brakeman-min 3.2.0.pre1 → 3.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES +4 -1
- data/lib/brakeman/checks/check_symbol_dos.rb +2 -0
- data/lib/brakeman/report/ignore/config.rb +9 -4
- data/lib/brakeman/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d877e6547bb9f0ceb4208cf36a29c3c71746d72e
|
|
4
|
+
data.tar.gz: 3350445ee21e3cfa3f8312840256540b7dae307c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 04a24ded2a015de7ec238d3be912e9699edbcdabb2cb5d4007ed78571ce3b4cd296b5e8c6ab2396a5cc20131d71780d98c3beb133b598499e3619057fb6746c7
|
|
7
|
+
data.tar.gz: 432cc143fce3f9679a7bf41cfcf70da63d3d1c6da0e244b1d4a8ebb3fdc97279a4f47749bc8d38d18e97fd1de1e251df027c3d6df9a216aca44087e9b5042f45
|
data/CHANGES
CHANGED
|
@@ -8,6 +8,8 @@ class Brakeman::CheckSymbolDoS < Brakeman::BaseCheck
|
|
|
8
8
|
@description = "Checks for symbol denial of service"
|
|
9
9
|
|
|
10
10
|
def run_check
|
|
11
|
+
return if rails_version > "5.0.0"
|
|
12
|
+
|
|
11
13
|
tracker.find_call(:methods => UNSAFE_METHODS, :nested => true).each do |result|
|
|
12
14
|
check_unsafe_symbol_creation(result)
|
|
13
15
|
end
|
|
@@ -13,6 +13,7 @@ module Brakeman
|
|
|
13
13
|
@ignored_fingerprints = Set.new
|
|
14
14
|
@notes = {}
|
|
15
15
|
@shown_warnings = @ignored_warnings = nil
|
|
16
|
+
@changed = false
|
|
16
17
|
end
|
|
17
18
|
|
|
18
19
|
# Populate ignored_warnings and shown_warnings based on ignore
|
|
@@ -35,8 +36,8 @@ module Brakeman
|
|
|
35
36
|
# Remove warning from ignored list
|
|
36
37
|
def unignore warning
|
|
37
38
|
@ignored_fingerprints.delete warning.fingerprint
|
|
38
|
-
@already_ignored.reject!
|
|
39
|
-
|
|
39
|
+
if @already_ignored.reject! { |w|w[:fingerprint] == warning.fingerprint }
|
|
40
|
+
@changed = true
|
|
40
41
|
end
|
|
41
42
|
end
|
|
42
43
|
|
|
@@ -46,11 +47,13 @@ module Brakeman
|
|
|
46
47
|
end
|
|
47
48
|
|
|
48
49
|
def ignore warning
|
|
50
|
+
@changed = true unless ignored? warning
|
|
49
51
|
@ignored_fingerprints << warning.fingerprint
|
|
50
52
|
end
|
|
51
53
|
|
|
52
54
|
# Add note for warning
|
|
53
55
|
def add_note warning, note
|
|
56
|
+
@changed = true
|
|
54
57
|
@notes[warning.fingerprint] = note
|
|
55
58
|
end
|
|
56
59
|
|
|
@@ -98,7 +101,7 @@ module Brakeman
|
|
|
98
101
|
|
|
99
102
|
w[:note] = @notes[w[:fingerprint]] || ""
|
|
100
103
|
w
|
|
101
|
-
end
|
|
104
|
+
end.sort_by { |w| w[:fingerprint] }
|
|
102
105
|
|
|
103
106
|
output = {
|
|
104
107
|
:ignored_warnings => warnings,
|
|
@@ -124,7 +127,9 @@ module Brakeman
|
|
|
124
127
|
end
|
|
125
128
|
end
|
|
126
129
|
|
|
127
|
-
|
|
130
|
+
if @changed
|
|
131
|
+
save_to_file warnings
|
|
132
|
+
end
|
|
128
133
|
end
|
|
129
134
|
end
|
|
130
135
|
end
|
data/lib/brakeman/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: brakeman-min
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.0
|
|
4
|
+
version: 3.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Justin Collins
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain:
|
|
11
11
|
- brakeman-public_cert.pem
|
|
12
|
-
date: 2016-02-
|
|
12
|
+
date: 2016-02-25 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: test-unit
|
|
@@ -245,9 +245,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
245
245
|
version: '0'
|
|
246
246
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
247
247
|
requirements:
|
|
248
|
-
- - "
|
|
248
|
+
- - ">="
|
|
249
249
|
- !ruby/object:Gem::Version
|
|
250
|
-
version:
|
|
250
|
+
version: '0'
|
|
251
251
|
requirements: []
|
|
252
252
|
rubyforge_project:
|
|
253
253
|
rubygems_version: 2.4.8
|