brakeman-lib 5.0.2 → 5.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d16867dd5c48de9ec2975e1dc420e3a5154939361988d70c4217f251881452ed
-  data.tar.gz: f5cae624d83a1298fb3f07108c76d1f55c756404d6998fccfd9e5fcfe69a068e
+  metadata.gz: 2bc22b69b0b137fe9f223c2469fe6e3857054b0b98621645b52ed94af7fa4886
+  data.tar.gz: 183f206e691c8251adef49319ca76939a4bf079cf5b14ead1f3f7923754ff9ff
 SHA512:
-  metadata.gz: f8724b266165ef9ed4ad926432e0786b955cb2e98b56e7100354b0ad04a51cc0eaa139343a769980852ae615bd209e8854f6f83616b0703d3a2aaf08229860c6
-  data.tar.gz: 963f46a856d6f943c74c6aca8ec3f3dc61ae3d82758fbfdda63bb4fc789ff95535f49cc73f9abef4cf1553323606d4fd50c8a03082178a6dd3cea0883e544a40
+  metadata.gz: b902bcfbc2be499f0a892534bf443d88ce92f5a0b47edd31b7ac01a964e9ec13230f03f5ba8bb246dcdee27a7e6bd72b873d2826ce2f6b2486f64999f45b52e8
+  data.tar.gz: 62f878559fd4aa1f2d96c35742d0c490c0d57c53e07d9a3619675f6519c0fafbaace29e0b616c217ea796132e7810b51b3f06cf1ff60a3a28a34ae9482069f32

data/CHANGES.md

@@ -1,3 +1,9 @@
+# 5.0.4 - 2021-06-08
+
+(brakeman gem release only)
+
+* Update bundled `ruby_parser` to include argument forwarding support
+
 # 5.0.2 - 2021-06-07
 
 * Fix Loofah version check

data/lib/brakeman.rb

@@ -250,8 +250,6 @@ module Brakeman
       [:to_sarif]
     when :sonar, :to_sonar
       [:to_sonar]
-    when :github, :to_github
-      [:to_github]
     else
       [:to_text]
     end
@@ -285,8 +283,6 @@ module Brakeman
         :to_sarif
       when /\.sonar$/i
         :to_sonar
-      when /\.github$/i
-        :to_github
       else
         :to_text
       end

data/lib/brakeman/checks/check_detailed_exceptions.rb

@@ -26,7 +26,7 @@ class Brakeman::CheckDetailedExceptions < Brakeman::BaseCheck
   def check_detailed_exceptions
     tracker.controllers.each do |_name, controller|
       controller.methods_public.each do |method_name, definition|
-        src = definition.src
+        src = definition[:src]
         body = src.body.last
         next unless body
 

data/lib/brakeman/checks/check_evaluation.rb

@@ -10,7 +10,7 @@ class Brakeman::CheckEvaluation < Brakeman::BaseCheck
   #Process calls
   def run_check
     Brakeman.debug "Finding eval-like calls"
-    calls = tracker.find_call methods: [:eval, :instance_eval, :class_eval, :module_eval], nested: true
+    calls = tracker.find_call :method => [:eval, :instance_eval, :class_eval, :module_eval]
 
     Brakeman.debug "Processing eval-like calls"
     calls.each do |call|

data/lib/brakeman/checks/check_sql.rb

@@ -572,7 +572,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
   end
 
   IGNORE_METHODS_IN_SQL = Set[:id, :merge_conditions, :table_name, :quoted_table_name,
-    :quoted_primary_key, :to_i, :to_f, :sanitize_sql, :sanitize_sql_array, :sanitize_sql_like,
+    :quoted_primary_key, :to_i, :to_f, :sanitize_sql, :sanitize_sql_array,
     :sanitize_sql_for_assignment, :sanitize_sql_for_conditions, :sanitize_sql_hash,
     :sanitize_sql_hash_for_assignment, :sanitize_sql_hash_for_conditions,
     :to_sql, :sanitize, :primary_key, :table_name_prefix, :table_name_suffix,
@@ -592,8 +592,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
         IGNORE_METHODS_IN_SQL.include? exp.method or
         quote_call? exp or
         arel? exp or
-        exp.method.to_s.end_with? "_id" or
-        number_target? exp
+        exp.method.to_s.end_with? "_id"
       end
     when :if
       safe_value? exp.then_clause and safe_value? exp.else_clause
@@ -696,16 +695,4 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
       active_record_models.include? klass
     end
   end
-
-  def number_target? exp
-    return unless call? exp
-
-    if number? exp.target
-      true
-    elsif call? exp.target
-      number_target? exp.target
-    else
-      false
-    end
-  end
 end

data/lib/brakeman/checks/check_verb_confusion.rb

@@ -32,7 +32,7 @@ class Brakeman::CheckVerbConfusion < Brakeman::BaseCheck
       return
     end
 
-    process method.src
+    process method[:src]
   end
 
   def process_if exp

data/lib/brakeman/file_parser.rb

@@ -1,5 +1,3 @@
-require 'parallel'
-
 module Brakeman
   ASTFile = Struct.new(:path, :ast)
 
@@ -15,46 +13,21 @@ module Brakeman
     end
 
     def parse_files list
-      # Parse the files in parallel.
-      # By default, the parsing will be in separate processes.
-      # So we map the result to ASTFiles and/or Exceptions
-      # then partition them into ASTFiles and Exceptions
-      # and add the Exceptions to @errors
-      #
-      # Basically just a funky way to deal with two possible
-      # return types that are returned from isolated processes.
-      #
-      # Note this method no longer uses read_files
-      @file_list, new_errors = Parallel.map(list) do |file_name|
-        file_path = @app_tree.file_path(file_name)
-        contents = file_path.read
-
-        begin
-          if ast = parse_ruby(contents, file_path.relative)
-            ASTFile.new(file_name, ast)
-          end
-        rescue Exception => e
-          e
+      read_files list do |path, contents|
+        if ast = parse_ruby(contents, path.relative)
+          ASTFile.new(path, ast)
         end
-      end.compact.partition do |result|
-        result.is_a? ASTFile
       end
-
-      errors.concat new_errors
     end
 
     def read_files list
       list.each do |path|
         file = @app_tree.file_path(path)
 
-        begin
-          result = yield file, file.read
+        result = yield file, file.read
 
-          if result
-            @file_list << result
-          end
-        rescue Exception => e
-          @errors << e
+        if result
+          @file_list << result
         end
       end
     end
@@ -69,12 +42,17 @@ module Brakeman
         Brakeman.debug "Parsing #{path}"
         RubyParser.new.parse input, path, @timeout
       rescue Racc::ParseError => e
-        raise e.exception(e.message + "\nCould not parse #{path}")
+        error e.exception(e.message + "\nCould not parse #{path}")
       rescue Timeout::Error => e
-        raise Exception.new("Parsing #{path} took too long (> #{@timeout} seconds). Try increasing the limit with --parser-timeout")
+        error Exception.new("Parsing #{path} took too long (> #{@timeout} seconds). Try increasing the limit with --parser-timeout")
       rescue => e
-        raise e.exception(e.message + "\nWhile processing #{path}")
+        error e.exception(e.message + "\nWhile processing #{path}")
       end
     end
+
+    def error exception
+      @errors << exception
+      nil
+    end
   end
 end

data/lib/brakeman/options.rb

@@ -233,7 +233,7 @@ module Brakeman::Options
 
         opts.on "-f",
           "--format TYPE",
-          [:pdf, :text, :html, :csv, :tabs, :json, :markdown, :codeclimate, :cc, :plain, :table, :junit, :sarif, :sonar, :github],
+          [:pdf, :text, :html, :csv, :tabs, :json, :markdown, :codeclimate, :cc, :plain, :table, :junit, :sarif, :sonar],
           "Specify output formats. Default is text" do |type|
 
           type = "s" if type == :text

data/lib/brakeman/processors/alias_processor.rb

@@ -220,28 +220,13 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
         exp = math_op(:+, target, first_arg, exp)
       end
     when :-, :*, :/
-      if method == :* and array? target
-        if string? first_arg
-          exp = process_array_join(target, first_arg)
-        end
-      else
-        exp = math_op(method, target, first_arg, exp)
-      end
+      exp = math_op(method, target, first_arg, exp)
     when :[]
       if array? target
         exp = process_array_access(target, exp.args, exp)
       elsif hash? target
         exp = process_hash_access(target, first_arg, exp)
       end
-    when :fetch
-      if array? target
-        # Not dealing with default value
-        # so just pass in first argument, but process_array_access expects
-        # an array of arguments.
-        exp = process_array_access(target, [first_arg], exp)
-      elsif hash? target
-        exp = process_hash_access(target, first_arg, exp)
-      end
     when :merge!, :update
       if hash? target and hash? first_arg
          target = process_hash_merge! target, first_arg
@@ -281,12 +266,6 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
         target = find_push_target(target_var)
         env[target] = exp unless target.nil? # Happens in TemplateAliasProcessor
       end
-    when :push
-      if array? target
-        target << first_arg
-        env[target_var] = target
-        return target
-      end
     when :first
       if array? target and first_arg.nil? and sexp? target[1]
         exp = target[1]
@@ -300,7 +279,7 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
         exp = target
       end
     when :join
-      if array? target and (string? first_arg or first_arg.nil?)
+      if array? target and target.length > 2 and (string? first_arg or first_arg.nil?)
         exp = process_array_join(target, first_arg)
       end
     when :!
@@ -308,15 +287,6 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
       if call? target and target.method == :!
         exp = s(:or, s(:true).line(exp.line), s(:false).line(exp.line)).line(exp.line)
       end
-    when :values
-      # Hash literal
-      if node_type? target, :hash
-        exp = hash_values(target)
-      end
-    when :values_at
-      if hash? target
-        exp = hash_values_at target, exp.args
-      end
     end
 
     exp
@@ -324,11 +294,6 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
 
   # Painful conversion of Array#join into string interpolation
   def process_array_join array, join_str
-    # Empty array
-    if array.length == 1
-      return s(:str, '').line(array.line)
-    end
-
     result = s().line(array.line)
 
     join_value = if string? join_str
@@ -337,10 +302,8 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
                    nil
                  end
 
-    if array.length > 2
-      array[1..-2].each do |e|
-        result << join_item(e, join_value)
-      end
+    array[1..-2].each do |e|
+      result << join_item(e, join_value)
     end
 
     result << join_item(array.last, nil)
@@ -369,7 +332,7 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
     result.unshift combined_first
 
     # Have to fix up strings that follow interpolation
-    string = result.reduce(s(:dstr).line(array.line)) do |memo, e|
+    result.reduce(s(:dstr).line(array.line)) do |memo, e|
       if string? e and node_type? memo.last, :evstr
         e.value = "#{join_value}#{e.value}"
       elsif join_value and node_type? memo.last, :evstr and node_type? e, :evstr
@@ -378,14 +341,6 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
 
       memo << e
     end
-
-    # Convert (:dstr, "hello world")
-    # to (:str, "hello world")
-    if string.length == 2 and string.last.is_a? String
-      string[0] = :str
-    end
-
-    string
   end
 
   def join_item item, join_value
@@ -1058,8 +1013,8 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
     method_name = call.method
 
     #Look for helper methods and see if we can get a return value
-    if found_method = tracker.find_method(method_name, @current_class)
-      helper = found_method.src
+    if found_method = find_method(method_name, @current_class)
+      helper = found_method[:method]
 
       if sexp? helper
         value = process_helper_method helper, call.args

data/lib/brakeman/processors/controller_alias_processor.rb

@@ -51,7 +51,7 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
         #Need to process the method like it was in a controller in order
         #to get the renders set
         processor = Brakeman::ControllerProcessor.new(@tracker, mixin.file)
-        method = mixin.get_method(name).src.deep_clone
+        method = mixin.get_method(name)[:src].deep_clone
 
         if node_type? method, :defn
           method = processor.process_defn method
@@ -143,16 +143,16 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
   #Basically, adds any instance variable assignments to the environment.
   #TODO: method arguments?
   def process_before_filter name
-    filter = tracker.find_method name, @current_class
+    filter = find_method name, @current_class
 
     if filter.nil?
       Brakeman.debug "[Notice] Could not find filter #{name}"
       return
     end
 
-    method = filter.src
+    method = filter[:method]
 
-    if ivars = @tracker.filter_cache[[filter.owner, name]]
+    if ivars = @tracker.filter_cache[[filter[:controller], name]]
       ivars.each do |variable, value|
         env[variable] = value
       end
@@ -162,7 +162,7 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
 
       ivars = processor.only_ivars(:include_request_vars).all
 
-      @tracker.filter_cache[[filter.owner, name]] = ivars
+      @tracker.filter_cache[[filter[:controller], name]] = ivars
 
       ivars.each do |variable, value|
         env[variable] = value
@@ -182,7 +182,7 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
     # method as the line number
     if line.nil? and controller = @tracker.controllers[@current_class]
       if meth = controller.get_method(@current_method)
-        if line = meth.src && meth.src.last && meth.src.last.line
+        if line = meth[:src] && meth[:src].last && meth[:src].last.line
           line += 1
         else
           line = 1
@@ -241,4 +241,41 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
       []
     end
   end
+
+  #Finds a method in the given class or a parent class
+  #
+  #Returns nil if the method could not be found.
+  #
+  #If found, returns hash table with controller name and method sexp.
+  def find_method method_name, klass
+    return nil if sexp? method_name
+    method_name = method_name.to_sym
+
+    if method = @method_cache[method_name]
+      return method
+    end
+
+    controller = @tracker.controllers[klass]
+    controller ||= @tracker.libs[klass]
+
+    if klass and controller
+      method = controller.get_method method_name
+
+      if method.nil?
+        controller.includes.each do |included|
+          method = find_method method_name, included
+          if method
+            @method_cache[method_name] = method
+            return method
+          end
+       end
+
+        @method_cache[method_name] = find_method method_name, controller.parent
+      else
+        @method_cache[method_name] = { :controller => controller.name, :method => method[:src] }
+      end
+    else
+      nil
+    end
+  end
 end

data/lib/brakeman/processors/lib/call_conversion_helper.rb

@@ -76,8 +76,6 @@ module Brakeman
 
         #Have to do this because first element is :array and we have to skip it
         array[1..-1][index] or original_exp
-      elsif all_literals? array
-        safe_literal(array.line)
       else
         original_exp
       end
@@ -94,13 +92,5 @@ module Brakeman
         original_exp
       end
     end
-
-    def hash_values_at hash, keys
-      values = keys.map do |key|
-        process_hash_access hash, key
-      end
-
-      Sexp.new(:array).concat(values).line(hash.line)
-    end
   end
 end

data/lib/brakeman/processors/library_processor.rb

@@ -54,15 +54,6 @@ class Brakeman::LibraryProcessor < Brakeman::BaseProcessor
 
   def process_call exp
     if process_call_defn? exp
-      exp
-    elsif @current_method.nil? and exp.target.nil? and (@current_class or @current_module)
-      # Methods called inside class / module
-      case exp.method
-      when :include
-        module_name = class_name(exp.first_arg)
-        (@current_class || @current_module).add_include module_name
-      end
-
       exp
     else
       process_default exp

data/lib/brakeman/report.rb

@@ -6,7 +6,7 @@ require 'brakeman/report/report_base'
 class Brakeman::Report
   attr_reader :tracker
 
-  VALID_FORMATS = [:to_html, :to_pdf, :to_csv, :to_json, :to_tabs, :to_hash, :to_s, :to_markdown, :to_codeclimate, :to_plain, :to_text, :to_junit, :to_github]
+  VALID_FORMATS = [:to_html, :to_pdf, :to_csv, :to_json, :to_tabs, :to_hash, :to_s, :to_markdown, :to_codeclimate, :to_plain, :to_text, :to_junit]
 
   def initialize tracker
     @app_tree = tracker.app_tree
@@ -48,9 +48,6 @@ class Brakeman::Report
     when :to_sonar
       require_report 'sonar'
       Brakeman::Report::Sonar
-    when :to_github
-      require_report 'github'
-      Brakeman::Report::Github
     else
       raise "Invalid format: #{format}. Should be one of #{VALID_FORMATS.inspect}"
     end

data/lib/brakeman/report/ignore/interactive.rb

@@ -62,7 +62,7 @@ module Brakeman
           process_warnings
         end
 
-        m.choice "Inspect new warnings" do
+        m.choice "Hide previously ignored warnings" do
           @skip_ignored = true
           pre_show_help
           process_warnings

data/lib/brakeman/scanner.rb

@@ -353,9 +353,6 @@ class Brakeman::Scanner
   def parse_ruby_file file
     fp = Brakeman::FileParser.new(tracker.app_tree, tracker.options[:parser_timeout])
     fp.parse_ruby(file.read, file)
-  rescue Exception => e
-    tracker.error(e)
-    nil
   end
 end
 

data/lib/brakeman/tracker.rb

@@ -35,7 +35,6 @@ class Brakeman::Tracker
     #class they are.
     @models = {}
     @models[UNKNOWN_MODEL] = Brakeman::Model.new(UNKNOWN_MODEL, nil, @app_tree.file_path("NOT_REAL.rb"), nil, self)
-    @method_cache = {}
     @routes = {}
     @initializers = {}
     @errors = []
@@ -100,8 +99,8 @@ class Brakeman::Tracker
     classes.each do |set|
       set.each do |set_name, collection|
         collection.each_method do |method_name, definition|
-          src = definition.src
-          yield src, set_name, method_name, definition.file
+          src = definition[:src]
+          yield src, set_name, method_name, definition[:file]
         end
       end
     end
@@ -221,34 +220,6 @@ class Brakeman::Tracker
     nil
   end
 
-  def find_method method_name, class_name, method_type = :instance
-    return nil unless method_name.is_a? Symbol
-
-    klass = find_class(class_name)
-    return nil unless klass
-
-    cache_key = [klass, method_name, method_type]
-
-    if method = @method_cache[cache_key]
-      return method
-    end
-
-    if method = klass.get_method(method_name, method_type)
-      return method
-    else
-      # Check modules included for method definition
-      # TODO: only for instance methods, otherwise check extends!
-      klass.includes.each do |included_name|
-        if method = find_method(method_name, included_name, method_type)
-          return (@method_cache[cache_key] = method)
-        end
-      end
-
-      # Not in any included modules, check the parent
-      @method_cache[cache_key] = find_method(method_name, klass.parent)
-    end
-  end
-
   def index_call_sites
     finder = Brakeman::FindAllCalls.new self
 
@@ -314,8 +285,8 @@ class Brakeman::Tracker
     method_sets.each do |set|
       set.each do |set_name, info|
         info.each_method do |method_name, definition|
-          src = definition.src
-          finder.process_source src, :class => set_name, :method => method_name, :file => definition.file
+          src = definition[:src]
+          finder.process_source src, :class => set_name, :method => method_name, :file => definition[:file]
         end
       end
     end

data/lib/brakeman/tracker/collection.rb

@@ -1,5 +1,4 @@
 require 'brakeman/util'
-require 'brakeman/tracker/method_info'
 
 module Brakeman
   class Collection
@@ -14,7 +13,6 @@ module Brakeman
       @src = {}
       @includes = []
       @methods = { :public => {}, :private => {}, :protected => {} }
-      @class_methods = {}
       @options = {}
       @tracker = tracker
 
@@ -48,16 +46,11 @@ module Brakeman
     end
 
     def add_method visibility, name, src, file_name
-      meth_info = Brakeman::MethodInfo.new(name, src, self, file_name)
-
       if src.node_type == :defs
-        @class_methods[name] = meth_info
-
-        # TODO fix this weirdness
         name = :"#{src[1]}.#{name}"
       end
 
-      @methods[visibility][name] = meth_info
+      @methods[visibility][name] = { :src => src, :file => file_name }
     end
 
     def each_method
@@ -68,31 +61,16 @@ module Brakeman
       end
     end
 
-    def get_method name, type = :instance
-      case type
-      when :class
-        get_class_method name
-      when :instance
-        get_instance_method name
-      else
-        raise "Unexpected method type: #{type.inspect}"
-      end
-    end
-
-    def get_instance_method name
-      @methods.each do |_vis, meths|
-        if meths[name]
-          return meths[name]
+    def get_method name
+      each_method do |n, info|
+        if n == name
+          return info
         end
       end
 
       nil
     end
 
-    def get_class_method name
-      @class_methods[name]
-    end
-
     def file
       @files.first
     end

data/lib/brakeman/util.rb

@@ -142,14 +142,6 @@ module Brakeman::Util
     nil
   end
 
-  def hash_values hash
-    values = hash.each_sexp.each_slice(2).map do |_, value|
-      value
-    end
-
-    Sexp.new(:array).concat(values).line(hash.line)
-  end
-
   #These are never modified
   PARAMS_SEXP = Sexp.new(:params)
   SESSION_SEXP = Sexp.new(:session)

data/lib/brakeman/version.rb

@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "5.0.2"
+  Version = "5.0.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: brakeman-lib
 version: !ruby/object:Gem::Version
-  version: 5.0.2
+  version: 5.0.4
 platform: ruby
 authors:
 - Justin Collins
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-07 00:00:00.000000000 Z
+date: 2021-06-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest
@@ -66,20 +66,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 0.10.2
-- !ruby/object:Gem::Dependency
-  name: parallel
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.20'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.20'
 - !ruby/object:Gem::Dependency
   name: ruby_parser
   requirement: !ruby/object:Gem::Requirement
@@ -394,7 +380,6 @@ files:
 - lib/brakeman/report/report_base.rb
 - lib/brakeman/report/report_codeclimate.rb
 - lib/brakeman/report/report_csv.rb
-- lib/brakeman/report/report_github.rb
 - lib/brakeman/report/report_hash.rb
 - lib/brakeman/report/report_html.rb
 - lib/brakeman/report/report_json.rb
@@ -424,7 +409,6 @@ files:
 - lib/brakeman/tracker/constants.rb
 - lib/brakeman/tracker/controller.rb
 - lib/brakeman/tracker/library.rb
-- lib/brakeman/tracker/method_info.rb
 - lib/brakeman/tracker/model.rb
 - lib/brakeman/tracker/template.rb
 - lib/brakeman/util.rb

data/lib/brakeman/report/report_github.rb

@@ -1,31 +0,0 @@
-# Github Actions Formatter
-# Formats warnings as workflow commands to create annotations in GitHub UI
-class Brakeman::Report::Github < Brakeman::Report::Base
-  def generate_report
-    # @see https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#setting-a-warning-message
-    errors.concat(warnings).join("\n")
-  end
-
-  def warnings
-    all_warnings
-      .map { |warning| "::warning file=#{warning_file(warning)},line=#{warning.line}::#{warning.message}" }
-  end
-
-  def errors
-    tracker.errors.map do |error|
-      if error[:exception].is_a?(Racc::ParseError)
-        # app/services/balance.rb:4 :: parse error on value "..." (tDOT3)
-        file, line = error[:exception].message.split(':').map(&:strip)[0,2]
-        "::error file=#{file},line=#{line}::#{clean_message(error[:error])}"
-      else
-        "::error ::#{clean_message(error[:error])}"
-      end
-    end
-  end
-
-  private
-
-  def clean_message(msg)
-    msg.gsub('::','').squeeze(' ')
-  end
-end

data/lib/brakeman/tracker/method_info.rb

@@ -1,29 +0,0 @@
-require 'brakeman/util'
-
-module Brakeman
-  class MethodInfo
-    include Brakeman::Util
-
-    attr_reader :name, :src, :owner, :file, :type
-
-    def initialize name, src, owner, file
-      @name = name
-      @src = src
-      @owner = owner
-      @file = file
-      @type = case src.node_type
-              when :defn
-                :instance
-              when :defs
-                :class
-              else
-                raise "Expected sexp type: #{src.node_type}"
-              end
-    end
-
-    # To support legacy code that expected a Hash
-    def [] attr
-      self.send(attr)
-    end
-  end
-end