brakeman 0.8.0 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/bin/brakeman CHANGED
@@ -34,6 +34,10 @@ OptionParser.new do |opts|
34
34
  opts.separator ""
35
35
  opts.separator "Scanning options:"
36
36
 
37
+ opts.on "-a", "--assume-routes", "Assume all controller methods are actions" do
38
+ options[:assume_all_routes] = true
39
+ end
40
+
37
41
  opts.on "--ignore-model-output", "Consider model attributes XSS-safe" do
38
42
  options[:ignore_model_output] = true
39
43
  end
@@ -131,7 +131,7 @@ class ControllerAliasProcessor < AliasProcessor
131
131
 
132
132
  #Returns true if the given method name is also a route
133
133
  def route? method
134
- return true if @tracker.routes[:allow_all_actions]
134
+ return true if @tracker.routes[:allow_all_actions] or OPTIONS[:assume_all_routes]
135
135
  routes = @tracker.routes[@current_class]
136
136
  routes and (routes == :allow_all_actions or routes.include? method)
137
137
  end
data/lib/scanner.rb CHANGED
@@ -129,7 +129,13 @@ class Scanner
129
129
  #Adds parsed information to tracker.routes
130
130
  def process_routes
131
131
  if File.exists? "#@path/config/routes.rb"
132
- @processor.process_routes RubyParser.new.parse(File.read("#@path/config/routes.rb"))
132
+ begin
133
+ @processor.process_routes RubyParser.new.parse(File.read("#@path/config/routes.rb"))
134
+ rescue Exception => e
135
+ tracker.error e.exception(e.message + "\nWhile processing routes.rb"), e.backtrace
136
+ warn "[Notice] Error while processing routes - assuming all public controller methods are actions."
137
+ OPTIONS[:assume_all_routes] = true
138
+ end
133
139
  else
134
140
  warn "[Notice] No route information found"
135
141
  end
data/lib/version.rb CHANGED
@@ -1 +1 @@
1
- Version = "0.8.0"
1
+ Version = "0.8.1"
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 8
8
- - 0
9
- version: 0.8.0
8
+ - 1
9
+ version: 0.8.1
10
10
  platform: ruby
11
11
  authors:
12
12
  - Justin Collins
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2011-09-15 00:00:00 -07:00
17
+ date: 2011-09-28 00:00:00 -07:00
18
18
  default_executable:
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency