stackshareio · stack-file · Jan 9, 2024 · Jan 9, 2024 · Feb 15, 2024 · Feb 15, 2024
diff --git a/techstack.md b/techstack.md
@@ -0,0 +1,120 @@
+<!--
+&lt;--- Readme.md Snippet without images Start ---&gt;
+## Tech Stack
+stackshareio/omniauth-openid is built on the following main stack:
+
+- [Ruby](https://www.ruby-lang.org) – Languages
+- [Sinatra](http://www.sinatrarb.com/) – Microframeworks (Backend)
+- [RSpec](https://rspec.info/) – Testing Frameworks
+- [Travis CI](http://travis-ci.com/) – Continuous Integration
+
+Full tech stack [here](/techstack.md)
+
+&lt;--- Readme.md Snippet without images End ---&gt;
+
+&lt;--- Readme.md Snippet with images Start ---&gt;
+## Tech Stack
+stackshareio/omniauth-openid is built on the following main stack:
+
+- <img width='25' height='25' src='https://img.stackshare.io/service/989/ruby.png' alt='Ruby'/> [Ruby](https://www.ruby-lang.org) – Languages
+- <img width='25' height='25' src='https://img.stackshare.io/service/999/logo.png' alt='Sinatra'/> [Sinatra](http://www.sinatrarb.com/) – Microframeworks (Backend)
+- <img width='25' height='25' src='https://img.stackshare.io/service/2539/logo.png' alt='RSpec'/> [RSpec](https://rspec.info/) – Testing Frameworks
+- <img width='25' height='25' src='https://img.stackshare.io/service/460/Lu6cGu0z_400x400.png' alt='Travis CI'/> [Travis CI](http://travis-ci.com/) – Continuous Integration
+
+Full tech stack [here](/techstack.md)
+
+&lt;--- Readme.md Snippet with images End ---&gt;
+-->
+<div align="center">
+
+# Tech Stack File
+![](https://img.stackshare.io/repo.svg "repo") [stackshareio/omniauth-openid](https://github.com/stackshareio/omniauth-openid)![](https://img.stackshare.io/public_badge.svg "public")
+<br/><br/>
+|15<br/>Tools used|03/08/24 <br/>Report generated|
+|------|------|
+</div>
+
+## <img src='https://img.stackshare.io/languages.svg'/> Languages (1)
+<table><tr>
+  <td align='center'>
+  <img width='36' height='36' src='https://img.stackshare.io/service/989/ruby.png' alt='Ruby'>
+  <br>
+  <sub><a href="https://www.ruby-lang.org">Ruby</a></sub>
+  <br>
+  <sub></sub>
+</td>
+
+</tr>
+</table>
+
+## <img src='https://img.stackshare.io/frameworks.svg'/> Frameworks (1)
+<table><tr>
+  <td align='center'>
+  <img width='36' height='36' src='https://img.stackshare.io/service/999/logo.png' alt='Sinatra'>
+  <br>
+  <sub><a href="http://www.sinatrarb.com/">Sinatra</a></sub>
+  <br>
+  <sub></sub>
+</td>
+
+</tr>
+</table>
+
+## <img src='https://img.stackshare.io/devops.svg'/> DevOps (4)
+<table><tr>
+  <td align='center'>
+  <img width='36' height='36' src='https://img.stackshare.io/service/1046/git.png' alt='Git'>
+  <br>
+  <sub><a href="http://git-scm.com/">Git</a></sub>
+  <br>
+  <sub></sub>
+</td>
+
+<td align='center'>
+  <img width='36' height='36' src='https://img.stackshare.io/service/2539/logo.png' alt='RSpec'>
+  <br>
+  <sub><a href="https://rspec.info/">RSpec</a></sub>
+  <br>
+  <sub>v3.7.0</sub>
+</td>
+
+<td align='center'>
+  <img width='36' height='36' src='https://img.stackshare.io/service/12795/5jL6-BA5_400x400.jpeg' alt='RubyGems'>
+  <br>
+  <sub><a href="https://rubygems.org/">RubyGems</a></sub>
+  <br>
+  <sub></sub>
+</td>
+
+<td align='center'>
+  <img width='36' height='36' src='https://img.stackshare.io/service/460/Lu6cGu0z_400x400.png' alt='Travis CI'>
+  <br>
+  <sub><a href="http://travis-ci.com/">Travis CI</a></sub>
+  <br>
+  <sub></sub>
+</td>
+
+</tr>
+</table>
+
+
+## <img src='https://img.stackshare.io/group.svg' /> Open source packages (9)</h2>
+
+## <img width='24' height='24' src='https://img.stackshare.io/service/12795/5jL6-BA5_400x400.jpeg'/> RubyGems (9)
+
+|NAME|VERSION|LAST UPDATED|LAST UPDATED BY|LICENSE|VULNERABILITIES|
+|:------|:------|:------|:------|:------|:------|
+|[jruby-openssl](https://rubygems.org/jruby-openssl)|v0.9|12/28/17|tmilewski |Other|N/A|
+|[omniauth](https://rubygems.org/omniauth)|v1.8.1|12/28/17|tmilewski |MIT|[CVE-2020-36599](https://github.com/advisories/GHSA-pm55-qfxr-h247) (Critical)<br/>[CVE-2015-9284](https://github.com/advisories/GHSA-ww4x-rwq6-qpgf) (High)|
+|[rack-openid](https://rubygems.org/rack-openid)|v1.4.2|12/28/17|tmilewski |MIT|N/A|
+|[rack-test](https://rubygems.org/rack-test)|v0.8.2|12/28/17|tmilewski |MIT|N/A|
+|[rake](https://rubygems.org/rake)|v13.0.1|08/02/20|dependabot[bot] |MIT|N/A|
+|[ruby-openid](https://rubygems.org/ruby-openid)|v2.1.8|12/28/17|tmilewski |Ruby,Apache-2.0|[CVE-2019-11027](https://github.com/advisories/GHSA-fqfj-cmh6-hj49) (Critical)<br/>[CVE-2013-1812](https://github.com/advisories/GHSA-6c8p-qphv-668v) (Moderate)|
+|[simplecov](https://rubygems.org/simplecov)|v0.15.1|12/28/17|tmilewski |MIT|N/A|
+|[webmock](https://rubygems.org/webmock)|v3.1.1|12/28/17|tmilewski |MIT|N/A|
+|[yard](https://rubygems.org/yard)|v0.9.25|12/28/17|tmilewski |MIT|[CVE-2024-27285](https://github.com/advisories/GHSA-8mq4-9jjh-9xrc) (Moderate)|
+
+<br/>
+<div align='center'>
+
+Generated via [Stack File](https://github.com/marketplace/stack-file)
diff --git a/techstack.yml b/techstack.yml
@@ -0,0 +1,247 @@
+repo_name: stackshareio/omniauth-openid
+report_id: ba373275292511fa6ebd73513400a4f3
+version: 0.1
+repo_type: Public
+timestamp: '2024-03-08T13:22:03+00:00'
+requested_by: web-flow
+provider: github
+branch: master
+detected_tools_count: 15
+tools:
+- name: Ruby
+  description: A dynamic, interpreted, open source programming language with a focus
+    on simplicity and productivity
+  website_url: https://www.ruby-lang.org
+  open_source: true
+  hosted_saas: false
+  category: Languages & Frameworks
+  sub_category: Languages
+  image_url: https://img.stackshare.io/service/989/ruby.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid
+  detection_source: Repo Metadata
+- name: Sinatra
+  description: Classy web-development dressed in a DSL
+  website_url: http://www.sinatrarb.com/
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Languages & Frameworks
+  sub_category: Microframeworks (Backend)
+  image_url: https://img.stackshare.io/service/999/logo.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile
+  detection_source: Gemfile
+  last_updated_by: Michael Bleigh
+  last_updated_on: 2011-10-20 01:53:44.000000000 Z
+- name: Git
+  description: Fast, scalable, distributed revision control system
+  website_url: http://git-scm.com/
+  open_source: true
+  hosted_saas: false
+  category: Build, Test, Deploy
+  sub_category: Version Control System
+  image_url: https://img.stackshare.io/service/1046/git.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid
+  detection_source: Repo Metadata
+- name: RSpec
+  description: Behaviour Driven Development for Ruby
+  website_url: https://rspec.info/
+  version: 3.7.0
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Build, Test, Deploy
+  sub_category: Testing Frameworks
+  image_url: https://img.stackshare.io/service/2539/logo.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: Gemfile
+  last_updated_by: Erik Michaels-Ober
+  last_updated_on: 2011-04-29 01:48:26.000000000 Z
+- name: RubyGems
+  description: Easily download, install, and use ruby software packages on your system
+  website_url: https://rubygems.org/
+  open_source: false
+  hosted_saas: false
+  category: Build, Test, Deploy
+  sub_category: Package Managers
+  image_url: https://img.stackshare.io/service/12795/5jL6-BA5_400x400.jpeg
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/omniauth-openid.gemspec
+  detection_source: omniauth-openid.gemspec
+  last_updated_by: Michael Bleigh
+  last_updated_on: 2010-04-05 05:20:34.000000000 Z
+- name: Travis CI
+  description: A hosted continuous integration service for open source and private
+    projects
+  website_url: http://travis-ci.com/
+  open_source: false
+  hosted_saas: true
+  category: Build, Test, Deploy
+  sub_category: Continuous Integration
+  image_url: https://img.stackshare.io/service/460/Lu6cGu0z_400x400.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/.travis.yml
+  detection_source: ".travis.yml"
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 19:54:19.000000000 Z
+- name: jruby-openssl
+  description: JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL
+    native library
+  package_url: https://rubygems.org/jruby-openssl
+  version: '0.9'
+  license: Other
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/19237/default_c4ed1d3f735f11415ee5d02b5a5ba48490465220.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile
+  detection_source: Gemfile
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 19:50:50.000000000 Z
+- name: omniauth
+  description: A generalized Rack framework for multiple-provider authentication
+  package_url: https://rubygems.org/omniauth
+  version: 1.8.1
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/18914/default_aa081534cc9e2d100412a763ab69743f22c56ceb.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: omniauth-openid.gemspec
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 19:50:50.000000000 Z
+  vulnerabilities:
+  - name: OmniAuth's `lib/omniauth/failure_endpoint.rb` does not escape `message_key`
+      value
+    cve_id: CVE-2020-36599
+    cve_url: https://github.com/advisories/GHSA-pm55-qfxr-h247
+    detected_date: Sep 1
+    severity: critical
+    first_patched: 1.9.2
+  - name: OmniAuth Ruby gem Cross-site Request Forgery in request phase
+    cve_id: CVE-2015-9284
+    cve_url: https://github.com/advisories/GHSA-ww4x-rwq6-qpgf
+    detected_date: Aug 22
+    severity: high
+    first_patched: 2.0.0
+- name: rack-openid
+  description: Provides a more HTTPish API around the ruby-openid library
+  package_url: https://rubygems.org/rack-openid
+  version: 1.4.2
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/rubygems/image.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: omniauth-openid.gemspec
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 19:50:50.000000000 Z
+- name: rack-test
+  description: Rack::Test is a small, simple testing API for Rack apps
+  package_url: https://rubygems.org/rack-test
+  version: 0.8.2
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/18845/default_db5cfb0d85d9fd8bfb40a863581417a2a57791ab.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: Gemfile
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 20:11:08.000000000 Z
+- name: rake
+  description: Rake is a Make-like program implemented in Ruby
+  package_url: https://rubygems.org/rake
+  version: 13.0.1
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/18812/default_f582e4648f4682adb72d2b201218cda7f8e894ac.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: Gemfile
+  last_updated_by: dependabot[bot]
+  last_updated_on: 2020-08-02 02:18:34.000000000 Z
+- name: ruby-openid
+  description: A library for consuming and serving OpenID identities
+  package_url: https://rubygems.org/ruby-openid
+  version: 2.1.8
+  license: Ruby,Apache-2.0
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/19359/default_586c7ce6af1eca79bd84e28b9ad0423907b71664.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: Gemfile
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 19:50:50.000000000 Z
+  vulnerabilities:
+  - name: ruby-openid SSRF via claimed_id request
+    cve_id: CVE-2019-11027
+    cve_url: https://github.com/advisories/GHSA-fqfj-cmh6-hj49
+    detected_date: Aug 22
+    severity: critical
+    first_patched: 2.9.0
+  - name: Denial of service in ruby-openid
+    cve_id: CVE-2013-1812
+    cve_url: https://github.com/advisories/GHSA-6c8p-qphv-668v
+    detected_date: Aug 22
+    severity: moderate
+    first_patched: 2.2.2
+- name: simplecov
+  description: Code coverage for Ruby 1.9+ with a powerful configuration library and
+    automatic merging of coverage across test suites
+  package_url: https://rubygems.org/simplecov
+  version: 0.15.1
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/18819/default_6564ae059af6c4ea7065fd2329370c7a05341cf8.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: Gemfile
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 20:11:08.000000000 Z
+- name: webmock
+  description: WebMock allows stubbing HTTP requests and setting expectations on HTTP
+    requests
+  package_url: https://rubygems.org/webmock
+  version: 3.1.1
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/18824/default_6564ae059af6c4ea7065fd2329370c7a05341cf8.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: Gemfile
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 20:11:08.000000000 Z
+- name: yard
+  description: YARD is a documentation generation tool for the Ruby programming language
+  package_url: https://rubygems.org/yard
+  version: 0.9.25
+  license: MIT
+  open_source: true
+  hosted_saas: false
+  category: Libraries
+  sub_category: RubyGems Packages
+  image_url: https://img.stackshare.io/package/18825/default_b8fbb83e23c963442e15398c5b56262cc6267d6f.png
+  detection_source_url: https://github.com/stackshareio/omniauth-openid/blob/master/Gemfile.lock
+  detection_source: Gemfile
+  last_updated_by: tmilewski
+  last_updated_on: 2017-12-28 20:11:08.000000000 Z
+  vulnerabilities:
+  - name: YARD's default template vulnerable to Cross-site Scripting in generated
+      frames.html
+    cve_id: CVE-2024-27285
+    cve_url: https://github.com/advisories/GHSA-8mq4-9jjh-9xrc
+    detected_date: Feb 29
+    severity: moderate
+    first_patched: 0.9.36