# coding: utf-8 lib = File.expand_path('../lib', __FILE__) $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) require 'cvss_suite/version' Gem::Specification.new do |spec| spec.name = 'cvss-suite' spec.version = CvssSuite::VERSION spec.license = 'MIT' spec.authors = ["Oliver Hamboerger"] spec.email = ["oliver.hamboerger@siemens.com"] spec.summary = %q{Ruby gem for processing cvss vectors.} spec.description = %q{This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document). Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option. Homepage is still in progress and will be published soon (along with full documentation). ## Usage ```ruby require 'cvss_suite' cvss = CvssSuite.new('AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M') vector = cvss.vector # 'AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M' version = cvss.version # 2 # Scores base_score = cvss.base_score # 4.9 temporal_score = cvss.temporal_score # 3.6 environmental_score = cvss.environmental_score # 3.2 overall_score = cvss.overall_score # 3.2 # Available options access_vector = cvss.base.access_vector.name # 'Access Vector' remediation_level = cvss.temporal.remediation_level.name # 'Remediation Level' access_vector.choices.each do |choice| choice[:name] # 'Local', 'Adjacent Network', 'Network' choice[:abbreviation] # 'L', 'A', 'N' choice[:selected] # false, true, false end # Selected options cvss.base.access_vector.selected_choice[:name] # Adjacent Network cvss.temporal.remediation_level.selected_choice[:name] # Temporary Fix # Exceptions CvssSuite.new('random_string') # will throw a RuntimeError: Vector is not valid! CvssSuite.new() # will throw a ArgumentError cvss = CvssSuite.new('AV:N/AC:P/C:P/AV:U/RL:OF/RC:C') # invalid vector, authentication is missing version = cvss.version # 2 cvss.base_score # will throw a RuntimeError: Vector is not valid! ```} spec.homepage = "https://github.com/siemens/cvss-suite" # Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or # delete this section to allow pushing this gem to any host. # if spec.respond_to?(:metadata) # spec.metadata['allowed_push_host'] = "TODO: Set to 'http://mygemserver.com'" # else # raise "RubyGems 2.0 or newer is required to protect against public gem pushes." # end spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) } spec.bindir = 'exe' spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) } spec.test_files = spec.files.grep(%r{^(test|spec|features)/}) spec.require_paths = ["lib"] spec.add_development_dependency "bundler", "~> 1.10" spec.add_development_dependency "rake", "~> 10.0" spec.add_development_dependency "rspec", "~> 3.4" spec.add_development_dependency "rspec-its", "~> 1.2" spec.add_development_dependency "rdoc", "~> 4.2" spec.add_development_dependency "simplecov", "~> 0.11.2" spec.add_development_dependency "badgerbadgerbadger", "~> 0.14.0" end