diff options
| -rw-r--r-- | Dockerfile | 18 | ||||
| -rw-r--r-- | Gemfile | 8 | ||||
| -rw-r--r-- | Gemfile.lock | 69 | ||||
| -rw-r--r-- | views/glsa.erb | 2 | ||||
| -rw-r--r-- | views/glsa/glsav1.erb | 16 | ||||
| -rw-r--r-- | views/index.erb | 2 | ||||
| -rw-r--r-- | views/layout.erb | 108 | ||||
| -rw-r--r-- | views/subscribe.erb | 6 |
8 files changed, 126 insertions, 103 deletions
diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..bda4038 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,18 @@ +FROM ruby:3.0 + +RUN apt update +RUN apt install -y make gcc g++ ruby-dev ruby-bundler git thin + +COPY . /var/www/security + +WORKDIR /var/www/security/data + +RUN git clone https://anongit.gentoo.org/git/data/glsa.git + +EXPOSE 9995 + +WORKDIR /var/www/security + +RUN bundle install --deployment + +CMD bundle exec thin -p 9995 start @@ -1,10 +1,10 @@ source 'https://rubygems.org' -# This contains build fixes that upstream merged but reverted for no reason. -gem 'nokogumbo', :git => 'https://github.com/robbat2/nokogumbo', :branch => 'gentoo', :submodules => true gem 'sinatra' gem 'sinatra-partial' -gem 'json' +gem 'json', '>=1.8.6' gem 'nokogiri' gem 'thin' -gem 'sanitize', '~>4.4.0' +gem 'sanitize' + +gem "rss", "~> 0.2.9" diff --git a/Gemfile.lock b/Gemfile.lock index a6b0a6d..5b95d46 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,52 +1,51 @@ -GIT - remote: https://github.com/robbat2/nokogumbo - revision: 3748a7e00b02978f1c55e4c5a7e01ade93df098e - branch: gentoo - submodules: true - specs: - nokogumbo (1.4.13) - nokogiri - GEM remote: https://rubygems.org/ specs: - crass (1.0.2) - daemons (1.2.1) - eventmachine (1.0.7) - json (1.8.2) - mini_portile (0.6.2) - nokogiri (1.6.6.2) - mini_portile (~> 0.6.0) - rack (1.6.0) - rack-protection (1.5.3) + crass (1.0.6) + daemons (1.4.1) + eventmachine (1.2.7) + json (2.6.3) + mini_portile2 (2.8.2) + mustermann (3.0.0) + ruby2_keywords (~> 0.0.1) + nokogiri (1.15.2) + mini_portile2 (~> 2.8.2) + racc (~> 1.4) + racc (1.7.1) + rack (2.2.7) + rack-protection (3.0.6) rack - sanitize (4.4.0) + rexml (3.2.5) + rss (0.2.9) + rexml + ruby2_keywords (0.0.5) + sanitize (6.0.1) crass (~> 1.0.2) - nokogiri (>= 1.4.4) - nokogumbo (~> 1.4.1) - sinatra (1.4.5) - rack (~> 1.4) - rack-protection (~> 1.4) - tilt (~> 1.3, >= 1.3.4) - sinatra-partial (0.4.0) - sinatra - thin (1.6.3) + nokogiri (>= 1.12.0) + sinatra (3.0.6) + mustermann (~> 3.0) + rack (~> 2.2, >= 2.2.4) + rack-protection (= 3.0.6) + tilt (~> 2.0) + sinatra-partial (1.0.1) + sinatra (>= 1.4) + thin (1.8.2) daemons (~> 1.0, >= 1.0.9) - eventmachine (~> 1.0) - rack (~> 1.0) - tilt (1.4.1) + eventmachine (~> 1.0, >= 1.0.4) + rack (>= 1, < 3) + tilt (2.2.0) PLATFORMS ruby DEPENDENCIES - json + json (>= 1.8.6) nokogiri - nokogumbo! - sanitize (~> 4.4.0) + rss (~> 0.2.9) + sanitize sinatra sinatra-partial thin BUNDLED WITH - 1.13.7 + 2.4.6 diff --git a/views/glsa.erb b/views/glsa.erb index a6ffcf1..95123c2 100644 --- a/views/glsa.erb +++ b/views/glsa.erb @@ -5,7 +5,7 @@ For more information, please visit our distribution's <a href="https://www.gentoo.org/support/security/">security overview</a>. </p> -<div class="table-responsive"> +<div class="table-responsive mb-3"> <table class="table table-striped"> <tr> <th>ID</th> diff --git a/views/glsa/glsav1.erb b/views/glsa/glsav1.erb index 276ecb7..4390762 100644 --- a/views/glsa/glsav1.erb +++ b/views/glsa/glsav1.erb @@ -1,11 +1,11 @@ <h1 class="first-header"> <%= h @glsa.title %> - <small>— GLSA <strong><%= h @glsa.id %></strong></small> + <small class="text-muted" style="font-size: 65%;">— GLSA <strong><%= h @glsa.id %></strong></small> </h1> <div class="row"> - <div class="col-xs-12 col-md-10"> - <p class="lead"> + <div class="col-12 col-md-10"> + <p class="lead" style="font-size: 21px;"> <%= h @glsa.synopsis %> </p> @@ -20,11 +20,11 @@ <th class="anzen-metadata-title-col">Package</th> <td><strong><%= h atom %></strong> on <% if arch == '*' %>all architectures<% else %>the <%= h arch %> architecture<% end %></td> </tr> - <tr class="danger"> + <tr class="table-danger"> <th>Affected versions</th> <td><%= data[:vulnerable].map { |ver| render_version(ver) }.join '<br>' %></td> </tr> - <tr class="success"> + <tr class="table-success"> <th>Unaffected versions</th> <td><%= data[:unaffected].map { |ver| render_version(ver) }.join '<br>' %></td> </tr> @@ -45,7 +45,9 @@ <%= h2 @glsa.workaround %> <h3>Resolution</h3> - <%= h2(code2pre(@glsa.resolution)) %> + <div class="card card-body bg-light pb-0 mb-3"> + <%= h2(code2pre(@glsa.resolution)) %> + </div> <h3>References</h3> <ul> @@ -53,7 +55,7 @@ <li><a href="<%= h ref[1] %>"><%= h ref[0] %></a></li> <% end %> </div> - <div class="col-xs-12 col-md-2"> + <div class="col-12 col-md-2"> <p> <strong>Release date</strong> <br> diff --git a/views/index.erb b/views/index.erb index afe8891..7bf0880 100644 --- a/views/index.erb +++ b/views/index.erb @@ -21,7 +21,7 @@ <h2>Most recent Gentoo Linux security advisories</h2> -<div class="table-responsive"> +<div class="table-responsive mb-3"> <table class="table table-striped"> <tr> <th>ID</th> diff --git a/views/layout.erb b/views/layout.erb index b62a05a..0169ace 100644 --- a/views/layout.erb +++ b/views/layout.erb @@ -6,8 +6,7 @@ <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="theme-color" content="#54487a"> <meta name="description" content="<%= @description ? "#{h @description.gsub("\n", ' ').squeeze(' ').strip}" : 'Gentoo security database' %>"> - <link href="https://assets.gentoo.org/tyrian/bootstrap.min.css" rel="stylesheet" media="screen"> - <link href="https://assets.gentoo.org/tyrian/tyrian.min.css" rel="stylesheet" media="screen"> + <link href="https://assets.gentoo.org/tyrian/v2/tyrian.min.css" rel="stylesheet" media="screen"> <link href="/css/main.css" rel="stylesheet" media="screen"> <link rel="icon" href="https://www.gentoo.org/favicon.ico" type="image/x-icon"> </head> @@ -15,59 +14,63 @@ <header> <div class="site-title"> <div class="container"> - <div class="row"> + <div class="row justify-content-between"> + <div class="logo"> + <a href="/" title="Back to the homepage" class="site-logo"> + <img src="https://assets.gentoo.org/tyrian/v2/site-logo.png" alt="Gentoo" srcset="https://assets.gentoo.org/tyrian/v2/site-logo.svg"> + </a> + <span class="site-label">Security</span> + </div> <div class="site-title-buttons"> <div class="btn-group btn-group-sm"> - <a href="https://get.gentoo.org/" role="button" class="btn get-gentoo"><span class="fa fa-fw fa-download"></span> <strong>Get Gentoo!</strong></a> + <a href="https://get.gentoo.org/" role="button" class="btn get-gentoo"><span class="fa fa-fw fa-download"></span> + <strong>Get Gentoo!</strong></a> <div class="btn-group btn-group-sm"> <a class="btn gentoo-org-sites dropdown-toggle" data-toggle="dropdown" data-target="#" href="#"> - <span class="fa fa-fw fa-map-o"></span> <span class="hidden-xs">gentoo.org sites</span> <span class="caret"></span> + <span class="fa fa-fw fa-map-o"></span> <span class="d-none d-sm-inline">gentoo.org sites</span> + <span class="caret"></span> </a> - <ul class="dropdown-menu dropdown-menu-right"> - <li><a href="https://www.gentoo.org/" title="Main Gentoo website"><span class="fa fa-home fa-fw"></span> gentoo.org</a></li> - <li><a href="https://wiki.gentoo.org/" title="Find and contribute documentation"><span class="fa fa-file-text-o fa-fw"></span> Wiki</a></li> - <li><a href="https://bugs.gentoo.org/" title="Report issues and find common issues"><span class="fa fa-bug fa-fw"></span> Bugs</a></li> - <li><a href="https://forums.gentoo.org/" title="Discuss with the community"><span class="fa fa-comments-o fa-fw"></span> Forums</a></li> - <li><a href="https://packages.gentoo.org/" title="Find software for your Gentoo"><span class="fa fa-hdd-o fa-fw"></span> Packages</a></li> - <li class="divider"></li> - <li><a href="https://planet.gentoo.org/" title="Find out what's going on in the developer community"><span class="fa fa-rss fa-fw"></span> Planet</a></li> - <li><a href="https://archives.gentoo.org/" title="Read up on past discussions"><span class="fa fa-archive fa-fw"></span> Archives</a></li> - <li><a href="https://sources.gentoo.org/" title="Browse our source code"><span class="fa fa-code fa-fw"></span> Sources</a></li> - <li class="divider"></li> - <li><a href="https://infra-status.gentoo.org/" title="Get updates on the services provided by Gentoo"><span class="fa fa-server fa-fw"></span> Infra status</a></li> - </ul> + <div class="dropdown-menu dropdown-menu-right"> + <a class="dropdown-item" href="https://www.gentoo.org/" title="Main Gentoo website"><span class="fa fa-home fa-fw"></span> + gentoo.org</a> + <a class="dropdown-item" href="https://wiki.gentoo.org/" title="Find and contribute documentation"><span class="fa fa-file-text-o fa-fw"></span> + Wiki</a> + <a class="dropdown-item" href="https://bugs.gentoo.org/" title="Report issues and find common issues"><span class="fa fa-bug fa-fw"></span> + Bugs</a> + <a class="dropdown-item" href="https://forums.gentoo.org/" title="Discuss with the community"><span class="fa fa-comments-o fa-fw"></span> + Forums</a> + <a class="dropdown-item" href="https://packages.gentoo.org/" title="Find software for your Gentoo"><span class="fa fa-hdd-o fa-fw"></span> + Packages</a> + <div class="dropdown-divider"></div> + <a class="dropdown-item" href="https://planet.gentoo.org/" title="Find out what's going on in the developer community"><span class="fa fa-rss fa-fw"></span> + Planet</a> + <a class="dropdown-item" href="https://archives.gentoo.org/" title="Read up on past discussions"><span class="fa fa-archive fa-fw"></span> + Archives</a> + <a class="dropdown-item" href="https://sources.gentoo.org/" title="Browse our source code"><span class="fa fa-code fa-fw"></span> + Sources</a> + <div class="dropdown-divider"></div> + <a class="dropdown-item" href="https://infra-status.gentoo.org/" title="Get updates on the services provided by Gentoo"><span class="fa fa-server fa-fw"></span> + Infra Status</a> + </div> </div> </div> </div> - <div class="logo"> - <a href="/" title="Back to the homepage" class="site-logo"> - <object data="https://assets.gentoo.org/tyrian/site-logo.svg" type="image/svg+xml"> - <img src="https://assets.gentoo.org/tyrian/site-logo.png" alt="Gentoo Linux Logo"> - </object> - </a> - <span class="site-label">Security</span> - </div> </div> </div> </div> - <nav class="tyrian-navbar" role="navigation"> + <nav class="tyrian-navbar navbar navbar-dark navbar-expand-lg bg-primary" role="navigation"> <div class="container"> - <div class="row"> - <div class="navbar-header"> - <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-main-collapse"> - <span class="sr-only">Toggle navigation</span> - <span class="icon-bar"></span> - <span class="icon-bar"></span> - <span class="icon-bar"></span> - </button> - </div> - <div class="collapse navbar-collapse navbar-main-collapse"> - <ul class="nav navbar-nav"> - <li class="<%= 'active' if @nav == :index %>"><a href="/">Home</a></li> - <li class="<%= 'active' if @nav == :subscribe %>"><a href="/subscribe">Stay informed</a></li> - <li class="<%= 'active' if @nav == :glsa %>"><a href="/glsa">Advisories</a></li> - </ul> - </div> + <div class="navbar-header"> + <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbar-main-collapse" aria-controls="navbar-main-collapse" aria-expanded="false" aria-label="Toggle navigation"> + <span class="navbar-toggler-icon"></span> + </button> + </div> + <div class="collapse navbar-collapse navbar-main-collapse" id="navbar-main-collapse"> + <ul class="navbar-nav mr-auto"> + <li class="nav-item <%= 'active' if @nav == :index %>"><a class="nav-link" href="/">Home</a></li> + <li class="nav-item <%= 'active' if @nav == :subscribe %>"><a class="nav-link" href="/subscribe">Stay informed</a></li> + <li class="nav-item <%= 'active' if @nav == :glsa %>"><a class="nav-link" href="/glsa">Advisories</a></li> + </ul> </div> </div> </nav> @@ -75,7 +78,7 @@ <div class="container"> <div class="row"> - <div class="col-xs-12"> + <div class="col-12"> <%= yield %> </div> </div> @@ -84,28 +87,28 @@ <footer> <div class="container"> <div class="row"> - <div class="col-xs-12 col-md-offset-2 col-md-7"> + <div class="col-12 offset-md-2 col-md-7"> <p class="spacer"> </p> </div> - <div class="col-xs-12 col-md-3"> + <div class="col-12 col-md-3"> <h3 class="footerhead">Questions or comments?</h3> Please feel free to <a href="mailto:security@gentoo.org">contact us</a>. </div> </div> <div class="row"> - <div class="col-xs-2 col-sm-3 col-md-2"> + <div class="col-2 col-sm-3 col-md-2"> <ul class="footerlinks three-icons"> <li><a href="https://twitter.com/gentoo" title="@Gentoo on Twitter"><span class="fa fa-twitter fa-fw"></span></a></li> <li><a href="https://www.facebook.com/gentoo.org" title="Gentoo on Facebook"><span class="fa fa-facebook fa-fw"></span></a></li> </ul> </div> - <div class="col-xs-10 col-sm-9 col-md-10"> - <strong>© 2001–2019 Gentoo Foundation, Inc.</strong><br /> + <div class="col-10 col-sm-9 col-md-10"> + <strong>© 2001–2020 Gentoo Foundation, Inc.</strong><br /> <small> Gentoo is a trademark of the Gentoo Foundation, Inc. The contents of this document, unless otherwise expressly stated, are licensed under the - <a href="https://creativecommons.org/licenses/by-sa/3.0/" rel="license">CC-BY-SA-3.0</a> license. + <a href="https://creativecommons.org/licenses/by-sa/4.0/" rel="license">CC-BY-SA-4.0</a> license. The <a href="https://www.gentoo.org/inside-gentoo/foundation/name-logo-guidelines.html">Gentoo name and logo usage guidelines</a> apply. </small> </div> @@ -113,7 +116,8 @@ </div> </footer> - <script src="https://assets.gentoo.org/tyrian/jquery.min.js"></script> - <script src="https://assets.gentoo.org/tyrian/bootstrap.min.js"></script> + <script src="https://assets.gentoo.org/tyrian/v2/jquery-3.3.slim.js"></script> + <script src="https://assets.gentoo.org/tyrian/v2/popper.min.js"></script> + <script src="https://assets.gentoo.org/tyrian/v2/bootstrap.min.js"></script> </body> </html> diff --git a/views/subscribe.erb b/views/subscribe.erb index 64f0e82..ce86895 100644 --- a/views/subscribe.erb +++ b/views/subscribe.erb @@ -1,6 +1,6 @@ <h1 class="first-header">Stay informed</h1> -<div class="row"> +<div class="row mt-3"> <div class="col-md-4 text-right"> <i class="fa fa-terminal fa-5x"></i> </div> @@ -13,7 +13,7 @@ <p class="lead"><kbd>% glsa-check -t affected</kbd></p> <p> - If you don't have the utility installed, run <kbd>emerge -va app-portage/gentoolkit</kbd>.<br> + If you don't have the utility installed, run <kbd>emerge -va sys-apps/portage</kbd>.<br> For more information, review the <a href="https://wiki.gentoo.org/wiki/GLSA">documentation</a> on our wiki.</p> </div> </div> @@ -57,7 +57,7 @@ <hr> -<div class="row"> +<div class="row mb-3"> <div class="col-md-4 text-right"> <i class="fa fa-twitter fa-5x"></i> </div> |