brakeman-min 6.0.0 → 6.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +4 -0
- data/lib/brakeman/tracker/config.rb +14 -8
- data/lib/brakeman/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 32281be786de7f15331b0a18d3a95ee580824c71ebcaa5793dce46bf9e00eaf5
|
|
4
|
+
data.tar.gz: 0b86124af3e493a0e30298e59339026f0bee8decd2a3851894b556fcb2e018a3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 963ea6f98407ab7b887ac6e00a8ab7e6e9388357c7f96bd694e88e80a35e1be337f241fb0bb9708eed5a4f9d418b29c28b37e96fc6a57c9d59b6e032f855ea8a
|
|
7
|
+
data.tar.gz: 295ba8cd987f5d26fff77fd204f50b54e64126bd5e700ff8d82789b32bbc58c3d4b4b8e8bc0b58841430d67290d0eb452fa302a428c109d9619b6f4b81d4a289
|
data/CHANGES.md
CHANGED
|
@@ -189,13 +189,19 @@ module Brakeman
|
|
|
189
189
|
# Load defaults based on config.load_defaults value
|
|
190
190
|
# as documented here: https://guides.rubyonrails.org/configuring.html#results-of-config-load-defaults
|
|
191
191
|
def load_rails_defaults
|
|
192
|
-
return unless
|
|
192
|
+
return unless node_type? tracker.config.rails[:load_defaults], :lit, :str
|
|
193
|
+
|
|
194
|
+
version = tracker.config.rails[:load_defaults].value.to_s
|
|
195
|
+
|
|
196
|
+
unless version.match? /^\d+\.\d+$/
|
|
197
|
+
Brakeman.debug "[Notice] Unknown version: #{tracker.config.rails[:load_defaults]}"
|
|
198
|
+
return
|
|
199
|
+
end
|
|
193
200
|
|
|
194
|
-
version = tracker.config.rails[:load_defaults].value
|
|
195
201
|
true_value = Sexp.new(:true)
|
|
196
202
|
false_value = Sexp.new(:false)
|
|
197
203
|
|
|
198
|
-
if version >= 5.0
|
|
204
|
+
if version >= '5.0'
|
|
199
205
|
set_rails_config(value: true_value, path: [:action_controller, :per_form_csrf_tokens])
|
|
200
206
|
set_rails_config(value: true_value, path: [:action_controller, :forgery_protection_origin_check])
|
|
201
207
|
set_rails_config(value: true_value, path: [:active_record, :belongs_to_required_by_default])
|
|
@@ -203,12 +209,12 @@ module Brakeman
|
|
|
203
209
|
set_rails_config(value: true_value, path: [:ssl_options, :hsts, :subdomains])
|
|
204
210
|
end
|
|
205
211
|
|
|
206
|
-
if version >= 5.1
|
|
212
|
+
if version >= '5.1'
|
|
207
213
|
set_rails_config(value: false_value, path: [:assets, :unknown_asset_fallback])
|
|
208
214
|
set_rails_config(value: true_value, path: [:action_view, :form_with_generates_remote_forms])
|
|
209
215
|
end
|
|
210
216
|
|
|
211
|
-
if version >= 5.2
|
|
217
|
+
if version >= '5.2'
|
|
212
218
|
set_rails_config(value: true_value, path: [:active_record, :cache_versioning])
|
|
213
219
|
set_rails_config(value: true_value, path: [:action_dispatch, :use_authenticated_cookie_encryption])
|
|
214
220
|
set_rails_config(value: true_value, path: [:active_support, :use_authenticated_message_encryption])
|
|
@@ -217,7 +223,7 @@ module Brakeman
|
|
|
217
223
|
set_rails_config(value: true_value, path: [:action_view, :form_with_generates_ids])
|
|
218
224
|
end
|
|
219
225
|
|
|
220
|
-
if version >= 6.0
|
|
226
|
+
if version >= '6.0'
|
|
221
227
|
set_rails_config(value: Sexp.new(:lit, :zeitwerk), path: [:autoloader])
|
|
222
228
|
set_rails_config(value: false_value, path: [:action_view, :default_enforce_utf8])
|
|
223
229
|
set_rails_config(value: true_value, path: [:action_dispatch, :use_cookies_with_metadata])
|
|
@@ -230,7 +236,7 @@ module Brakeman
|
|
|
230
236
|
set_rails_config(value: true_value, path: [:active_record, :collection_cache_versioning])
|
|
231
237
|
end
|
|
232
238
|
|
|
233
|
-
if version >= 6.1
|
|
239
|
+
if version >= '6.1'
|
|
234
240
|
set_rails_config(value: true_value, path: [:action_controller, :urlsafe_csrf_tokens])
|
|
235
241
|
set_rails_config(value: Sexp.new(:lit, :lax), path: [:action_dispatch, :cookies_same_site_protection])
|
|
236
242
|
set_rails_config(value: Sexp.new(:lit, 308), path: [:action_dispatch, :ssl_default_redirect_status])
|
|
@@ -242,7 +248,7 @@ module Brakeman
|
|
|
242
248
|
set_rails_config(value: true_value, path: [:active_storage, :track_variants])
|
|
243
249
|
end
|
|
244
250
|
|
|
245
|
-
if version >= 7.0
|
|
251
|
+
if version >= '7.0'
|
|
246
252
|
video_args =
|
|
247
253
|
Sexp.new(:str, "-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2")
|
|
248
254
|
hash_class = s(:colon2, s(:colon2, s(:const, :OpenSSL), :Digest), :SHA256)
|
data/lib/brakeman/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: brakeman-min
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.0.
|
|
4
|
+
version: 6.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Justin Collins
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-07-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: minitest
|
|
@@ -361,7 +361,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
361
361
|
- !ruby/object:Gem::Version
|
|
362
362
|
version: '0'
|
|
363
363
|
requirements: []
|
|
364
|
-
rubygems_version: 3.
|
|
364
|
+
rubygems_version: 3.3.3
|
|
365
365
|
signing_key:
|
|
366
366
|
specification_version: 4
|
|
367
367
|
summary: Security vulnerability scanner for Ruby on Rails.
|