brakeman-min 4.9.0 → 5.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +44 -0
- data/README.md +1 -1
- data/lib/brakeman.rb +10 -0
- data/lib/brakeman/app_tree.rb +36 -3
- data/lib/brakeman/checks/base_check.rb +7 -1
- data/lib/brakeman/checks/check_execute.rb +2 -1
- data/lib/brakeman/checks/check_model_attributes.rb +1 -1
- data/lib/brakeman/checks/check_regex_dos.rb +1 -1
- data/lib/brakeman/checks/check_sql.rb +2 -2
- data/lib/brakeman/checks/check_unsafe_reflection_methods.rb +68 -0
- data/lib/brakeman/checks/check_verb_confusion.rb +75 -0
- data/lib/brakeman/file_parser.rb +24 -18
- data/lib/brakeman/options.rb +5 -1
- data/lib/brakeman/parsers/template_parser.rb +2 -3
- data/lib/brakeman/processors/alias_processor.rb +20 -4
- data/lib/brakeman/processors/controller_processor.rb +1 -1
- data/lib/brakeman/processors/haml_template_processor.rb +8 -1
- data/lib/brakeman/processors/lib/call_conversion_helper.rb +1 -1
- data/lib/brakeman/processors/lib/file_type_detector.rb +64 -0
- data/lib/brakeman/processors/lib/rails3_config_processor.rb +16 -16
- data/lib/brakeman/processors/output_processor.rb +1 -1
- data/lib/brakeman/processors/template_alias_processor.rb +5 -0
- data/lib/brakeman/report.rb +15 -0
- data/lib/brakeman/report/report_base.rb +0 -2
- data/lib/brakeman/report/report_csv.rb +37 -60
- data/lib/brakeman/report/report_junit.rb +2 -2
- data/lib/brakeman/report/report_sarif.rb +114 -0
- data/lib/brakeman/report/report_sonar.rb +38 -0
- data/lib/brakeman/report/report_tabs.rb +1 -1
- data/lib/brakeman/report/report_text.rb +1 -1
- data/lib/brakeman/rescanner.rb +7 -5
- data/lib/brakeman/scanner.rb +44 -18
- data/lib/brakeman/tracker.rb +6 -0
- data/lib/brakeman/tracker/config.rb +76 -1
- data/lib/brakeman/tracker/controller.rb +1 -1
- data/lib/brakeman/util.rb +9 -4
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning.rb +10 -2
- data/lib/brakeman/warning_codes.rb +2 -0
- data/lib/ruby_parser/bm_sexp.rb +9 -9
- metadata +8 -3
data/lib/brakeman/version.rb
CHANGED
data/lib/brakeman/warning.rb
CHANGED
@@ -275,6 +275,14 @@ class Brakeman::Warning
|
|
275
275
|
self.file.relative
|
276
276
|
end
|
277
277
|
|
278
|
+
def check_name
|
279
|
+
@check_name ||= self.check.sub(/^Brakeman::Check/, '')
|
280
|
+
end
|
281
|
+
|
282
|
+
def confidence_name
|
283
|
+
TEXT_CONFIDENCE[self.confidence]
|
284
|
+
end
|
285
|
+
|
278
286
|
def to_hash absolute_paths: true
|
279
287
|
if self.called_from and not absolute_paths
|
280
288
|
render_path = self.called_from.with_relative_paths
|
@@ -285,7 +293,7 @@ class Brakeman::Warning
|
|
285
293
|
{ :warning_type => self.warning_type,
|
286
294
|
:warning_code => @warning_code,
|
287
295
|
:fingerprint => self.fingerprint,
|
288
|
-
:check_name => self.
|
296
|
+
:check_name => self.check_name,
|
289
297
|
:message => self.message.to_s,
|
290
298
|
:file => (absolute_paths ? self.file.absolute : self.file.relative),
|
291
299
|
:line => self.line,
|
@@ -294,7 +302,7 @@ class Brakeman::Warning
|
|
294
302
|
:render_path => render_path,
|
295
303
|
:location => self.location(false),
|
296
304
|
:user_input => (@user_input && self.format_user_input(false)),
|
297
|
-
:confidence =>
|
305
|
+
:confidence => self.confidence_name
|
298
306
|
}
|
299
307
|
end
|
300
308
|
|
data/lib/ruby_parser/bm_sexp.rb
CHANGED
@@ -175,7 +175,7 @@ class Sexp
|
|
175
175
|
start_index = 3
|
176
176
|
|
177
177
|
if exp.is_a? Sexp and exp.node_type == :arglist
|
178
|
-
exp = exp
|
178
|
+
exp = exp.sexp_body
|
179
179
|
end
|
180
180
|
|
181
181
|
exp.each_with_index do |e, i|
|
@@ -198,10 +198,10 @@ class Sexp
|
|
198
198
|
|
199
199
|
case self.node_type
|
200
200
|
when :call, :attrasgn, :safe_call, :safe_attrasgn
|
201
|
-
self
|
201
|
+
self.sexp_body(3).unshift :arglist
|
202
202
|
when :super, :zsuper
|
203
203
|
if self[1]
|
204
|
-
self
|
204
|
+
self.sexp_body.unshift :arglist
|
205
205
|
else
|
206
206
|
Sexp.new(:arglist)
|
207
207
|
end
|
@@ -218,13 +218,13 @@ class Sexp
|
|
218
218
|
case self.node_type
|
219
219
|
when :call, :attrasgn, :safe_call, :safe_attrasgn
|
220
220
|
if self[3]
|
221
|
-
self
|
221
|
+
self.sexp_body(3)
|
222
222
|
else
|
223
223
|
Sexp.new
|
224
224
|
end
|
225
225
|
when :super, :zsuper
|
226
226
|
if self[1]
|
227
|
-
self
|
227
|
+
self.sexp_body
|
228
228
|
else
|
229
229
|
Sexp.new
|
230
230
|
end
|
@@ -512,7 +512,7 @@ class Sexp
|
|
512
512
|
self.slice!(index..-1) #Remove old body
|
513
513
|
|
514
514
|
if exp.first == :rlist
|
515
|
-
exp = exp
|
515
|
+
exp = exp.sexp_body
|
516
516
|
end
|
517
517
|
|
518
518
|
#Insert new body
|
@@ -529,11 +529,11 @@ class Sexp
|
|
529
529
|
|
530
530
|
case self.node_type
|
531
531
|
when :defn, :class
|
532
|
-
self
|
532
|
+
self.sexp_body(3)
|
533
533
|
when :defs
|
534
|
-
self
|
534
|
+
self.sexp_body(4)
|
535
535
|
when :module
|
536
|
-
self
|
536
|
+
self.sexp_body(2)
|
537
537
|
end
|
538
538
|
end
|
539
539
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: brakeman-min
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 5.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Collins
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-01-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: minitest
|
@@ -225,8 +225,10 @@ files:
|
|
225
225
|
- lib/brakeman/checks/check_template_injection.rb
|
226
226
|
- lib/brakeman/checks/check_translate_bug.rb
|
227
227
|
- lib/brakeman/checks/check_unsafe_reflection.rb
|
228
|
+
- lib/brakeman/checks/check_unsafe_reflection_methods.rb
|
228
229
|
- lib/brakeman/checks/check_unscoped_find.rb
|
229
230
|
- lib/brakeman/checks/check_validation_regex.rb
|
231
|
+
- lib/brakeman/checks/check_verb_confusion.rb
|
230
232
|
- lib/brakeman/checks/check_weak_hash.rb
|
231
233
|
- lib/brakeman/checks/check_without_protection.rb
|
232
234
|
- lib/brakeman/checks/check_xml_dos.rb
|
@@ -257,6 +259,7 @@ files:
|
|
257
259
|
- lib/brakeman/processors/haml_template_processor.rb
|
258
260
|
- lib/brakeman/processors/lib/basic_processor.rb
|
259
261
|
- lib/brakeman/processors/lib/call_conversion_helper.rb
|
262
|
+
- lib/brakeman/processors/lib/file_type_detector.rb
|
260
263
|
- lib/brakeman/processors/lib/find_all_calls.rb
|
261
264
|
- lib/brakeman/processors/lib/find_call.rb
|
262
265
|
- lib/brakeman/processors/lib/find_return_value.rb
|
@@ -292,6 +295,8 @@ files:
|
|
292
295
|
- lib/brakeman/report/report_json.rb
|
293
296
|
- lib/brakeman/report/report_junit.rb
|
294
297
|
- lib/brakeman/report/report_markdown.rb
|
298
|
+
- lib/brakeman/report/report_sarif.rb
|
299
|
+
- lib/brakeman/report/report_sonar.rb
|
295
300
|
- lib/brakeman/report/report_table.rb
|
296
301
|
- lib/brakeman/report/report_tabs.rb
|
297
302
|
- lib/brakeman/report/report_text.rb
|
@@ -341,7 +346,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
341
346
|
requirements:
|
342
347
|
- - ">="
|
343
348
|
- !ruby/object:Gem::Version
|
344
|
-
version:
|
349
|
+
version: 2.4.0
|
345
350
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
346
351
|
requirements:
|
347
352
|
- - ">="
|