brakeman-lib 4.7.1 → 4.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGES.md +47 -0
  3. data/README.md +13 -5
  4. data/lib/brakeman.rb +20 -0
  5. data/lib/brakeman/checks/base_check.rb +13 -10
  6. data/lib/brakeman/checks/check_basic_auth.rb +2 -0
  7. data/lib/brakeman/checks/check_content_tag.rb +1 -2
  8. data/lib/brakeman/checks/check_csrf_token_forgery_cve.rb +28 -0
  9. data/lib/brakeman/checks/check_deserialize.rb +21 -1
  10. data/lib/brakeman/checks/check_execute.rb +40 -5
  11. data/lib/brakeman/checks/check_json_entity_escape.rb +38 -0
  12. data/lib/brakeman/checks/check_link_to.rb +1 -1
  13. data/lib/brakeman/checks/check_link_to_href.rb +1 -3
  14. data/lib/brakeman/checks/check_mass_assignment.rb +34 -4
  15. data/lib/brakeman/checks/check_model_attr_accessible.rb +1 -1
  16. data/lib/brakeman/checks/check_page_caching_cve.rb +37 -0
  17. data/lib/brakeman/checks/check_permit_attributes.rb +1 -1
  18. data/lib/brakeman/checks/check_skip_before_filter.rb +4 -4
  19. data/lib/brakeman/checks/check_sql.rb +24 -33
  20. data/lib/brakeman/checks/check_template_injection.rb +32 -0
  21. data/lib/brakeman/commandline.rb +25 -1
  22. data/lib/brakeman/differ.rb +0 -5
  23. data/lib/brakeman/options.rb +21 -1
  24. data/lib/brakeman/processor.rb +1 -1
  25. data/lib/brakeman/processors/alias_processor.rb +2 -3
  26. data/lib/brakeman/processors/lib/find_all_calls.rb +30 -14
  27. data/lib/brakeman/processors/lib/render_helper.rb +3 -1
  28. data/lib/brakeman/report.rb +4 -1
  29. data/lib/brakeman/report/ignore/config.rb +10 -2
  30. data/lib/brakeman/report/report_junit.rb +104 -0
  31. data/lib/brakeman/report/report_markdown.rb +0 -1
  32. data/lib/brakeman/report/report_text.rb +37 -16
  33. data/lib/brakeman/scanner.rb +4 -1
  34. data/lib/brakeman/tracker.rb +3 -1
  35. data/lib/brakeman/tracker/config.rb +4 -3
  36. data/lib/brakeman/tracker/constants.rb +8 -7
  37. data/lib/brakeman/util.rb +21 -3
  38. data/lib/brakeman/version.rb +1 -1
  39. data/lib/brakeman/warning_codes.rb +7 -0
  40. metadata +33 -8
@@ -98,7 +98,9 @@ module Brakeman::RenderHelper
98
98
 
99
99
  if hash? options[:locals]
100
100
  hash_iterate options[:locals] do |key, value|
101
- template_env[Sexp.new(:call, nil, key.value)] = value
101
+ if symbol? key
102
+ template_env[Sexp.new(:call, nil, key.value)] = value
103
+ end
102
104
  end
103
105
  end
104
106
 
@@ -6,7 +6,7 @@ require 'brakeman/report/report_base'
6
6
  class Brakeman::Report
7
7
  attr_reader :tracker
8
8
 
9
- VALID_FORMATS = [:to_html, :to_pdf, :to_csv, :to_json, :to_tabs, :to_hash, :to_s, :to_markdown, :to_codeclimate, :to_plain, :to_text]
9
+ VALID_FORMATS = [:to_html, :to_pdf, :to_csv, :to_json, :to_tabs, :to_hash, :to_s, :to_markdown, :to_codeclimate, :to_plain, :to_text, :to_junit]
10
10
 
11
11
  def initialize tracker
12
12
  @app_tree = tracker.app_tree
@@ -40,6 +40,9 @@ class Brakeman::Report
40
40
  return self.to_table
41
41
  when :to_pdf
42
42
  raise "PDF output is not yet supported."
43
+ when :to_junit
44
+ require_report 'junit'
45
+ Brakeman::Report::JUnit
43
46
  else
44
47
  raise "Invalid format: #{format}. Should be one of #{VALID_FORMATS.inspect}"
45
48
  end
@@ -94,10 +94,18 @@ module Brakeman
94
94
  end
95
95
  end
96
96
 
97
+ def already_ignored_entries_with_empty_notes
98
+ @already_ignored.select { |i| i if i[:note].strip.empty? }
99
+ end
100
+
97
101
  # Read configuration to file
98
102
  def read_from_file file = @file
99
103
  if File.exist? file
100
- @already_ignored = JSON.parse(File.read(file), :symbolize_names => true)[:ignored_warnings]
104
+ begin
105
+ @already_ignored = JSON.parse(File.read(file), :symbolize_names => true)[:ignored_warnings]
106
+ rescue => e
107
+ raise e, "\nError[#{e.class}] while reading brakeman ignore file: #{file}\n"
108
+ end
101
109
  else
102
110
  Brakeman.notify "[Notice] Could not find ignore configuration in #{file}"
103
111
  @already_ignored = []
@@ -118,7 +126,7 @@ module Brakeman
118
126
 
119
127
  w[:note] = @notes[w[:fingerprint]] || ""
120
128
  w
121
- end.sort_by { |w| w[:fingerprint] }
129
+ end.sort_by { |w| [w[:fingerprint], w[:line]] }
122
130
 
123
131
  output = {
124
132
  :ignored_warnings => warnings,
@@ -0,0 +1,104 @@
1
+ require 'time'
2
+ require "stringio"
3
+ require 'rexml/document'
4
+
5
+ class Brakeman::Report::JUnit < Brakeman::Report::Base
6
+ def generate_report
7
+ io = StringIO.new
8
+ doc = REXML::Document.new
9
+ doc.add REXML::XMLDecl.new '1.0', 'UTF-8'
10
+
11
+ test_suites = REXML::Element.new 'testsuites'
12
+ test_suites.add_attribute 'xmlns:brakeman', 'https://brakemanscanner.org/'
13
+ properties = test_suites.add_element 'brakeman:properties', { 'xml:id' => 'scan_info' }
14
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'app_path', 'brakeman:value' => tracker.app_path }
15
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'rails_version', 'brakeman:value' => rails_version }
16
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'security_warnings', 'brakeman:value' => all_warnings.length }
17
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'start_time', 'brakeman:value' => tracker.start_time.iso8601 }
18
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'end_time', 'brakeman:value' => tracker.end_time.iso8601 }
19
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'duration', 'brakeman:value' => tracker.duration }
20
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'checks_performed', 'brakeman:value' => checks.checks_run.join(',') }
21
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'number_of_controllers', 'brakeman:value' => tracker.controllers.length }
22
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'number_of_models', 'brakeman:value' => tracker.models.length - 1 }
23
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'ruby_version', 'brakeman:value' => number_of_templates(@tracker) }
24
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'number_of_templates', 'brakeman:value' => RUBY_VERSION }
25
+ properties.add_element 'brakeman:property', { 'brakeman:name' => 'brakeman_version', 'brakeman:value' => Brakeman::Version }
26
+
27
+ errors = test_suites.add_element 'brakeman:errors'
28
+ tracker.errors.each { |e|
29
+ error = errors.add_element 'brakeman:error'
30
+ error.add_attribute 'brakeman:message', e[:error]
31
+ e[:backtrace].each { |b|
32
+ backtrace = error.add_element 'brakeman:backtrace'
33
+ backtrace.add_text b
34
+ }
35
+ }
36
+
37
+ obsolete = test_suites.add_element 'brakeman:obsolete'
38
+ tracker.unused_fingerprints.each { |fingerprint|
39
+ obsolete.add_element 'brakeman:warning', { 'brakeman:fingerprint' => fingerprint }
40
+ }
41
+
42
+ ignored = test_suites.add_element 'brakeman:ignored'
43
+ ignored_warnings.each { |w|
44
+ warning = ignored.add_element 'brakeman:warning'
45
+ warning.add_attribute 'brakeman:message', w.message
46
+ warning.add_attribute 'brakeman:category', w.warning_type
47
+ warning.add_attribute 'brakeman:file', warning_file(w)
48
+ warning.add_attribute 'brakeman:line', w.line
49
+ warning.add_attribute 'brakeman:fingerprint', w.fingerprint
50
+ warning.add_attribute 'brakeman:confidence', TEXT_CONFIDENCE[w.confidence]
51
+ warning.add_attribute 'brakeman:code', w.format_code
52
+ warning.add_text w.to_s
53
+ }
54
+
55
+ hostname = `hostname`.strip
56
+ i = 0
57
+ all_warnings
58
+ .map { |warning| [warning.file, [warning]] }
59
+ .reduce({}) { |entries, entry|
60
+ key, value = entry
61
+ entries[key] = entries[key] ? entries[key].concat(value) : value
62
+ entries
63
+ }
64
+ .each { |file, warnings|
65
+ i += 1
66
+ test_suite = test_suites.add_element 'testsuite'
67
+ test_suite.add_attribute 'id', i
68
+ test_suite.add_attribute 'package', 'brakeman'
69
+ test_suite.add_attribute 'name', file.relative
70
+ test_suite.add_attribute 'timestamp', tracker.start_time.strftime('%FT%T')
71
+ test_suite.add_attribute 'hostname', hostname == '' ? 'localhost' : hostname
72
+ test_suite.add_attribute 'tests', checks.checks_run.length
73
+ test_suite.add_attribute 'failures', warnings.length
74
+ test_suite.add_attribute 'errors', '0'
75
+ test_suite.add_attribute 'time', '0'
76
+
77
+ test_suite.add_element 'properties'
78
+
79
+ warnings.each { |warning|
80
+ test_case = test_suite.add_element 'testcase'
81
+ test_case.add_attribute 'name', 'run_check'
82
+ test_case.add_attribute 'classname', warning.check
83
+ test_case.add_attribute 'time', '0'
84
+
85
+ failure = test_case.add_element 'failure'
86
+ failure.add_attribute 'message', warning.message
87
+ failure.add_attribute 'type', warning.warning_type
88
+ failure.add_attribute 'brakeman:fingerprint', warning.fingerprint
89
+ failure.add_attribute 'brakeman:file', warning_file(warning)
90
+ failure.add_attribute 'brakeman:line', warning.line
91
+ failure.add_attribute 'brakeman:confidence', TEXT_CONFIDENCE[warning.confidence]
92
+ failure.add_attribute 'brakeman:code', warning.format_code
93
+ failure.add_text warning.to_s
94
+ }
95
+
96
+ test_suite.add_element 'system-out'
97
+ test_suite.add_element 'system-err'
98
+ }
99
+
100
+ doc.add test_suites
101
+ doc.write io
102
+ io.string
103
+ end
104
+ end
@@ -84,7 +84,6 @@ class Brakeman::Report::Markdown < Brakeman::Report::Table
84
84
  end
85
85
 
86
86
  def convert_warning warning, original
87
- warning["Confidence"] = TEXT_CONFIDENCE[warning["Confidence"]]
88
87
  warning["Message"] = markdown_message original, warning["Message"]
89
88
  warning["Warning Type"] = "[#{warning['Warning Type']}](#{original.link})" if original.link
90
89
  warning
@@ -145,24 +145,45 @@ class Brakeman::Report::Text < Brakeman::Report::Base
145
145
  end
146
146
 
147
147
  def output_warning w
148
- out = [
149
- label('Confidence', confidence(w.confidence)),
150
- label('Category', w.warning_type.to_s),
151
- label('Check', w.check.gsub(/^Brakeman::Check/, '')),
148
+ text_format = tracker.options[:text_fields] ||
149
+ [:confidence, :category, :check, :message, :code, :file, :line]
150
+
151
+ text_format.map do |option|
152
+ format_line(w, option)
153
+ end.compact
154
+ end
155
+
156
+ def format_line w, option
157
+ case option
158
+ when :confidence
159
+ label('Confidence', confidence(w.confidence))
160
+ when :category
161
+ label('Category', w.warning_type.to_s)
162
+ when :check
163
+ label('Check', w.check.gsub(/^Brakeman::Check/, ''))
164
+ when :message
152
165
  label('Message', w.message)
153
- ]
154
-
155
- if w.code
156
- out << label('Code', format_code(w))
157
- end
158
-
159
- out << label('File', warning_file(w))
160
-
161
- if w.line
162
- out << label('Line', w.line)
166
+ when :code
167
+ if w.code
168
+ label('Code', format_code(w))
169
+ end
170
+ when :file
171
+ label('File', warning_file(w))
172
+ when :line
173
+ if w.line
174
+ label('Line', w.line)
175
+ end
176
+ when :link
177
+ label('Link', w.link)
178
+ when :fingerprint
179
+ label('Fingerprint', w.fingerprint)
180
+ when :category_id
181
+ label('Category ID', w.warning_code)
182
+ when :render_path
183
+ if w.called_from
184
+ label('Render Path', w.called_from.join(" > "))
185
+ end
163
186
  end
164
-
165
- out
166
187
  end
167
188
 
168
189
  def double_space title, values
@@ -94,11 +94,14 @@ class Brakeman::Scanner
94
94
  #
95
95
  #Stores parsed information in tracker.config
96
96
  def process_config
97
+ # Sometimes folks like to put constants in environment.rb
98
+ # so let's always process it even for newer Rails versions
99
+ process_config_file "environment.rb"
100
+
97
101
  if options[:rails3] or options[:rails4] or options[:rails5] or options[:rails6]
98
102
  process_config_file "application.rb"
99
103
  process_config_file "environments/production.rb"
100
104
  else
101
- process_config_file "environment.rb"
102
105
  process_config_file "gems.rb"
103
106
  end
104
107
 
@@ -198,8 +198,10 @@ class Brakeman::Tracker
198
198
  @constants.add name, value, context unless @options[:disable_constant_tracking]
199
199
  end
200
200
 
201
+ # This method does not return all constants at this time,
202
+ # just ones with "simple" values.
201
203
  def constant_lookup name
202
- @constants.get_literal name unless @options[:disable_constant_tracking]
204
+ @constants.get_simple_value name unless @options[:disable_constant_tracking]
203
205
  end
204
206
 
205
207
  def find_class name
@@ -15,6 +15,7 @@ module Brakeman
15
15
  @escape_html = nil
16
16
  @erubis = nil
17
17
  @ruby_version = ""
18
+ @rails_version = nil
18
19
  end
19
20
 
20
21
  def default_protect_from_forgery?
@@ -53,7 +54,7 @@ module Brakeman
53
54
  end
54
55
 
55
56
  def gem_version name
56
- extract_version @gems.dig(name, :version)
57
+ extract_version @gems.dig(name.to_sym, :version)
57
58
  end
58
59
 
59
60
  def add_gem name, version, file, line
@@ -66,11 +67,11 @@ module Brakeman
66
67
  end
67
68
 
68
69
  def has_gem? name
69
- !!@gems[name]
70
+ !!@gems[name.to_sym]
70
71
  end
71
72
 
72
73
  def get_gem name
73
- @gems[name]
74
+ @gems[name.to_sym]
74
75
  end
75
76
 
76
77
  def set_rails_version version = nil
@@ -1,7 +1,10 @@
1
1
  require 'brakeman/processors/output_processor'
2
+ require 'brakeman/util'
2
3
 
3
4
  module Brakeman
4
5
  class Constant
6
+ include Brakeman::Util
7
+
5
8
  attr_reader :name, :name_array, :file, :value, :context
6
9
 
7
10
  def initialize name, value, context = {}
@@ -107,13 +110,11 @@ module Brakeman
107
110
  @constants[base_name] << Constant.new(name, value, context)
108
111
  end
109
112
 
110
- LITERALS = [:lit, :false, :str, :true, :array, :hash]
111
- def literal? exp
112
- exp.is_a? Sexp and LITERALS.include? exp.node_type
113
- end
114
-
115
- def get_literal name
116
- if x = self[name] and literal? x
113
+ # Returns constant values that are not too complicated.
114
+ # Right now that means literal values (string, array, etc.)
115
+ # or calls on Dir.glob(..).whatever.
116
+ def get_simple_value name
117
+ if x = self[name] and (literal? x or dir_glob? x)
117
118
  x
118
119
  else
119
120
  nil
@@ -8,9 +8,11 @@ module Brakeman::Util
8
8
 
9
9
  PATH_PARAMETERS = Sexp.new(:call, Sexp.new(:call, nil, :request), :path_parameters)
10
10
 
11
- REQUEST_PARAMETERS = Sexp.new(:call, Sexp.new(:call, nil, :request), :request_parameters)
11
+ REQUEST_REQUEST_PARAMETERS = Sexp.new(:call, Sexp.new(:call, nil, :request), :request_parameters)
12
12
 
13
- REQUEST_PARAMS = Sexp.new(:call, Sexp.new(:call, nil, :request), :parameters)
13
+ REQUEST_PARAMETERS = Sexp.new(:call, Sexp.new(:call, nil, :request), :parameters)
14
+
15
+ REQUEST_PARAMS = Sexp.new(:call, Sexp.new(:call, nil, :request), :params)
14
16
 
15
17
  REQUEST_ENV = Sexp.new(:call, Sexp.new(:call, nil, :request), :env)
16
18
 
@@ -22,7 +24,7 @@ module Brakeman::Util
22
24
 
23
25
  SESSION = Sexp.new(:call, nil, :session)
24
26
 
25
- ALL_PARAMETERS = Set[PARAMETERS, QUERY_PARAMETERS, PATH_PARAMETERS, REQUEST_PARAMETERS, REQUEST_PARAMS]
27
+ ALL_PARAMETERS = Set[PARAMETERS, QUERY_PARAMETERS, PATH_PARAMETERS, REQUEST_REQUEST_PARAMETERS, REQUEST_PARAMETERS, REQUEST_PARAMS]
26
28
 
27
29
  ALL_COOKIES = Set[COOKIES, REQUEST_COOKIES]
28
30
 
@@ -291,6 +293,22 @@ module Brakeman::Util
291
293
  exp.is_a? Sexp and types.include? exp.node_type
292
294
  end
293
295
 
296
+ LITERALS = [:lit, :false, :str, :true, :array, :hash]
297
+
298
+ def literal? exp
299
+ exp.is_a? Sexp and LITERALS.include? exp.node_type
300
+ end
301
+
302
+ DIR_CONST = s(:const, :Dir)
303
+
304
+ # Dir.glob(...).whatever
305
+ def dir_glob? exp
306
+ exp = exp.block_call if node_type? exp, :iter
307
+ return unless call? exp
308
+
309
+ (exp.target == DIR_CONST and exp.method == :glob) or dir_glob? exp.target
310
+ end
311
+
294
312
  #Returns true if the given _exp_ contains a :class node.
295
313
  #
296
314
  #Useful for checking if a module is just a module or if it is a namespace.
@@ -1,3 +1,3 @@
1
1
  module Brakeman
2
- Version = "4.7.1"
2
+ Version = "4.9.0"
3
3
  end
@@ -113,6 +113,13 @@ module Brakeman::WarningCodes
113
113
  :force_ssl_disabled => 109,
114
114
  :unsafe_cookie_serialization => 110,
115
115
  :reverse_tabnabbing => 111,
116
+ :mass_assign_permit_all => 112,
117
+ :json_html_escape_config => 113,
118
+ :json_html_escape_module => 114,
119
+ :CVE_2020_8159 => 115,
120
+ :CVE_2020_8166 => 116,
121
+ :erb_template_injection => 117,
122
+
116
123
  :custom_check => 9090,
117
124
  }
118
125
 
metadata CHANGED
@@ -1,15 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: brakeman-lib
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.7.1
4
+ version: 4.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Justin Collins
8
8
  autorequire:
9
9
  bindir: bin
10
- cert_chain:
11
- - brakeman-public_cert.pem
12
- date: 2019-10-29 00:00:00.000000000 Z
10
+ cert_chain: []
11
+ date: 2020-08-04 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: minitest
@@ -53,6 +52,20 @@ dependencies:
53
52
  - - ">="
54
53
  - !ruby/object:Gem::Version
55
54
  version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: simplecov-html
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - '='
60
+ - !ruby/object:Gem::Version
61
+ version: 0.10.2
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - '='
67
+ - !ruby/object:Gem::Version
68
+ version: 0.10.2
56
69
  - !ruby/object:Gem::Dependency
57
70
  name: ruby_parser
58
71
  requirement: !ruby/object:Gem::Requirement
@@ -188,7 +201,7 @@ dependencies:
188
201
  version: 1.3.6
189
202
  - - "<="
190
203
  - !ruby/object:Gem::Version
191
- version: 4.0.1
204
+ version: '4.1'
192
205
  type: :runtime
193
206
  prerelease: false
194
207
  version_requirements: !ruby/object:Gem::Requirement
@@ -198,7 +211,7 @@ dependencies:
198
211
  version: 1.3.6
199
212
  - - "<="
200
213
  - !ruby/object:Gem::Version
201
- version: 4.0.1
214
+ version: '4.1'
202
215
  description: Brakeman detects security vulnerabilities in Ruby on Rails applications
203
216
  via static analysis. This package declares gem dependencies instead of bundling
204
217
  them.
@@ -223,6 +236,7 @@ files:
223
236
  - lib/brakeman/checks/check_cookie_serialization.rb
224
237
  - lib/brakeman/checks/check_create_with.rb
225
238
  - lib/brakeman/checks/check_cross_site_scripting.rb
239
+ - lib/brakeman/checks/check_csrf_token_forgery_cve.rb
226
240
  - lib/brakeman/checks/check_default_routes.rb
227
241
  - lib/brakeman/checks/check_deserialize.rb
228
242
  - lib/brakeman/checks/check_detailed_exceptions.rb
@@ -241,6 +255,7 @@ files:
241
255
  - lib/brakeman/checks/check_i18n_xss.rb
242
256
  - lib/brakeman/checks/check_jruby_xml.rb
243
257
  - lib/brakeman/checks/check_json_encoding.rb
258
+ - lib/brakeman/checks/check_json_entity_escape.rb
244
259
  - lib/brakeman/checks/check_json_parsing.rb
245
260
  - lib/brakeman/checks/check_link_to.rb
246
261
  - lib/brakeman/checks/check_link_to_href.rb
@@ -253,6 +268,7 @@ files:
253
268
  - lib/brakeman/checks/check_nested_attributes.rb
254
269
  - lib/brakeman/checks/check_nested_attributes_bypass.rb
255
270
  - lib/brakeman/checks/check_number_to_currency.rb
271
+ - lib/brakeman/checks/check_page_caching_cve.rb
256
272
  - lib/brakeman/checks/check_permit_attributes.rb
257
273
  - lib/brakeman/checks/check_quote_table_name.rb
258
274
  - lib/brakeman/checks/check_redirect.rb
@@ -282,6 +298,7 @@ files:
282
298
  - lib/brakeman/checks/check_strip_tags.rb
283
299
  - lib/brakeman/checks/check_symbol_dos.rb
284
300
  - lib/brakeman/checks/check_symbol_dos_cve.rb
301
+ - lib/brakeman/checks/check_template_injection.rb
285
302
  - lib/brakeman/checks/check_translate_bug.rb
286
303
  - lib/brakeman/checks/check_unsafe_reflection.rb
287
304
  - lib/brakeman/checks/check_unscoped_find.rb
@@ -349,6 +366,7 @@ files:
349
366
  - lib/brakeman/report/report_hash.rb
350
367
  - lib/brakeman/report/report_html.rb
351
368
  - lib/brakeman/report/report_json.rb
369
+ - lib/brakeman/report/report_junit.rb
352
370
  - lib/brakeman/report/report_markdown.rb
353
371
  - lib/brakeman/report/report_table.rb
354
372
  - lib/brakeman/report/report_tabs.rb
@@ -383,7 +401,14 @@ files:
383
401
  homepage: http://brakemanscanner.org
384
402
  licenses:
385
403
  - Brakeman Public Use License
386
- metadata: {}
404
+ metadata:
405
+ bug_tracker_uri: https://github.com/presidentbeef/brakeman/issues
406
+ changelog_uri: https://github.com/presidentbeef/brakeman/releases
407
+ documentation_uri: https://brakemanscanner.org/docs/
408
+ homepage_uri: https://brakemanscanner.org/
409
+ mailing_list_uri: https://gitter.im/presidentbeef/brakeman
410
+ source_code_uri: https://github.com/presidentbeef/brakeman
411
+ wiki_uri: https://github.com/presidentbeef/brakeman/wiki
387
412
  post_install_message:
388
413
  rdoc_options: []
389
414
  require_paths:
@@ -399,7 +424,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
399
424
  - !ruby/object:Gem::Version
400
425
  version: '0'
401
426
  requirements: []
402
- rubygems_version: 3.0.3
427
+ rubygems_version: 3.1.2
403
428
  signing_key:
404
429
  specification_version: 4
405
430
  summary: Security vulnerability scanner for Ruby on Rails.