-
Notifications
You must be signed in to change notification settings - Fork 46
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #86 from creative-commoners/pulls/master/add-advis…
…ory-endpoint New: Add security advisories endpoint.
- Loading branch information
Showing
8 changed files
with
417 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<?php | ||
|
||
require __DIR__ . '/../vendor/autoload.php'; | ||
|
||
$client = new Packagist\Api\Client(); | ||
|
||
// Get any advisories for the monolog/monolog package | ||
$advisories = $client->advisories(['monolog/monolog']); | ||
var_export($advisories); | ||
|
||
// Get any advisories for the monolog/monolog package which were modified after midnight 2022/07/2022. | ||
$advisories = $client->advisories(['monolog/monolog' => '1.8.1'], 1659052800); | ||
var_export($advisories); | ||
|
||
// Get any advisories for the monolog/monolog package which will affect version 1.8.1 of that package | ||
$advisories = $client->advisories(['monolog/monolog' => '1.8.1'], null, true); | ||
var_export($advisories); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
namespace spec\Packagist\Api\Result\Advisory; | ||
|
||
use Packagist\Api\Result\Advisory\Source; | ||
use PhpSpec\ObjectBehavior; | ||
|
||
class SourceSpec extends ObjectBehavior | ||
{ | ||
public function let() | ||
{ | ||
$this->fromArray([ | ||
'name' => 'FriendsOfPHP/security-advisories', | ||
'remoteId' => 'monolog/monolog/2014-12-29-1.yaml', | ||
]); | ||
} | ||
|
||
public function it_is_initializable() | ||
{ | ||
$this->shouldHaveType(Source::class); | ||
} | ||
|
||
public function it_gets_name() | ||
{ | ||
$this->getName()->shouldReturn('FriendsOfPHP/security-advisories'); | ||
} | ||
|
||
public function it_gets_remote_id() | ||
{ | ||
$this->getRemoteId()->shouldReturn('monolog/monolog/2014-12-29-1.yaml'); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
namespace spec\Packagist\Api\Result; | ||
|
||
use Packagist\Api\Result\AbstractResult; | ||
use Packagist\Api\Result\Advisory; | ||
use Packagist\Api\Result\Advisory\Source; | ||
use PhpSpec\ObjectBehavior; | ||
|
||
class AdvisorySpec extends ObjectBehavior | ||
{ | ||
private $source; | ||
|
||
private function data() | ||
{ | ||
return [ | ||
'advisoryId' => 'PKSA-dmw8-jd8k-q3c6', | ||
'packageName' => 'monolog/monolog', | ||
'remoteId' => 'monolog/monolog/2014-12-29-1.yaml', | ||
'title' => 'Header injection in NativeMailerHandler', | ||
'link' => 'https://github.com/Seldaek/monolog/pull/448#issuecomment-68208704', | ||
'cve' => 'test-value', | ||
'affectedVersions' => '>=1.8.0,<1.12.0', | ||
'sources' => [$this->source], | ||
'reportedAt' => '2014-12-29 00:00:00', | ||
'composerRepository' => 'https://packagist.org', | ||
]; | ||
} | ||
|
||
public function let(Source $source) | ||
{ | ||
$this->source = $source; | ||
$this->fromArray($this->data()); | ||
} | ||
|
||
public function it_is_initializable() | ||
{ | ||
$this->shouldHaveType(Advisory::class); | ||
} | ||
|
||
public function it_is_a_packagist_result() | ||
{ | ||
$this->shouldHaveType(AbstractResult::class); | ||
} | ||
|
||
public function it_gets_advisory_id() | ||
{ | ||
$this->getAdvisoryId()->shouldReturn($this->data()['advisoryId']); | ||
} | ||
|
||
public function it_gets_package_name() | ||
{ | ||
$this->getPackageName()->shouldReturn($this->data()['packageName']); | ||
} | ||
|
||
public function it_gets_remote_id() | ||
{ | ||
$this->getRemoteId()->shouldReturn($this->data()['remoteId']); | ||
} | ||
|
||
public function it_gets_title() | ||
{ | ||
$this->getTitle()->shouldReturn($this->data()['title']); | ||
} | ||
|
||
public function it_gets_link() | ||
{ | ||
$this->getLink()->shouldReturn($this->data()['link']); | ||
} | ||
|
||
public function it_gets_cve() | ||
{ | ||
$this->getCve()->shouldReturn($this->data()['cve']); | ||
} | ||
|
||
public function it_gets_affected_versions() | ||
{ | ||
$this->getAffectedVersions()->shouldReturn($this->data()['affectedVersions']); | ||
} | ||
|
||
public function it_gets_sources() | ||
{ | ||
$this->getSources()->shouldReturn($this->data()['sources']); | ||
} | ||
|
||
public function it_gets_reported_at() | ||
{ | ||
$this->getReportedAt()->shouldReturn($this->data()['reportedAt']); | ||
} | ||
|
||
public function it_gets_composer_repository() | ||
{ | ||
$this->getComposerRepository()->shouldReturn($this->data()['composerRepository']); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.