brakeman 1.6.2 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. data/lib/brakeman/checks.rb +14 -5
  2. data/lib/brakeman/checks/base_check.rb +19 -7
  3. data/lib/brakeman/checks/check_digest_dos.rb +37 -0
  4. data/lib/brakeman/checks/check_escape_function.rb +2 -1
  5. data/lib/brakeman/checks/check_file_access.rb +40 -23
  6. data/lib/brakeman/checks/check_filter_skipping.rb +2 -1
  7. data/lib/brakeman/checks/check_forgery_setting.rb +7 -4
  8. data/lib/brakeman/checks/check_link_to.rb +6 -3
  9. data/lib/brakeman/checks/check_link_to_href.rb +4 -2
  10. data/lib/brakeman/checks/check_nested_attributes.rb +3 -2
  11. data/lib/brakeman/checks/check_quote_table_name.rb +2 -1
  12. data/lib/brakeman/checks/check_response_splitting.rb +2 -1
  13. data/lib/brakeman/checks/check_sql.rb +10 -7
  14. data/lib/brakeman/checks/check_strip_tags.rb +2 -1
  15. data/lib/brakeman/checks/check_validation_regex.rb +1 -1
  16. data/lib/brakeman/checks/check_without_protection.rb +2 -9
  17. data/lib/brakeman/format/style.css +4 -0
  18. data/lib/brakeman/processors/alias_processor.rb +10 -10
  19. data/lib/brakeman/processors/base_processor.rb +4 -11
  20. data/lib/brakeman/processors/controller_processor.rb +9 -1
  21. data/lib/brakeman/processors/lib/rails3_route_processor.rb +96 -31
  22. data/lib/brakeman/processors/lib/render_helper.rb +3 -2
  23. data/lib/brakeman/processors/lib/route_helper.rb +21 -0
  24. data/lib/brakeman/processors/library_processor.rb +10 -1
  25. data/lib/brakeman/processors/model_processor.rb +8 -1
  26. data/lib/brakeman/processors/template_processor.rb +0 -1
  27. data/lib/brakeman/report.rb +10 -0
  28. data/lib/brakeman/scanner.rb +2 -0
  29. data/lib/brakeman/util.rb +1 -2
  30. data/lib/brakeman/version.rb +1 -1
  31. data/lib/brakeman/warning.rb +19 -1
  32. data/lib/ruby_parser/bm_sexp_processor.rb +231 -0
  33. metadata +81 -79
@@ -20,7 +20,6 @@ class Brakeman::TemplateProcessor < Brakeman::BaseProcessor
20
20
  tracker.templates[template_name] = @current_template
21
21
 
22
22
  @inside_concat = false
23
- self.warn_on_default = false
24
23
  end
25
24
 
26
25
  #Process the template Sexp.
@@ -96,6 +96,7 @@ class Brakeman::Report
96
96
  if html
97
97
  w["Confidence"] = HTML_CONFIDENCE[w["Confidence"]]
98
98
  w["Message"] = with_context warning, w["Message"]
99
+ w["Warning Type"] = with_link warning, w["Warning Type"]
99
100
  else
100
101
  w["Confidence"] = TEXT_CONFIDENCE[w["Confidence"]]
101
102
  w["Message"] = text_message warning, w["Message"]
@@ -134,6 +135,7 @@ class Brakeman::Report
134
135
  if html
135
136
  w["Confidence"] = HTML_CONFIDENCE[w["Confidence"]]
136
137
  w["Message"] = with_context warning, w["Message"]
138
+ w["Warning Type"] = with_link warning, w["Warning Type"]
137
139
  else
138
140
  w["Confidence"] = TEXT_CONFIDENCE[w["Confidence"]]
139
141
  w["Message"] = text_message warning, w["Message"]
@@ -170,6 +172,7 @@ class Brakeman::Report
170
172
  if html
171
173
  w["Confidence"] = HTML_CONFIDENCE[w["Confidence"]]
172
174
  w["Message"] = with_context warning, w["Message"]
175
+ w["Warning Type"] = with_link warning, w["Warning Type"]
173
176
  else
174
177
  w["Confidence"] = TEXT_CONFIDENCE[w["Confidence"]]
175
178
  w["Message"] = text_message warning, w["Message"]
@@ -206,6 +209,7 @@ class Brakeman::Report
206
209
  if html
207
210
  w["Confidence"] = HTML_CONFIDENCE[w["Confidence"]]
208
211
  w["Message"] = with_context warning, w["Message"]
212
+ w["Warning Type"] = with_link warning, w["Warning Type"]
209
213
  else
210
214
  w["Confidence"] = TEXT_CONFIDENCE[w["Confidence"]]
211
215
  w["Message"] = text_message warning, w["Message"]
@@ -595,6 +599,10 @@ class Brakeman::Report
595
599
  output << "</table></div>"
596
600
  end
597
601
 
602
+ def with_link warning, message
603
+ "<a href=\"#{warning.link}\">#{message}</a>"
604
+ end
605
+
598
606
  #Generated tab-separated output suitable for the Jenkins Brakeman Plugin:
599
607
  #https://github.com/presidentbeef/brakeman-jenkins-plugin
600
608
  def to_tabs
@@ -630,6 +638,8 @@ class Brakeman::Report
630
638
  w.file = file_for w
631
639
  end
632
640
  end
641
+
642
+ report[:config] = tracker.config
633
643
 
634
644
  report
635
645
  end
@@ -8,6 +8,8 @@ begin
8
8
  require 'ruby_parser/bm_sexp.rb'
9
9
  end
10
10
 
11
+ require 'ruby_parser/bm_sexp_processor.rb'
12
+
11
13
  require 'haml'
12
14
  require 'sass'
13
15
  require 'erb'
data/lib/brakeman/util.rb CHANGED
@@ -1,4 +1,3 @@
1
- require 'sexp_processor'
2
1
  require 'set'
3
2
  require 'active_support/inflector'
4
3
 
@@ -352,7 +351,7 @@ module Brakeman::Util
352
351
 
353
352
  lines.map do |line|
354
353
  if line.chomp.length > @terminal_width
355
- line[0..(@terminal_width - 3)] + ">>"
354
+ line[0..(@terminal_width - 3)] + ">>\n"
356
355
  else
357
356
  line
358
357
  end
@@ -1,3 +1,3 @@
1
1
  module Brakeman
2
- Version = "1.6.2"
2
+ Version = "1.7.0"
3
3
  end
@@ -11,7 +11,7 @@ class Brakeman::Warning
11
11
  def initialize options = {}
12
12
  @view_name = nil
13
13
 
14
- [:called_from, :check, :class, :code, :confidence, :controller, :file, :line,
14
+ [:called_from, :check, :class, :code, :confidence, :controller, :file, :line, :link_path,
15
15
  :message, :method, :model, :template, :user_input, :warning_set, :warning_type].each do |option|
16
16
 
17
17
  self.instance_variable_set("@#{option}", options[option])
@@ -101,6 +101,23 @@ class Brakeman::Warning
101
101
  @format_message
102
102
  end
103
103
 
104
+ def link
105
+ return @link if @link
106
+
107
+ if @link_path
108
+ if @link_path.start_with? "http"
109
+ @link = @link_path
110
+ else
111
+ @link = "http://brakemanscanner.org/docs/warning_types/#{@link_path}"
112
+ end
113
+ else
114
+ warning_path = self.warning_type.to_s.downcase.gsub(/\s+/, '_') + "/"
115
+ @link = "http://brakemanscanner.org/docs/warning_types/#{warning_path}"
116
+ end
117
+
118
+ @link
119
+ end
120
+
104
121
  #Generates a hash suitable for inserting into a table
105
122
  def to_row type = :warning
106
123
  @row = { "Confidence" => self.confidence,
@@ -151,6 +168,7 @@ class Brakeman::Warning
151
168
  :message => self.message,
152
169
  :file => self.file,
153
170
  :line => self.line,
171
+ :link => self.link,
154
172
  :code => (@code && self.format_code),
155
173
  :location => location,
156
174
  :user_input => (@user_input && self.format_user_input),
@@ -0,0 +1,231 @@
1
+ ##
2
+ # SexpProcessor provides a uniform interface to process Sexps.
3
+ #
4
+ # In order to create your own SexpProcessor subclass you'll need
5
+ # to call super in the initialize method, then set any of the
6
+ # Sexp flags you want to be different from the defaults.
7
+ #
8
+ # SexpProcessor uses a Sexp's type to determine which process method
9
+ # to call in the subclass. For Sexp <code>s(:lit, 1)</code>
10
+ # SexpProcessor will call #process_lit, if it is defined.
11
+ #
12
+
13
+ class Brakeman::SexpProcessor
14
+
15
+ VERSION = 'CUSTOM'
16
+
17
+ ##
18
+ # Return a stack of contexts. Most recent node is first.
19
+
20
+ attr_reader :context
21
+
22
+ ##
23
+ # Expected result class
24
+
25
+ attr_accessor :expected
26
+
27
+ ##
28
+ # A scoped environment to make you happy.
29
+
30
+ attr_reader :env
31
+
32
+ ##
33
+ # Creates a new SexpProcessor. Use super to invoke this
34
+ # initializer from SexpProcessor subclasses, then use the
35
+ # attributes above to customize the functionality of the
36
+ # SexpProcessor
37
+
38
+ def initialize
39
+ @expected = Sexp
40
+
41
+ # we do this on an instance basis so we can subclass it for
42
+ # different processors.
43
+ @processors = {}
44
+ @context = []
45
+
46
+ public_methods.each do |name|
47
+ if name.to_s.start_with? "process_" then
48
+ @processors[name[8..-1].to_sym] = name.to_sym
49
+ end
50
+ end
51
+ end
52
+
53
+ ##
54
+ # Default Sexp processor. Invokes process_<type> methods matching
55
+ # the Sexp type given. Performs additional checks as specified by
56
+ # the initializer.
57
+
58
+ def process(exp)
59
+ return nil if exp.nil?
60
+
61
+ result = nil
62
+
63
+ type = exp.first
64
+ raise "type should be a Symbol, not: #{exp.first.inspect}" unless
65
+ Symbol === type
66
+
67
+ in_context type do
68
+ # now do a pass with the real processor (or generic)
69
+ meth = @processors[type]
70
+ if meth then
71
+ if $DEBUG
72
+ result = error_handler(type) do
73
+ self.send(meth, exp)
74
+ end
75
+ else
76
+ result = self.send(meth, exp)
77
+ end
78
+
79
+ else
80
+ result = self.process_default(exp)
81
+ end
82
+ end
83
+
84
+ raise SexpTypeError, "Result must be a #{@expected}, was #{result.class}:#{result.inspect}" unless @expected === result
85
+
86
+ result
87
+ end
88
+
89
+ def error_handler(type, exp=nil) # :nodoc:
90
+ begin
91
+ return yield
92
+ rescue StandardError => err
93
+ warn "#{err.class} Exception thrown while processing #{type} for sexp #{exp.inspect} #{caller.inspect}" if $DEBUG
94
+ raise
95
+ end
96
+ end
97
+
98
+ ##
99
+ # A fairly generic processor for a dummy node. Dummy nodes are used
100
+ # when your processor is doing a complicated rewrite that replaces
101
+ # the current sexp with multiple sexps.
102
+ #
103
+ # Bogus Example:
104
+ #
105
+ # def process_something(exp)
106
+ # return s(:dummy, process(exp), s(:extra, 42))
107
+ # end
108
+
109
+ def process_dummy(exp)
110
+ result = @expected.new(:dummy) rescue @expected.new
111
+
112
+ until exp.empty? do
113
+ result << self.process(exp.shift)
114
+ end
115
+
116
+ result
117
+ end
118
+
119
+ ##
120
+ # Add a scope level to the current env. Eg:
121
+ #
122
+ # def process_defn exp
123
+ # name = exp.shift
124
+ # args = process(exp.shift)
125
+ # scope do
126
+ # body = process(exp.shift)
127
+ # # ...
128
+ # end
129
+ # end
130
+ #
131
+ # env[:x] = 42
132
+ # scope do
133
+ # env[:x] # => 42
134
+ # env[:y] = 24
135
+ # end
136
+ # env[:y] # => nil
137
+
138
+ def scope &block
139
+ env.scope(&block)
140
+ end
141
+
142
+ def in_context type
143
+ self.context.unshift type
144
+
145
+ yield
146
+
147
+ self.context.shift
148
+ end
149
+
150
+ ##
151
+ # I really hate this here, but I hate subdirs in my lib dir more...
152
+ # I guess it is kinda like shaving... I'll split this out when it
153
+ # itches too much...
154
+
155
+ class Environment
156
+ def initialize
157
+ @env = []
158
+ @env.unshift({})
159
+ end
160
+
161
+ def all
162
+ @env.reverse.inject { |env, scope| env.merge scope }
163
+ end
164
+
165
+ def depth
166
+ @env.length
167
+ end
168
+
169
+ # TODO: depth_of
170
+
171
+ def [] name
172
+ hash = @env.find { |closure| closure.has_key? name }
173
+ hash[name] if hash
174
+ end
175
+
176
+ def []= name, val
177
+ hash = @env.find { |closure| closure.has_key? name } || @env.first
178
+ hash[name] = val
179
+ end
180
+
181
+ def scope
182
+ @env.unshift({})
183
+ begin
184
+ yield
185
+ ensure
186
+ @env.shift
187
+ raise "You went too far unextending env" if @env.empty?
188
+ end
189
+ end
190
+ end
191
+ end
192
+
193
+ class Object
194
+
195
+ ##
196
+ # deep_clone is the usual Marshalling hack to make a deep copy.
197
+ # It is rather slow, so use it sparingly. Helps with debugging
198
+ # SexpProcessors since you usually shift off sexps.
199
+
200
+ def deep_clone
201
+ Marshal.load(Marshal.dump(self))
202
+ end
203
+ end
204
+
205
+ ##
206
+ # SexpProcessor base exception class.
207
+
208
+ class SexpProcessorError < StandardError; end
209
+
210
+ ##
211
+ # Raised by SexpProcessor if it sees a node type listed in its
212
+ # unsupported list.
213
+
214
+ class UnsupportedNodeError < SexpProcessorError; end
215
+
216
+ ##
217
+ # Raised by SexpProcessor if it is in strict mode and sees a node for
218
+ # which there is no processor available.
219
+
220
+ class UnknownNodeError < SexpProcessorError; end
221
+
222
+ ##
223
+ # Raised by SexpProcessor if a processor did not process every node in
224
+ # a sexp and @require_empty is true.
225
+
226
+ class NotEmptyError < SexpProcessorError; end
227
+
228
+ ##
229
+ # Raised if assert_type encounters an unexpected sexp type.
230
+
231
+ class SexpTypeError < SexpProcessorError; end
metadata CHANGED
@@ -5,9 +5,9 @@ version: !ruby/object:Gem::Version
5
5
  prerelease:
6
6
  segments:
7
7
  - 1
8
- - 6
9
- - 2
10
- version: 1.6.2
8
+ - 7
9
+ - 0
10
+ version: 1.7.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Justin Collins
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2012-06-13 00:00:00 Z
18
+ date: 2012-07-31 00:00:00 Z
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
21
  name: activesupport
@@ -193,94 +193,96 @@ files:
193
193
  - WARNING_TYPES
194
194
  - FEATURES
195
195
  - README.md
196
- - lib/ruby_parser/ruby18_parser.rb
197
- - lib/ruby_parser/ruby_parser_extras.rb
198
- - lib/ruby_parser/bm_sexp.rb
199
- - lib/ruby_parser/ruby_lexer.rb
200
- - lib/ruby_parser/ruby_parser.rb
201
- - lib/ruby_parser/ruby19_parser.rb
202
- - lib/brakeman/warning.rb
196
+ - lib/brakeman/version.rb
203
197
  - lib/brakeman/differ.rb
204
- - lib/brakeman/processors/gem_processor.rb
205
- - lib/brakeman/processors/controller_alias_processor.rb
206
- - lib/brakeman/processors/base_processor.rb
207
- - lib/brakeman/processors/controller_processor.rb
208
- - lib/brakeman/processors/library_processor.rb
209
- - lib/brakeman/processors/erb_template_processor.rb
210
- - lib/brakeman/processors/haml_template_processor.rb
211
- - lib/brakeman/processors/template_alias_processor.rb
212
- - lib/brakeman/processors/route_processor.rb
213
- - lib/brakeman/processors/model_processor.rb
214
- - lib/brakeman/processors/lib/find_all_calls.rb
215
- - lib/brakeman/processors/lib/find_call.rb
216
- - lib/brakeman/processors/lib/processor_helper.rb
217
- - lib/brakeman/processors/lib/rails3_route_processor.rb
218
- - lib/brakeman/processors/lib/route_helper.rb
219
- - lib/brakeman/processors/lib/rails2_config_processor.rb
220
- - lib/brakeman/processors/lib/rails2_route_processor.rb
221
- - lib/brakeman/processors/lib/render_helper.rb
222
- - lib/brakeman/processors/lib/rails3_config_processor.rb
223
- - lib/brakeman/processors/alias_processor.rb
224
- - lib/brakeman/processors/output_processor.rb
225
- - lib/brakeman/processors/config_processor.rb
226
- - lib/brakeman/processors/erubis_template_processor.rb
227
- - lib/brakeman/processors/template_processor.rb
198
+ - lib/brakeman/util.rb
199
+ - lib/brakeman/brakeman.rake
200
+ - lib/brakeman/call_index.rb
201
+ - lib/brakeman/tracker.rb
202
+ - lib/brakeman/report.rb
203
+ - lib/brakeman/scanner.rb
204
+ - lib/brakeman/processor.rb
228
205
  - lib/brakeman/format/style.css
229
- - lib/brakeman/rescanner.rb
230
- - lib/brakeman/checks/check_send_file.rb
231
- - lib/brakeman/checks/check_translate_bug.rb
232
- - lib/brakeman/checks/check_session_settings.rb
233
- - lib/brakeman/checks/check_nested_attributes.rb
234
- - lib/brakeman/checks/check_strip_tags.rb
235
- - lib/brakeman/checks/check_safe_buffer_manipulation.rb
236
- - lib/brakeman/checks/check_sql.rb
237
- - lib/brakeman/checks/check_without_protection.rb
238
- - lib/brakeman/checks/check_mass_assignment.rb
206
+ - lib/brakeman/checks/check_select_vulnerability.rb
239
207
  - lib/brakeman/checks/check_escape_function.rb
240
- - lib/brakeman/checks/check_cross_site_scripting.rb
208
+ - lib/brakeman/checks/check_basic_auth.rb
209
+ - lib/brakeman/checks/check_safe_buffer_manipulation.rb
210
+ - lib/brakeman/checks/check_forgery_setting.rb
211
+ - lib/brakeman/checks/check_session_settings.rb
241
212
  - lib/brakeman/checks/check_model_attributes.rb
242
- - lib/brakeman/checks/check_default_routes.rb
243
- - lib/brakeman/checks/check_select_vulnerability.rb
244
- - lib/brakeman/checks/check_evaluation.rb
245
- - lib/brakeman/checks/check_quote_table_name.rb
246
- - lib/brakeman/checks/check_validation_regex.rb
247
- - lib/brakeman/checks/check_link_to.rb
248
- - lib/brakeman/checks/check_execute.rb
249
- - lib/brakeman/checks/check_filter_skipping.rb
213
+ - lib/brakeman/checks/check_redirect.rb
214
+ - lib/brakeman/checks/check_skip_before_filter.rb
215
+ - lib/brakeman/checks/check_response_splitting.rb
250
216
  - lib/brakeman/checks/check_mail_to.rb
217
+ - lib/brakeman/checks/check_sql.rb
218
+ - lib/brakeman/checks/check_mass_assignment.rb
251
219
  - lib/brakeman/checks/check_link_to_href.rb
252
- - lib/brakeman/checks/check_skip_before_filter.rb
253
- - lib/brakeman/checks/base_check.rb
220
+ - lib/brakeman/checks/check_filter_skipping.rb
254
221
  - lib/brakeman/checks/check_file_access.rb
255
- - lib/brakeman/checks/check_response_splitting.rb
256
- - lib/brakeman/checks/check_basic_auth.rb
257
- - lib/brakeman/checks/check_send.rb
258
- - lib/brakeman/checks/check_redirect.rb
259
- - lib/brakeman/checks/check_forgery_setting.rb
222
+ - lib/brakeman/checks/base_check.rb
223
+ - lib/brakeman/checks/check_validation_regex.rb
224
+ - lib/brakeman/checks/check_evaluation.rb
225
+ - lib/brakeman/checks/check_digest_dos.rb
260
226
  - lib/brakeman/checks/check_render.rb
261
- - lib/brakeman/tracker.rb
262
- - lib/brakeman/util.rb
263
- - lib/brakeman/report.rb
264
- - lib/brakeman/templates/header.html.erb
265
- - lib/brakeman/templates/warning_overview.html.erb
227
+ - lib/brakeman/checks/check_send_file.rb
228
+ - lib/brakeman/checks/check_execute.rb
229
+ - lib/brakeman/checks/check_translate_bug.rb
230
+ - lib/brakeman/checks/check_default_routes.rb
231
+ - lib/brakeman/checks/check_link_to.rb
232
+ - lib/brakeman/checks/check_quote_table_name.rb
233
+ - lib/brakeman/checks/check_send.rb
234
+ - lib/brakeman/checks/check_cross_site_scripting.rb
235
+ - lib/brakeman/checks/check_strip_tags.rb
236
+ - lib/brakeman/checks/check_nested_attributes.rb
237
+ - lib/brakeman/checks/check_without_protection.rb
238
+ - lib/brakeman/checks.rb
239
+ - lib/brakeman/templates/controller_overview.html.erb
240
+ - lib/brakeman/templates/model_warnings.html.erb
241
+ - lib/brakeman/templates/template_overview.html.erb
242
+ - lib/brakeman/templates/view_warnings.html.erb
266
243
  - lib/brakeman/templates/overview.html.erb
267
244
  - lib/brakeman/templates/controller_warnings.html.erb
245
+ - lib/brakeman/templates/header.html.erb
268
246
  - lib/brakeman/templates/error_overview.html.erb
269
- - lib/brakeman/templates/controller_overview.html.erb
270
247
  - lib/brakeman/templates/security_warnings.html.erb
271
- - lib/brakeman/templates/model_warnings.html.erb
272
- - lib/brakeman/templates/view_warnings.html.erb
273
- - lib/brakeman/templates/template_overview.html.erb
248
+ - lib/brakeman/templates/warning_overview.html.erb
249
+ - lib/brakeman/processors/controller_alias_processor.rb
250
+ - lib/brakeman/processors/lib/route_helper.rb
251
+ - lib/brakeman/processors/lib/rails2_route_processor.rb
252
+ - lib/brakeman/processors/lib/render_helper.rb
253
+ - lib/brakeman/processors/lib/rails2_config_processor.rb
254
+ - lib/brakeman/processors/lib/rails3_route_processor.rb
255
+ - lib/brakeman/processors/lib/processor_helper.rb
256
+ - lib/brakeman/processors/lib/rails3_config_processor.rb
257
+ - lib/brakeman/processors/lib/find_all_calls.rb
258
+ - lib/brakeman/processors/lib/find_call.rb
259
+ - lib/brakeman/processors/template_alias_processor.rb
260
+ - lib/brakeman/processors/model_processor.rb
261
+ - lib/brakeman/processors/output_processor.rb
262
+ - lib/brakeman/processors/library_processor.rb
263
+ - lib/brakeman/processors/erb_template_processor.rb
264
+ - lib/brakeman/processors/template_processor.rb
265
+ - lib/brakeman/processors/alias_processor.rb
266
+ - lib/brakeman/processors/config_processor.rb
267
+ - lib/brakeman/processors/gem_processor.rb
268
+ - lib/brakeman/processors/erubis_template_processor.rb
269
+ - lib/brakeman/processors/route_processor.rb
270
+ - lib/brakeman/processors/controller_processor.rb
271
+ - lib/brakeman/processors/haml_template_processor.rb
272
+ - lib/brakeman/processors/base_processor.rb
273
+ - lib/brakeman/warning.rb
274
+ - lib/brakeman/options.rb
275
+ - lib/brakeman/rescanner.rb
276
+ - lib/brakeman/parsers/rails2_erubis.rb
274
277
  - lib/brakeman/parsers/rails3_erubis.rb
275
278
  - lib/brakeman/parsers/rails2_xss_plugin_erubis.rb
276
- - lib/brakeman/parsers/rails2_erubis.rb
277
- - lib/brakeman/version.rb
278
- - lib/brakeman/call_index.rb
279
- - lib/brakeman/brakeman.rake
280
- - lib/brakeman/options.rb
281
- - lib/brakeman/scanner.rb
282
- - lib/brakeman/checks.rb
283
- - lib/brakeman/processor.rb
279
+ - lib/ruby_parser/ruby_lexer.rb
280
+ - lib/ruby_parser/bm_sexp.rb
281
+ - lib/ruby_parser/ruby_parser_extras.rb
282
+ - lib/ruby_parser/ruby_parser.rb
283
+ - lib/ruby_parser/ruby19_parser.rb
284
+ - lib/ruby_parser/ruby18_parser.rb
285
+ - lib/ruby_parser/bm_sexp_processor.rb
284
286
  - lib/brakeman.rb
285
287
  homepage: http://brakemanscanner.org
286
288
  licenses: []
@@ -311,7 +313,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
311
313
  requirements: []
312
314
 
313
315
  rubyforge_project:
314
- rubygems_version: 1.8.23
316
+ rubygems_version: 1.8.24
315
317
  signing_key:
316
318
  specification_version: 3
317
319
  summary: Security vulnerability scanner for Ruby on Rails.