RubyGems - brakeman-lib - Versions diffs - 3.3.1 - Mend

brakeman-lib 3.3.1

Files changed (159) hide show

checksums.yaml +7 -0
data/CHANGES +872 -0
data/FEATURES +16 -0
data/README.md +169 -0
data/WARNING_TYPES +95 -0
data/bin/brakeman +89 -0
data/lib/brakeman.rb +495 -0
data/lib/brakeman/app_tree.rb +161 -0
data/lib/brakeman/brakeman.rake +17 -0
data/lib/brakeman/call_index.rb +219 -0
data/lib/brakeman/checks.rb +191 -0
data/lib/brakeman/checks/base_check.rb +518 -0
data/lib/brakeman/checks/check_basic_auth.rb +88 -0
data/lib/brakeman/checks/check_basic_auth_timing_attack.rb +33 -0
data/lib/brakeman/checks/check_content_tag.rb +160 -0
data/lib/brakeman/checks/check_create_with.rb +75 -0
data/lib/brakeman/checks/check_cross_site_scripting.rb +385 -0
data/lib/brakeman/checks/check_default_routes.rb +86 -0
data/lib/brakeman/checks/check_deserialize.rb +57 -0
data/lib/brakeman/checks/check_detailed_exceptions.rb +55 -0
data/lib/brakeman/checks/check_digest_dos.rb +38 -0
data/lib/brakeman/checks/check_dynamic_finders.rb +49 -0
data/lib/brakeman/checks/check_escape_function.rb +21 -0
data/lib/brakeman/checks/check_evaluation.rb +36 -0
data/lib/brakeman/checks/check_execute.rb +167 -0
data/lib/brakeman/checks/check_file_access.rb +63 -0
data/lib/brakeman/checks/check_file_disclosure.rb +35 -0
data/lib/brakeman/checks/check_filter_skipping.rb +31 -0
data/lib/brakeman/checks/check_forgery_setting.rb +74 -0
data/lib/brakeman/checks/check_header_dos.rb +31 -0
data/lib/brakeman/checks/check_i18n_xss.rb +48 -0
data/lib/brakeman/checks/check_jruby_xml.rb +38 -0
data/lib/brakeman/checks/check_json_encoding.rb +47 -0
data/lib/brakeman/checks/check_json_parsing.rb +107 -0
data/lib/brakeman/checks/check_link_to.rb +132 -0
data/lib/brakeman/checks/check_link_to_href.rb +115 -0
data/lib/brakeman/checks/check_mail_to.rb +49 -0
data/lib/brakeman/checks/check_mass_assignment.rb +198 -0
data/lib/brakeman/checks/check_mime_type_dos.rb +39 -0
data/lib/brakeman/checks/check_model_attr_accessible.rb +55 -0
data/lib/brakeman/checks/check_model_attributes.rb +119 -0
data/lib/brakeman/checks/check_model_serialize.rb +67 -0
data/lib/brakeman/checks/check_nested_attributes.rb +38 -0
data/lib/brakeman/checks/check_nested_attributes_bypass.rb +58 -0
data/lib/brakeman/checks/check_number_to_currency.rb +74 -0
data/lib/brakeman/checks/check_quote_table_name.rb +40 -0
data/lib/brakeman/checks/check_redirect.rb +215 -0
data/lib/brakeman/checks/check_regex_dos.rb +69 -0
data/lib/brakeman/checks/check_render.rb +92 -0
data/lib/brakeman/checks/check_render_dos.rb +37 -0
data/lib/brakeman/checks/check_render_inline.rb +54 -0
data/lib/brakeman/checks/check_response_splitting.rb +21 -0
data/lib/brakeman/checks/check_route_dos.rb +42 -0
data/lib/brakeman/checks/check_safe_buffer_manipulation.rb +31 -0
data/lib/brakeman/checks/check_sanitize_methods.rb +79 -0
data/lib/brakeman/checks/check_secrets.rb +40 -0
data/lib/brakeman/checks/check_select_tag.rb +60 -0
data/lib/brakeman/checks/check_select_vulnerability.rb +60 -0
data/lib/brakeman/checks/check_send.rb +48 -0
data/lib/brakeman/checks/check_send_file.rb +19 -0
data/lib/brakeman/checks/check_session_manipulation.rb +36 -0
data/lib/brakeman/checks/check_session_settings.rb +170 -0
data/lib/brakeman/checks/check_simple_format.rb +59 -0
data/lib/brakeman/checks/check_single_quotes.rb +101 -0
data/lib/brakeman/checks/check_skip_before_filter.rb +60 -0
data/lib/brakeman/checks/check_sql.rb +660 -0
data/lib/brakeman/checks/check_sql_cves.rb +101 -0
data/lib/brakeman/checks/check_ssl_verify.rb +49 -0
data/lib/brakeman/checks/check_strip_tags.rb +89 -0
data/lib/brakeman/checks/check_symbol_dos.rb +64 -0
data/lib/brakeman/checks/check_symbol_dos_cve.rb +30 -0
data/lib/brakeman/checks/check_translate_bug.rb +45 -0
data/lib/brakeman/checks/check_unsafe_reflection.rb +51 -0
data/lib/brakeman/checks/check_unscoped_find.rb +41 -0
data/lib/brakeman/checks/check_validation_regex.rb +116 -0
data/lib/brakeman/checks/check_weak_hash.rb +151 -0
data/lib/brakeman/checks/check_without_protection.rb +80 -0
data/lib/brakeman/checks/check_xml_dos.rb +51 -0
data/lib/brakeman/checks/check_yaml_parsing.rb +121 -0
data/lib/brakeman/differ.rb +66 -0
data/lib/brakeman/file_parser.rb +50 -0
data/lib/brakeman/format/style.css +133 -0
data/lib/brakeman/options.rb +301 -0
data/lib/brakeman/parsers/rails2_erubis.rb +6 -0
data/lib/brakeman/parsers/rails2_xss_plugin_erubis.rb +48 -0
data/lib/brakeman/parsers/rails3_erubis.rb +74 -0
data/lib/brakeman/parsers/template_parser.rb +89 -0
data/lib/brakeman/processor.rb +102 -0
data/lib/brakeman/processors/alias_processor.rb +1013 -0
data/lib/brakeman/processors/base_processor.rb +277 -0
data/lib/brakeman/processors/config_processor.rb +14 -0
data/lib/brakeman/processors/controller_alias_processor.rb +273 -0
data/lib/brakeman/processors/controller_processor.rb +326 -0
data/lib/brakeman/processors/erb_template_processor.rb +80 -0
data/lib/brakeman/processors/erubis_template_processor.rb +104 -0
data/lib/brakeman/processors/gem_processor.rb +57 -0
data/lib/brakeman/processors/haml_template_processor.rb +190 -0
data/lib/brakeman/processors/lib/basic_processor.rb +37 -0
data/lib/brakeman/processors/lib/find_all_calls.rb +223 -0
data/lib/brakeman/processors/lib/find_call.rb +183 -0
data/lib/brakeman/processors/lib/find_return_value.rb +134 -0
data/lib/brakeman/processors/lib/processor_helper.rb +75 -0
data/lib/brakeman/processors/lib/rails2_config_processor.rb +145 -0
data/lib/brakeman/processors/lib/rails2_route_processor.rb +313 -0
data/lib/brakeman/processors/lib/rails3_config_processor.rb +132 -0
data/lib/brakeman/processors/lib/rails3_route_processor.rb +308 -0
data/lib/brakeman/processors/lib/render_helper.rb +181 -0
data/lib/brakeman/processors/lib/render_path.rb +107 -0
data/lib/brakeman/processors/lib/route_helper.rb +68 -0
data/lib/brakeman/processors/lib/safe_call_helper.rb +16 -0
data/lib/brakeman/processors/library_processor.rb +119 -0
data/lib/brakeman/processors/model_processor.rb +191 -0
data/lib/brakeman/processors/output_processor.rb +171 -0
data/lib/brakeman/processors/route_processor.rb +17 -0
data/lib/brakeman/processors/slim_template_processor.rb +107 -0
data/lib/brakeman/processors/template_alias_processor.rb +116 -0
data/lib/brakeman/processors/template_processor.rb +74 -0
data/lib/brakeman/report.rb +78 -0
data/lib/brakeman/report/config/remediation.yml +71 -0
data/lib/brakeman/report/ignore/config.rb +135 -0
data/lib/brakeman/report/ignore/interactive.rb +311 -0
data/lib/brakeman/report/renderer.rb +24 -0
data/lib/brakeman/report/report_base.rb +286 -0
data/lib/brakeman/report/report_codeclimate.rb +70 -0
data/lib/brakeman/report/report_csv.rb +55 -0
data/lib/brakeman/report/report_hash.rb +23 -0
data/lib/brakeman/report/report_html.rb +216 -0
data/lib/brakeman/report/report_json.rb +42 -0
data/lib/brakeman/report/report_markdown.rb +156 -0
data/lib/brakeman/report/report_table.rb +107 -0
data/lib/brakeman/report/report_tabs.rb +17 -0
data/lib/brakeman/report/templates/controller_overview.html.erb +22 -0
data/lib/brakeman/report/templates/controller_warnings.html.erb +21 -0
data/lib/brakeman/report/templates/error_overview.html.erb +29 -0
data/lib/brakeman/report/templates/header.html.erb +58 -0
data/lib/brakeman/report/templates/ignored_warnings.html.erb +25 -0
data/lib/brakeman/report/templates/model_warnings.html.erb +21 -0
data/lib/brakeman/report/templates/overview.html.erb +38 -0
data/lib/brakeman/report/templates/security_warnings.html.erb +23 -0
data/lib/brakeman/report/templates/template_overview.html.erb +21 -0
data/lib/brakeman/report/templates/view_warnings.html.erb +34 -0
data/lib/brakeman/report/templates/warning_overview.html.erb +17 -0
data/lib/brakeman/rescanner.rb +483 -0
data/lib/brakeman/scanner.rb +317 -0
data/lib/brakeman/tracker.rb +347 -0
data/lib/brakeman/tracker/collection.rb +93 -0
data/lib/brakeman/tracker/config.rb +101 -0
data/lib/brakeman/tracker/constants.rb +101 -0
data/lib/brakeman/tracker/controller.rb +161 -0
data/lib/brakeman/tracker/library.rb +17 -0
data/lib/brakeman/tracker/model.rb +90 -0
data/lib/brakeman/tracker/template.rb +33 -0
data/lib/brakeman/util.rb +481 -0
data/lib/brakeman/version.rb +3 -0
data/lib/brakeman/warning.rb +255 -0
data/lib/brakeman/warning_codes.rb +111 -0
data/lib/ruby_parser/bm_sexp.rb +610 -0
data/lib/ruby_parser/bm_sexp_processor.rb +116 -0
metadata +362 -0

data/lib/brakeman/report/report_codeclimate.rb ADDED

@@ -0,0 +1,70 @@
+require "json"
+require "yaml"
+class Brakeman::Report::CodeClimate < Brakeman::Report::Base
+  DOCUMENTATION_PATH = File.expand_path("../../../../docs/warning_types", __FILE__)
+  REMEDIATION_POINTS_CONFIG_PATH = File.expand_path("../config/remediation.yml", __FILE__)
+  REMEDIATION_POINTS_DEFAULT = 300_000
+  def generate_report
+    all_warnings.map { |warning| issue_json(warning) }.join("\0")
+  end
+  private
+  def issue_json(warning)
+    warning_code_name = name_for(warning.warning_code)
+    {
+      type: "Issue",
+      check_name: warning_code_name,
+      description: warning.message,
+      fingerprint: warning.fingerprint,
+      categories: ["Security"],
+      severity: severity_level_for(warning.confidence),
+      remediation_points: remediation_points_for(warning_code_name),
+      location: {
+        path: warning.relative_path,
+        lines: {
+          begin: warning.line || 1,
+          end: warning.line || 1,
+        }
+      },
+      content: {
+        body: content_for(warning.warning_code, warning.link)
+      }
+    }.to_json
+  end
+  def severity_level_for(confidence)
+    if confidence == 0
+      "critical"
+    else
+      "normal"
+    end
+  end
+  def remediation_points_for(warning_code)
+    @remediation_points ||= YAML.load_file(REMEDIATION_POINTS_CONFIG_PATH)
+    @remediation_points.fetch(name_for(warning_code), REMEDIATION_POINTS_DEFAULT)
+  end
+  def name_for(warning_code)
+    @warning_codes ||= Brakeman::WarningCodes::Codes.invert
+    @warning_codes[warning_code].to_s
+  end
+  def content_for(warning_code, link)
+    @contents ||= {}
+    unless link.nil?
+      @contents[warning_code] ||= local_content_for(link) || "Read more: #{link}"
+    end
+  end
+  def local_content_for(link)
+    directory = link.split("/").last
+    filename = File.join(DOCUMENTATION_PATH, directory, "index.markdown")
+    File.read(filename) if File.exist?(filename)
+  end
+end

data/lib/brakeman/report/report_csv.rb ADDED

@@ -0,0 +1,55 @@
+require 'csv'
+require "brakeman/report/report_table"
+class Brakeman::Report::CSV < Brakeman::Report::Table
+  def generate_report
+    output = csv_header
+    output << "\nSUMMARY\n"
+    output << table_to_csv(generate_overview) << "\n"
+    output << table_to_csv(generate_warning_overview) << "\n"
+    #Return output early if only summarizing
+    if tracker.options[:summary_only]
+      return output
+    end
+    if tracker.options[:report_routes] or tracker.options[:debug]
+      output << "CONTROLLERS\n"
+      output << table_to_csv(generate_controllers) << "\n"
+    end
+    if tracker.options[:debug]
+      output << "TEMPLATES\n\n"
+      output << table_to_csv(generate_templates) << "\n"
+    end
+    res = generate_errors
+    output << "ERRORS\n" << table_to_csv(res) << "\n" if res
+    res = generate_warnings
+    output << "SECURITY WARNINGS\n" << table_to_csv(res) << "\n" if res
+    output << "Controller Warnings\n"
+    res = generate_controller_warnings
+    output << table_to_csv(res) << "\n" if res
+    output << "Model Warnings\n"
+    res = generate_model_warnings
+    output << table_to_csv(res) << "\n" if res
+    res = generate_template_warnings
+    output << "Template Warnings\n"
+    output << table_to_csv(res) << "\n" if res
+    output
+  end
+  #Generate header for CSV output
+  def csv_header
+    header = CSV.generate_line(["Application Path", "Report Generation Time", "Checks Performed", "Rails Version"])
+    header << CSV.generate_line([File.expand_path(tracker.app_path), Time.now.to_s, checks.checks_run.sort.join(", "), rails_version])
+    "BRAKEMAN REPORT\n\n" + header
+  end
+end

data/lib/brakeman/report/report_hash.rb ADDED

@@ -0,0 +1,23 @@
+# Generates a hash table for use in Brakeman tests
+class Brakeman::Report::Hash < Brakeman::Report::Base
+  def generate_report
+    report = { :errors => tracker.errors,
+               :controllers => tracker.controllers,
+               :models => tracker.models,
+               :templates => tracker.templates
+              }
+    [:generic_warnings, :controller_warnings, :model_warnings, :template_warnings].each do |meth|
+      report[meth] = self.send(meth)
+      report[meth].each do |w|
+        w.message = w.format_message
+        w.context = context_for(@app_tree, w).join("\n")
+      end
+    end
+    report[:config] = tracker.config
+    report[:checks_run] = tracker.checks.checks_run
+    report
+  end
+end

data/lib/brakeman/report/report_html.rb ADDED

@@ -0,0 +1,216 @@
+require 'cgi'
+class Brakeman::Report::HTML < Brakeman::Report::Base
+  HTML_CONFIDENCE = [ "<span class='high-confidence'>High</span>",
+    "<span class='med-confidence'>Medium</span>",
+    "<span class='weak-confidence'>Weak</span>" ]
+  def initialize *args
+    super
+    @element_id = 0 #Used for HTML ids
+  end
+  def generate_report
+    out = html_header <<
+    generate_overview <<
+    generate_warning_overview.to_s
+    # Return early if only summarizing
+    return out if tracker.options[:summary_only]
+    out << generate_controllers.to_s if tracker.options[:report_routes] or tracker.options[:debug]
+    out << generate_templates.to_s if tracker.options[:debug]
+    out << generate_errors.to_s
+    out << generate_warnings.to_s
+    out << generate_controller_warnings.to_s
+    out << generate_model_warnings.to_s
+    out << generate_template_warnings.to_s
+    out << generate_ignored_warnings.to_s
+    out << "</body></html>"
+  end
+  def generate_overview
+      locals = {
+        :tracker => tracker,
+        :warnings => all_warnings.length,
+        :warnings_summary => warnings_summary,
+        :number_of_templates => number_of_templates(@tracker),
+        :ignored_warnings => ignored_warnings.length
+        }
+      Brakeman::Report::Renderer.new('overview', :locals => locals).render
+  end
+  #Generate listings of templates and their output
+  def generate_templates
+    out_processor = Brakeman::OutputProcessor.new
+    template_rows = {}
+    tracker.templates.each do |name, template|
+      template.each_output do |out|
+        out = CGI.escapeHTML(out_processor.format(out))
+        template_rows[name] ||= []
+        template_rows[name] << out.gsub("\n", ";").gsub(/\s+/, " ")
+      end
+    end
+    template_rows = template_rows.sort_by{|name, value| name.to_s}
+      Brakeman::Report::Renderer.new('template_overview', :locals => {:template_rows => template_rows}).render
+  end
+  def render_array template, headings, value_array, locals
+    return if value_array.empty?
+    Brakeman::Report::Renderer.new(template, :locals => locals).render
+  end
+  def convert_warning warning, original
+    warning["Confidence"] = HTML_CONFIDENCE[warning["Confidence"]]
+    warning["Message"] = with_context original, warning["Message"]
+    warning["Warning Type"] = with_link original, warning["Warning Type"]
+    warning
+  end
+  def with_link warning, message
+    "<a rel=\"no-referrer\" href=\"#{warning.link}\">#{message}</a>"
+  end
+  def convert_template_warning warning, original
+    warning["Confidence"] = HTML_CONFIDENCE[warning["Confidence"]]
+    warning["Message"] = with_context original, warning["Message"]
+    warning["Warning Type"] = with_link original, warning["Warning Type"]
+    warning["Called From"] = original.called_from
+    warning["Template Name"] = original.template.name
+    warning
+  end
+  def convert_ignored_warning warning, original
+    warning = convert_warning(warning, original)
+    warning['File'] = original.relative_path
+    warning['Note'] = CGI.escapeHTML(@ignore_filter.note_for(original) || "")
+    warning
+  end
+  #Return header for HTML output. Uses CSS from tracker.options[:html_style]
+  def html_header
+    if File.exist? tracker.options[:html_style]
+      css = File.read tracker.options[:html_style]
+    else
+      raise "Cannot find CSS stylesheet for HTML: #{tracker.options[:html_style]}"
+    end
+    locals = {
+      :css => css,
+      :tracker => tracker,
+      :checks => checks,
+      :rails_version => rails_version,
+      :brakeman_version => Brakeman::Version
+      }
+    Brakeman::Report::Renderer.new('header', :locals => locals).render
+  end
+  #Generate HTML for warnings, including context show/hidden via Javascript
+  def with_context warning, message
+    context = context_for(@app_tree, warning)
+    full_message = nil
+    if tracker.options[:message_limit] and tracker.options[:message_limit] > 0 and message.length > tracker.options[:message_limit]
+      full_message = html_message(warning, message)
+      message = message[0..tracker.options[:message_limit]] << "..."
+    end
+    message = html_message(warning, message)
+    return message if context.empty? and not full_message
+    @element_id += 1
+    code_id = "context#@element_id"
+    message_id = "message#@element_id"
+    full_message_id = "full_message#@element_id"
+    alt = false
+    output = "<div class='warning_message' onClick=\"toggle('#{code_id}');toggle('#{message_id}');toggle('#{full_message_id}')\" >" <<
+    if full_message
+      "<span id='#{message_id}' style='display:block' >#{message}</span>" <<
+      "<span id='#{full_message_id}' style='display:none'>#{full_message}</span>"
+    else
+      message
+    end <<
+    "<table id='#{code_id}' class='context' style='display:none'>" <<
+    "<caption>#{CGI.escapeHTML warning_file(warning) || ''}</caption>"
+    output << <<-HTML
+      <thead style='display:none'>
+        <tr>
+          <th>line number</th>
+          <th>line content</th>
+        </tr>
+      </thead>
+      <tbody>
+    HTML
+    unless context.empty?
+      if warning.line - 1 == 1 or warning.line + 1 == 1
+        error = " near_error"
+      elsif 1 == warning.line
+        error = " error"
+      else
+        error = ""
+      end
+      output << <<-HTML
+        <tr class='context first#{error}'>
+          <td class='context_line'>
+            <pre class='context'>#{context.first[0]}</pre>
+          </td>
+          <td class='context'>
+            <pre class='context'>#{CGI.escapeHTML context.first[1].chomp}</pre>
+          </td>
+        </tr>
+      HTML
+      if context.length > 1
+        output << context[1..-1].map do |code|
+          alt = !alt
+          if code[0] == warning.line - 1 or code[0] == warning.line + 1
+            error = " near_error"
+          elsif code[0] == warning.line
+            error = " error"
+          else
+            error = ""
+          end
+          <<-HTML
+          <tr class='context#{alt ? ' alt' : ''}#{error}'>
+            <td class='context_line'>
+              <pre class='context'>#{code[0]}</pre>
+            </td>
+            <td class='context'>
+              <pre class='context'>#{CGI.escapeHTML code[1].chomp}</pre>
+            </td>
+          </tr>
+          HTML
+        end.join
+      end
+    end
+    output << "</tbody></table></div>"
+  end
+  #Escape warning message and highlight user input in HTML output
+  def html_message warning, message
+    message = CGI.escapeHTML(message)
+    if warning.file
+      github_url = github_url warning.file, warning.line
+      message.gsub!(/(near line \d+)/, "<a href=\"#{github_url}\" target='_blank'>\\1</a>") if github_url
+    end
+    if @highlight_user_input and warning.user_input
+      user_input = CGI.escapeHTML(warning.format_user_input)
+      message.gsub!(user_input, "<span class=\"user_input\">#{user_input}</span>")
+    end
+    message
+  end
+end

data/lib/brakeman/report/report_json.rb ADDED

@@ -0,0 +1,42 @@
+class Brakeman::Report::JSON < Brakeman::Report::Base
+  def generate_report
+    errors = tracker.errors.map{|e| { :error => e[:error], :location => e[:backtrace][0] }}
+    warnings = convert_to_hashes all_warnings
+    ignored = convert_to_hashes ignored_warnings
+    scan_info = {
+      :app_path => tracker.app_path,
+      :rails_version => rails_version,
+      :security_warnings => all_warnings.length,
+      :start_time => tracker.start_time.to_s,
+      :end_time => tracker.end_time.to_s,
+      :duration => tracker.duration,
+      :checks_performed => checks.checks_run.sort,
+      :number_of_controllers => tracker.controllers.length,
+      # ignore the "fake" model
+      :number_of_models => tracker.models.length - 1,
+      :number_of_templates => number_of_templates(@tracker),
+      :ruby_version => RUBY_VERSION,
+      :brakeman_version => Brakeman::Version
+    }
+    report_info = {
+      :scan_info => scan_info,
+      :warnings => warnings,
+      :ignored_warnings => ignored,
+      :errors => errors
+    }
+    JSON.pretty_generate report_info
+  end
+  def convert_to_hashes warnings
+    warnings.map do |w|
+      hash = w.to_hash
+      hash[:file] = warning_file w
+      hash
+    end.sort_by { |w| "#{w[:fingerprint]}#{w[:line]}" }
+  end
+end

data/lib/brakeman/report/report_markdown.rb ADDED

@@ -0,0 +1,156 @@
+Brakeman.load_brakeman_dependency 'terminal-table'
+class Brakeman::Report::Markdown < Brakeman::Report::Base
+  class MarkdownTable < Terminal::Table
+    def initialize options = {}, &block
+      options[:style] ||= {}
+      options[:style].merge!({
+          :border_x => '-',
+          :border_y => '|',
+          :border_i => '|'
+      })
+      super options, &block
+    end
+    def render
+      super.split("\n")[1...-1].join("\n")
+    end
+    alias :to_s :render
+  end
+  def generate_report
+    out = "# BRAKEMAN REPORT\n\n" <<
+    generate_metadata.to_s << "\n\n" <<
+    generate_checks.to_s << "\n\n" <<
+    "### SUMMARY\n\n" <<
+    generate_overview.to_s << "\n\n" <<
+    generate_warning_overview.to_s << "\n\n"
+    #Return output early if only summarizing
+    return out if tracker.options[:summary_only]
+    if tracker.options[:report_routes] or tracker.options[:debug]
+      out << "### CONTROLLERS"  << "\n\n" <<
+      generate_controllers.to_s << "\n\n"
+    end
+    if tracker.options[:debug]
+      out << "### TEMPLATES\n\n" <<
+      generate_templates.to_s << "\n\n"
+    end
+    res = generate_errors
+    out << "### Errors\n\n" << res.to_s << "\n\n" if res
+    res = generate_warnings
+    out << "### SECURITY WARNINGS\n\n" << res.to_s << "\n\n" if res
+    res = generate_controller_warnings
+    out << "### Controller Warnings:\n\n" << res.to_s << "\n\n" if res
+    res = generate_model_warnings
+    out << "### Model Warnings:\n\n" << res.to_s << "\n\n" if res
+    res = generate_template_warnings
+    out << "### View Warnings:\n\n" << res.to_s << "\n\n" if res
+    out
+  end
+  def generate_metadata
+    MarkdownTable.new(
+      :headings =>
+        ['Application path', 'Rails version', 'Brakeman version', 'Started at', 'Duration']
+    ) do |t|
+      t.add_row([
+        tracker.app_path,
+        rails_version,
+        Brakeman::Version,
+        tracker.start_time,
+        "#{tracker.duration} seconds",
+      ])
+    end
+  end
+  def generate_checks
+    MarkdownTable.new(:headings => ['Checks performed']) do |t|
+      t.add_row([checks.checks_run.sort.join(", ")])
+    end
+  end
+  def generate_overview
+    num_warnings = all_warnings.length
+    MarkdownTable.new(:headings => ['Scanned/Reported', 'Total']) do |t|
+      t.add_row ['Controllers', tracker.controllers.length]
+      t.add_row ['Models', tracker.models.length - 1]
+      t.add_row ['Templates', number_of_templates(@tracker)]
+      t.add_row ['Errors', tracker.errors.length]
+      t.add_row ['Security Warnings', "#{num_warnings} (#{warnings_summary[:high_confidence]})"]
+      t.add_row ['Ignored Warnings', ignored_warnings.length] unless ignored_warnings.empty?
+    end
+  end
+  #Generate listings of templates and their output
+  def generate_templates
+    out_processor = Brakeman::OutputProcessor.new
+    template_rows = {}
+    tracker.templates.each do |name, template|
+      template.each_output do |out|
+        out = out_processor.format out
+        template_rows[name] ||= []
+        template_rows[name] << out.gsub("\n", ";").gsub(/\s+/, " ")
+      end
+    end
+    template_rows = template_rows.sort_by{|name, value| name.to_s}
+    output = ''
+    template_rows.each do |template|
+      output << template.first.to_s << "\n\n"
+      table = MarkdownTable.new(:headings => ['Output']) do |t|
+        # template[1] is an array of calls
+        template[1].each do |v|
+          t.add_row [v]
+        end
+      end
+      output << table.to_s << "\n\n"
+    end
+    output
+  end
+  def render_array template, headings, value_array, locals
+    return if value_array.empty?
+    MarkdownTable.new(:headings => headings) do |t|
+      value_array.each { |value_row| t.add_row value_row }
+    end
+  end
+  def convert_warning warning, original
+    warning["Confidence"] = TEXT_CONFIDENCE[warning["Confidence"]]
+    warning["Message"] = markdown_message original, warning["Message"]
+    warning["Warning Type"] = "[#{warning['Warning Type']}](#{original.link})" if original.link
+    warning
+  end
+  # Escape and code format warning message
+  def markdown_message warning, message
+    if warning.file
+      github_url = github_url warning.file, warning.line
+      message.gsub!(/(near line \d+)/, "[\\1](#{github_url})") if github_url
+    end
+    if warning.code
+      code = warning.format_code
+      message.gsub(code, "`#{code.gsub('`','``').gsub(/\A``|``\z/, '` `')}`")
+    else
+      message
+    end
+  end
+end