brakeman-lib 5.1.0 → 5.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGES.md +4 -0
- data/lib/brakeman.rb +4 -6
- data/lib/brakeman/commandline.rb +1 -1
- data/lib/brakeman/report/ignore/config.rb +4 -4
- data/lib/brakeman/report/report_sarif.rb +1 -1
- data/lib/brakeman/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 541ef745c1f1e321525f7444fb396c86814eb92769800460869f741de13e1f37
|
|
4
|
+
data.tar.gz: 2b9bd863f12096df33498a9ce4d1caf03bfb6ade5ce02023dc1e1d9cc5ac9408
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9b717f148d45e4b704be094cf44696a0982da3fd009557a84dd152830da855ba9e5582fce527ec4ff387fe94248d4bee9c74a4e6a59b22b2afa484efa79b1631
|
|
7
|
+
data.tar.gz: 11bae8cd4e18aa0252acd8acb3809bfe9f105ed2a147fbaab5b6bd7376d060b32b4b0ed3b896c2e307e40e0e15c3aa9d7e58a8924679877bda697b46ca74e386
|
data/CHANGES.md
CHANGED
data/lib/brakeman.rb
CHANGED
|
@@ -527,14 +527,12 @@ module Brakeman
|
|
|
527
527
|
|
|
528
528
|
# Returns an array of alert fingerprints for any ignored warnings without
|
|
529
529
|
# notes found in the specified ignore file (if it exists).
|
|
530
|
-
def self.ignore_file_entries_with_empty_notes file
|
|
530
|
+
def self.ignore_file_entries_with_empty_notes file
|
|
531
531
|
return [] unless file
|
|
532
532
|
|
|
533
533
|
require 'brakeman/report/ignore/config'
|
|
534
534
|
|
|
535
|
-
|
|
536
|
-
|
|
537
|
-
config = IgnoreConfig.new(Brakeman::FilePath.from_app_tree(app_tree, file), nil)
|
|
535
|
+
config = IgnoreConfig.new(file, nil)
|
|
538
536
|
config.read_from_file
|
|
539
537
|
config.already_ignored_entries_with_empty_notes.map { |i| i[:fingerprint] }
|
|
540
538
|
end
|
|
@@ -545,9 +543,9 @@ module Brakeman
|
|
|
545
543
|
app_tree = Brakeman::AppTree.from_options(options)
|
|
546
544
|
|
|
547
545
|
if options[:ignore_file]
|
|
548
|
-
file =
|
|
546
|
+
file = options[:ignore_file]
|
|
549
547
|
elsif app_tree.exists? "config/brakeman.ignore"
|
|
550
|
-
file =
|
|
548
|
+
file = app_tree.expand_path("config/brakeman.ignore")
|
|
551
549
|
elsif not options[:interactive_ignore]
|
|
552
550
|
return
|
|
553
551
|
end
|
data/lib/brakeman/commandline.rb
CHANGED
|
@@ -126,7 +126,7 @@ module Brakeman
|
|
|
126
126
|
|
|
127
127
|
ensure_ignore_notes_failed = false
|
|
128
128
|
if tracker.options[:ensure_ignore_notes]
|
|
129
|
-
fingerprints = Brakeman::ignore_file_entries_with_empty_notes tracker.ignored_filter&.file
|
|
129
|
+
fingerprints = Brakeman::ignore_file_entries_with_empty_notes tracker.ignored_filter&.file
|
|
130
130
|
|
|
131
131
|
unless fingerprints.empty?
|
|
132
132
|
ensure_ignore_notes_failed = true
|
|
@@ -100,14 +100,14 @@ module Brakeman
|
|
|
100
100
|
|
|
101
101
|
# Read configuration to file
|
|
102
102
|
def read_from_file file = @file
|
|
103
|
-
if File.exist? file
|
|
103
|
+
if File.exist? file
|
|
104
104
|
begin
|
|
105
105
|
@already_ignored = JSON.parse(File.read(file), :symbolize_names => true)[:ignored_warnings]
|
|
106
106
|
rescue => e
|
|
107
|
-
raise e, "\nError[#{e.class}] while reading brakeman ignore file: #{file
|
|
107
|
+
raise e, "\nError[#{e.class}] while reading brakeman ignore file: #{file}\n"
|
|
108
108
|
end
|
|
109
109
|
else
|
|
110
|
-
Brakeman.notify "[Notice] Could not find ignore configuration in #{file
|
|
110
|
+
Brakeman.notify "[Notice] Could not find ignore configuration in #{file}"
|
|
111
111
|
@already_ignored = []
|
|
112
112
|
end
|
|
113
113
|
|
|
@@ -134,7 +134,7 @@ module Brakeman
|
|
|
134
134
|
:brakeman_version => Brakeman::Version
|
|
135
135
|
}
|
|
136
136
|
|
|
137
|
-
File.open file
|
|
137
|
+
File.open file, "w" do |f|
|
|
138
138
|
f.puts JSON.pretty_generate(output)
|
|
139
139
|
end
|
|
140
140
|
end
|
|
@@ -80,7 +80,7 @@ class Brakeman::Report::SARIF < Brakeman::Report::Base
|
|
|
80
80
|
:location => {
|
|
81
81
|
:physicalLocation => {
|
|
82
82
|
:artifactLocation => {
|
|
83
|
-
:uri => @ignore_filter.file.relative,
|
|
83
|
+
:uri => Brakeman::FilePath.from_app_tree(@app_tree, @ignore_filter.file).relative,
|
|
84
84
|
:uriBaseId => '%SRCROOT%',
|
|
85
85
|
},
|
|
86
86
|
},
|
data/lib/brakeman/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: brakeman-lib
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.1.
|
|
4
|
+
version: 5.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Justin Collins
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-07-
|
|
11
|
+
date: 2021-07-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: minitest
|