blame_brakeman 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/blame_brakeman.rb +73 -0
- metadata +48 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 9e083bb6abb71a675ff5df098b4bfb0c0babaa138cb2b03e85a85a2193abd196
|
|
4
|
+
data.tar.gz: 4466b65077c5716ca3ba4e389ccf9878f40b48e619c4d9eae2bc125d44d0ec7e
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: b0cb32a695e05d31924970a401658ed2fd343ac19fd7734440bc5a04cc9ae28959f142a4078e787ea531114d80bce66c84ec53696e643130ddc71f75e28998d2
|
|
7
|
+
data.tar.gz: e4d0779155582f9ecdb375f37635ac038407604d19bba223e7d52e8c621542c839b404acf9f0552bbd754fc21728c0adfb7d33c63e03a0189c1e496fcb96b4e0
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
require 'fileutils'
|
|
2
|
+
|
|
3
|
+
module BlameBrakeman
|
|
4
|
+
class BrakemanSecurity
|
|
5
|
+
|
|
6
|
+
def initialize(version_control = nil, from = nil, to = nil)
|
|
7
|
+
@version_control = version_control
|
|
8
|
+
@from = from
|
|
9
|
+
@to = to
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def brakeman_security
|
|
13
|
+
FileUtils.mkdir_p 'brakeman'
|
|
14
|
+
root_folder = "brakeman"
|
|
15
|
+
time_now = Time.now
|
|
16
|
+
time_yesterday = time_now - 86400 #1 Day Ago
|
|
17
|
+
brakeman_file_format = "security_#{time_format(time_yesterday)}.json"
|
|
18
|
+
comparison_file_format = "security_comparison_#{time_format(time_yesterday)}_to_#{time_format(time_now)}.json"
|
|
19
|
+
format = %w[json html]
|
|
20
|
+
if File.exist?("#{root_folder}/#{brakeman_file_format}")
|
|
21
|
+
comparison_file = "#{root_folder}/#{comparison_file_format}"
|
|
22
|
+
system("brakeman --compare #{root_folder}/#{brakeman_file_format} -o #{comparison_file}")
|
|
23
|
+
format.each { |fr| system("rm -f #{root_folder}/security_#{time_format(time_yesterday)}.#{fr}") }
|
|
24
|
+
create_security_file(root_folder, format, time_format(time_now))
|
|
25
|
+
condition = override_comparison_file(comparison_file)
|
|
26
|
+
else
|
|
27
|
+
create_security_file(root_folder, format, time_format(time_now))
|
|
28
|
+
puts 'Yesterday,Security File not there!!!.In that folder'
|
|
29
|
+
puts 'Create File: brakeman -o brakeman/security_MMDDYYYY.json'
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def override_comparison_file(file)
|
|
34
|
+
output = {}
|
|
35
|
+
data = File.read(file)
|
|
36
|
+
json_data = JSON.parse(data)
|
|
37
|
+
condition = json_data['new'].blank? && json_data['fixed'].blank?
|
|
38
|
+
return condition if condition
|
|
39
|
+
|
|
40
|
+
# Overwrite JSON Data - Add Blame
|
|
41
|
+
json_data.each do |key, value|
|
|
42
|
+
value.each do |hash|
|
|
43
|
+
output[key] = add_gitblame(hash)
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
# Overwrite Comparison File
|
|
47
|
+
File.open(file, 'w') do |f|
|
|
48
|
+
f.puts JSON.pretty_generate(json_data)
|
|
49
|
+
end
|
|
50
|
+
condition
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def add_gitblame(hash)
|
|
54
|
+
file = hash['file']
|
|
55
|
+
line = hash['line']
|
|
56
|
+
if @version_control == 'git'
|
|
57
|
+
git_blame = `git blame -L #{line},#{line} #{file}`
|
|
58
|
+
hash['blame'] = git_blame
|
|
59
|
+
hash
|
|
60
|
+
else
|
|
61
|
+
hash
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def create_security_file(root_folder, format, time_format)
|
|
66
|
+
format.each { |fr| system("brakeman -o #{root_folder}/security_#{time_format}.#{fr}") }
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def time_format(time)
|
|
70
|
+
time.strftime('%m%d%Y')
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: blame_brakeman
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.3
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Honestraj Kandhasamy
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2019-12-05 00:00:00.000000000 Z
|
|
12
|
+
dependencies: []
|
|
13
|
+
description: "'git blame' added Brakeman JSON warnings. We have all the information
|
|
14
|
+
at brakeman security warnings. \n But, Don't have a blame option
|
|
15
|
+
for which developer done the vulnerabilities.Below is example.\n \n
|
|
16
|
+
\ {\n ....\n 'blame': 'xxxxxxxxxxxxx (developer_name 2019-07-17
|
|
17
|
+
20:59:12 +0530 4226) params.require(:users).permit!\r\n'\n ...\n }"
|
|
18
|
+
email: honestraj.it@gmail.com
|
|
19
|
+
executables: []
|
|
20
|
+
extensions: []
|
|
21
|
+
extra_rdoc_files: []
|
|
22
|
+
files:
|
|
23
|
+
- lib/blame_brakeman.rb
|
|
24
|
+
homepage: https://rubygems.org/gems/blame_brakeman
|
|
25
|
+
licenses:
|
|
26
|
+
- MIT
|
|
27
|
+
metadata:
|
|
28
|
+
source_code_uri: https://github.com/honestveera/blame_brakeman
|
|
29
|
+
post_install_message:
|
|
30
|
+
rdoc_options: []
|
|
31
|
+
require_paths:
|
|
32
|
+
- lib
|
|
33
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
34
|
+
requirements:
|
|
35
|
+
- - ">="
|
|
36
|
+
- !ruby/object:Gem::Version
|
|
37
|
+
version: '0'
|
|
38
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
39
|
+
requirements:
|
|
40
|
+
- - ">="
|
|
41
|
+
- !ruby/object:Gem::Version
|
|
42
|
+
version: '0'
|
|
43
|
+
requirements: []
|
|
44
|
+
rubygems_version: 3.0.3
|
|
45
|
+
signing_key:
|
|
46
|
+
specification_version: 4
|
|
47
|
+
summary: Blame Brakeman
|
|
48
|
+
test_files: []
|