RubyGems - brakeman - Versions diffs - 1.1.0 → 1.2.0 - Mend

brakeman 1.1.0 → 1.2.0

Files changed (23) hide show

data/bin/brakeman +32 -173
data/lib/brakeman.rb +47 -25
data/lib/brakeman/call_index.rb +37 -1
data/lib/brakeman/checks.rb +17 -0
data/lib/brakeman/checks/base_check.rb +5 -1
data/lib/brakeman/checks/check_cross_site_scripting.rb +18 -22
data/lib/brakeman/checks/check_execute.rb +11 -24
data/lib/brakeman/checks/check_render.rb +15 -26
data/lib/brakeman/checks/check_sql.rb +48 -3
data/lib/brakeman/options.rb +204 -0
data/lib/brakeman/processor.rb +2 -2
data/lib/brakeman/processors/controller_alias_processor.rb +9 -1
data/lib/brakeman/processors/lib/find_all_calls.rb +36 -0
data/lib/brakeman/processors/lib/rails3_route_processor.rb +1 -0
data/lib/brakeman/processors/model_processor.rb +1 -1
data/lib/brakeman/report.rb +36 -122
data/lib/brakeman/rescanner.rb +247 -0
data/lib/brakeman/scanner.rb +94 -76
data/lib/brakeman/tracker.rb +103 -2
data/lib/brakeman/util.rb +106 -0
data/lib/brakeman/version.rb +1 -1
data/lib/brakeman/warning.rb +26 -11
metadata +5 -3

data/lib/brakeman/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "1.1.0"
+  Version = "1.2.0"
 end

data/lib/brakeman/warning.rb CHANGED Viewed

@@ -43,6 +43,17 @@ class Brakeman::Warning
         @warning_set = :warning
       end
     end
+    @format_message = nil
+    @row = nil
+  end
+  def hash
+    self.format_message.hash
+  end
+  def eql? other_warning
+    self.hash == other_warning.hash
   end
   #Returns name of a view, including where it was rendered from
@@ -63,37 +74,41 @@ class Brakeman::Warning
   #Return formatted warning message
   def format_message
-    message = self.message
+    return @format_message if @format_message
+    @format_message = self.message.dup
     if self.line
-      message << " near line #{self.line}"
+      @format_message << " near line #{self.line}"
     end
     if self.code
-      message << ": #{format_code}"
+      @format_message << ": #{format_code}"
     end
-    message
+    @format_message
   end
   #Generates a hash suitable for inserting into a Ruport table
   def to_row type = :warning
-    row = { "Confidence" => self.confidence,
+    return @row if @row
+    @row = { "Confidence" => self.confidence,
       "Warning Type" => self.warning_type.to_s,
       "Message" => self.format_message }
     case type
     when :template
-      row["Template"] = self.view_name.to_s
+      @row["Template"] = self.view_name.to_s
     when :model
-      row["Model"] = self.model.to_s
+      @row["Model"] = self.model.to_s
     when :controller
-      row["Controller"] = self.controller.to_s
+      @row["Controller"] = self.controller.to_s
     when :warning
-      row["Class"] = self.class.to_s
-      row["Method"] = self.method.to_s
+      @row["Class"] = self.class.to_s
+      @row["Method"] = self.method.to_s
     end
-    row
+    @row
   end
 end

metadata CHANGED Viewed

@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
   prerelease: false
   segments:
   - 1
-  - 1
+  - 2
   - 0
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Justin Collins
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-12-21 00:00:00 -08:00
+date: 2012-01-13 00:00:00 -08:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -157,6 +157,7 @@ files:
 - lib/brakeman/processors/config_processor.rb
 - lib/brakeman/processors/erubis_template_processor.rb
 - lib/brakeman/processors/template_processor.rb
+- lib/brakeman/rescanner.rb
 - lib/brakeman/checks/check_send_file.rb
 - lib/brakeman/checks/check_translate_bug.rb
 - lib/brakeman/checks/check_session_settings.rb
@@ -187,6 +188,7 @@ files:
 - lib/brakeman/report.rb
 - lib/brakeman/version.rb
 - lib/brakeman/call_index.rb
+- lib/brakeman/options.rb
 - lib/brakeman/scanner.rb
 - lib/brakeman/checks.rb
 - lib/brakeman/processor.rb