From 5c09d083bca7ecd01a05b581e75c5059bd908000 Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 09:33:38 +1000 Subject: [PATCH 01/10] Update methodologies data --- lib/data/0.1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/data/0.1 b/lib/data/0.1 index 66ff3c2..c5e61dd 160000 --- a/lib/data/0.1 +++ b/lib/data/0.1 @@ -1 +1 @@ -Subproject commit 66ff3c2373cb82652e4097ffe06e1c380fd1a803 +Subproject commit c5e61dd7b41f5021b392dac872765008c21391a3 From 5485cfe9ec6d35a7f337e37c2899eb33bb157366 Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 09:35:37 +1000 Subject: [PATCH 02/10] Bump ruby version --- .ruby-version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ruby-version b/.ruby-version index 37c2961..15a2799 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.7.2 +3.3.0 From 784ac1d150b0be7d318159fd11bd35e988ac3e28 Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 09:56:54 +1000 Subject: [PATCH 03/10] Bump version, expand on changelog, add author --- CHANGELOG.md | 28 ++++++++++++++++++++++------ bmt.gemspec | 4 ++-- lib/bmt/version.rb | 2 +- 3 files changed, 25 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ea54e1c..f2408f9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,15 +3,31 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/) -## [Unreleased] +## [0.6.0] - 2024-07-23 + +### Added +- AI LLM Testing Methodology + +## [0.5.2] + +### Changed +- Title of API Methodology updated + +## [0.5.1] - 2023-04-06 + +### Changes +- None; Version bump because we forgot to update the git submodule + +## [0.5.0] - 2023-04-05 + +### Added +- API Testing Methodology included + +## [0.4.0] - 2023-03-03 + ### Added - support for methodologies v0.1 - Added new methodology for mobile_ios - Added new methodology for mobile_android - Added new methodology for binaries - Added new methodology for network -- Added new methodology for Api Testing - -### Changed - -### Removed diff --git a/bmt.gemspec b/bmt.gemspec index b07bbce..ed069f4 100644 --- a/bmt.gemspec +++ b/bmt.gemspec @@ -7,8 +7,8 @@ Gem::Specification.new do |spec| spec.name = 'bmt' spec.version = Bmt::VERSION spec.platform = Gem::Platform::RUBY - spec.authors = ['Federico Tagliabue'] - spec.email = ['federico.tagliabue@bugcrowd.com'] + spec.authors = ['Federico Tagliabue', 'Andy White'] + spec.email = ['federico.tagliabue@bugcrowd.com', 'arcwhite@arcwhite.org'] spec.date = Date.today.to_s spec.summary = 'Ruby wrapper for Bugcrowd\'s Methodology Taxonomy' spec.homepage = 'https://github.com/bugcrowd/bmt-ruby' diff --git a/lib/bmt/version.rb b/lib/bmt/version.rb index 4649af3..29f9da6 100644 --- a/lib/bmt/version.rb +++ b/lib/bmt/version.rb @@ -1,3 +1,3 @@ module Bmt - VERSION = '0.5.2'.freeze + VERSION = '0.6.0'.freeze end From cfb6886c15c96d5c95cf64ee505c4f968b13b38b Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 10:00:53 +1000 Subject: [PATCH 04/10] Add a missing date to the changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f2408f9..bb943dd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,7 +8,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this p ### Added - AI LLM Testing Methodology -## [0.5.2] +## [0.5.2] - 2023-05-08 ### Changed - Title of API Methodology updated From ad05aa23a6e9042e91b1d1a7c05559f0336c7857 Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 10:03:50 +1000 Subject: [PATCH 05/10] Old versions of ruby have been EOL'd, let's test actual lifed versions --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 522b986..b1e9da5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - ruby: ['2.5', '2.6', '2.7'] + ruby: ['2.7', '3.1', '3.2', '3.3'] name: Test ruby v${{ matrix.ruby }} support steps: - uses: actions/checkout@v1 From dfa222ecd37190f7ef96fc5b4bfaf6129769ec5f Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 10:14:15 +1000 Subject: [PATCH 06/10] Update rubocop, and auto-correct some auto-correctable infractions --- .rubocop.yml | 3 ++- bmt.gemspec | 8 ++++---- lib/bmt.rb | 10 +++++----- spec/bmt/item_spec.rb | 4 ++-- spec/bmt/methodology_spec.rb | 4 ++-- spec/bmt/step_spec.rb | 12 ++++++------ spec/bmt_spec.rb | 4 ++-- 7 files changed, 23 insertions(+), 22 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 415a919..4f5988a 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,5 +1,6 @@ AllCops: - TargetRubyVersion: 2.5 + TargetRubyVersion: 3.1 + NewCops: enable Style/Documentation: Enabled: false diff --git a/bmt.gemspec b/bmt.gemspec index ed069f4..edac891 100644 --- a/bmt.gemspec +++ b/bmt.gemspec @@ -9,24 +9,24 @@ Gem::Specification.new do |spec| spec.platform = Gem::Platform::RUBY spec.authors = ['Federico Tagliabue', 'Andy White'] spec.email = ['federico.tagliabue@bugcrowd.com', 'arcwhite@arcwhite.org'] - spec.date = Date.today.to_s spec.summary = 'Ruby wrapper for Bugcrowd\'s Methodology Taxonomy' spec.homepage = 'https://github.com/bugcrowd/bmt-ruby' spec.license = 'MIT' spec.files = Dir['lib/**/*.{rb,json}'] spec.require_paths = ['lib'] - spec.required_ruby_version = '>= 2.5' + spec.required_ruby_version = '>= 3.1' spec.add_development_dependency 'bundler', '~> 2.1' spec.add_development_dependency 'pry', '~> 0.11' spec.add_development_dependency 'rake', '~> 12.3' spec.add_development_dependency 'rspec', '~> 3.6' - spec.add_development_dependency 'rubocop', '0.56.0' + spec.add_development_dependency 'rubocop', '1.65' spec.metadata = { 'homepage_uri' => 'https://github.com/bugcrowd/bmt-ruby', 'changelog_uri' => 'https://github.com/bugcrowd/bmt-ruby/blob/main/CHANGELOG.md', 'source_code_uri' => 'https://github.com/bugcrowd/bmt-ruby', - 'bug_tracker_uri' => 'https://github.com/bugcrowd/bmt-ruby/issues' + 'bug_tracker_uri' => 'https://github.com/bugcrowd/bmt-ruby/issues', + 'rubygems_mfa_required' => 'true' } end diff --git a/lib/bmt.rb b/lib/bmt.rb index 1e72357..00d9183 100644 --- a/lib/bmt.rb +++ b/lib/bmt.rb @@ -20,14 +20,14 @@ class MethodologyNotFoundError < StandardError; end # returns a Methodology object given a key and a version def find(key, version: current_version) raise VersionNotFoundError unless versions.include?(version) - raise MethodologyNotFoundError unless methodology_keys(version: version).include?(key) + raise MethodologyNotFoundError unless methodology_keys(version:).include?(key) @methodologies[version].nil? && @methodologies[version] = {} @methodologies[version][key] ||= Methodology.new( - key: key, - version: version, - attributes: methodology_json(key, version: version) + key:, + version:, + attributes: methodology_json(key, version:) ) @methodologies[version][key] @@ -55,7 +55,7 @@ def versions end def methodology_json(key, version: current_version) - JSON.parse(methodology_pathname(key, version: version).read) + JSON.parse(methodology_pathname(key, version:).read) end def methodology_pathname(key, version: current_version) diff --git a/spec/bmt/item_spec.rb b/spec/bmt/item_spec.rb index 6808a00..f84dd0e 100644 --- a/spec/bmt/item_spec.rb +++ b/spec/bmt/item_spec.rb @@ -12,8 +12,8 @@ describe '#new' do subject do described_class.new( - step: step, - attributes: attributes + step:, + attributes: ) end diff --git a/spec/bmt/methodology_spec.rb b/spec/bmt/methodology_spec.rb index 64d995d..6c8af8f 100644 --- a/spec/bmt/methodology_spec.rb +++ b/spec/bmt/methodology_spec.rb @@ -6,7 +6,7 @@ describe '#new' do subject do described_class.new(key: methodology_key, - version: version, + version:, attributes: methodology_json) end @@ -28,7 +28,7 @@ describe '#steps' do subject do described_class.new(key: methodology_key, - version: version, + version:, attributes: methodology_json).steps end diff --git a/spec/bmt/step_spec.rb b/spec/bmt/step_spec.rb index 54c0f47..c147a7e 100644 --- a/spec/bmt/step_spec.rb +++ b/spec/bmt/step_spec.rb @@ -11,8 +11,8 @@ describe '#new' do subject do described_class.new( - methodology: methodology, - attributes: attributes + methodology:, + attributes: ) end @@ -29,8 +29,8 @@ describe '#items' do subject do described_class.new( - methodology: methodology, - attributes: attributes + methodology:, + attributes: ).items end @@ -52,8 +52,8 @@ subject do described_class.new( - methodology: methodology, - attributes: attributes + methodology:, + attributes: ) end diff --git a/spec/bmt_spec.rb b/spec/bmt_spec.rb index 6ece431..9dde979 100644 --- a/spec/bmt_spec.rb +++ b/spec/bmt_spec.rb @@ -22,7 +22,7 @@ subject { described_class.methodology_keys } it 'returns methodologies for the latest version' do - is_expected.to match_array(['website-testing', 'outback-animal-testing']) + is_expected.to match_array(%w[website-testing outback-animal-testing]) end end @@ -51,7 +51,7 @@ end context 'specifing version' do - subject(:methodology) { described_class.find(key, version: version) } + subject(:methodology) { described_class.find(key, version:) } let(:key) { 'website-testing' } From 4892ffb82cd60dc4ca5f70891a38346041726092 Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 11:17:38 +1000 Subject: [PATCH 07/10] More rubocop cleanup, and move dev dependencies from the gemspec to the Gemfile --- .rubocop.yml | 5 ++--- Gemfile | 9 +++++++++ bmt.gemspec | 6 ------ lib/bmt.rb | 4 ++-- spec/bmt/step_spec.rb | 4 ++-- spec/bmt_spec.rb | 8 ++++---- spec/spec_helper.rb | 2 +- 7 files changed, 20 insertions(+), 18 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 4f5988a..74860c7 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -8,12 +8,11 @@ Style/Documentation: Style/FrozenStringLiteralComment: Enabled: false -Metrics/LineLength: +Layout/LineLength: Max: 120 - IgnoreCopDirectives: true Metrics/BlockLength: - ExcludedMethods: + AllowedMethods: - configure - context - define diff --git a/Gemfile b/Gemfile index b73a005..94db4f2 100644 --- a/Gemfile +++ b/Gemfile @@ -2,3 +2,12 @@ source 'https://rubygems.org' # Specify your gem's dependencies in bmt-ruby.gemspec gemspec + +group :development do + gem 'bundler', require: false + gem 'pry', require: false + gem 'rake', require: false + gem 'rspec', require: false + gem 'rubocop', require: false + gem 'rubocop-performance', require: false +end diff --git a/bmt.gemspec b/bmt.gemspec index edac891..b33a90e 100644 --- a/bmt.gemspec +++ b/bmt.gemspec @@ -16,12 +16,6 @@ Gem::Specification.new do |spec| spec.require_paths = ['lib'] spec.required_ruby_version = '>= 3.1' - spec.add_development_dependency 'bundler', '~> 2.1' - spec.add_development_dependency 'pry', '~> 0.11' - spec.add_development_dependency 'rake', '~> 12.3' - spec.add_development_dependency 'rspec', '~> 3.6' - spec.add_development_dependency 'rubocop', '1.65' - spec.metadata = { 'homepage_uri' => 'https://github.com/bugcrowd/bmt-ruby', 'changelog_uri' => 'https://github.com/bugcrowd/bmt-ruby/blob/main/CHANGELOG.md', diff --git a/lib/bmt.rb b/lib/bmt.rb index 00d9183..6b69451 100644 --- a/lib/bmt.rb +++ b/lib/bmt.rb @@ -43,7 +43,7 @@ def methodology_keys(version: current_version) DATA_DIR.join(version, 'methodologies').entries .map(&:basename) .map(&:to_s) - .select { |dirname| dirname =~ /json/ } + .grep(/json/) .map { |filepath| File.basename(filepath, File.extname(filepath)) } end @@ -67,6 +67,6 @@ def json_dir_names DATA_DIR.entries .map(&:basename) .map(&:to_s) - .select { |dirname| dirname =~ /^[0-9]+\.[0-9]/ }.sort + .grep(/^[0-9]+\.[0-9]/).sort end end diff --git a/spec/bmt/step_spec.rb b/spec/bmt/step_spec.rb index c147a7e..71f96d6 100644 --- a/spec/bmt/step_spec.rb +++ b/spec/bmt/step_spec.rb @@ -48,8 +48,6 @@ end context 'with an executive_summary step type' do - let(:attributes) { methodology_json.dig('content', 'steps', 2) } - subject do described_class.new( methodology:, @@ -57,6 +55,8 @@ ) end + let(:attributes) { methodology_json.dig('content', 'steps', 2) } + it 'returns the correct type' do expect(subject.type).to eq 'executive_summary' end diff --git a/spec/bmt_spec.rb b/spec/bmt_spec.rb index 9dde979..bc14f6b 100644 --- a/spec/bmt_spec.rb +++ b/spec/bmt_spec.rb @@ -5,7 +5,7 @@ subject { described_class.versions } it 'return all of the versions in the filesystem in reverse semver order' do - is_expected.to eq(['2.1', '1.0']) + expect(subject).to eq(['2.1', '1.0']) end end @@ -13,7 +13,7 @@ subject { described_class.current_version } it 'return the most recent version number for the vrt' do - is_expected.to eq('2.1') + expect(subject).to eq('2.1') end end @@ -22,7 +22,7 @@ subject { described_class.methodology_keys } it 'returns methodologies for the latest version' do - is_expected.to match_array(%w[website-testing outback-animal-testing]) + expect(subject).to match_array(%w[website-testing outback-animal-testing]) end end @@ -30,7 +30,7 @@ subject { described_class.methodology_keys(version: '1.0') } it 'returns methodologies for the specified version' do - is_expected.to match_array(['website-testing']) + expect(subject).to match_array(['website-testing']) end end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index ab7bee0..aaeb1ad 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -6,7 +6,7 @@ c.syntax = :expect end - config.before(:each) do + config.before do # The following adds a new, test-only BMT versions stub_const('BMT::DATA_DIR', Pathname.new('spec/sample')) end From 3ee8a889440494c667127420eac9fdba0e052030 Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 11:19:38 +1000 Subject: [PATCH 08/10] 2.7 is EOL'd, too --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b1e9da5..593ec00 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - ruby: ['2.7', '3.1', '3.2', '3.3'] + ruby: ['3.1', '3.2', '3.3'] name: Test ruby v${{ matrix.ruby }} support steps: - uses: actions/checkout@v1 From 49a7dda94753f91c856871d5a453aaff3209f0c0 Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 12:45:00 +1000 Subject: [PATCH 09/10] Build needs to be using at least 3.1, and we now use ruby/setup-ruby --- .github/workflows/publish-gem.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish-gem.yml b/.github/workflows/publish-gem.yml index ec0a968..d49ea7b 100644 --- a/.github/workflows/publish-gem.yml +++ b/.github/workflows/publish-gem.yml @@ -10,11 +10,11 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Set up Ruby 2.7 - uses: actions/setup-ruby@v1 + - uses: actions/checkout@v4 + - name: Set up Ruby 3.1 + uses: ruby/setup-ruby@v1 with: - ruby-version: 2.7.x + ruby-version: '3.1' - name: Publish to GPR run: | mkdir -p $HOME/.gem From 165d0476ecf46d423afc39c307a38614c11f66e0 Mon Sep 17 00:00:00 2001 From: Andy White Date: Thu, 25 Jul 2024 12:46:11 +1000 Subject: [PATCH 10/10] Add smallest semver --- .github/workflows/publish-gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-gem.yml b/.github/workflows/publish-gem.yml index d49ea7b..50f619c 100644 --- a/.github/workflows/publish-gem.yml +++ b/.github/workflows/publish-gem.yml @@ -14,7 +14,7 @@ jobs: - name: Set up Ruby 3.1 uses: ruby/setup-ruby@v1 with: - ruby-version: '3.1' + ruby-version: '3.1.x' - name: Publish to GPR run: | mkdir -p $HOME/.gem