RubyGems - brakeman-min - Versions diffs - 0.5.2 → 2.1.0 - Mend

brakeman-min 0.5.2 → 2.1.0

Files changed (152) hide show

data/CHANGES +529 -0
data/README.md +74 -28
data/bin/brakeman +60 -266
data/lib/brakeman.rb +422 -0
data/lib/brakeman/app_tree.rb +101 -0
data/lib/brakeman/brakeman.rake +10 -0
data/lib/brakeman/call_index.rb +215 -0
data/lib/brakeman/checks.rb +180 -0
data/lib/brakeman/checks/base_check.rb +538 -0
data/lib/brakeman/checks/check_basic_auth.rb +89 -0
data/lib/brakeman/checks/check_content_tag.rb +162 -0
data/lib/brakeman/checks/check_cross_site_scripting.rb +334 -0
data/lib/{checks → brakeman/checks}/check_default_routes.rb +13 -6
data/lib/brakeman/checks/check_deserialize.rb +57 -0
data/lib/brakeman/checks/check_digest_dos.rb +38 -0
data/lib/brakeman/checks/check_escape_function.rb +21 -0
data/lib/brakeman/checks/check_evaluation.rb +33 -0
data/lib/brakeman/checks/check_execute.rb +98 -0
data/lib/brakeman/checks/check_file_access.rb +62 -0
data/lib/brakeman/checks/check_filter_skipping.rb +31 -0
data/lib/brakeman/checks/check_forgery_setting.rb +54 -0
data/lib/brakeman/checks/check_jruby_xml.rb +38 -0
data/lib/brakeman/checks/check_json_parsing.rb +102 -0
data/lib/brakeman/checks/check_link_to.rb +132 -0
data/lib/brakeman/checks/check_link_to_href.rb +92 -0
data/lib/{checks → brakeman/checks}/check_mail_to.rb +14 -13
data/lib/brakeman/checks/check_mass_assignment.rb +143 -0
data/lib/brakeman/checks/check_model_attr_accessible.rb +48 -0
data/lib/brakeman/checks/check_model_attributes.rb +118 -0
data/lib/brakeman/checks/check_model_serialize.rb +66 -0
data/lib/{checks → brakeman/checks}/check_nested_attributes.rb +10 -6
data/lib/brakeman/checks/check_quote_table_name.rb +40 -0
data/lib/brakeman/checks/check_redirect.rb +177 -0
data/lib/brakeman/checks/check_render.rb +62 -0
data/lib/brakeman/checks/check_response_splitting.rb +21 -0
data/lib/brakeman/checks/check_safe_buffer_manipulation.rb +31 -0
data/lib/brakeman/checks/check_sanitize_methods.rb +54 -0
data/lib/brakeman/checks/check_select_tag.rb +60 -0
data/lib/brakeman/checks/check_select_vulnerability.rb +58 -0
data/lib/brakeman/checks/check_send.rb +35 -0
data/lib/brakeman/checks/check_send_file.rb +19 -0
data/lib/brakeman/checks/check_session_settings.rb +145 -0
data/lib/brakeman/checks/check_single_quotes.rb +101 -0
data/lib/brakeman/checks/check_skip_before_filter.rb +62 -0
data/lib/brakeman/checks/check_sql.rb +577 -0
data/lib/brakeman/checks/check_strip_tags.rb +64 -0
data/lib/brakeman/checks/check_symbol_dos.rb +67 -0
data/lib/brakeman/checks/check_translate_bug.rb +45 -0
data/lib/brakeman/checks/check_unsafe_reflection.rb +51 -0
data/lib/brakeman/checks/check_validation_regex.rb +88 -0
data/lib/brakeman/checks/check_without_protection.rb +64 -0
data/lib/brakeman/checks/check_yaml_parsing.rb +121 -0
data/lib/brakeman/differ.rb +66 -0
data/lib/{format → brakeman/format}/style.css +28 -0
data/lib/brakeman/options.rb +256 -0
data/lib/brakeman/parsers/rails2_erubis.rb +6 -0
data/lib/brakeman/parsers/rails2_xss_plugin_erubis.rb +48 -0
data/lib/{scanner_erubis.rb → brakeman/parsers/rails3_erubis.rb} +8 -21
data/lib/brakeman/processor.rb +102 -0
data/lib/brakeman/processors/alias_processor.rb +780 -0
data/lib/{processors → brakeman/processors}/base_processor.rb +90 -74
data/lib/brakeman/processors/config_processor.rb +14 -0
data/lib/brakeman/processors/controller_alias_processor.rb +334 -0
data/lib/brakeman/processors/controller_processor.rb +265 -0
data/lib/{processors → brakeman/processors}/erb_template_processor.rb +21 -19
data/lib/brakeman/processors/erubis_template_processor.rb +96 -0
data/lib/brakeman/processors/gem_processor.rb +59 -0
data/lib/{processors → brakeman/processors}/haml_template_processor.rb +26 -21
data/lib/brakeman/processors/lib/find_all_calls.rb +185 -0
data/lib/{processors → brakeman/processors}/lib/find_call.rb +23 -28
data/lib/brakeman/processors/lib/find_return_value.rb +134 -0
data/lib/brakeman/processors/lib/processor_helper.rb +82 -0
data/lib/{processors/config_processor.rb → brakeman/processors/lib/rails2_config_processor.rb} +32 -35
data/lib/{processors → brakeman/processors}/lib/rails2_route_processor.rb +60 -52
data/lib/brakeman/processors/lib/rails3_config_processor.rb +129 -0
data/lib/brakeman/processors/lib/rails3_route_processor.rb +282 -0
data/lib/{processors → brakeman/processors}/lib/render_helper.rb +54 -20
data/lib/brakeman/processors/lib/route_helper.rb +62 -0
data/lib/{processors → brakeman/processors}/library_processor.rb +24 -17
data/lib/{processors → brakeman/processors}/model_processor.rb +46 -22
data/lib/{processors → brakeman/processors}/output_processor.rb +34 -40
data/lib/brakeman/processors/route_processor.rb +17 -0
data/lib/brakeman/processors/slim_template_processor.rb +113 -0
data/lib/brakeman/processors/template_alias_processor.rb +120 -0
data/lib/{processors → brakeman/processors}/template_processor.rb +10 -7
data/lib/brakeman/report.rb +68 -0
data/lib/brakeman/report/ignore/config.rb +130 -0
data/lib/brakeman/report/ignore/interactive.rb +311 -0
data/lib/brakeman/report/initializers/faster_csv.rb +7 -0
data/lib/brakeman/report/initializers/multi_json.rb +29 -0
data/lib/brakeman/report/renderer.rb +24 -0
data/lib/brakeman/report/report_base.rb +279 -0
data/lib/brakeman/report/report_csv.rb +56 -0
data/lib/brakeman/report/report_hash.rb +22 -0
data/lib/brakeman/report/report_html.rb +203 -0
data/lib/brakeman/report/report_json.rb +46 -0
data/lib/brakeman/report/report_table.rb +109 -0
data/lib/brakeman/report/report_tabs.rb +17 -0
data/lib/brakeman/report/templates/controller_overview.html.erb +18 -0
data/lib/brakeman/report/templates/controller_warnings.html.erb +17 -0
data/lib/brakeman/report/templates/error_overview.html.erb +25 -0
data/lib/brakeman/report/templates/header.html.erb +44 -0
data/lib/brakeman/report/templates/ignored_warnings.html.erb +21 -0
data/lib/brakeman/report/templates/model_warnings.html.erb +17 -0
data/lib/brakeman/report/templates/overview.html.erb +34 -0
data/lib/brakeman/report/templates/security_warnings.html.erb +19 -0
data/lib/brakeman/report/templates/template_overview.html.erb +17 -0
data/lib/brakeman/report/templates/view_warnings.html.erb +30 -0
data/lib/brakeman/report/templates/warning_overview.html.erb +13 -0
data/lib/brakeman/rescanner.rb +446 -0
data/lib/brakeman/scanner.rb +362 -0
data/lib/brakeman/tracker.rb +296 -0
data/lib/brakeman/util.rb +413 -0
data/lib/brakeman/version.rb +3 -0
data/lib/brakeman/warning.rb +217 -0
data/lib/brakeman/warning_codes.rb +68 -0
data/lib/ruby_parser/bm_sexp.rb +562 -0
data/lib/ruby_parser/bm_sexp_processor.rb +230 -0
metadata +152 -66
data/lib/checks.rb +0 -71
data/lib/checks/base_check.rb +0 -357
data/lib/checks/check_cross_site_scripting.rb +0 -336
data/lib/checks/check_evaluation.rb +0 -27
data/lib/checks/check_execute.rb +0 -110
data/lib/checks/check_file_access.rb +0 -46
data/lib/checks/check_forgery_setting.rb +0 -42
data/lib/checks/check_mass_assignment.rb +0 -74
data/lib/checks/check_model_attributes.rb +0 -36
data/lib/checks/check_redirect.rb +0 -98
data/lib/checks/check_render.rb +0 -65
data/lib/checks/check_send_file.rb +0 -15
data/lib/checks/check_session_settings.rb +0 -79
data/lib/checks/check_sql.rb +0 -146
data/lib/checks/check_validation_regex.rb +0 -60
data/lib/processor.rb +0 -86
data/lib/processors/alias_processor.rb +0 -384
data/lib/processors/controller_alias_processor.rb +0 -237
data/lib/processors/controller_processor.rb +0 -202
data/lib/processors/erubis_template_processor.rb +0 -85
data/lib/processors/lib/find_model_call.rb +0 -39
data/lib/processors/lib/processor_helper.rb +0 -36
data/lib/processors/lib/rails3_route_processor.rb +0 -184
data/lib/processors/lib/route_helper.rb +0 -34
data/lib/processors/params_processor.rb +0 -77
data/lib/processors/route_processor.rb +0 -11
data/lib/processors/template_alias_processor.rb +0 -86
data/lib/report.rb +0 -680
data/lib/scanner.rb +0 -227
data/lib/tracker.rb +0 -144
data/lib/util.rb +0 -141
data/lib/version.rb +0 -1
data/lib/warning.rb +0 -99

data/lib/brakeman/report/templates/controller_overview.html.erb ADDED

@@ -0,0 +1,18 @@
+<h2>Controllers</h2>
+<table>
+  <tr>
+    <th>Name</th>
+    <th>Parent</th>
+    <th>Includes</th>
+    <th>Routes</th>
+  </tr>
+<% controller_rows.each do |row| %>
+  <tr>
+    <td><%= row['Name'] %></td>
+    <td><%= row['Parent'] %></td>
+    <td><%= row['Includes'] %></td>
+    <td><%= row['Routes'] %></td>
+  </tr>
+<% end %>
+</table>

data/lib/brakeman/report/templates/controller_warnings.html.erb ADDED

@@ -0,0 +1,17 @@
+<p>Controller Warnings</p>
+<table>
+  <tr>
+    <th>Confidence</th>
+    <th>Controller</th>
+    <th>Warning Type</th>
+    <th>Message</th>
+  </tr>
+<% warnings.each do |warning| %>
+  <tr>
+    <td><%= warning['Confidence']%></td>
+    <td><%= warning['Controller']%></td>
+    <td><%= warning['Warning Type']%></td>
+    <td><%= warning['Message']%></td>
+  </tr>
+<% end %>
+</table>

data/lib/brakeman/report/templates/error_overview.html.erb ADDED

@@ -0,0 +1,25 @@
+<div onClick="toggle('errors_table');">  <h2>Exceptions raised during the analysis (click to see them)</h2 ></div>
+  <div>
+    <div id='errors_table' style='display:none'>
+      <table>
+        <tr>
+          <th>Error</th>
+          <th>Location</th>
+        </tr>
+        <% tracker.errors.each do |warning| %>
+          <tr>
+            <td><%= CGI.escapeHTML warning[:error] %></td>
+            <td>
+              <% if tracker.options[:debug] %>
+                <% warning[:backtrace].each do |line| %>
+                  <%= line %><br/>
+                <% end %>
+              <% else %>
+                <%= warning[:backtrace][0] %>
+              <% end %>
+            </td>
+          </tr>
+        <% end %>
+      </table>
+    </div>
+  </div>

data/lib/brakeman/report/templates/header.html.erb ADDED

@@ -0,0 +1,44 @@
+<!DOCTYPE HTML SYSTEM>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title>Brakeman Report</title>
+  <script>
+    function toggle(context) {
+      var elem = document.getElementById(context);
+      if (elem.style.display != "block")
+        elem.style.display = "block";
+      else
+        elem.style.display = "none";
+      elem.parentNode.scrollIntoView();
+    }
+  </script>
+  <style>
+    <%= css %>
+  </style>
+</head>
+<body>
+<h1>Brakeman Report</h1>
+<table>
+  <tr>
+    <th>Application Path</th>
+    <th>Rails Version</th>
+    <th>Brakeman Version</th>
+    <th>Report Time</th>
+    <th>Checks Performed</th>
+  </tr>
+  <tr>
+    <td><%= File.expand_path tracker.options[:app_path] %></td>
+    <td><%= rails_version %></td>
+    <td><%= brakeman_version %>
+    <td>
+      <%= tracker.start_time %><br><br>
+      <%= tracker.duration %> seconds
+    </td>
+    <td><%= checks.checks_run.sort.join(", ") %></td>
+  </tr>
+</table>
+<br>

data/lib/brakeman/report/templates/ignored_warnings.html.erb ADDED

@@ -0,0 +1,21 @@
+<div onClick="toggle('ignored_table');">  <h2><%= warnings.length %> Ignored Warnings (click to see them)</h2 ></div>
+<div>
+  <table style="display:none" id="ignored_table">
+    <tr>
+      <th>Confidence</th>
+      <th>File</th>
+      <th>Warning Type</th>
+      <th>Message</th>
+      <th>Note</th>
+    </tr>
+    <% warnings.each do |warning| %>
+      <tr>
+        <td><%= warning['Confidence']%></td>
+        <td><%= warning['File']%></td>
+        <td><%= warning['Warning Type']%></td>
+        <td><%= warning['Message']%></td>
+        <td><%= warning['Note']%></td>
+      </tr>
+    <% end %>
+  </table>
+</div>

data/lib/brakeman/report/templates/model_warnings.html.erb ADDED

@@ -0,0 +1,17 @@
+<p>Model Warnings</p>
+<table>
+  <tr>
+    <th>Confidence</th>
+    <th>Model</th>
+    <th>Warning Type</th>
+    <th>Message</th>
+  </tr>
+<% warnings.each do |warning| %>
+  <tr>
+    <td><%= warning['Confidence']%></td>
+    <td><%= warning['Model']%></td>
+    <td><%= warning['Warning Type']%></td>
+    <td><%= warning['Message']%></td>
+  </tr>
+<% end %>
+</table>

data/lib/brakeman/report/templates/overview.html.erb ADDED

@@ -0,0 +1,34 @@
+<h2 id='summary'>Summary</h2>
+<table>
+  <tr>
+    <th>Scanned/Reported</th>
+    <th>Total</th>
+  </tr>
+  <tr>
+    <td>Controllers</td>
+    <td><%= tracker.controllers.length %></td>
+  </tr>
+  <tr>
+    <td>Models</td>
+    <td><%= tracker.models.length - 1 %></td>
+  </tr>
+  <tr>
+    <td>Templates</td>
+    <td><%= number_of_templates %></td>
+  </tr>
+  <tr>
+    <td>Errors</td>
+    <td><%= tracker.errors.length %></td>
+  </tr>
+  <tr>
+    <td>Security Warnings</td>
+    <td><%= warnings %> <span class='high-confidence'>(<%= warnings_summary[:high_confidence] %>)</span></td>
+  </tr>
+  <% if warnings_summary['Ignored Warnings'] %>
+  <tr>
+    <td>Ignored Warnings</td>
+    <td><%= ignored_warnings %></td>
+  </tr>
+  <% end %>
+</table>
+<br>

data/lib/brakeman/report/templates/security_warnings.html.erb ADDED

@@ -0,0 +1,19 @@
+<h2>Security Warnings</h2>
+<table>
+  <tr>
+    <th>Confidence</th>
+    <th>Class</th>
+    <th>Method</th>
+    <th>Warning Type</th>
+    <th>Message</th>
+  </tr>
+  <% warnings.each do |warning| %>
+  <tr>
+    <td><%= warning['Confidence']%></td>
+    <td><%= warning['Class']%></td>
+    <td><%= warning['Method']%></td>
+    <td><%= warning['Warning Type']%></td>
+    <td><%= warning['Message']%></td>
+  </tr>
+  <% end %>
+</table>

data/lib/brakeman/report/templates/template_overview.html.erb ADDED

@@ -0,0 +1,17 @@
+<h2>Templates</h2>
+<% template_rows.each do |template| %>
+<p><%= template[0] %></p>
+<table>
+  <tr>
+    <th>Output</th>
+  </tr>
+  <% template[1].each do |call| %>
+  <tr>
+    <td><%= call %></td>
+  </tr>
+  <% end %>
+</table>
+<% end %>

data/lib/brakeman/report/templates/view_warnings.html.erb ADDED

@@ -0,0 +1,30 @@
+<p>View Warnings</p>
+<table>
+  <tr>
+    <th>Confidence</th>
+    <th>Template</th>
+    <th>Warning Type</th>
+    <th>Message</th>
+  </tr>
+<% warnings.each_with_index do |warning, i| %>
+  <tr>
+    <td><%= warning['Confidence']%></td>
+    <td>
+      <% if warning['Called From'] and warning['Called From'].length > 1 %>
+        <div class="template_name" onClick="toggle('callers<%= i %>')" >
+          <div>
+            <%= warning['Template'] %>
+          </div>
+          <div class="render_path" id="callers<%= i %>" >
+            <%= warning['Called From'].join(' &rarr; ') %> &rarr; <%= warning['Template Name'] %>
+          </div>
+        </div>
+      <% else %>
+        <%= warning['Template']%>
+      <% end %>
+    </td>
+    <td><%= warning['Warning Type']%></td>
+    <td><%= warning['Message']%></td>
+  </tr>
+<% end %>
+</table>

data/lib/brakeman/report/templates/warning_overview.html.erb ADDED

@@ -0,0 +1,13 @@
+<table>
+  <tr>
+    <th>Warning Type</th>
+    <th>Total</th>
+  </tr>
+  <% types.sort.each do |warning_type| %>
+  <tr>
+    <td><%= warning_type %></td>
+    <td><%= warnings_summary[warning_type] %></td>
+  </tr>
+  <% end %>
+</table>
+<br>

data/lib/brakeman/rescanner.rb ADDED

@@ -0,0 +1,446 @@
+require 'brakeman/scanner'
+require 'terminal-table'
+require 'brakeman/util'
+#Class for rescanning changed files after an initial scan
+class Brakeman::Rescanner < Brakeman::Scanner
+  SCAN_ORDER = [:config, :gemfile, :initializer, :lib, :routes, :template,
+    :model, :controller]
+  #Create new Rescanner to scan changed files
+  def initialize options, processor, changed_files
+    super(options, processor)
+    @paths = changed_files.map {|f| @app_tree.expand_path(f) }
+    @old_results = tracker.checks  #Old warnings from previous scan
+    @changes = nil                 #True if files had to be rescanned
+    @reindex = Set.new
+  end
+  #Runs checks.
+  #Will rescan files if they have not already been scanned
+  def recheck
+    rescan if @changes.nil?
+    tracker.run_checks if @changes
+    Brakeman::RescanReport.new @old_results, tracker
+  end
+  #Rescans changed files
+  def rescan
+    tracker.template_cache.clear
+    paths_by_type = {}
+    SCAN_ORDER.each do |type|
+      paths_by_type[type] = []
+    end
+    @paths.each do |path|
+      type = file_type(path)
+      paths_by_type[type] << path unless type == :unknown
+    end
+    @changes = false
+    SCAN_ORDER.each do |type|
+      paths_by_type[type].each do |path|
+        Brakeman.debug "Rescanning #{path} as #{type}"
+        if rescan_file path, type
+          @changes = true
+        end
+      end
+    end
+    if @changes and not @reindex.empty?
+      tracker.reindex_call_sites @reindex
+    end
+    self
+  end
+  #Rescans a single file
+  def rescan_file path, type = nil
+    type ||= file_type path
+    unless @app_tree.path_exists?(path)
+      return rescan_deleted_file path, type
+    end
+    case type
+    when :controller
+      rescan_controller path
+      @reindex << :controllers << :templates
+    when :template
+      rescan_template path
+      @reindex << :templates
+    when :model
+      rescan_model path
+    when :lib
+      rescan_lib path
+    when :config
+      process_config
+    when :initializer
+      process_initializer path
+    when :routes
+      # Routes affect which controller methods are treated as actions
+      # which affects which templates are rendered, so routes, controllers,
+      # and templates rendered from controllers must be rescanned
+      tracker.reset_routes
+      tracker.reset_templates :only_rendered => true
+      process_routes
+      process_controllers
+      @reindex << :controllers << :templates
+    when :gemfile
+      if tracker.config[:gems][:rails_xss] and tracker.config[:escape_html]
+        tracker.config[:escape_html] = false
+      end
+      process_gems
+    else
+      return false #Nothing to do, file hopefully does not need to be rescanned
+    end
+    true
+  end
+  def rescan_controller path
+    #Process source
+    process_controller path
+    #Process data flow and template rendering
+    #from the controller
+    tracker.controllers.each do |name, controller|
+      if controller[:file] == path
+        tracker.templates.each do |template_name, template|
+          next unless template[:caller]
+          unless template[:caller].grep(/^#{name}#/).empty?
+            tracker.reset_template template_name
+          end
+        end
+        @processor.process_controller_alias controller[:name], controller[:src]
+      end
+    end
+  end
+  def rescan_template path
+    return unless path.match KNOWN_TEMPLATE_EXTENSIONS and @app_tree.path_exists?(path)
+    template_name = template_path_to_name(path)
+    tracker.reset_template template_name
+    process_template path
+    @processor.process_template_alias tracker.templates[template_name]
+    rescan = Set.new
+    template_matcher = /^Template:(.+)/
+    controller_matcher = /^(.+Controller)#(.+)/
+    template_name_matcher = /^#{template_name}\./
+    #Search for processed template and process it.
+    #Search for rendered versions of template and re-render (if necessary)
+    tracker.templates.each do |name, template|
+      if template[:file] == path or template[:file].nil?
+        next unless template[:caller] and name.to_s.match(template_name_matcher)
+        template[:caller].each do |from|
+          if from.match(template_matcher)
+            rescan << [:template, $1.to_sym]
+          elsif from.match(controller_matcher)
+            rescan << [:controller, $1.to_sym, $2.to_sym]
+          end
+        end
+      end
+    end
+    rescan.each do |r|
+      if r[0] == :controller
+        controller = tracker.controllers[r[1]]
+        unless @paths.include? controller[:file]
+          @processor.process_controller_alias controller[:name], controller[:src], r[2]
+        end
+      elsif r[0] == :template
+        template = tracker.templates[r[1]]
+        rescan_template template[:file]
+      end
+    end
+  end
+  def rescan_model path
+    num_models = tracker.models.length
+    tracker.reset_model path
+    process_model path if @app_tree.path_exists?(path)
+    #Only need to rescan other things if a model is added or removed
+    if num_models != tracker.models.length
+      process_templates
+      process_controllers
+      @reindex << :templates << :controllers
+    end
+    @reindex << :models
+  end
+  def rescan_lib path
+    process_lib path if @app_tree.path_exists?(path)
+    lib = nil
+    tracker.libs.each do |name, library|
+      if library[:file] == path
+        lib = library
+        break
+      end
+    end
+    rescan_mixin lib if lib
+  end
+  #Handle rescanning when a file is deleted
+  def rescan_deleted_file path, type
+    case type
+    when :controller
+      rescan_deleted_controller path
+    when :template
+      rescan_deleted_template path
+    when :model
+      rescan_model path
+    when :lib
+      rescan_deleted_lib path
+    when :initializer
+      rescan_deleted_initializer path
+    else
+      if remove_deleted_file path
+        return true
+      else
+        Brakeman.notify "Ignoring deleted file: #{path}"
+      end
+    end
+    true
+  end
+  def rescan_deleted_controller path
+    tracker.reset_controller path
+  end
+  def rescan_deleted_template path
+    return unless path.match KNOWN_TEMPLATE_EXTENSIONS
+    template_name = template_path_to_name(path)
+    #Remove template
+    tracker.reset_template template_name
+    rendered_from_controller = /^#{template_name}\.(.+Controller)#(.+)/
+    rendered_from_view = /^#{template_name}\.Template:(.+)/
+    #Remove any rendered versions, or partials rendered from it
+    tracker.templates.delete_if do |name, template|
+      if template[:file] == path
+        true
+      elsif template[:file].nil?
+        name = name.to_s
+        name.match(rendered_from_controller) or name.match(rendered_from_view)
+      end
+    end
+  end
+  def rescan_deleted_lib path
+    deleted_lib = nil
+    tracker.libs.delete_if do |name, lib|
+      if lib[:file] == path
+        deleted_lib = lib
+        true
+      end
+    end
+    rescan_mixin deleted_lib if deleted_lib
+  end
+  def rescan_deleted_initializer path
+    tracker.initializers.delete Pathname.new(path).basename.to_s
+  end
+  #Check controllers, templates, models and libs for data from file
+  #and delete it.
+  def remove_deleted_file path
+    deleted = false
+    [:controllers, :templates, :models, :libs].each do |collection|
+      tracker.send(collection).delete_if do |name, data|
+        if data[:file] == path
+          deleted = true
+          true
+        end
+      end
+    end
+    deleted
+  end
+  #Guess at what kind of file the path contains
+  def file_type path
+    case path
+    when /\/app\/controllers/
+      :controller
+    when /\/app\/views/
+      :template
+    when /\/app\/models/
+      :model
+    when /\/lib/
+      :lib
+    when /\/config\/initializers/
+      :initializer
+    when /config\/routes\.rb/
+      :routes
+    when /\/config\/.+\.rb/
+      :config
+    when /Gemfile/
+      :gemfile
+    else
+      :unknown
+    end
+  end
+  def rescan_mixin lib
+    method_names = []
+    [:public, :private, :protected].each do |access|
+      lib[access].each do |name, meth|
+        method_names << name
+      end
+    end
+    method_matcher = /##{method_names.map {|n| Regexp.escape(n.to_s)}.join('|')}$/
+    #Rescan controllers that mixed in library
+    tracker.controllers.each do |name, controller|
+      if controller[:includes].include? lib[:name]
+        unless @paths.include? controller[:file]
+          rescan_file controller[:file]
+        end
+      end
+    end
+    to_rescan = []
+    #Check if a method from this mixin was used to render a template.
+    #This is not precise, because a different controller might have the
+    #same method...
+    tracker.templates.each do |name, template|
+      next unless template[:caller]
+      unless template[:caller].grep(method_matcher).empty?
+        name.to_s.match /^([^.]+)/
+        original = tracker.templates[$1.to_sym]
+        if original
+          to_rescan << [name, original[:file]]
+        end
+      end
+    end
+    to_rescan.each do |template|
+      tracker.reset_template template[0]
+      rescan_file template[1]
+    end
+  end
+end
+#Class to make reporting of rescan results simpler to deal with
+class Brakeman::RescanReport
+  include Brakeman::Util
+  attr_reader :old_results, :new_results
+  def initialize old_results, tracker
+    @tracker = tracker
+    @old_results = old_results
+    @new_results = tracker.checks
+    @all_warnings = nil
+    @diff = nil
+  end
+  #Returns true if any warnings were found (new or old)
+  def any_warnings?
+    not all_warnings.empty?
+  end
+  #Returns an array of all warnings found
+  def all_warnings
+    @all_warnings ||= new_results.all_warnings
+  end
+  #Returns an array of warnings which were in the old report but are not in the
+  #new report after rescanning
+  def fixed_warnings
+    diff[:fixed]
+  end
+  #Returns an array of warnings which were in the new report but were not in
+  #the old report
+  def new_warnings
+    diff[:new]
+  end
+  #Returns true if there are any new or fixed warnings
+  def warnings_changed?
+    not (diff[:new].empty? and diff[:fixed].empty?)
+  end
+  #Returns a hash of arrays for :new and :fixed warnings
+  def diff
+    @diff ||= @new_results.diff(@old_results)
+  end
+  #Returns an array of warnings which were in the old report and the new report
+  def existing_warnings
+    @old ||= all_warnings.select do |w|
+      not new_warnings.include? w
+    end
+  end
+  #Output total, fixed, and new warnings
+  def to_s(verbose = false)
+    if !verbose
+      <<-OUTPUT
+Total warnings: #{all_warnings.length}
+Fixed warnings: #{fixed_warnings.length}
+New warnings: #{new_warnings.length}
+      OUTPUT
+    else
+      #Eventually move this to different method, or make default to_s
+      out = ""
+      {:fixed => fixed_warnings, :new => new_warnings, :existing => existing_warnings}.each do |warning_type, warnings|
+        if warnings.length > 0
+          out << "#{warning_type.to_s.titleize} warnings: #{warnings.length}\n"
+          table = Terminal::Table.new(:headings => ["Confidence", "Class", "Method", "Warning Type", "Message"]) do |t|
+            warnings.sort_by { |w| w.confidence}.each do |warning|
+              w = warning.to_row
+              w["Confidence"] = Brakeman::Report::TEXT_CONFIDENCE[w["Confidence"]]
+              t << [w["Confidence"], w["Class"], w["Method"], w["Warning Type"], w["Message"]]
+            end
+          end
+          out << truncate_table(table.to_s)
+        end
+      end
+      out
+    end
+  end
+end