RubyGems - brakeman-lib - Versions diffs - 5.2.2 → 5.2.3 - Mend

brakeman-lib 5.2.2 → 5.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGES.md +5 -0
data/lib/brakeman/processors/alias_processor.rb +24 -1
data/lib/brakeman/report/ignore/interactive.rb +2 -2
data/lib/brakeman/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 45b4ed913efc8767851fa736f69591dad0bd6c26eb2b9c6f84e71acef92670ce
-  data.tar.gz: b40f9ee9b0dbd2187e071609193b3df891dd6e462bd3de572ce4a335db063185
+  metadata.gz: 9aadbbfe9251a955f84f5c7d5e317f66386533b90f314e34555a80501a3df153
+  data.tar.gz: 4576fc34cceb9269e2daee88b940305590410791a4fc6be2bdc8401f3ae99554
 SHA512:
-  metadata.gz: 8966515fb503515fb38a7581061a72464b81a6bcf86b99c58711dbbb88b636b87b5e74a09190b53cd7c09ea1674458bfe874698416c4928dbf44eb46bc234221
-  data.tar.gz: ca7309e4b30e14213b1e697e33113737ee8c2da1d6997f6e28c0a68df965dcd348c9b7c7a4bbe285e7dc7356b7c6fceb2171b13aae92338d02d4e5ef4992c9a4
+  metadata.gz: 661e96a6fcc739bc93ef8c605e2fb8dea9ee895fb9121860d225e91717a5ea4108e7d0c57163fb8fe4e119e5f11c75022301293524c3808a323a10e55c087bc7
+  data.tar.gz: '0842840bd4735a2411d66ce708876cce60e1bc47cf153affe92bdbcd1f9fd92cf7919c9bd510f78900ce8d994cd9b3b06eaf571f8905c2eb8b60692f0ec529af'

data/CHANGES.md CHANGED Viewed

@@ -1,3 +1,8 @@
+# 5.2.3 - 2022-05-01
+* Fix error with hash shorthand syntax
+* Match order of interactive options with help message (Rory O'Kane)
 # 5.2.2 - 2022-04-06
 * Update `ruby_parser` for Ruby 3.1 support (Merek Skubela)

data/lib/brakeman/processors/alias_processor.rb CHANGED Viewed

@@ -703,7 +703,30 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
       end
     end
-    exp
+    # Return early unless there might be short-hand syntax,
+    # since handling it is kind of expensive.
+    return exp unless exp.any? { |e| e.nil? }
+    # Need to handle short-hand hash syntax
+    new_hash = [:hash]
+    hash_iterate(exp) do |key, value|
+      # e.g. { a: }
+      if value.nil? and symbol? key
+        # Only handling local variables for now, not calls
+        lvar = s(:lvar, key.value)
+        if var_value = env[lvar]
+          new_hash << key << var_value.deep_clone(key.line || 0)
+        else
+          # If the value is unknown, assume it was a call
+          # and set the value to a call
+          new_hash.concat << key << s(:call, nil, key.value).line(key.line || 0)
+        end
+      else
+        new_hash.concat << key << value
+      end
+    end
+    Sexp.from_array(new_hash).line(exp.line || 0)
   end
   #Merge values into hash when processing

data/lib/brakeman/report/ignore/interactive.rb CHANGED Viewed

@@ -88,10 +88,10 @@ module Brakeman
         m.choice "i"
         m.choice "n"
-        m.choice "k"
+        m.choice "s"
         m.choice "u"
         m.choice "a"
-        m.choice "s"
+        m.choice "k"
         m.choice "q"
         m.choice "?" do
           show_help

data/lib/brakeman/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "5.2.2"
+  Version = "5.2.3"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: brakeman-lib
 version: !ruby/object:Gem::Version
-  version: 5.2.2
+  version: 5.2.3
 platform: ruby
 authors:
 - Justin Collins
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-06 00:00:00.000000000 Z
+date: 2022-05-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest