Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ruby3.2-elastic-transport/8.3.5 package update #24067

Merged
merged 1 commit into from
Jul 16, 2024
Merged

ruby3.2-elastic-transport/8.3.5 package update #24067

merged 1 commit into from
Jul 16, 2024

Conversation

octo-sts[bot]
Copy link
Contributor

@octo-sts octo-sts bot commented Jul 16, 2024

@wolfi-bot
ruby3.2-elastic-transport/8.3.5 package update
cd8d092 
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr labels Jul 16, 2024
@octo-sts octo-sts bot mentioned this pull request Jul 16, 2024
Closed
@github-actions GitHub Actions
Copy link
Contributor

Package ruby3.2-elastic-transport: Click to expand/collapse

Package ruby3.2-elastic-transport:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.5.10-17-ge2d4f3e
+ 	# Generated by melange
  	pkgname = ruby3.2-elastic-transport
- 	pkgver = 8.3.2-r0
+ 	pkgver = 8.3.5-r0
  	arch = x86_64
- 	size = 552250
+ 	size = 487829
  	origin = ruby3.2-elastic-transport
  	pkgdesc = Low level Ruby client for Elastic. See the `elasticsearch` or `elastic-enterprise-search` gems for full integration.
  	
  	url = 
- 	commit = 2af5efeaea15f3a513fe9e1aad0b7e9f6e96eda0
- 	builddate = 1707923228
+ 	commit = cadcd069bdf12d5281172eb844874c904e8d3f09
  	license = Apache-2.0
  	depend = ruby3.2-faraday
  	depend = ruby3.2-multi_json
- 	datahash = 796ded27a89048e1f9b41e4a238e0ff9884095fe7871f242b8b80e6f1738b19e
+ 	datahash = c8357a7baa4a7531581237761613391fb8551f196bed2e8748253bb35ceacc30
  	"""
  )

Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/.github/check_license_headers.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/.github/license-header.txt
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/.github/workflows/license.yml
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/.github/workflows/otel.yml
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/.github/workflows/tests.yml
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/.gitignore
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/CHANGELOG.md
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/CONTRIBUTING.md
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/Gemfile
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/Gemfile-faraday1.gemfile
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/LICENSE
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/README.md
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/Rakefile
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/elastic-transport.gemspec
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/client.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/meta_header.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/opentelemetry.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/redacted.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/base.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/connections/collection.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/connections/connection.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/connections/selector.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/errors.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/http/curb.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/http/faraday.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/http/manticore.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/loggable.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/response.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/serializer/multi_json.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/sniffer.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/version.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic-transport.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/connections/collection_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/connections/selector_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/base_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/client_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/http/curb_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/http/faraday_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/http/manticore_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/meta_header_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/opentelemetry_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/sniffer_spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/spec_helper.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/integration/jruby_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/integration/transport_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/profile/client_benchmark_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/test_helper.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/adapters_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/connection_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/response_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/serializer_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/transport_base_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/transport_curb_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/transport_faraday_test.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/transport_manticore_test.rb
Added: /usr/lib/ruby/gems/3.2.0/specifications/elastic-transport-8.3.5.gemspec
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/.github/check_license_headers.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/.github/license-header.txt
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/.github/workflows/license.yml
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/.github/workflows/otel.yml
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/.github/workflows/tests.yml
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/.gitignore
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/CHANGELOG.md
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/CONTRIBUTING.md
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/Gemfile
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/Gemfile-faraday1.gemfile
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/LICENSE
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/README.md
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/Rakefile
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/elastic-transport.gemspec
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/client.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/meta_header.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/opentelemetry.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/redacted.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/base.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/connections/collection.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/connections/connection.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/connections/selector.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/errors.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/http/curb.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/http/faraday.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/http/manticore.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/loggable.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/response.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/serializer/multi_json.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/sniffer.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/version.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic-transport.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/connections/collection_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/connections/selector_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/base_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/client_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/http/curb_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/http/faraday_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/http/manticore_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/meta_header_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/opentelemetry_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/sniffer_spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/spec_helper.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/integration/jruby_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/integration/transport_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/profile/client_benchmark_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/test_helper.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/adapters_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/connection_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/response_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/serializer_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/transport_base_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/transport_curb_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/transport_faraday_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/transport_manticore_test.rb
Deleted: /usr/lib/ruby/gems/3.2.0/specifications/elastic-transport-8.3.2.gemspec

bincapz found differences: Click to expand/collapse

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/loggable.rb [⚠️ MEDIUM → ✅ LOW]

4 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM exec/shell_command execute a shell command system
-MEDIUM net/http/post submit content to websites POST
http
-MEDIUM net/url/request requests resources via URL http.request
-LOW ref/words/password references a 'password' password

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/adapters_test.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/response_test.rb (similarity: 0.95)

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW process/create create child process fork

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/var/lib/db/sbom/ruby3.2-elastic-transport-8.3.5-r0.spdx.json [✅ LOW → ⚠️ MEDIUM]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/download download files downloadLocation

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/.github/check_license_headers.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/multiplex monitor multiple file descriptors select

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/base_spec.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/redacted.rb (similarity: 0.93)

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/connections/collection.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/connections/connection.rb (similarity: 0.99)

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW ref/words/password references a 'password' password

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/multiplex monitor multiple file descriptors select

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/connections/collection.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/serializer/multi_json.rb (similarity: 0.92)

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/multiplex monitor multiple file descriptors select

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/http/faraday.rb

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM ref/words/agent references an 'agent' agent_header
user_agent

3 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/fetch Invokes curl curl -X POST
-MEDIUM net/http/post submit content to websites HTTP
POST
http
-LOW ref/words/password references a 'password' sanitize password in the URL
username and password

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/connections/collection.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/errors.rb (similarity: 0.91)

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW net/url Handles URL strings RequestURI

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/multiplex monitor multiple file descriptors select

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/profile/client_benchmark_test.rb [✅ LOW → ⚠️ MEDIUM]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/words/password references a 'password' replaces the password with the string
secret_password
the user and password are provided as
the user and password are provided in

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/multiplex monitor multiple file descriptors select

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/test_helper.rb

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/transport_manticore_test.rb [✅ LOW → ⚠️ MEDIUM]

3 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http
+MEDIUM ref/words/agent references an 'agent' agent_header
user_agent
+LOW net/http/request makes HTTP requests User-Agent

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/version.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW process/create create child process fork

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/sniffer_spec.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/words/password references a 'password' password

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/transport/base_spec.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/connections/selector_spec.rb (similarity: 0.92)

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW fd/multiplex monitor multiple file descriptors select

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/words/password references a 'password' replaces the password with the string
secret_password
the user and password are provided as
the user and password are provided in

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/connection_test.rb

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic-transport.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/multiplex monitor multiple file descriptors select

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/meta_header.rb [⚠️ MEDIUM → ✅ LOW]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW fd/multiplex monitor multiple file descriptors select

3 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/fetch Invokes curl curl -X POST
-MEDIUM net/http/post submit content to websites HTTP
POST
http
-LOW ref/words/password references a 'password' sanitize password in the URL
username and password

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/opentelemetry.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW process/create create child process fork

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/http/manticore_spec.rb [✅ LOW → ⚠️ MEDIUM]

3 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http
+LOW compression/gzip works with gzip files gzip
+LOW net/http/accept/encoding set HTTP response encoding format (example: gzip) Accept-Encoding

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/words/password references a 'password' password

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/opentelemetry_spec.rb

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM exec/shell_command execute a shell command system
+MEDIUM net/url/request requests resources via URL http.request

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/fetch Invokes curl curl -X POST

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/transport_base_test.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/serializer_test.rb (similarity: 0.93) [⚠️ MEDIUM → ✅ LOW]

3 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/fetch Invokes curl curl -X POST
-MEDIUM net/http/post submit content to websites HTTP
POST
http
-LOW ref/words/password references a 'password' sanitize password in the URL
username and password

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/base.rb (similarity: 0.92) [✅ LOW → ⚠️ MEDIUM]

7 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/fetch Invokes curl curl -X
+MEDIUM ref/words/agent references an 'agent' agent_header
user_agent
+LOW compression/gzip works with gzip files gzip
+LOW net/http/accept/encoding set HTTP response encoding format (example: gzip) Accept-Encoding
+LOW net/http/request makes HTTP requests User-Agent
+LOW random/insecure generate random numbers insecurely rand
+LOW ref/words/password references a 'password' password

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/integration/jruby_test.rb [⚠️ MEDIUM → ✅ LOW]

3 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM exec/shell_command execute a shell command system
-MEDIUM net/http/post submit content to websites POST
http
-MEDIUM net/url/request requests resources via URL http.request

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/connections/selector.rb

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW fd/multiplex monitor multiple file descriptors select

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW process/create create child process fork

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/connections/collection_spec.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/http/curb_spec.rb (similarity: 0.91) [✅ LOW → ⚠️ MEDIUM]

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http
+LOW compression/gzip works with gzip files gzip

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/multiplex monitor multiple file descriptors select

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/connections/collection_spec.rb [⚠️ MEDIUM → ✅ LOW]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW fd/multiplex monitor multiple file descriptors select

3 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/fetch Invokes curl curl -X POST
-MEDIUM net/http/post submit content to websites HTTP
POST
http
-LOW ref/words/password references a 'password' sanitize password in the URL
username and password

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/client_spec.rb [✅ LOW → ⚠️ MEDIUM]

7 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http
+MEDIUM ref/path/relative references and possibly executes relative path ./certificate
+LOW compression/gzip works with gzip files gzip
+LOW net/http/accept/encoding set HTTP response encoding format (example: gzip) Accept-Encoding
+LOW net/http/request makes HTTP requests User-Agent
+LOW net/socket/listen listen on a socket accept
socket
+LOW net/socket/send send a message to a socket send
socket

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/http/manticore.rb

4 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http
+MEDIUM ref/path/tmp path reference within /tmp /tmp/keystore.jks
/tmp/truststore.jks
+MEDIUM ref/words/agent references an 'agent' agent_header
user_agent
+LOW ref/words/password references a 'password' keystore_password
truststore_password

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/socket/connect initiate a connection on a socket connect

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/client.rb [✅ LOW → ⚠️ MEDIUM]

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/url/request requests resources via URL http.request
+LOW net/socket/send send a message to a socket send
socket

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/connections/collection.rb [⚠️ MEDIUM → ✅ LOW]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW fd/multiplex monitor multiple file descriptors select

3 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/fetch Invokes curl curl -X POST
-MEDIUM net/http/post submit content to websites HTTP
POST
http
-LOW ref/words/password references a 'password' sanitize password in the URL
username and password

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/meta_header_spec.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/words/password references a 'password' password

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/sniffer.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW process/create create child process fork

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/integration/transport_test.rb

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/test/unit/adapters_test.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/transport_faraday_test.rb (similarity: 0.93) [✅ LOW → ⚠️ MEDIUM]

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http
+LOW ref/words/password references a 'password' password

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW process/create create child process fork

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/transport_base_test.rb

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/fetch Invokes curl curl -X POST

2 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM exec/shell_command execute a shell command system
-MEDIUM net/url/request requests resources via URL http.request

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/response.rb

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW process/create create child process fork

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/spec/elastic/connections/collection_spec.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/base_spec.rb (similarity: 0.91)

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW ref/words/password references a 'password' replaces the password with the string
secret_password
the user and password are provided as
the user and password are provided in

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/multiplex monitor multiple file descriptors select

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/transport_curb_test.rb

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW net/http/request makes HTTP requests HTTP/1.
User-Agent

2 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM exec/shell_command execute a shell command system
-MEDIUM net/url/request requests resources via URL http.request

Moved: ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.2/lib/elastic/transport/transport/connections/connection.rb -> /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/lib/elastic/transport/transport/http/curb.rb (similarity: 0.91) [✅ LOW → ⚠️ MEDIUM]

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http
+MEDIUM ref/words/agent references an 'agent' agent_header
user_agent

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/spec_helper.rb

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/socket/connect initiate a connection on a socket connect

3 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/fetch Invokes curl curl -X POST
-MEDIUM net/http/post submit content to websites HTTP
POST
http
-LOW ref/words/password references a 'password' sanitize password in the URL
username and password

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/spec/elastic/transport/http/faraday_spec.rb

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW compression/gzip works with gzip files gzip
+LOW net/http/accept/encoding set HTTP response encoding format (example: gzip) Accept-Encoding

2 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/fetch Invokes curl curl -X POST
-LOW ref/words/password references a 'password' sanitize password in the URL
username and password

Changed: /tmp/wolfictl-apk-2186821661/ruby3.2-elastic-transport/usr/lib/ruby/gems/3.2.0/gems/elastic-transport-8.3.5/test/unit/adapters_test.rb [⚠️ MEDIUM → ✅ LOW]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW process/create create child process fork

4 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM exec/shell_command execute a shell command system
-MEDIUM net/http/post submit content to websites POST
http
-MEDIUM net/url/request requests resources via URL http.request
-LOW ref/words/password references a 'password' password

@rawlingsj rawlingsj merged commit 4d01c2e into main Jul 16, 2024
8 checks passed
@rawlingsj rawlingsj deleted the wolfictl-625bc2c9-d783-4375-bee8-7175905f8dc1 branch July 16, 2024 18:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rawlingsj rawlingsj rawlingsj approved these changes

Assignees
No one assigned
Labels
automated pr bincapz/pass request-version-update request for a newer version of a package tests/missing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@rawlingsj @wolfi-bot