brakeman-min 6.0.0 → 6.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGES.md +4 -0
- data/lib/brakeman/tracker/config.rb +14 -8
- data/lib/brakeman/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 32281be786de7f15331b0a18d3a95ee580824c71ebcaa5793dce46bf9e00eaf5
|
|
4
|
+
data.tar.gz: 0b86124af3e493a0e30298e59339026f0bee8decd2a3851894b556fcb2e018a3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 963ea6f98407ab7b887ac6e00a8ab7e6e9388357c7f96bd694e88e80a35e1be337f241fb0bb9708eed5a4f9d418b29c28b37e96fc6a57c9d59b6e032f855ea8a
|
|
7
|
+
data.tar.gz: 295ba8cd987f5d26fff77fd204f50b54e64126bd5e700ff8d82789b32bbc58c3d4b4b8e8bc0b58841430d67290d0eb452fa302a428c109d9619b6f4b81d4a289
|
data/CHANGES.md
CHANGED
|
@@ -189,13 +189,19 @@ module Brakeman
|
|
|
189
189
|
# Load defaults based on config.load_defaults value
|
|
190
190
|
# as documented here: https://guides.rubyonrails.org/configuring.html#results-of-config-load-defaults
|
|
191
191
|
def load_rails_defaults
|
|
192
|
-
return unless
|
|
192
|
+
return unless node_type? tracker.config.rails[:load_defaults], :lit, :str
|
|
193
|
+
|
|
194
|
+
version = tracker.config.rails[:load_defaults].value.to_s
|
|
195
|
+
|
|
196
|
+
unless version.match? /^\d+\.\d+$/
|
|
197
|
+
Brakeman.debug "[Notice] Unknown version: #{tracker.config.rails[:load_defaults]}"
|
|
198
|
+
return
|
|
199
|
+
end
|
|
193
200
|
|
|
194
|
-
version = tracker.config.rails[:load_defaults].value
|
|
195
201
|
true_value = Sexp.new(:true)
|
|
196
202
|
false_value = Sexp.new(:false)
|
|
197
203
|
|
|
198
|
-
if version >= 5.0
|
|
204
|
+
if version >= '5.0'
|
|
199
205
|
set_rails_config(value: true_value, path: [:action_controller, :per_form_csrf_tokens])
|
|
200
206
|
set_rails_config(value: true_value, path: [:action_controller, :forgery_protection_origin_check])
|
|
201
207
|
set_rails_config(value: true_value, path: [:active_record, :belongs_to_required_by_default])
|
|
@@ -203,12 +209,12 @@ module Brakeman
|
|
|
203
209
|
set_rails_config(value: true_value, path: [:ssl_options, :hsts, :subdomains])
|
|
204
210
|
end
|
|
205
211
|
|
|
206
|
-
if version >= 5.1
|
|
212
|
+
if version >= '5.1'
|
|
207
213
|
set_rails_config(value: false_value, path: [:assets, :unknown_asset_fallback])
|
|
208
214
|
set_rails_config(value: true_value, path: [:action_view, :form_with_generates_remote_forms])
|
|
209
215
|
end
|
|
210
216
|
|
|
211
|
-
if version >= 5.2
|
|
217
|
+
if version >= '5.2'
|
|
212
218
|
set_rails_config(value: true_value, path: [:active_record, :cache_versioning])
|
|
213
219
|
set_rails_config(value: true_value, path: [:action_dispatch, :use_authenticated_cookie_encryption])
|
|
214
220
|
set_rails_config(value: true_value, path: [:active_support, :use_authenticated_message_encryption])
|
|
@@ -217,7 +223,7 @@ module Brakeman
|
|
|
217
223
|
set_rails_config(value: true_value, path: [:action_view, :form_with_generates_ids])
|
|
218
224
|
end
|
|
219
225
|
|
|
220
|
-
if version >= 6.0
|
|
226
|
+
if version >= '6.0'
|
|
221
227
|
set_rails_config(value: Sexp.new(:lit, :zeitwerk), path: [:autoloader])
|
|
222
228
|
set_rails_config(value: false_value, path: [:action_view, :default_enforce_utf8])
|
|
223
229
|
set_rails_config(value: true_value, path: [:action_dispatch, :use_cookies_with_metadata])
|
|
@@ -230,7 +236,7 @@ module Brakeman
|
|
|
230
236
|
set_rails_config(value: true_value, path: [:active_record, :collection_cache_versioning])
|
|
231
237
|
end
|
|
232
238
|
|
|
233
|
-
if version >= 6.1
|
|
239
|
+
if version >= '6.1'
|
|
234
240
|
set_rails_config(value: true_value, path: [:action_controller, :urlsafe_csrf_tokens])
|
|
235
241
|
set_rails_config(value: Sexp.new(:lit, :lax), path: [:action_dispatch, :cookies_same_site_protection])
|
|
236
242
|
set_rails_config(value: Sexp.new(:lit, 308), path: [:action_dispatch, :ssl_default_redirect_status])
|
|
@@ -242,7 +248,7 @@ module Brakeman
|
|
|
242
248
|
set_rails_config(value: true_value, path: [:active_storage, :track_variants])
|
|
243
249
|
end
|
|
244
250
|
|
|
245
|
-
if version >= 7.0
|
|
251
|
+
if version >= '7.0'
|
|
246
252
|
video_args =
|
|
247
253
|
Sexp.new(:str, "-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2")
|
|
248
254
|
hash_class = s(:colon2, s(:colon2, s(:const, :OpenSSL), :Digest), :SHA256)
|
data/lib/brakeman/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: brakeman-min
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.0.
|
|
4
|
+
version: 6.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Justin Collins
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-07-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: minitest
|
|
@@ -361,7 +361,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
361
361
|
- !ruby/object:Gem::Version
|
|
362
362
|
version: '0'
|
|
363
363
|
requirements: []
|
|
364
|
-
rubygems_version: 3.
|
|
364
|
+
rubygems_version: 3.3.3
|
|
365
365
|
signing_key:
|
|
366
366
|
specification_version: 4
|
|
367
367
|
summary: Security vulnerability scanner for Ruby on Rails.
|