brakeman 0.7.2 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +4 -0
- data/bin/brakeman +3 -154
- data/lib/brakeman.rb +186 -0
- data/lib/checks/check_basic_auth.rb +47 -0
- data/lib/checks/check_cross_site_scripting.rb +7 -1
- data/lib/checks/check_mass_assignment.rb +3 -3
- data/lib/checks/check_without_protection.rb +70 -0
- data/lib/processors/controller_processor.rb +6 -2
- data/lib/processors/lib/rails3_route_processor.rb +1 -1
- data/lib/report.rb +15 -3
- data/lib/ruby_parser/ruby_lexer.rb +1320 -0
- data/lib/ruby_parser/ruby_parser.rb +6265 -0
- data/lib/scanner.rb +7 -0
- data/lib/version.rb +1 -1
- metadata +10 -5
data/lib/scanner.rb
CHANGED
|
@@ -6,6 +6,13 @@ begin
|
|
|
6
6
|
require 'erb'
|
|
7
7
|
require 'erubis'
|
|
8
8
|
require 'processor'
|
|
9
|
+
|
|
10
|
+
#Load our own version of ruby_parser :(
|
|
11
|
+
original_verbosity = $VERBOSE
|
|
12
|
+
$VERBOSE = nil
|
|
13
|
+
require 'ruby_parser/ruby_parser.rb'
|
|
14
|
+
$VERBOSE = original_verbosity
|
|
15
|
+
|
|
9
16
|
rescue LoadError => e
|
|
10
17
|
$stderr.puts e.message
|
|
11
18
|
$stderr.puts "Please install the appropriate dependency."
|
data/lib/version.rb
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
Version = "0.
|
|
1
|
+
Version = "0.8.0"
|
metadata
CHANGED
|
@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
|
|
|
4
4
|
prerelease: false
|
|
5
5
|
segments:
|
|
6
6
|
- 0
|
|
7
|
-
-
|
|
8
|
-
-
|
|
9
|
-
version: 0.
|
|
7
|
+
- 8
|
|
8
|
+
- 0
|
|
9
|
+
version: 0.8.0
|
|
10
10
|
platform: ruby
|
|
11
11
|
authors:
|
|
12
12
|
- Justin Collins
|
|
@@ -14,7 +14,7 @@ autorequire:
|
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
16
|
|
|
17
|
-
date: 2011-
|
|
17
|
+
date: 2011-09-15 00:00:00 -07:00
|
|
18
18
|
default_executable:
|
|
19
19
|
dependencies:
|
|
20
20
|
- !ruby/object:Gem::Dependency
|
|
@@ -133,6 +133,7 @@ files:
|
|
|
133
133
|
- lib/checks/check_nested_attributes.rb
|
|
134
134
|
- lib/checks/check_strip_tags.rb
|
|
135
135
|
- lib/checks/check_sql.rb
|
|
136
|
+
- lib/checks/check_without_protection.rb
|
|
136
137
|
- lib/checks/check_mass_assignment.rb
|
|
137
138
|
- lib/checks/check_escape_function.rb
|
|
138
139
|
- lib/checks/check_cross_site_scripting.rb
|
|
@@ -147,19 +148,23 @@ files:
|
|
|
147
148
|
- lib/checks/base_check.rb
|
|
148
149
|
- lib/checks/check_file_access.rb
|
|
149
150
|
- lib/checks/check_response_splitting.rb
|
|
151
|
+
- lib/checks/check_basic_auth.rb
|
|
150
152
|
- lib/checks/check_redirect.rb
|
|
151
153
|
- lib/checks/check_forgery_setting.rb
|
|
152
154
|
- lib/checks/check_render.rb
|
|
153
155
|
- lib/tracker.rb
|
|
154
156
|
- lib/util.rb
|
|
155
157
|
- lib/report.rb
|
|
158
|
+
- lib/ruby_parser/ruby_lexer.rb
|
|
159
|
+
- lib/ruby_parser/ruby_parser.rb
|
|
156
160
|
- lib/version.rb
|
|
161
|
+
- lib/brakeman.rb
|
|
157
162
|
- lib/scanner.rb
|
|
158
163
|
- lib/checks.rb
|
|
159
164
|
- lib/processor.rb
|
|
160
165
|
- lib/format/style.css
|
|
161
166
|
has_rdoc: true
|
|
162
|
-
homepage: http://
|
|
167
|
+
homepage: http://brakemanscanner.org
|
|
163
168
|
licenses: []
|
|
164
169
|
|
|
165
170
|
post_install_message:
|