brakeman 4.5.1 → 4.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +150 -109
- data/README.md +0 -1
- data/bundle/load.rb +13 -13
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/CHANGES.txt +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/MIT-LICENSE +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/README.txt +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/contrib/erubis +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/contrib/erubis-run.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/contrib/inline-require +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/context.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/converter.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/ec.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/ecpp.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/ejava.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/ejavascript.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/enhanced.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/eperl.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/ephp.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/eruby.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/escheme.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/engine/optimized.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/enhancer.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/error.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/evaluator.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/generator.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/helper.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/helpers/rails_form_helper.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/helpers/rails_helper.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/local-setting.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/main.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/preprocessing.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/tiny.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/lib/erubis/util.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/erubis-2.7.0/setup.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/CHANGELOG.md +122 -4
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/FAQ.md +4 -14
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/Gemfile +19 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/MIT-LICENSE +20 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/README.md +80 -42
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/REFERENCE.md +121 -64
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/TODO +24 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/haml.gemspec +44 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml.rb +2 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/attribute_builder.rb +164 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/attribute_compiler.rb +224 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/attribute_parser.rb +150 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/buffer.rb +25 -132
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/compiler.rb +330 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/engine.rb +34 -41
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/error.rb +65 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/escapable.rb +50 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/exec.rb +38 -20
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/filters.rb +22 -27
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/generator.rb +42 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/helpers.rb +129 -90
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/helpers/action_view_extensions.rb +4 -2
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/helpers/action_view_mods.rb +45 -60
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/helpers/action_view_xss_mods.rb +2 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/helpers/safe_erubi_template.rb +20 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/helpers/safe_erubis_template.rb +5 -1
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/helpers/xss_mods.rb +19 -12
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/options.rb +63 -69
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/parser.rb +292 -228
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/plugin.rb +37 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/railtie.rb +48 -0
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/sass_rails_filter.rb +18 -4
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/template.rb +13 -6
- data/bundle/ruby/{2.5.0/gems/haml-4.0.7 → 2.6.0/gems/haml-5.1.2}/lib/haml/template/options.rb +13 -2
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/temple_engine.rb +123 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/temple_line_counter.rb +30 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/util.rb +258 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/version.rb +5 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/yard/default/fulldoc/html/css/common.sass +15 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/yard/default/layout/html/footer.erb +12 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/AUTHORS +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/COPYING +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/Changelog.md +3 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/Gemfile +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/LICENSE +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/README.md +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/TODO +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/appveyor.yml +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/highline.gemspec +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/builtin_styles.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/color_scheme.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/compatibility.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/custom_errors.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/import.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/io_console_compatible.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/list.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/list_renderer.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/menu.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/menu/item.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/paginator.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/question.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/question/answer_converter.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/question_asker.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/simulate.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/statement.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/string.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/string_extensions.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/style.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/template_renderer.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/terminal.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/terminal/io_console.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/terminal/ncurses.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/terminal/unix_stty.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/version.rb +1 -1
- data/bundle/ruby/{2.5.0/gems/highline-2.0.2 → 2.6.0/gems/highline-2.0.3}/lib/highline/wrapper.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/ruby2ruby-2.4.2 → 2.6.0/gems/ruby2ruby-2.4.4}/History.rdoc +19 -5
- data/bundle/ruby/{2.5.0/gems/ruby2ruby-2.4.2 → 2.6.0/gems/ruby2ruby-2.4.4}/Manifest.txt +0 -0
- data/bundle/ruby/{2.5.0/gems/ruby2ruby-2.4.2 → 2.6.0/gems/ruby2ruby-2.4.4}/README.rdoc +0 -0
- data/bundle/ruby/{2.5.0/gems/ruby2ruby-2.4.2 → 2.6.0/gems/ruby2ruby-2.4.4}/lib/ruby2ruby.rb +122 -112
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/History.rdoc +38 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/Manifest.txt +0 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/README.rdoc +3 -3
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/compare/normalize.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/debugging.md +0 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/rp_extensions.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/rp_stringscanner.rb +0 -0
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby20_parser.rb +7045 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1/lib/ruby_parser.yy → 2.6.0/gems/ruby_parser-3.14.0/lib/ruby20_parser.y} +390 -397
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby21_parser.rb +7116 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby21_parser.y +399 -254
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby22_parser.rb +7149 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby22_parser.y +400 -255
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby23_parser.rb +7166 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby23_parser.y +400 -255
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby24_parser.rb +7178 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby24_parser.y +404 -257
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby25_parser.rb +7178 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby25_parser.y +404 -257
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby26_parser.rb +7198 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby26_parser.y +410 -261
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby_lexer.rb +424 -432
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby_lexer.rex +0 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby_lexer.rex.rb +1 -1
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby_parser.rb +27 -27
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby_parser.yy +2732 -0
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/lib/ruby_parser_extras.rb +627 -406
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/tools/munge.rb +1 -1
- data/bundle/ruby/{2.5.0/gems/ruby_parser-3.13.1 → 2.6.0/gems/ruby_parser-3.14.0}/tools/ripper.rb +13 -2
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/History.rdoc +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/Manifest.txt +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/README.rdoc +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby18_parser.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby18_parser.y +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby19_parser.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby19_parser.y +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby_lexer.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby_lexer.rex +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby_lexer.rex.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby_parser.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/ruby_parser-legacy-1.0.0/lib/ruby_parser/legacy/ruby_parser_extras.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/CHANGES.md +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/Gemfile +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/LICENSE.txt +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/README.md +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/bundle_install_all_ruby_versions.sh +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/deep.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/libyaml_checker.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/load.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/parse/date.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/parse/hexadecimal.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/parse/sexagesimal.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/psych_handler.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/psych_resolver.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/resolver.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/safe_to_ruby_visitor.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/store.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/syck_hack.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/syck_node_monkeypatch.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/syck_resolver.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_boolean.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_date.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_float.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_integer.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_nil.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_symbol.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/transformation_map.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/version.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/run_specs_all_ruby_versions.sh +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/safe_yaml-1.0.5/safe_yaml.gemspec +0 -0
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0 → 2.6.0/gems/sexp_processor-4.13.0}/History.rdoc +25 -0
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0 → 2.6.0/gems/sexp_processor-4.13.0}/Manifest.txt +1 -0
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0 → 2.6.0/gems/sexp_processor-4.13.0}/README.rdoc +0 -0
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0 → 2.6.0/gems/sexp_processor-4.13.0}/lib/composite_sexp_processor.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0 → 2.6.0/gems/sexp_processor-4.13.0}/lib/pt_testcase.rb +13 -15
- data/bundle/ruby/2.6.0/gems/sexp_processor-4.13.0/lib/sexp.rb +381 -0
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0/lib/sexp.rb → 2.6.0/gems/sexp_processor-4.13.0/lib/sexp_matcher.rb} +25 -382
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0 → 2.6.0/gems/sexp_processor-4.13.0}/lib/sexp_processor.rb +2 -2
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0 → 2.6.0/gems/sexp_processor-4.13.0}/lib/strict_sexp.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/sexp_processor-4.12.0 → 2.6.0/gems/sexp_processor-4.13.0}/lib/unique.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/CHANGES +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/Gemfile +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/LICENSE +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/README.jp.md +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/README.md +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/code_attributes.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/command.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/controls.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/do_inserter.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/embedded.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/end_inserter.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/engine.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/erb_converter.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/filter.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/grammar.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/include.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/interpolation.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/logic_less.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/logic_less/context.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/logic_less/filter.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/parser.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/smart.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/smart/escaper.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/smart/filter.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/smart/parser.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/splat/builder.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/splat/filter.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/template.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/translator.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/lib/slim/version.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/slim-4.0.1/slim.gemspec +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/CHANGES +5 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/EXPRESSIONS.md +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/Gemfile +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/LICENSE +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/README.md +1 -1
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/engine.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/erb/engine.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/erb/parser.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/erb/template.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/erb/trimming.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/exceptions.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filter.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/code_merger.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/control_flow.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/dynamic_inliner.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/encoding.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/eraser.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/escapable.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/multi_flattener.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/remove_bom.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/static_analyzer.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/static_merger.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/string_splitter.rb +1 -1
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/filters/validator.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/generator.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/generators/array.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/generators/array_buffer.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/generators/erb.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/generators/rails_output_buffer.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/generators/string_buffer.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/grammar.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/html/attribute_merger.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/html/attribute_remover.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/html/attribute_sorter.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/html/dispatcher.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/html/fast.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/html/filter.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/html/pretty.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/html/safe.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/map.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/mixins/dispatcher.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/mixins/engine_dsl.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/mixins/grammar_dsl.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/mixins/options.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/mixins/template.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/parser.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/static_analyzer.rb +1 -1
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/templates.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/templates/rails.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/templates/tilt.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/lib/temple/utils.rb +0 -0
- data/bundle/ruby/2.6.0/gems/temple-0.8.2/lib/temple/version.rb +3 -0
- data/bundle/ruby/{2.5.0/gems/temple-0.8.1 → 2.6.0/gems/temple-0.8.2}/temple.gemspec +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/Gemfile +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/History.rdoc +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/LICENSE.txt +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/Manifest +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/README.rdoc +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/Todo.rdoc +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table/cell.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table/import.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table/row.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table/separator.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table/style.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table/table.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table/table_helper.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/lib/terminal-table/version.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/terminal-table-1.8.0/terminal-table.gemspec +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/COPYING +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt.rb +1 -1
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/asciidoc.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/babel.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/bluecloth.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/builder.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/coffee.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/commonmarker.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/creole.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/csv.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/dummy.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/erb.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/erubi.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/erubis.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/etanni.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/haml.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/kramdown.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/less.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/liquid.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/livescript.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/mapping.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/markaby.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/maruku.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/nokogiri.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/pandoc.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/plain.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/prawn.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/radius.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/rdiscount.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/rdoc.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/redcarpet.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/redcloth.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/rst-pandoc.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/sass.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/sigil.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/string.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/template.rb +7 -12
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/typescript.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/wikicloth.rb +0 -0
- data/bundle/ruby/{2.5.0/gems/tilt-2.0.9 → 2.6.0/gems/tilt-2.0.10}/lib/tilt/yajl.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/CHANGELOG.md +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/MIT-LICENSE.txt +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/README.md +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/data/display_width.marshal.gz +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/lib/unicode/display_width.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/lib/unicode/display_width/constants.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/lib/unicode/display_width/index.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/lib/unicode/display_width/no_string_ext.rb +0 -0
- data/bundle/ruby/{2.5.0 → 2.6.0}/gems/unicode-display_width-1.6.0/lib/unicode/display_width/string_ext.rb +0 -0
- data/lib/brakeman/call_index.rb +54 -15
- data/lib/brakeman/checks/base_check.rb +50 -47
- data/lib/brakeman/checks/check_cookie_serialization.rb +22 -0
- data/lib/brakeman/checks/check_cross_site_scripting.rb +4 -4
- data/lib/brakeman/checks/check_deserialize.rb +3 -6
- data/lib/brakeman/checks/check_execute.rb +26 -1
- data/lib/brakeman/checks/check_file_access.rb +7 -1
- data/lib/brakeman/checks/check_header_dos.rb +2 -2
- data/lib/brakeman/checks/check_i18n_xss.rb +2 -2
- data/lib/brakeman/checks/check_jruby_xml.rb +2 -2
- data/lib/brakeman/checks/check_json_parsing.rb +2 -2
- data/lib/brakeman/checks/check_mime_type_dos.rb +2 -2
- data/lib/brakeman/checks/check_nested_attributes_bypass.rb +1 -1
- data/lib/brakeman/checks/check_reverse_tabnabbing.rb +58 -0
- data/lib/brakeman/checks/check_sanitize_methods.rb +2 -2
- data/lib/brakeman/checks/check_session_settings.rb +5 -2
- data/lib/brakeman/checks/check_xml_dos.rb +2 -2
- data/lib/brakeman/checks/check_yaml_parsing.rb +10 -18
- data/lib/brakeman/differ.rb +16 -28
- data/lib/brakeman/file_parser.rb +4 -8
- data/lib/brakeman/file_path.rb +14 -0
- data/lib/brakeman/parsers/haml_embedded.rb +1 -1
- data/lib/brakeman/parsers/template_parser.rb +3 -1
- data/lib/brakeman/processor.rb +1 -1
- data/lib/brakeman/processors/alias_processor.rb +15 -1
- data/lib/brakeman/processors/base_processor.rb +2 -0
- data/lib/brakeman/processors/controller_processor.rb +4 -4
- data/lib/brakeman/processors/gem_processor.rb +10 -2
- data/lib/brakeman/processors/haml_template_processor.rb +87 -123
- data/lib/brakeman/processors/lib/call_conversion_helper.rb +5 -4
- data/lib/brakeman/processors/lib/find_all_calls.rb +27 -4
- data/lib/brakeman/processors/lib/find_call.rb +3 -64
- data/lib/brakeman/processors/lib/rails2_config_processor.rb +1 -1
- data/lib/brakeman/processors/template_alias_processor.rb +28 -0
- data/lib/brakeman/processors/template_processor.rb +10 -6
- data/lib/brakeman/report/report_text.rb +4 -5
- data/lib/brakeman/rescanner.rb +4 -0
- data/lib/brakeman/tracker.rb +26 -2
- data/lib/brakeman/tracker/config.rb +38 -73
- data/lib/brakeman/tracker/constants.rb +2 -1
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning.rb +4 -0
- data/lib/brakeman/warning_codes.rb +3 -0
- data/lib/ruby_parser/bm_sexp.rb +7 -2
- metadata +352 -342
- data/bundle/ruby/2.5.0/gems/haml-4.0.7/MIT-LICENSE +0 -20
- data/bundle/ruby/2.5.0/gems/haml-4.0.7/lib/haml/compiler.rb +0 -540
- data/bundle/ruby/2.5.0/gems/haml-4.0.7/lib/haml/error.rb +0 -61
- data/bundle/ruby/2.5.0/gems/haml-4.0.7/lib/haml/railtie.rb +0 -22
- data/bundle/ruby/2.5.0/gems/haml-4.0.7/lib/haml/template/plugin.rb +0 -41
- data/bundle/ruby/2.5.0/gems/haml-4.0.7/lib/haml/util.rb +0 -377
- data/bundle/ruby/2.5.0/gems/haml-4.0.7/lib/haml/version.rb +0 -3
- data/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib/ruby20_parser.rb +0 -6869
- data/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib/ruby20_parser.y +0 -2431
- data/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib/ruby21_parser.rb +0 -6944
- data/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib/ruby22_parser.rb +0 -6968
- data/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib/ruby23_parser.rb +0 -6987
- data/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib/ruby24_parser.rb +0 -6994
- data/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib/ruby25_parser.rb +0 -6994
- data/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib/ruby26_parser.rb +0 -7012
- data/bundle/ruby/2.5.0/gems/temple-0.8.1/lib/temple/version.rb +0 -3
- data/bundle/ruby/2.5.0/gems/tilt-2.0.9/CHANGELOG.md +0 -132
- data/bundle/ruby/2.5.0/gems/tilt-2.0.9/Gemfile +0 -70
- data/bundle/ruby/2.5.0/gems/tilt-2.0.9/HACKING +0 -16
- data/bundle/ruby/2.5.0/gems/tilt-2.0.9/README.md +0 -233
- data/bundle/ruby/2.5.0/gems/tilt-2.0.9/tilt.gemspec +0 -130
@@ -32,7 +32,7 @@ class Brakeman::CheckFileAccess < Brakeman::BaseCheck
|
|
32
32
|
|
33
33
|
file_name = call.first_arg
|
34
34
|
|
35
|
-
return if called_on_tempfile?(file_name)
|
35
|
+
return if called_on_tempfile?(file_name) || sanitized?(file_name)
|
36
36
|
|
37
37
|
if match = has_immediate_user_input?(file_name)
|
38
38
|
confidence = :high
|
@@ -71,6 +71,12 @@ class Brakeman::CheckFileAccess < Brakeman::BaseCheck
|
|
71
71
|
call?(file_name) && file_name.target == s(:const, :Tempfile)
|
72
72
|
end
|
73
73
|
|
74
|
+
def sanitized? file
|
75
|
+
call?(file) &&
|
76
|
+
call?(file.target) &&
|
77
|
+
class_name(file.target.target) == :"ActiveStorage::Filename"
|
78
|
+
end
|
79
|
+
|
74
80
|
def temp_file_method? exp
|
75
81
|
if call? exp
|
76
82
|
return true if exp.call_chain.include? :tempfile
|
@@ -25,7 +25,7 @@ class Brakeman::CheckHeaderDoS < Brakeman::BaseCheck
|
|
25
25
|
end
|
26
26
|
|
27
27
|
def has_workaround?
|
28
|
-
tracker.
|
29
|
-
|
28
|
+
tracker.find_call(target: :ActiveSupport, method: :on_load).any? and
|
29
|
+
tracker.find_call(target: :"ActionView::LookupContext::DetailsKey", method: :class_eval).any?
|
30
30
|
end
|
31
31
|
end
|
@@ -41,8 +41,8 @@ class Brakeman::CheckI18nXSS < Brakeman::BaseCheck
|
|
41
41
|
end
|
42
42
|
|
43
43
|
def has_workaround?
|
44
|
-
tracker.
|
45
|
-
match.
|
44
|
+
tracker.find_call(target: :I18n, method: :const_defined?, chained: true).any? do |match|
|
45
|
+
match[:call].first_arg == s(:lit, :MissingTranslation)
|
46
46
|
end
|
47
47
|
end
|
48
48
|
end
|
@@ -20,8 +20,8 @@ class Brakeman::CheckJRubyXML < Brakeman::BaseCheck
|
|
20
20
|
end
|
21
21
|
|
22
22
|
#Check for workaround
|
23
|
-
tracker.
|
24
|
-
arg = result
|
23
|
+
tracker.find_call(target: :"ActiveSupport::XmlMini", method: :backend=, chained: true).each do |result|
|
24
|
+
arg = result[:call].first_arg
|
25
25
|
|
26
26
|
return if string? arg and arg.value == "REXML"
|
27
27
|
end
|
@@ -44,13 +44,13 @@ class Brakeman::CheckJSONParsing < Brakeman::BaseCheck
|
|
44
44
|
|
45
45
|
#Check for `ActiveSupport::JSON.backend = "JSONGem"`
|
46
46
|
def uses_gem_backend?
|
47
|
-
matches = tracker.
|
47
|
+
matches = tracker.find_call(target: :'ActiveSupport::JSON', method: :backend=, chained: true)
|
48
48
|
|
49
49
|
unless matches.empty?
|
50
50
|
json_gem = s(:str, "JSONGem")
|
51
51
|
|
52
52
|
matches.each do |result|
|
53
|
-
if result
|
53
|
+
if result[:call].first_arg == json_gem
|
54
54
|
return true
|
55
55
|
end
|
56
56
|
end
|
@@ -30,8 +30,8 @@ class Brakeman::CheckMimeTypeDoS < Brakeman::BaseCheck
|
|
30
30
|
end
|
31
31
|
|
32
32
|
def has_workaround?
|
33
|
-
tracker.
|
34
|
-
arg = match
|
33
|
+
tracker.find_call(target: :Mime, method: :const_set).any? do |match|
|
34
|
+
arg = match[:call].first_arg
|
35
35
|
|
36
36
|
symbol? arg and arg.value == :LOOKUP
|
37
37
|
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
require 'brakeman/checks/base_check'
|
2
|
+
|
3
|
+
class Brakeman::CheckReverseTabnabbing < Brakeman::BaseCheck
|
4
|
+
Brakeman::Checks.add_optional self
|
5
|
+
|
6
|
+
@description = "Checks for reverse tabnabbing cases on 'link_to' calls"
|
7
|
+
|
8
|
+
def run_check
|
9
|
+
calls = tracker.find_call :methods => :link_to
|
10
|
+
calls.each do |call|
|
11
|
+
process_result call
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def process_result result
|
16
|
+
return unless original? result and result[:call].last_arg
|
17
|
+
|
18
|
+
html_opts = result[:call].last_arg
|
19
|
+
return unless hash? html_opts
|
20
|
+
|
21
|
+
target = hash_access html_opts, :target
|
22
|
+
unless target &&
|
23
|
+
(string?(target) && target.value == "_blank" ||
|
24
|
+
symbol?(target) && target.value == :_blank)
|
25
|
+
return
|
26
|
+
end
|
27
|
+
|
28
|
+
target_url = result[:block] ? result[:call].first_arg : result[:call].second_arg
|
29
|
+
|
30
|
+
# `url_for` and `_path` calls lead to urls on to the same origin.
|
31
|
+
# That means that an adversary would need to run javascript on
|
32
|
+
# the victim application's domain. If that is the case, the adversary
|
33
|
+
# already has the ability to redirect the victim user anywhere.
|
34
|
+
# Also statically provided URLs (interpolated or otherwise) are also
|
35
|
+
# ignored as they produce many false positives.
|
36
|
+
return if !call?(target_url) || target_url.method.match(/^url_for$|_path$/)
|
37
|
+
|
38
|
+
rel = hash_access html_opts, :rel
|
39
|
+
confidence = :medium
|
40
|
+
|
41
|
+
if rel && string?(rel) then
|
42
|
+
rel_opt = rel.value
|
43
|
+
return if rel_opt.include?("noopener") && rel_opt.include?("noreferrer")
|
44
|
+
|
45
|
+
if rel_opt.include?("noopener") ^ rel_opt.include?("noreferrer") then
|
46
|
+
confidence = :weak
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
warn :result => result,
|
51
|
+
:warning_type => "Reverse Tabnabbing",
|
52
|
+
:warning_code => :reverse_tabnabbing,
|
53
|
+
:message => msg("When opening a link in a new tab without setting ", msg_code('rel: "noopener noreferrer"'),
|
54
|
+
", the new tab can control the parent tab's location. For example, an attacker could redirect to a phishing page."),
|
55
|
+
:confidence => confidence,
|
56
|
+
:user_input => rel
|
57
|
+
end
|
58
|
+
end
|
@@ -70,7 +70,7 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
|
|
70
70
|
|
71
71
|
def check_cve_2018_8048
|
72
72
|
if loofah_vulnerable_cve_2018_8048?
|
73
|
-
message = msg(msg_version(tracker.config.gem_version(:loofah), "loofah gem"), " is vulnerable (CVE-2018-8048). Upgrade to 2.1
|
73
|
+
message = msg(msg_version(tracker.config.gem_version(:loofah), "loofah gem"), " is vulnerable (CVE-2018-8048). Upgrade to 2.2.1")
|
74
74
|
|
75
75
|
if tracker.find_call(:target => false, :method => :sanitize).any?
|
76
76
|
confidence = :high
|
@@ -90,7 +90,7 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
|
|
90
90
|
def loofah_vulnerable_cve_2018_8048?
|
91
91
|
loofah_version = tracker.config.gem_version(:loofah)
|
92
92
|
|
93
|
-
loofah_version and loofah_version < "2.1
|
93
|
+
loofah_version and loofah_version < "2.2.1"
|
94
94
|
end
|
95
95
|
|
96
96
|
def warn_sanitizer_cve cve, link, upgrade_version
|
@@ -21,8 +21,11 @@ class Brakeman::CheckSessionSettings < Brakeman::BaseCheck
|
|
21
21
|
|
22
22
|
check_for_issues settings, @app_tree.file_path("config/environment.rb")
|
23
23
|
|
24
|
-
|
25
|
-
|
24
|
+
session_store = @app_tree.file_path("config/initializers/session_store.rb")
|
25
|
+
secret_token = @app_tree.file_path("config/initializers/secret_token.rb")
|
26
|
+
|
27
|
+
[session_store, secret_token].each do |file|
|
28
|
+
if tracker.initializers[file] and not ignored? file.basename
|
26
29
|
process tracker.initializers[file]
|
27
30
|
end
|
28
31
|
end
|
@@ -34,8 +34,8 @@ class Brakeman::CheckXMLDoS < Brakeman::BaseCheck
|
|
34
34
|
end
|
35
35
|
|
36
36
|
def has_workaround?
|
37
|
-
tracker.
|
38
|
-
arg = match
|
37
|
+
tracker.find_call(target: :"ActiveSupport::XmlMini", method: :backend=).any? do |match|
|
38
|
+
arg = match[:call].first_arg
|
39
39
|
if string? arg
|
40
40
|
value = arg.value
|
41
41
|
value == 'Nokogiri' or value == 'LibXML'
|
@@ -48,21 +48,17 @@ class Brakeman::CheckYAMLParsing < Brakeman::BaseCheck
|
|
48
48
|
def disabled_xml_parser?
|
49
49
|
if version_between? "0.0.0", "2.3.14"
|
50
50
|
#Look for ActionController::Base.param_parsers.delete(Mime::XML)
|
51
|
-
|
52
|
-
s(:colon2, s(:const, :ActionController), :Base),
|
53
|
-
:param_parsers)
|
54
|
-
|
55
|
-
matches = tracker.check_initializers(params_parser, :delete)
|
51
|
+
matches = tracker.find_call(target: :"ActionController::Base.param_parsers", method: :delete)
|
56
52
|
else
|
57
53
|
#Look for ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::XML)
|
58
|
-
matches = tracker.
|
54
|
+
matches = tracker.find_call(target: :"ActionDispatch::ParamsParser::DEFAULT_PARSERS", method: :delete)
|
59
55
|
end
|
60
56
|
|
61
57
|
unless matches.empty?
|
62
58
|
mime_xml = s(:colon2, s(:const, :Mime), :XML)
|
63
59
|
|
64
60
|
matches.each do |result|
|
65
|
-
if result
|
61
|
+
if result[:call].first_arg == mime_xml
|
66
62
|
return true
|
67
63
|
end
|
68
64
|
end
|
@@ -74,18 +70,14 @@ class Brakeman::CheckYAMLParsing < Brakeman::BaseCheck
|
|
74
70
|
#Look for ActionController::Base.param_parsers[Mime::YAML] = :yaml
|
75
71
|
#in Rails 2.x apps
|
76
72
|
def enabled_yaml_parser?
|
77
|
-
|
78
|
-
s(:colon2, s(:const, :ActionController), :Base),
|
79
|
-
:param_parsers)
|
80
|
-
|
81
|
-
matches = tracker.check_initializers(param_parsers, :[]=)
|
73
|
+
matches = tracker.find_call(target: :'ActionController::Base.param_parsers', method: :[]=)
|
82
74
|
|
83
75
|
mime_yaml = s(:colon2, s(:const, :Mime), :YAML)
|
84
76
|
|
85
77
|
matches.each do |result|
|
86
|
-
if result
|
87
|
-
symbol? result
|
88
|
-
result
|
78
|
+
if result[:call].first_arg == mime_yaml and
|
79
|
+
symbol? result[:call].second_arg and
|
80
|
+
result[:call].second_arg.value == :yaml
|
89
81
|
|
90
82
|
return true
|
91
83
|
end
|
@@ -96,16 +88,16 @@ class Brakeman::CheckYAMLParsing < Brakeman::BaseCheck
|
|
96
88
|
|
97
89
|
def disabled_xml_dangerous_types?
|
98
90
|
if version_between? "0.0.0", "2.3.14"
|
99
|
-
matches = tracker.
|
91
|
+
matches = tracker.find_call(target: :"ActiveSupport::CoreExtensions::Hash::Conversions::XML_PARSING", method: :delete)
|
100
92
|
else
|
101
|
-
matches = tracker.
|
93
|
+
matches = tracker.find_call(target: :"ActiveSupport::XmlMini::PARSING", method: :delete)
|
102
94
|
end
|
103
95
|
|
104
96
|
symbols_off = false
|
105
97
|
yaml_off = false
|
106
98
|
|
107
99
|
matches.each do |result|
|
108
|
-
arg = result
|
100
|
+
arg = result[:call].first_arg
|
109
101
|
|
110
102
|
if string? arg
|
111
103
|
if arg.value == "yaml"
|
data/lib/brakeman/differ.rb
CHANGED
@@ -24,43 +24,31 @@ class Brakeman::Differ
|
|
24
24
|
# second pass to cleanup any vulns which have changed in line number only.
|
25
25
|
# Given a list of new warnings, delete pairs of new/fixed vulns that differ
|
26
26
|
# only by line number.
|
27
|
-
# Horrible O(n^2) performance. Keep n small :-/
|
28
27
|
def second_pass(warnings)
|
29
|
-
|
30
|
-
|
31
|
-
elements_deleted_offset = 0
|
28
|
+
new_fingerprints = Set.new(warnings[:new].map(&method(:fingerprint)))
|
29
|
+
fixed_fingerprints = Set.new(warnings[:fixed].map(&method(:fingerprint)))
|
32
30
|
|
33
|
-
#
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
31
|
+
# Remove warnings which fingerprints are both in :new and :fixed
|
32
|
+
shared_fingerprints = new_fingerprints.intersection(fixed_fingerprints)
|
33
|
+
|
34
|
+
unless shared_fingerprints.empty?
|
35
|
+
warnings[:new].delete_if do |warning|
|
36
|
+
shared_fingerprints.include?(fingerprint(warning))
|
37
|
+
end
|
38
|
+
|
39
|
+
warnings[:fixed].delete_if do |warning|
|
40
|
+
shared_fingerprints.include?(fingerprint(warning))
|
43
41
|
end
|
44
42
|
end
|
45
43
|
|
46
44
|
warnings
|
47
45
|
end
|
48
46
|
|
49
|
-
def
|
50
|
-
|
51
|
-
|
52
|
-
new_warning = new_warning.to_hash
|
53
|
-
fixed_warning = fixed_warning.to_hash
|
54
|
-
end
|
55
|
-
|
56
|
-
if new_warning[:fingerprint] and fixed_warning[:fingerprint]
|
57
|
-
new_warning[:fingerprint] == fixed_warning[:fingerprint]
|
47
|
+
def fingerprint(warning)
|
48
|
+
if warning.is_a?(Brakeman::Warning)
|
49
|
+
warning.fingerprint
|
58
50
|
else
|
59
|
-
|
60
|
-
return false if new_warning[attr] != fixed_warning[attr]
|
61
|
-
end
|
62
|
-
|
63
|
-
true
|
51
|
+
warning[:fingerprint]
|
64
52
|
end
|
65
53
|
end
|
66
54
|
end
|
data/lib/brakeman/file_parser.rb
CHANGED
@@ -33,17 +33,13 @@ module Brakeman
|
|
33
33
|
end
|
34
34
|
end
|
35
35
|
|
36
|
-
def parse_ruby input, path
|
36
|
+
def parse_ruby input, path
|
37
37
|
begin
|
38
38
|
Brakeman.debug "Parsing #{path}"
|
39
|
-
|
39
|
+
RubyParser.new.parse input, path, @timeout
|
40
40
|
rescue Racc::ParseError => e
|
41
|
-
|
42
|
-
|
43
|
-
else
|
44
|
-
@tracker.error e, "Could not parse #{path}"
|
45
|
-
nil
|
46
|
-
end
|
41
|
+
@tracker.error e, "Could not parse #{path}"
|
42
|
+
nil
|
47
43
|
rescue Timeout::Error => e
|
48
44
|
@tracker.error Exception.new("Parsing #{path} took too long (> #{@timeout} seconds). Try increasing the limit with --parser-timeout"), caller
|
49
45
|
nil
|
data/lib/brakeman/file_path.rb
CHANGED
@@ -35,6 +35,11 @@ module Brakeman
|
|
35
35
|
@relative = relative_path
|
36
36
|
end
|
37
37
|
|
38
|
+
# Just the file name, no path
|
39
|
+
def basename
|
40
|
+
@basename ||= File.basename(self.relative)
|
41
|
+
end
|
42
|
+
|
38
43
|
# Read file from absolute path.
|
39
44
|
def read
|
40
45
|
File.read self.absolute
|
@@ -67,5 +72,14 @@ module Brakeman
|
|
67
72
|
def to_s
|
68
73
|
self.to_str
|
69
74
|
end
|
75
|
+
|
76
|
+
def hash
|
77
|
+
@hash ||= [@absolute, @relative].hash
|
78
|
+
end
|
79
|
+
|
80
|
+
def eql? rhs
|
81
|
+
@absolute == rhs.absolute and
|
82
|
+
@relative == rhs.relative
|
83
|
+
end
|
70
84
|
end
|
71
85
|
end
|
@@ -79,7 +79,9 @@ module Brakeman
|
|
79
79
|
|
80
80
|
Haml::Engine.new(text,
|
81
81
|
:filename => path,
|
82
|
-
:escape_html => tracker.config.escape_html
|
82
|
+
:escape_html => tracker.config.escape_html?,
|
83
|
+
:escape_filter_interpolations => tracker.config.escape_filter_interpolations?
|
84
|
+
).precompiled.gsub(/([^\\])\\n/, '\1')
|
83
85
|
rescue Haml::Error => e
|
84
86
|
tracker.error e, ["While compiling HAML in #{path}"] << e.backtrace
|
85
87
|
nil
|
data/lib/brakeman/processor.rb
CHANGED
@@ -90,7 +90,7 @@ module Brakeman
|
|
90
90
|
def process_initializer file_name, src
|
91
91
|
res = BaseProcessor.new(@tracker).process_file src, file_name
|
92
92
|
res = AliasProcessor.new(@tracker).process_safely res, nil, file_name
|
93
|
-
@tracker.initializers[
|
93
|
+
@tracker.initializers[file_name] = res
|
94
94
|
end
|
95
95
|
|
96
96
|
#Process source for a library file
|
@@ -249,6 +249,9 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
|
|
249
249
|
end
|
250
250
|
env[target_var] = target
|
251
251
|
return first_arg
|
252
|
+
elsif new_string? target
|
253
|
+
env[target_var] = first_arg
|
254
|
+
return first_arg
|
252
255
|
elsif array? target
|
253
256
|
target << first_arg
|
254
257
|
env[target_var] = target
|
@@ -265,6 +268,10 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
|
|
265
268
|
unless target.nil?
|
266
269
|
exp = target
|
267
270
|
end
|
271
|
+
when :dup
|
272
|
+
unless target.nil?
|
273
|
+
exp = target
|
274
|
+
end
|
268
275
|
when :join
|
269
276
|
if array? target and target.length > 2 and (string? first_arg or first_arg.nil?)
|
270
277
|
exp = process_array_join(target, first_arg)
|
@@ -602,7 +609,7 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
|
|
602
609
|
if node_type? exp, :hash
|
603
610
|
if exp.any? { |e| node_type? e, :kwsplat and node_type? e.value, :hash }
|
604
611
|
kwsplats, rest = exp.partition { |e| node_type? e, :kwsplat and node_type? e.value, :hash }
|
605
|
-
exp = Sexp.new.concat(rest).line(exp)
|
612
|
+
exp = Sexp.new.concat(rest).line(exp.line)
|
606
613
|
|
607
614
|
kwsplats.each do |e|
|
608
615
|
exp = process_hash_merge! exp, e.value
|
@@ -1194,6 +1201,13 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
|
|
1194
1201
|
call? exp and exp.method == :raise
|
1195
1202
|
end
|
1196
1203
|
|
1204
|
+
STRING_NEW = s(:call, s(:const, :String), :new)
|
1205
|
+
|
1206
|
+
# String.new ?
|
1207
|
+
def new_string? exp
|
1208
|
+
exp == STRING_NEW
|
1209
|
+
end
|
1210
|
+
|
1197
1211
|
#Set variable to given value.
|
1198
1212
|
#Creates "branched" versions of values when appropriate.
|
1199
1213
|
#Avoids creating multiple branched versions inside same
|