From fd57fae0fd5e4ab3364f3d84aca571b0e7bfbe80 Mon Sep 17 00:00:00 2001 From: Colin Gillespie Date: Mon, 24 Jun 2024 19:23:25 +0100 Subject: [PATCH] feat: Automatically extract connect/workbench versions --- DESCRIPTION | 3 ++- NEWS.md | 4 ++++ R/posit_versions.R | 10 +++++++--- R/rvest.R | 12 ++++++------ inst/extdata/versions/connect.csv | 2 +- inst/extdata/versions/workbench.csv | 2 +- tests/testthat/test-quarto-helpers.R | 2 +- 7 files changed, 22 insertions(+), 13 deletions(-) diff --git a/DESCRIPTION b/DESCRIPTION index 7afbf6c..5f660a9 100644 --- a/DESCRIPTION +++ b/DESCRIPTION @@ -1,7 +1,7 @@ Type: Package Package: audit.base Title: Base package for Posit Checks -Version: 0.6.16 +Version: 0.6.17 Authors@R: person("Jumping", "Rivers", , "info@jumpingrivers.com", role = c("aut", "cre")) Description: Base package for sharing classes between posit audit @@ -25,6 +25,7 @@ Imports: yaml Suggests: jsonlite, + rvest, testthat (>= 3.0.0) Remotes: jumpingrivers/serverHeaders diff --git a/NEWS.md b/NEWS.md index 7c7a1cd..a820388 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,3 +1,7 @@ +# audit.base 0.6.17 _2024-06-24_ +- chore: Software bump +- feat: Automatically extract connect/workbench versions + # audit.base 0.6.16 _2024-06-24_ - chore: Use jrStyling diff --git a/R/posit_versions.R b/R/posit_versions.R index 4e5822f..37157b3 100644 --- a/R/posit_versions.R +++ b/R/posit_versions.R @@ -13,7 +13,7 @@ get_posit_versions = function(type = c("connect", "workbench", "drivers")) { mustWork = TRUE, package = "audit.base" ) versions = readr::read_csv(fname, comment = "#", col_types = c("c", "c")) - versions = dplyr::arrange(versions, dplyr::desc(name)) + versions = dplyr::arrange(versions, dplyr::desc(.data$version)) return(versions) } @@ -45,13 +45,17 @@ audit_posit_version = function(posit_version, type = c("connect", "workbench", " return(invisible(NULL)) } + + lookup_version = function(posit_version, type) { versions = get_posit_versions(type = type) version_as_date = version_to_date(posit_version) - if (is.na(version_as_date) || version_as_date < min(versions$date)) { + all_dates = unlist(purrr::map(versions$version, version_to_date)) + + if (is.na(version_as_date) || version_as_date < min(all_dates)) { # Older than DB row_number = NA_integer_ - } else if (version_as_date > max(versions$date)) { + } else if (version_as_date > max(all_dates)) { # Newer than DB row_number = 1L } else { diff --git a/R/rvest.R b/R/rvest.R index b13e89e..202c82e 100644 --- a/R/rvest.R +++ b/R/rvest.R @@ -3,16 +3,16 @@ extract_cves = function(url) { sections = rvest::html_elements(page, "section") v_tibbles = purrr::map_df(sections, extract_components) all_v = get_all_versions(page) |> - dplyr::filter(!.data$name %in% v_tibbles$name) %>% + dplyr::filter(!.data$version %in% v_tibbles$version) %>% dplyr::bind_rows(v_tibbles) %>% - dplyr::arrange(dplyr::desc(name)) + dplyr::arrange(dplyr::desc(.data$version)) all_v } extract_components = function(section) { posit_name = rvest::html_attrs(section) posit_name = as.vector(posit_name["id"]) - posit_id = stringr::str_extract(posit_name, "[0-9]{4}\\.[0-9]{1,2}\\.[0-9]{1,2}") + posit_version = stringr::str_extract(posit_name, "[0-9]{4}\\.[0-9]{1,2}\\.[0-9]{1,2}") li = section %>% rvest::html_elements("li") %>% @@ -21,10 +21,10 @@ extract_components = function(section) { cves = stringr::str_extract(li, "^CVE-[0-9]{4}-[0-9]*") cves = cves[!is.na(cves)] - if (length(cves) == 0L || is.na(posit_id)) { + if (length(cves) == 0L || is.na(posit_version)) { NULL } else { - tibble::tibble(name = posit_id, cve = cves) + tibble::tibble(version = posit_version, cve = cves) } } @@ -33,7 +33,7 @@ get_all_versions = function(page) { rvest::html_nodes('h2') %>% rvest::html_text() v = stringr::str_extract(versions, "202[0-9]\\.[0-9]{2}\\.[0-9]{1,2}") - tibble::tibble(name = v[!is.na(v)], cve = "") + tibble::tibble(version = v[!is.na(v)], cve = "") } update_posit_csv = function() { diff --git a/inst/extdata/versions/connect.csv b/inst/extdata/versions/connect.csv index 3921e8d..ab8bc0d 100644 --- a/inst/extdata/versions/connect.csv +++ b/inst/extdata/versions/connect.csv @@ -1,4 +1,4 @@ -name,cve +version,cve 2024.05.0,CVE-2024-24787 2024.05.0,CVE-2024-24788 2024.05.0,CVE-2024-24787 diff --git a/inst/extdata/versions/workbench.csv b/inst/extdata/versions/workbench.csv index fd18644..8284975 100644 --- a/inst/extdata/versions/workbench.csv +++ b/inst/extdata/versions/workbench.csv @@ -1,4 +1,4 @@ -name,cve +version,cve 2024.04.2, 2024.04.1, 2024.04.0, diff --git a/tests/testthat/test-quarto-helpers.R b/tests/testthat/test-quarto-helpers.R index d80d3f3..a6bc170 100644 --- a/tests/testthat/test-quarto-helpers.R +++ b/tests/testthat/test-quarto-helpers.R @@ -1,7 +1,7 @@ test_that("Quarto Outputs", { out = list() out$posit_version = "2022.10.0" - msg = get_quarto_posit_version_msg(out, "connect") + msg = get_quarto_posit_version_msg(out, type = "connect") expect_true(stringr::str_detect(msg, "CVEs")) out$posit_version = "2012.10.0"