resolve merge conflict Add a docstring to get_affected_packages Add a unite test for get_affected_packages function Remove unused variables Fix sorted affected_package_merge Add ruby importer and improver Fix style test Fix test Rewrite affected_packages Ruby initial config Reference: aboutcode-org#796 Clean imported data after import process Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com> Fix sorted affected_package_merge Refactor Ruby importer and improver Add ruby importer and improver Fix style test Fix test Rewrite affected_packages Ruby initial config Reference: aboutcode-org#796 Signed-off-by: ziadhany <ziadhany2016@gmail.com>
@ziadhany thanks for your effort and persistence : ) |
…rg#799) Drop cvss_v2 Add ruby importer_name and Rebase Resolve merge conflicts Add advisory_url to ruby importer Add a notice and the spdx_license_expression Resolve merge conflict Add a docstring to get_affected_packages Add a unite test for get_affected_packages function Remove unused variables Fix sorted affected_package_merge Add ruby importer and improver Fix style test Fix test Rewrite affected_packages Ruby initial config Reference: aboutcode-org#796 Clean imported data after import process Fix sorted affected_package_merge Refactor Ruby importer and improver Add ruby importer and improver Fix style test Fix test Rewrite affected_packages Ruby initial config Reference: aboutcode-org#796 Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Reference: #796
Signed-off-by: Ziad ziadhany2016@gmail.com