brakeman-min 0.2.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/checks/check_sql.rb +24 -2
- data/lib/processors/lib/find_model_call.rb +1 -1
- data/lib/version.rb +1 -1
- metadata +4 -4
data/lib/checks/check_sql.rb
CHANGED
|
@@ -15,7 +15,11 @@ class CheckSQL < BaseCheck
|
|
|
15
15
|
def run_check
|
|
16
16
|
@rails_version = tracker.config[:rails_version]
|
|
17
17
|
calls = tracker.find_model_find tracker.models.keys
|
|
18
|
-
|
|
18
|
+
|
|
19
|
+
calls.concat tracker.find_call([], /^(find.*|last|first|all|count|sum|average|minumum|maximum|count_by_sql)$/)
|
|
20
|
+
|
|
21
|
+
calls.concat tracker.find_model_find(nil).select { |result| constantize_call? result }
|
|
22
|
+
|
|
19
23
|
calls.each do |c|
|
|
20
24
|
process c
|
|
21
25
|
end
|
|
@@ -27,7 +31,7 @@ class CheckSQL < BaseCheck
|
|
|
27
31
|
|
|
28
32
|
args = process call[3]
|
|
29
33
|
|
|
30
|
-
if call[2] == :find_by_sql
|
|
34
|
+
if call[2] == :find_by_sql or call[2] == :count_by_sql
|
|
31
35
|
failed = check_arguments args[1]
|
|
32
36
|
elsif call[2].to_s =~ /^find/
|
|
33
37
|
failed = (args.length > 2 and check_arguments args[-1])
|
|
@@ -121,4 +125,22 @@ class CheckSQL < BaseCheck
|
|
|
121
125
|
|
|
122
126
|
false
|
|
123
127
|
end
|
|
128
|
+
|
|
129
|
+
#Look for something like this:
|
|
130
|
+
#
|
|
131
|
+
# params[:x].constantize.find('something')
|
|
132
|
+
#
|
|
133
|
+
# s(:call,
|
|
134
|
+
# s(:call,
|
|
135
|
+
# s(:call,
|
|
136
|
+
# s(:call, nil, :params, s(:arglist)),
|
|
137
|
+
# :[],
|
|
138
|
+
# s(:arglist, s(:lit, :x))),
|
|
139
|
+
# :constantize,
|
|
140
|
+
# s(:arglist)),
|
|
141
|
+
# :find,
|
|
142
|
+
# s(:arglist, s(:str, "something")))
|
|
143
|
+
def constantize_call? result
|
|
144
|
+
sexp? result[-1][1] and result[-1][1][0] == :call and result[-1][1][2] == :constantize
|
|
145
|
+
end
|
|
124
146
|
end
|
|
@@ -6,7 +6,7 @@ class FindModelCall < FindCall
|
|
|
6
6
|
|
|
7
7
|
#Passes +targets+ to FindCall
|
|
8
8
|
def initialize targets
|
|
9
|
-
super(targets, /^(find.*|first|last|all)$/)
|
|
9
|
+
super(targets, /^(find.*|first|last|all|count|sum|average|minumum|maximum|count_by_sql)$/)
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
#Matches entire method chain as a target. This differs from
|
data/lib/version.rb
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
Version = "0.
|
|
1
|
+
Version = "0.3.0"
|
metadata
CHANGED
|
@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
|
|
|
4
4
|
prerelease: false
|
|
5
5
|
segments:
|
|
6
6
|
- 0
|
|
7
|
-
-
|
|
8
|
-
-
|
|
9
|
-
version: 0.
|
|
7
|
+
- 3
|
|
8
|
+
- 0
|
|
9
|
+
version: 0.3.0
|
|
10
10
|
platform: ruby
|
|
11
11
|
authors:
|
|
12
12
|
- Justin Collins
|
|
@@ -14,7 +14,7 @@ autorequire:
|
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
16
|
|
|
17
|
-
date: 2011-
|
|
17
|
+
date: 2011-03-21 00:00:00 -07:00
|
|
18
18
|
default_executable:
|
|
19
19
|
dependencies:
|
|
20
20
|
- !ruby/object:Gem::Dependency
|