brakeman-lib 4.10.1 → 5.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGES.md +44 -0
- data/README.md +11 -2
- data/lib/brakeman.rb +17 -4
- data/lib/brakeman/app_tree.rb +36 -3
- data/lib/brakeman/checks/base_check.rb +7 -1
- data/lib/brakeman/checks/check_execute.rb +1 -0
- data/lib/brakeman/checks/check_mass_assignment.rb +4 -6
- data/lib/brakeman/checks/check_sanitize_methods.rb +2 -1
- data/lib/brakeman/checks/check_sql.rb +1 -1
- data/lib/brakeman/checks/check_unsafe_reflection_methods.rb +68 -0
- data/lib/brakeman/checks/check_verb_confusion.rb +75 -0
- data/lib/brakeman/file_parser.rb +19 -18
- data/lib/brakeman/options.rb +5 -1
- data/lib/brakeman/parsers/template_parser.rb +26 -3
- data/lib/brakeman/processors/alias_processor.rb +39 -12
- data/lib/brakeman/processors/base_processor.rb +4 -4
- data/lib/brakeman/processors/lib/file_type_detector.rb +64 -0
- data/lib/brakeman/processors/lib/rails3_config_processor.rb +16 -16
- data/lib/brakeman/processors/lib/rails4_config_processor.rb +2 -1
- data/lib/brakeman/report.rb +8 -0
- data/lib/brakeman/report/report_base.rb +0 -2
- data/lib/brakeman/report/report_csv.rb +37 -60
- data/lib/brakeman/report/report_junit.rb +2 -2
- data/lib/brakeman/report/report_sarif.rb +1 -1
- data/lib/brakeman/report/report_sonar.rb +38 -0
- data/lib/brakeman/report/report_tabs.rb +1 -1
- data/lib/brakeman/report/report_text.rb +1 -1
- data/lib/brakeman/rescanner.rb +7 -5
- data/lib/brakeman/scanner.rb +44 -18
- data/lib/brakeman/tracker.rb +6 -0
- data/lib/brakeman/tracker/config.rb +73 -0
- data/lib/brakeman/util.rb +7 -2
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning.rb +10 -2
- data/lib/brakeman/warning_codes.rb +2 -0
- metadata +8 -4
data/lib/brakeman/version.rb
CHANGED
data/lib/brakeman/warning.rb
CHANGED
|
@@ -275,6 +275,14 @@ class Brakeman::Warning
|
|
|
275
275
|
self.file.relative
|
|
276
276
|
end
|
|
277
277
|
|
|
278
|
+
def check_name
|
|
279
|
+
@check_name ||= self.check.sub(/^Brakeman::Check/, '')
|
|
280
|
+
end
|
|
281
|
+
|
|
282
|
+
def confidence_name
|
|
283
|
+
TEXT_CONFIDENCE[self.confidence]
|
|
284
|
+
end
|
|
285
|
+
|
|
278
286
|
def to_hash absolute_paths: true
|
|
279
287
|
if self.called_from and not absolute_paths
|
|
280
288
|
render_path = self.called_from.with_relative_paths
|
|
@@ -285,7 +293,7 @@ class Brakeman::Warning
|
|
|
285
293
|
{ :warning_type => self.warning_type,
|
|
286
294
|
:warning_code => @warning_code,
|
|
287
295
|
:fingerprint => self.fingerprint,
|
|
288
|
-
:check_name => self.
|
|
296
|
+
:check_name => self.check_name,
|
|
289
297
|
:message => self.message.to_s,
|
|
290
298
|
:file => (absolute_paths ? self.file.absolute : self.file.relative),
|
|
291
299
|
:line => self.line,
|
|
@@ -294,7 +302,7 @@ class Brakeman::Warning
|
|
|
294
302
|
:render_path => render_path,
|
|
295
303
|
:location => self.location(false),
|
|
296
304
|
:user_input => (@user_input && self.format_user_input(false)),
|
|
297
|
-
:confidence =>
|
|
305
|
+
:confidence => self.confidence_name
|
|
298
306
|
}
|
|
299
307
|
end
|
|
300
308
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: brakeman-lib
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 5.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Justin Collins
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-06-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: minitest
|
|
@@ -315,8 +315,10 @@ files:
|
|
|
315
315
|
- lib/brakeman/checks/check_template_injection.rb
|
|
316
316
|
- lib/brakeman/checks/check_translate_bug.rb
|
|
317
317
|
- lib/brakeman/checks/check_unsafe_reflection.rb
|
|
318
|
+
- lib/brakeman/checks/check_unsafe_reflection_methods.rb
|
|
318
319
|
- lib/brakeman/checks/check_unscoped_find.rb
|
|
319
320
|
- lib/brakeman/checks/check_validation_regex.rb
|
|
321
|
+
- lib/brakeman/checks/check_verb_confusion.rb
|
|
320
322
|
- lib/brakeman/checks/check_weak_hash.rb
|
|
321
323
|
- lib/brakeman/checks/check_without_protection.rb
|
|
322
324
|
- lib/brakeman/checks/check_xml_dos.rb
|
|
@@ -347,6 +349,7 @@ files:
|
|
|
347
349
|
- lib/brakeman/processors/haml_template_processor.rb
|
|
348
350
|
- lib/brakeman/processors/lib/basic_processor.rb
|
|
349
351
|
- lib/brakeman/processors/lib/call_conversion_helper.rb
|
|
352
|
+
- lib/brakeman/processors/lib/file_type_detector.rb
|
|
350
353
|
- lib/brakeman/processors/lib/find_all_calls.rb
|
|
351
354
|
- lib/brakeman/processors/lib/find_call.rb
|
|
352
355
|
- lib/brakeman/processors/lib/find_return_value.rb
|
|
@@ -383,6 +386,7 @@ files:
|
|
|
383
386
|
- lib/brakeman/report/report_junit.rb
|
|
384
387
|
- lib/brakeman/report/report_markdown.rb
|
|
385
388
|
- lib/brakeman/report/report_sarif.rb
|
|
389
|
+
- lib/brakeman/report/report_sonar.rb
|
|
386
390
|
- lib/brakeman/report/report_table.rb
|
|
387
391
|
- lib/brakeman/report/report_tabs.rb
|
|
388
392
|
- lib/brakeman/report/report_text.rb
|
|
@@ -432,14 +436,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
432
436
|
requirements:
|
|
433
437
|
- - ">="
|
|
434
438
|
- !ruby/object:Gem::Version
|
|
435
|
-
version:
|
|
439
|
+
version: 2.4.0
|
|
436
440
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
437
441
|
requirements:
|
|
438
442
|
- - ">="
|
|
439
443
|
- !ruby/object:Gem::Version
|
|
440
444
|
version: '0'
|
|
441
445
|
requirements: []
|
|
442
|
-
rubygems_version: 3.
|
|
446
|
+
rubygems_version: 3.1.2
|
|
443
447
|
signing_key:
|
|
444
448
|
specification_version: 4
|
|
445
449
|
summary: Security vulnerability scanner for Ruby on Rails.
|