forked from ruby-openid/omniauth-openid
-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathtechstack.yml
More file actions
247 lines (247 loc) · 9.54 KB
/
techstack.yml
File metadata and controls
247 lines (247 loc) · 9.54 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
repo_name: stackshareio/omniauth-openid
report_id: ba373275292511fa6ebd73513400a4f3
version: 0.1
repo_type: Public
timestamp: '2024-03-08T13:22:03+00:00'
requested_by: web-flow
provider: github
branch: master
detected_tools_count: 15
tools:
- name: Ruby
description: A dynamic, interpreted, open source programming language with a focus
on simplicity and productivity
website_url: https://www.ruby-lang.org
open_source: true
hosted_saas: false
category: Languages & Frameworks
sub_category: Languages
image_url: https://img.stackshare.io/service/989/ruby.png
detection_source_url: https://github.com/stackshareio/omniauth-openid
detection_source: Repo Metadata
- name: Sinatra
description: Classy web-development dressed in a DSL
website_url: http://www.sinatrarb.com/
license: MIT
open_source: true
hosted_saas: false
category: Languages & Frameworks
sub_category: Microframeworks (Backend)
image_url: https://img.stackshare.io/service/999/logo.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile
detection_source: Gemfile
last_updated_by: Michael Bleigh
last_updated_on: 2011-10-20 01:53:44.000000000 Z
- name: Git
description: Fast, scalable, distributed revision control system
website_url: http://git-scm.com/
open_source: true
hosted_saas: false
category: Build, Test, Deploy
sub_category: Version Control System
image_url: https://img.stackshare.io/service/1046/git.png
detection_source_url: https://github.com/stackshareio/omniauth-openid
detection_source: Repo Metadata
- name: RSpec
description: Behaviour Driven Development for Ruby
website_url: https://rspec.info/
version: 3.7.0
license: MIT
open_source: true
hosted_saas: false
category: Build, Test, Deploy
sub_category: Testing Frameworks
image_url: https://img.stackshare.io/service/2539/logo.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: Gemfile
last_updated_by: Erik Michaels-Ober
last_updated_on: 2011-04-29 01:48:26.000000000 Z
- name: RubyGems
description: Easily download, install, and use ruby software packages on your system
website_url: https://rubygems.org/
open_source: false
hosted_saas: false
category: Build, Test, Deploy
sub_category: Package Managers
image_url: https://img.stackshare.io/service/12795/5jL6-BA5_400x400.jpeg
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/omniauth-openid.gemspec
detection_source: omniauth-openid.gemspec
last_updated_by: Michael Bleigh
last_updated_on: 2010-04-05 05:20:34.000000000 Z
- name: Travis CI
description: A hosted continuous integration service for open source and private
projects
website_url: http://travis-ci.com/
open_source: false
hosted_saas: true
category: Build, Test, Deploy
sub_category: Continuous Integration
image_url: https://img.stackshare.io/service/460/Lu6cGu0z_400x400.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/.travis.yml
detection_source: ".travis.yml"
last_updated_by: tmilewski
last_updated_on: 2017-12-28 19:54:19.000000000 Z
- name: jruby-openssl
description: JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL
native library
package_url: https://rubygems.org/jruby-openssl
version: '0.9'
license: Other
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/19237/default_c4ed1d3f735f11415ee5d02b5a5ba48490465220.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile
detection_source: Gemfile
last_updated_by: tmilewski
last_updated_on: 2017-12-28 19:50:50.000000000 Z
- name: omniauth
description: A generalized Rack framework for multiple-provider authentication
package_url: https://rubygems.org/omniauth
version: 1.8.1
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/18914/default_aa081534cc9e2d100412a763ab69743f22c56ceb.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: omniauth-openid.gemspec
last_updated_by: tmilewski
last_updated_on: 2017-12-28 19:50:50.000000000 Z
vulnerabilities:
- name: OmniAuth's `lib/omniauth/failure_endpoint.rb` does not escape `message_key`
value
cve_id: CVE-2020-36599
cve_url: https://github.com/advisories/GHSA-pm55-qfxr-h247
detected_date: Sep 1
severity: critical
first_patched: 1.9.2
- name: OmniAuth Ruby gem Cross-site Request Forgery in request phase
cve_id: CVE-2015-9284
cve_url: https://github.com/advisories/GHSA-ww4x-rwq6-qpgf
detected_date: Aug 22
severity: high
first_patched: 2.0.0
- name: rack-openid
description: Provides a more HTTPish API around the ruby-openid library
package_url: https://rubygems.org/rack-openid
version: 1.4.2
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/rubygems/image.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: omniauth-openid.gemspec
last_updated_by: tmilewski
last_updated_on: 2017-12-28 19:50:50.000000000 Z
- name: rack-test
description: Rack::Test is a small, simple testing API for Rack apps
package_url: https://rubygems.org/rack-test
version: 0.8.2
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/18845/default_db5cfb0d85d9fd8bfb40a863581417a2a57791ab.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: Gemfile
last_updated_by: tmilewski
last_updated_on: 2017-12-28 20:11:08.000000000 Z
- name: rake
description: Rake is a Make-like program implemented in Ruby
package_url: https://rubygems.org/rake
version: 13.0.1
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/18812/default_f582e4648f4682adb72d2b201218cda7f8e894ac.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: Gemfile
last_updated_by: dependabot[bot]
last_updated_on: 2020-08-02 02:18:34.000000000 Z
- name: ruby-openid
description: A library for consuming and serving OpenID identities
package_url: https://rubygems.org/ruby-openid
version: 2.1.8
license: Ruby,Apache-2.0
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/19359/default_586c7ce6af1eca79bd84e28b9ad0423907b71664.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: Gemfile
last_updated_by: tmilewski
last_updated_on: 2017-12-28 19:50:50.000000000 Z
vulnerabilities:
- name: ruby-openid SSRF via claimed_id request
cve_id: CVE-2019-11027
cve_url: https://github.com/advisories/GHSA-fqfj-cmh6-hj49
detected_date: Aug 22
severity: critical
first_patched: 2.9.0
- name: Denial of service in ruby-openid
cve_id: CVE-2013-1812
cve_url: https://github.com/advisories/GHSA-6c8p-qphv-668v
detected_date: Aug 22
severity: moderate
first_patched: 2.2.2
- name: simplecov
description: Code coverage for Ruby 1.9+ with a powerful configuration library and
automatic merging of coverage across test suites
package_url: https://rubygems.org/simplecov
version: 0.15.1
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/18819/default_6564ae059af6c4ea7065fd2329370c7a05341cf8.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: Gemfile
last_updated_by: tmilewski
last_updated_on: 2017-12-28 20:11:08.000000000 Z
- name: webmock
description: WebMock allows stubbing HTTP requests and setting expectations on HTTP
requests
package_url: https://rubygems.org/webmock
version: 3.1.1
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/18824/default_6564ae059af6c4ea7065fd2329370c7a05341cf8.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: Gemfile
last_updated_by: tmilewski
last_updated_on: 2017-12-28 20:11:08.000000000 Z
- name: yard
description: YARD is a documentation generation tool for the Ruby programming language
package_url: https://rubygems.org/yard
version: 0.9.25
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: RubyGems Packages
image_url: https://img.stackshare.io/package/18825/default_b8fbb83e23c963442e15398c5b56262cc6267d6f.png
detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
detection_source: Gemfile
last_updated_by: tmilewski
last_updated_on: 2017-12-28 20:11:08.000000000 Z
vulnerabilities:
- name: YARD's default template vulnerable to Cross-site Scripting in generated
frames.html
cve_id: CVE-2024-27285
cve_url: https://github.com/advisories/GHSA-8mq4-9jjh-9xrc
detected_date: Feb 29
severity: moderate
first_patched: 0.9.36