brakeman 4.8.0 → 5.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (273) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGES.md +144 -2
  3. data/README.md +23 -6
  4. data/bundle/load.rb +7 -5
  5. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/CHANGELOG.md +24 -0
  6. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/FAQ.md +0 -0
  7. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/Gemfile +1 -4
  8. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/MIT-LICENSE +0 -0
  9. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/README.md +21 -16
  10. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/REFERENCE.md +39 -10
  11. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/TODO +0 -0
  12. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/haml.gemspec +2 -1
  13. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/attribute_builder.rb +58 -3
  14. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/attribute_compiler.rb +45 -32
  15. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/attribute_parser.rb +0 -0
  16. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/buffer.rb +0 -56
  17. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/compiler.rb +0 -0
  18. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/engine.rb +0 -0
  19. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/error.rb +0 -0
  20. data/bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/escapable.rb +77 -0
  21. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/exec.rb +0 -0
  22. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/filters.rb +0 -0
  23. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/generator.rb +0 -0
  24. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/helpers/action_view_extensions.rb +0 -0
  25. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/helpers/action_view_mods.rb +0 -0
  26. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/helpers/action_view_xss_mods.rb +0 -0
  27. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/helpers/safe_erubi_template.rb +0 -0
  28. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/helpers/safe_erubis_template.rb +0 -0
  29. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/helpers/xss_mods.rb +6 -3
  30. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/helpers.rb +7 -1
  31. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/options.rb +0 -0
  32. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/parser.rb +32 -4
  33. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/plugin.rb +18 -1
  34. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/railtie.rb +5 -0
  35. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/sass_rails_filter.rb +0 -0
  36. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/template/options.rb +0 -0
  37. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/template.rb +0 -0
  38. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/temple_engine.rb +2 -1
  39. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/temple_line_counter.rb +0 -0
  40. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/util.rb +1 -1
  41. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml/version.rb +1 -1
  42. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/lib/haml.rb +0 -0
  43. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/yard/default/fulldoc/html/css/common.sass +0 -0
  44. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.2}/yard/default/layout/html/footer.erb +0 -0
  45. data/bundle/ruby/2.7.0/gems/parallel-1.21.0/MIT-LICENSE.txt +20 -0
  46. data/bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel/processor_count.rb +45 -0
  47. data/bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel/version.rb +4 -0
  48. data/bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel.rb +532 -0
  49. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/LICENSE.txt +22 -0
  50. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/NEWS.md +178 -0
  51. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/README.md +48 -0
  52. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/attlistdecl.rb +63 -0
  53. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/attribute.rb +205 -0
  54. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/cdata.rb +68 -0
  55. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/child.rb +97 -0
  56. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/comment.rb +80 -0
  57. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/doctype.rb +311 -0
  58. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/document.rb +451 -0
  59. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/attlistdecl.rb +11 -0
  60. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/dtd.rb +47 -0
  61. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/elementdecl.rb +18 -0
  62. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/entitydecl.rb +57 -0
  63. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/notationdecl.rb +40 -0
  64. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/element.rb +2599 -0
  65. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/encoding.rb +51 -0
  66. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/entity.rb +171 -0
  67. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/default.rb +116 -0
  68. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/pretty.rb +142 -0
  69. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/transitive.rb +58 -0
  70. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/functions.rb +447 -0
  71. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/instruction.rb +79 -0
  72. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/light/node.rb +188 -0
  73. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/namespace.rb +59 -0
  74. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/node.rb +76 -0
  75. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/output.rb +30 -0
  76. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parent.rb +166 -0
  77. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parseexception.rb +52 -0
  78. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb +694 -0
  79. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/lightparser.rb +59 -0
  80. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/pullparser.rb +197 -0
  81. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/sax2parser.rb +273 -0
  82. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/streamparser.rb +61 -0
  83. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/treeparser.rb +101 -0
  84. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/ultralightparser.rb +57 -0
  85. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/xpathparser.rb +689 -0
  86. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/quickpath.rb +266 -0
  87. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/rexml.rb +37 -0
  88. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/sax2listener.rb +98 -0
  89. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/security.rb +28 -0
  90. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/source.rb +298 -0
  91. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/streamlistener.rb +93 -0
  92. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/text.rb +424 -0
  93. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/undefinednamespaceexception.rb +9 -0
  94. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/relaxng.rb +539 -0
  95. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/validation.rb +144 -0
  96. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/validationexception.rb +10 -0
  97. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xmldecl.rb +130 -0
  98. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xmltokens.rb +85 -0
  99. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xpath.rb +81 -0
  100. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xpath_parser.rb +974 -0
  101. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml.rb +3 -0
  102. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/History.rdoc +148 -0
  103. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/Manifest.txt +7 -0
  104. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/README.rdoc +1 -0
  105. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/compare/normalize.rb +51 -6
  106. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/debugging.md +190 -0
  107. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/gauntlet.md +106 -0
  108. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/rp_extensions.rb +15 -36
  109. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/rp_stringscanner.rb +33 -0
  110. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby20_parser.rb +7128 -0
  111. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby20_parser.y +420 -296
  112. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby21_parser.rb +7182 -0
  113. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby21_parser.y +415 -293
  114. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby22_parser.rb +7228 -0
  115. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby22_parser.y +419 -295
  116. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby23_parser.rb +7237 -0
  117. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby23_parser.y +419 -295
  118. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby24_parser.rb +7268 -0
  119. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby24_parser.y +419 -295
  120. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby25_parser.rb +7268 -0
  121. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2/lib/ruby26_parser.y → ruby_parser-3.18.1/lib/ruby25_parser.y} +418 -308
  122. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby26_parser.rb +7287 -0
  123. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2/lib/ruby_parser.yy → ruby_parser-3.18.1/lib/ruby26_parser.y} +419 -399
  124. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby27_parser.rb +8517 -0
  125. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2/lib/ruby25_parser.y → ruby_parser-3.18.1/lib/ruby27_parser.y} +1030 -294
  126. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby30_parser.rb +8751 -0
  127. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby30_parser.y +3472 -0
  128. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby3_parser.yy +3476 -0
  129. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby_lexer.rb +308 -605
  130. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby_lexer.rex +33 -27
  131. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby_lexer.rex.rb +65 -31
  132. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_lexer_strings.rb +638 -0
  133. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby_parser.rb +4 -0
  134. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_parser.yy +3487 -0
  135. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/lib/ruby_parser_extras.rb +341 -127
  136. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/tools/munge.rb +43 -10
  137. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.14.2 → ruby_parser-3.18.1}/tools/ripper.rb +15 -10
  138. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/History.rdoc +39 -0
  139. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/Manifest.txt +0 -0
  140. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/README.rdoc +0 -0
  141. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/lib/composite_sexp_processor.rb +0 -0
  142. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/lib/pt_testcase.rb +9 -4
  143. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/lib/sexp.rb +19 -9
  144. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/lib/sexp_matcher.rb +4 -7
  145. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/lib/sexp_processor.rb +1 -1
  146. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/lib/strict_sexp.rb +25 -3
  147. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.14.1 → sexp_processor-4.16.0}/lib/unique.rb +0 -0
  148. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/CHANGES +4 -0
  149. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/Gemfile +12 -13
  150. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/LICENSE +0 -0
  151. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/README.jp.md +0 -0
  152. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/README.md +0 -0
  153. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/code_attributes.rb +0 -0
  154. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/command.rb +13 -13
  155. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/controls.rb +0 -0
  156. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/do_inserter.rb +0 -0
  157. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/embedded.rb +0 -0
  158. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/end_inserter.rb +0 -0
  159. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/engine.rb +0 -0
  160. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/erb_converter.rb +0 -0
  161. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/filter.rb +0 -0
  162. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/grammar.rb +0 -0
  163. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/include.rb +0 -0
  164. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/interpolation.rb +0 -0
  165. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/logic_less/context.rb +0 -0
  166. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/logic_less/filter.rb +0 -0
  167. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/logic_less.rb +0 -0
  168. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/parser.rb +1 -1
  169. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/smart/escaper.rb +0 -0
  170. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/smart/filter.rb +0 -0
  171. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/smart/parser.rb +0 -0
  172. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/smart.rb +0 -0
  173. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/splat/builder.rb +0 -0
  174. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/splat/filter.rb +0 -0
  175. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/template.rb +0 -0
  176. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/translator.rb +0 -0
  177. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim/version.rb +1 -1
  178. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/lib/slim.rb +0 -0
  179. data/bundle/ruby/2.7.0/gems/{slim-4.0.1 → slim-4.1.0}/slim.gemspec +0 -0
  180. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.6.1 → unicode-display_width-1.8.0}/CHANGELOG.md +8 -0
  181. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.6.1 → unicode-display_width-1.8.0}/MIT-LICENSE.txt +0 -0
  182. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.6.1 → unicode-display_width-1.8.0}/README.md +1 -1
  183. data/bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/data/display_width.marshal.gz +0 -0
  184. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.6.1 → unicode-display_width-1.8.0}/lib/unicode/display_width/constants.rb +2 -2
  185. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.6.1 → unicode-display_width-1.8.0}/lib/unicode/display_width/index.rb +0 -0
  186. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.6.1 → unicode-display_width-1.8.0}/lib/unicode/display_width/no_string_ext.rb +0 -0
  187. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.6.1 → unicode-display_width-1.8.0}/lib/unicode/display_width/string_ext.rb +0 -0
  188. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.6.1 → unicode-display_width-1.8.0}/lib/unicode/display_width.rb +0 -0
  189. data/lib/brakeman/app_tree.rb +37 -4
  190. data/lib/brakeman/checks/base_check.rb +18 -2
  191. data/lib/brakeman/checks/check_basic_auth.rb +2 -0
  192. data/lib/brakeman/checks/check_csrf_token_forgery_cve.rb +28 -0
  193. data/lib/brakeman/checks/check_deserialize.rb +21 -1
  194. data/lib/brakeman/checks/check_detailed_exceptions.rb +1 -1
  195. data/lib/brakeman/checks/check_eol_rails.rb +23 -0
  196. data/lib/brakeman/checks/check_eol_ruby.rb +26 -0
  197. data/lib/brakeman/checks/check_evaluation.rb +1 -1
  198. data/lib/brakeman/checks/check_execute.rb +12 -1
  199. data/lib/brakeman/checks/check_json_entity_escape.rb +38 -0
  200. data/lib/brakeman/checks/check_json_parsing.rb +1 -1
  201. data/lib/brakeman/checks/check_mass_assignment.rb +37 -9
  202. data/lib/brakeman/checks/check_model_attr_accessible.rb +1 -1
  203. data/lib/brakeman/checks/check_model_attributes.rb +1 -1
  204. data/lib/brakeman/checks/check_page_caching_cve.rb +37 -0
  205. data/lib/brakeman/checks/check_permit_attributes.rb +1 -1
  206. data/lib/brakeman/checks/check_regex_dos.rb +1 -1
  207. data/lib/brakeman/checks/check_render.rb +15 -1
  208. data/lib/brakeman/checks/check_sanitize_methods.rb +2 -1
  209. data/lib/brakeman/checks/check_skip_before_filter.rb +4 -4
  210. data/lib/brakeman/checks/check_sql.rb +60 -9
  211. data/lib/brakeman/checks/check_symbol_dos.rb +1 -1
  212. data/lib/brakeman/checks/check_template_injection.rb +32 -0
  213. data/lib/brakeman/checks/check_unsafe_reflection_methods.rb +68 -0
  214. data/lib/brakeman/checks/check_verb_confusion.rb +75 -0
  215. data/lib/brakeman/checks/eol_check.rb +47 -0
  216. data/lib/brakeman/commandline.rb +25 -1
  217. data/lib/brakeman/file_parser.rb +58 -22
  218. data/lib/brakeman/options.rb +39 -2
  219. data/lib/brakeman/parsers/template_parser.rb +26 -3
  220. data/lib/brakeman/processors/alias_processor.rb +132 -24
  221. data/lib/brakeman/processors/base_processor.rb +4 -4
  222. data/lib/brakeman/processors/controller_alias_processor.rb +6 -43
  223. data/lib/brakeman/processors/controller_processor.rb +1 -1
  224. data/lib/brakeman/processors/gem_processor.rb +3 -0
  225. data/lib/brakeman/processors/haml_template_processor.rb +17 -1
  226. data/lib/brakeman/processors/lib/call_conversion_helper.rb +13 -7
  227. data/lib/brakeman/processors/lib/file_type_detector.rb +64 -0
  228. data/lib/brakeman/processors/lib/find_all_calls.rb +28 -13
  229. data/lib/brakeman/processors/lib/rails3_config_processor.rb +16 -16
  230. data/lib/brakeman/processors/lib/rails3_route_processor.rb +2 -0
  231. data/lib/brakeman/processors/lib/rails4_config_processor.rb +2 -1
  232. data/lib/brakeman/processors/lib/render_helper.rb +3 -1
  233. data/lib/brakeman/processors/library_processor.rb +9 -0
  234. data/lib/brakeman/processors/model_processor.rb +32 -0
  235. data/lib/brakeman/processors/output_processor.rb +1 -1
  236. data/lib/brakeman/processors/template_alias_processor.rb +5 -0
  237. data/lib/brakeman/report/ignore/config.rb +5 -1
  238. data/lib/brakeman/report/ignore/interactive.rb +1 -1
  239. data/lib/brakeman/report/report_base.rb +0 -2
  240. data/lib/brakeman/report/report_csv.rb +37 -60
  241. data/lib/brakeman/report/report_github.rb +31 -0
  242. data/lib/brakeman/report/report_junit.rb +2 -2
  243. data/lib/brakeman/report/report_sarif.rb +133 -0
  244. data/lib/brakeman/report/report_sonar.rb +38 -0
  245. data/lib/brakeman/report/report_tabs.rb +1 -1
  246. data/lib/brakeman/report/report_text.rb +38 -17
  247. data/lib/brakeman/report.rb +19 -1
  248. data/lib/brakeman/rescanner.rb +7 -5
  249. data/lib/brakeman/scanner.rb +65 -31
  250. data/lib/brakeman/tracker/collection.rb +57 -7
  251. data/lib/brakeman/tracker/config.rb +87 -5
  252. data/lib/brakeman/tracker/constants.rb +8 -7
  253. data/lib/brakeman/tracker/controller.rb +1 -1
  254. data/lib/brakeman/tracker/method_info.rb +70 -0
  255. data/lib/brakeman/tracker.rb +42 -5
  256. data/lib/brakeman/util.rb +58 -21
  257. data/lib/brakeman/version.rb +1 -1
  258. data/lib/brakeman/warning.rb +10 -2
  259. data/lib/brakeman/warning_codes.rb +13 -0
  260. data/lib/brakeman.rb +45 -6
  261. data/lib/ruby_parser/bm_sexp.rb +33 -9
  262. metadata +201 -123
  263. data/bundle/ruby/2.7.0/gems/haml-5.1.2/lib/haml/escapable.rb +0 -50
  264. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/debugging.md +0 -18
  265. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/lib/rp_stringscanner.rb +0 -64
  266. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/lib/ruby20_parser.rb +0 -7042
  267. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/lib/ruby21_parser.rb +0 -7113
  268. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/lib/ruby22_parser.rb +0 -7146
  269. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/lib/ruby23_parser.rb +0 -7163
  270. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/lib/ruby24_parser.rb +0 -7175
  271. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/lib/ruby25_parser.rb +0 -7175
  272. data/bundle/ruby/2.7.0/gems/ruby_parser-3.14.2/lib/ruby26_parser.rb +0 -7195
  273. data/bundle/ruby/2.7.0/gems/unicode-display_width-1.6.1/data/display_width.marshal.gz +0 -0
@@ -0,0 +1,3 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "rexml/document"
@@ -1,3 +1,151 @@
1
+ === 3.18.1 / 2021-11-10
2
+
3
+ * 1 minor enhancement:
4
+
5
+ * All parser tests are now explicitly testing line numbers at every level.
6
+
7
+ * 3 bug fixes:
8
+
9
+ * Fixed endless method with noargs. (mitsuru)
10
+ * Fixed line numbers on some yield forms.
11
+ * Handle and clearly report if unifdef is missing.
12
+
13
+ === 3.18.0 / 2021-10-27
14
+
15
+ Holy crap... 58 commits! 2.7 and 3.0 are feature complete. Strings
16
+ & heredocs have been rewritten.
17
+
18
+ * 9 major enhancements:
19
+
20
+ * !!! Rewrote lexer (and friends) for strings, heredocs, and %*[] constructs.
21
+ * Massive overhaul on line numbers.
22
+ * Freeze input! Finally!!! No more modifying the input string for heredocs.
23
+ * Overhauled RPStringScanner. Removed OLD compatibility methods!
24
+ * Removed Sexp methods: value, to_sym, add, add_all, node_type, values.
25
+ * value moved to sexp_processor.
26
+ * Removed String#grep monkey-patch.
27
+ * Removed String#lineno monkey-patch.
28
+ * Removed string_to_pos, charpos, etc hacks for ancient ruby versions.
29
+ * Removed unread_many... NO! NO EDITING THE INPUT STRING!
30
+
31
+ * 31 minor enhancements:
32
+
33
+ * 2.7/3.0: many more pattern edge cases
34
+ * 2.7: Added `mlhs = rhs rescue expr`
35
+ * 2.7: refactored destructured args (`|(k,v)|`) and unfactored(?!) case_body/args.
36
+ * 3.0: excessed_comma
37
+ * 3.0: finished most everything: endless methods, patterns, etc.
38
+ * 3.0: refactored / added new pattern changes
39
+ * Added RubyLexer#in_heredoc? (ie, is there old_ss ?)
40
+ * Added RubyLexer#old_ss and old_lineno and removed much of SSStack(ish).
41
+ * Added Symbol#end_with? when necessary
42
+ * Added TALLY and DEBUG options for ss.getch and ss.scan
43
+ * Added ignore_body_comments to make parser productions more clear.
44
+ * Added support for no_kwarg (eg `def f(**nil)`).
45
+ * Added support for no_kwarg in blocks (eg `f { |**nil| }`).
46
+ * Augmented generated parser files to have frozen_string_literal comments and fixed tests.
47
+ * Broke out 3.0 parser into its own to ease development.
48
+ * Bumped dependencies on sexp_processor and oedipus_lex.
49
+ * Clean generated 3.x files.
50
+ * Extracted all string scanner methods to their own module.
51
+ * Fixed some precedence decls.
52
+ * Implemented most of pattern matching for 2.7+.
53
+ * Improve lex_state= to report location in verbose debug mode.
54
+ * Made it easier to debug with a particular version of ruby via rake.
55
+ * Make sure ripper uses the same version of ruby we specified.
56
+ * Moved all string/heredoc/etc code to ruby_lexer_strings.rb
57
+ * Remove warning from newer bisons.
58
+ * Sprinkled in some frozen_string_literal, but mostly helped by oedipus bump.
59
+ * Switch to comparing against ruby binary since ripper is buggy.
60
+ * bugs task should try both bug*.rb and bad*.rb.
61
+ * endless methods
62
+ * f_any_kwrest refactoring.
63
+ * refactored defn/defs
64
+
65
+ * 15 bug fixes:
66
+
67
+ * Cleaned a bunch of old hacks. Initializing RubyLexer w/ Parser is cleaner now.
68
+ * Corrected some lex_state errors in process_token_keyword.
69
+ * Fixed ancient ruby2 change (use #lines) in ruby_parse_extract_error.
70
+ * Fixed bug where else without rescue only raises on 2.6+
71
+ * Fixed caller for getch and scan when DEBUG=1
72
+ * Fixed comments in the middle of message cascades.
73
+ * Fixed differences w/ symbol productions against ruby 2.7.
74
+ * Fixed dsym to use string_contents production.
75
+ * Fixed error in bdot2/3 in some edge cases. Fixed p_alt line.
76
+ * Fixed heredoc dedenting in the presence of empty lines. (mvz)
77
+ * Fixed some leading whitespace / comment processing
78
+ * Fixed up how class/module/defn/defs comments were collected.
79
+ * Overhauled ripper.rb to deal with buggy ripper w/ yydebug.
80
+ * Removed dsym from literal.
81
+ * Removed tUBANG lexeme but kept it distinct as a method name (eg: `def !@`).
82
+
83
+ === 3.17.0 / 2021-08-03
84
+
85
+ * 1 minor enhancement:
86
+
87
+ * Added support for arg forwarding (eg `def f(...); m(...); end`) (presidentbeef)
88
+
89
+ === 3.16.0 / 2021-05-15
90
+
91
+ * 1 major enhancement:
92
+
93
+ * Added tentative 3.0 support.
94
+
95
+ * 3 minor enhancements:
96
+
97
+ * Added lexing for "beginless range" (bdots).
98
+ * Added parsing for bdots.
99
+ * Updated rake compare task to download xz files, bumped versions, etc
100
+
101
+ * 4 bug fixes:
102
+
103
+ * Bump rake dependency to >= 10, < 15. (presidentbeef)
104
+ * Bump sexp_processor dependency to 4.15.1+. (pravi)
105
+ * Fixed minor state mismatch at the end of parsing to make diffing a little cleaner.
106
+ * Fixed normalizer to deal with new bison token syntax
107
+
108
+ === 3.15.1 / 2021-01-10
109
+
110
+ * 1 bug fix:
111
+
112
+ * Bumped ruby version to include < 4 (trunk).
113
+
114
+ === 3.15.0 / 2020-08-31
115
+
116
+ * 1 major enhancement:
117
+
118
+ * Added tentative 2.7 support.
119
+
120
+ * 1 minor enhancement:
121
+
122
+ * Improved ruby_parse_extract_error's handling of moving slow files out.
123
+
124
+ * 22 bug fixes:
125
+
126
+ * Bumped ruby version to include 3.0 (trunk).
127
+ * Fix an error related to empty ensure bodies. (presidentbeef)
128
+ * Fix handling of bad magic encoding comment.
129
+ * Fixed SystemStackError when parsing a huoooge hash, caused by a splat arg.
130
+ * Fixed a number of errors parsing do blocks in strange edge cases.
131
+ * Fixed a string backslash lexing bug when the string is an invalid encoding. (nijikon, gmcgibbon)
132
+ * Fixed bug assigning line number to some arg nodes.
133
+ * Fixed bug concatinating string literals with differing encodings.
134
+ * Fixed bug lexing heredoc w/ nasty mix of \r\n and \n.
135
+ * Fixed bug lexing multiple codepoints in \u{0000 1111 2222} forms.
136
+ * Fixed bug setting line numbers in empty xstrings in some contexts.
137
+ * Fixed edge case on call w/ begin + do block as an arg.
138
+ * Fixed handling of UTF BOM.
139
+ * Fixed handling of lexer state across string interpolation braces.
140
+ * Fixed infinite loop when lexing backslash+cr+newline (aka dos-files)
141
+ * Fixed lambda + do block edge case.
142
+ * Fixed lexing of some ?\M... and ?\C... edge cases.
143
+ * Fixed more do/brace block edge case failures.
144
+ * Fixed parsing bug where splat was used in the middle of a list.
145
+ * Fixed parsing of interpolation in heredoc-like strings. (presidentbeef)
146
+ * Fixed parsing some esoteric edge cases in op_asgn.
147
+ * Fixed unicode processing in ident chars so now they better mix.
148
+
1
149
  === 3.14.2 / 2020-02-06
2
150
 
3
151
  * 1 minor enhancement:
@@ -7,6 +7,7 @@ bin/ruby_parse
7
7
  bin/ruby_parse_extract_error
8
8
  compare/normalize.rb
9
9
  debugging.md
10
+ gauntlet.md
10
11
  lib/.document
11
12
  lib/rp_extensions.rb
12
13
  lib/rp_stringscanner.rb
@@ -24,9 +25,15 @@ lib/ruby25_parser.rb
24
25
  lib/ruby25_parser.y
25
26
  lib/ruby26_parser.rb
26
27
  lib/ruby26_parser.y
28
+ lib/ruby27_parser.rb
29
+ lib/ruby27_parser.y
30
+ lib/ruby30_parser.rb
31
+ lib/ruby30_parser.y
32
+ lib/ruby3_parser.yy
27
33
  lib/ruby_lexer.rb
28
34
  lib/ruby_lexer.rex
29
35
  lib/ruby_lexer.rex.rb
36
+ lib/ruby_lexer_strings.rb
30
37
  lib/ruby_parser.rb
31
38
  lib/ruby_parser.yy
32
39
  lib/ruby_parser_extras.rb
@@ -32,6 +32,7 @@ Tested against 801,039 files from the latest of all rubygems (as of 2013-05):
32
32
  * 1.8 parser is at 99.9739% accuracy, 3.651 sigma
33
33
  * 1.9 parser is at 99.9940% accuracy, 4.013 sigma
34
34
  * 2.0 parser is at 99.9939% accuracy, 4.008 sigma
35
+ * 2.6 parser is at 99.9972% accuracy, 4.191 sigma
35
36
 
36
37
  == FEATURES/PROBLEMS:
37
38
 
@@ -8,6 +8,10 @@ order = []
8
8
 
9
9
  def munge s
10
10
  renames = [
11
+ # unquote... wtf?
12
+ /`(.+?)'/, proc { $1 },
13
+ /"'(.+?)'"/, proc { "\"#{$1}\"" },
14
+
11
15
  "'='", "tEQL",
12
16
  "'!'", "tBANG",
13
17
  "'%'", "tPERCENT",
@@ -80,6 +84,7 @@ def munge s
80
84
 
81
85
  "' '", "tSPACE", # needs to be later to avoid bad hits
82
86
 
87
+ "%empty", "none", # newer bison
83
88
  "/* empty */", "none",
84
89
  /^\s*$/, "none",
85
90
 
@@ -100,6 +105,44 @@ def munge s
100
105
 
101
106
  "kVARIABLE", "keyword_variable", # ugh: this is a rule name
102
107
 
108
+ # 2.7 changes:
109
+
110
+ '"global variable"', "tGVAR",
111
+ '"operator-assignment"', "tOP_ASGN",
112
+ '"back reference"', "tBACK_REF",
113
+ '"numbered reference"', "tNTH_REF",
114
+ '"local variable or method"', "tIDENTIFIER",
115
+ '"constant"', "tCONSTANT",
116
+
117
+ '"(.."', "tBDOT2",
118
+ '"(..."', "tBDOT3",
119
+ '"char literal"', "tCHAR",
120
+ '"literal content"', "tSTRING_CONTENT",
121
+ '"string literal"', "tSTRING_BEG",
122
+ '"symbol literal"', "tSYMBEG",
123
+ '"backtick literal"', "tXSTRING_BEG",
124
+ '"regexp literal"', "tREGEXP_BEG",
125
+ '"word list"', "tWORDS_BEG",
126
+ '"verbatim word list"', "tQWORDS_BEG",
127
+ '"symbol list"', "tSYMBOLS_BEG",
128
+ '"verbatim symbol list"', "tQSYMBOLS_BEG",
129
+
130
+ '"float literal"', "tFLOAT",
131
+ '"imaginary literal"', "tIMAGINARY",
132
+ '"integer literal"', "tINTEGER",
133
+ '"rational literal"', "tRATIONAL",
134
+
135
+ '"instance variable"', "tIVAR",
136
+ '"class variable"', "tCVAR",
137
+ '"terminator"', "tSTRING_END", # TODO: switch this?
138
+ '"method"', "tFID",
139
+ '"}"', "tSTRING_DEND",
140
+
141
+ '"do for block"', "kDO_BLOCK",
142
+ '"do for condition"', "kDO_COND",
143
+ '"do for lambda"', "kDO_LAMBDA",
144
+ "tLABEL", "kLABEL",
145
+
103
146
  # UGH
104
147
  "k_LINE__", "k__LINE__",
105
148
  "k_FILE__", "k__FILE__",
@@ -107,15 +150,17 @@ def munge s
107
150
 
108
151
  '"defined?"', "kDEFINED",
109
152
 
110
-
111
153
  '"do (for condition)"', "kDO_COND",
112
154
  '"do (for lambda)"', "kDO_LAMBDA",
113
155
  '"do (for block)"', "kDO_BLOCK",
114
156
 
115
- /\"(\w+) \(modifier\)\"/, proc { |x| "k#{$1.upcase}_MOD" },
116
- /\"(\w+)\"/, proc { |x| "k#{$1.upcase}" },
157
+ /\"(\w+) \(?modifier\)?\"/, proc { |x| "k#{$1.upcase}_MOD" },
158
+ /\"(\w+)\"/, proc { |x| "k#{$1.upcase}" },
159
+
160
+ /\$?@(\d+)(\s+|$)/, "", # newer bison
117
161
 
118
- /@(\d+)(\s+|$)/, "",
162
+ # TODO: remove for 3.0 work:
163
+ "lex_ctxt ", "" # 3.0 production that's mostly noise right now
119
164
  ]
120
165
 
121
166
  renames.each_slice(2) do |(a, b)|
@@ -134,7 +179,7 @@ ARGF.each_line do |line|
134
179
 
135
180
  case line.strip
136
181
  when /^$/ then
137
- when /^(\d+) (\$?\w+): (.*)/ then # yacc
182
+ when /^(\d+) (\$?[@\w]+): (.*)/ then # yacc
138
183
  rule = $2
139
184
  order << rule unless rules.has_key? rule
140
185
  rules[rule] << munge($3)
@@ -159,7 +204,7 @@ ARGF.each_line do |line|
159
204
  when /^\cL/ then # byacc
160
205
  break
161
206
  else
162
- warn "unparsed: #{$.}: #{line.chomp}"
207
+ warn "unparsed: #{$.}: #{line.strip.inspect}"
163
208
  end
164
209
  end
165
210
 
@@ -0,0 +1,190 @@
1
+ # Quick Notes to Help with Debugging
2
+
3
+ ## Reducing
4
+
5
+ One of the most important steps is reducing the code sample to a
6
+ minimal reproduction. For example, one thing I'm debugging right now
7
+ was reported as:
8
+
9
+ ```ruby
10
+ a, b, c, d, e, f, g, h, i, j = 1, *[p1, p2, p3], *[p1, p2, p3], *[p4, p5, p6]
11
+ ```
12
+
13
+ This original sample has 10 items on the left-hand-side (LHS) and 1 +
14
+ 3 groups of 3 (calls) on the RHS + 3 arrays + 3 splats. That's a lot.
15
+
16
+ It's already been reported (perhaps incorrectly) that this has to do
17
+ with multiple splats on the RHS, so let's focus on that. At a minimum
18
+ the code can be reduced to 2 splats on the RHS and some
19
+ experimentation shows that it needs a non-splat item to fail:
20
+
21
+ ```
22
+ _, _, _ = 1, *[2], *[3]
23
+ ```
24
+
25
+ and some intuition further removed the arrays:
26
+
27
+ ```
28
+ _, _, _ = 1, *2, *3
29
+ ```
30
+
31
+ the difference is huge and will make a ton of difference when
32
+ debugging.
33
+
34
+ ## Getting something to compare
35
+
36
+ ```
37
+ % rake debug3 F=file.rb
38
+ ```
39
+
40
+ TODO
41
+
42
+ ## Comparing against ruby / ripper:
43
+
44
+ ```
45
+ % rake cmp3 F=file.rb
46
+ ```
47
+
48
+ This compiles the parser & lexer and then parses file.rb using both
49
+ ruby, ripper, and ruby_parser in debug modes. The output is munged to
50
+ be as uniform as possible and diffable. I'm using emacs'
51
+ `ediff-files3` to compare these files (via `rake cmp3`) all at once,
52
+ but regular `diff -u tmp/{ruby,rp}` will suffice for most tasks.
53
+
54
+ From there? Good luck. I'm currently trying to backtrack from rule
55
+ reductions to state change differences. I'd like to figure out a way
56
+ to go from this sort of diff to a reasonable test that checks state
57
+ changes but I don't have that set up at this point.
58
+
59
+ ## Adding New Grammar Productions
60
+
61
+ Ruby adds stuff to the parser ALL THE TIME. It's actually hard to keep
62
+ up with, but I've added some tools and shown what a typical workflow
63
+ looks like. Let's say you want to add ruby 2.7's "beginless range" (eg
64
+ `..42`).
65
+
66
+ Whenever there's a language feature missing, I start with comparing
67
+ the parse trees between MRI and RP:
68
+
69
+ ### Structural Comparing
70
+
71
+ There's a bunch of rake tasks `compare27`, `compare26`, etc that try
72
+ to normalize and diff MRI's parse.y parse tree (just the structure of
73
+ the tree in yacc) to ruby\_parser's parse tree (racc). It's the first
74
+ thing I do when I'm adding a new version. Stub out all the version
75
+ differences, and then start to diff the structure and move
76
+ ruby\_parser towards the new changes.
77
+
78
+ Some differences are just gonna be there... but here's an example of a
79
+ real diff between MRI 2.7 and ruby_parser as of today:
80
+
81
+ ```diff
82
+ arg tDOT3 arg
83
+ arg tDOT2
84
+ arg tDOT3
85
+ - tBDOT2 arg
86
+ - tBDOT3 arg
87
+ arg tPLUS arg
88
+ arg tMINUS arg
89
+ arg tSTAR2 arg
90
+ ```
91
+
92
+ This is a new language feature that ruby_parser doesn't handle yet.
93
+ It's in MRI (the left hand side of the diff) but not ruby\_parser (the
94
+ right hand side) so it is a `-` or missing line.
95
+
96
+ Some other diffs will have both `+` and `-` lines. That usually
97
+ happens when MRI has been refactoring the grammar. Sometimes I choose
98
+ to adapt those refactorings and sometimes it starts to get too
99
+ difficult to maintain multiple versions of ruby parsing in a single
100
+ file.
101
+
102
+ But! This structural comparing is always a place you should look when
103
+ ruby_parser is failing to parse something. Maybe it just hasn't been
104
+ implemented yet and the easiest place to look is the diff.
105
+
106
+ ### Starting Test First
107
+
108
+ The next thing I do is to add a parser test to cover that feature. I
109
+ usually start with the parser and work backwards towards the lexer as
110
+ needed, as I find it structures things properly and keeps things goal
111
+ oriented.
112
+
113
+ So, make a new parser test, usually in the versioned section of the
114
+ parser tests.
115
+
116
+ ```
117
+ def test_beginless2
118
+ rb = "..10\n; ..a\n; c"
119
+ pt = s(:block,
120
+ s(:dot2, nil, s(:lit, 0).line(1)).line(1),
121
+ s(:dot2, nil, s(:call, nil, :a).line(2)).line(2),
122
+ s(:call, nil, :c).line(3)).line(1)
123
+
124
+ assert_parse_line rb, pt, 1
125
+
126
+ flunk "not done yet"
127
+ end
128
+ ```
129
+
130
+ (In this case copied and modified the tests for open ranges from 2.6)
131
+ and run it to get my first error:
132
+
133
+ ```
134
+ % rake N=/beginless/
135
+
136
+ ...
137
+
138
+ E
139
+
140
+ Finished in 0.021814s, 45.8421 runs/s, 0.0000 assertions/s.
141
+
142
+ 1) Error:
143
+ TestRubyParserV27#test_whatevs:
144
+ Racc::ParseError: (string):1 :: parse error on value ".." (tDOT2)
145
+ GEMS/2.7.0/gems/racc-1.5.0/lib/racc/parser.rb:538:in `on_error'
146
+ WORK/ruby_parser/dev/lib/ruby_parser_extras.rb:1304:in `on_error'
147
+ (eval):3:in `_racc_do_parse_c'
148
+ (eval):3:in `do_parse'
149
+ WORK/ruby_parser/dev/lib/ruby_parser_extras.rb:1329:in `block in process'
150
+ RUBY/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
151
+ RUBY/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
152
+ RUBY/lib/ruby/2.7.0/timeout.rb:33:in `catch'
153
+ RUBY/lib/ruby/2.7.0/timeout.rb:33:in `catch'
154
+ RUBY/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
155
+ WORK/ruby_parser/dev/lib/ruby_parser_extras.rb:1317:in `process'
156
+ WORK/ruby_parser/dev/test/test_ruby_parser.rb:4198:in `assert_parse'
157
+ WORK/ruby_parser/dev/test/test_ruby_parser.rb:4221:in `assert_parse_line'
158
+ WORK/ruby_parser/dev/test/test_ruby_parser.rb:4451:in `test_whatevs'
159
+ ```
160
+
161
+ For starters, we know the missing production is for `tBDOT2 arg`. It
162
+ is currently blowing up because it is getting `tDOT2` and simply
163
+ doesn't know what to do with it, so it raises the error. As the diff
164
+ suggests, that's the wrong token to begin with, so it is probably time
165
+ to also create a lexer test:
166
+
167
+ ```
168
+ def test_yylex_bdot2
169
+ assert_lex3("..42",
170
+ s(:dot2, nil, s(:lit, 42)),
171
+
172
+ :tBDOT2, "..", EXPR_BEG,
173
+ :tINTEGER, "42", EXPR_NUM)
174
+
175
+ flunk "not done yet"
176
+ end
177
+ ```
178
+
179
+ This one is mostly speculative at this point. It says "if we're lexing
180
+ this string, we should get this sexp if we fully parse it, and the
181
+ lexical stream should look like this"... That last bit is mostly made
182
+ up at this point. Sometimes I don't know exactly what expression state
183
+ things should be in until I start really digging in.
184
+
185
+ At this point, I have 2 failing tests that are directing me in the
186
+ right direction. It's now a matter of digging through
187
+ `compare/parse26.y` to see how the lexer differs and implementing
188
+ it...
189
+
190
+ But this is a good start to the doco for now. I'll add more later.
@@ -0,0 +1,106 @@
1
+ # Running the Gauntlet
2
+
3
+ ## Maintaining a Gem Mirror
4
+
5
+ I use rubygems-mirror to keep an archive of all the latest rubygems on
6
+ an external disk. Here is the config:
7
+
8
+ ```
9
+ ---
10
+ - from: https://rubygems.org
11
+ to: /Volumes/StuffA/gauntlet/mirror
12
+ parallelism: 10
13
+ retries: 3
14
+ delete: true
15
+ skiperror: true
16
+ hashdir: true
17
+ ```
18
+
19
+ And I update using rake:
20
+
21
+ ```
22
+ % cd ~/Work/git/rubygems/rubygems-mirror
23
+ % git down
24
+ % rake mirror:latest
25
+ % /Volumes/StuffA/gauntlet/bin/cleanup.rb
26
+ ```
27
+
28
+ This rather quickly updates my mirror to the latest versions of
29
+ everything and then deletes all old versions. I then run a cleanup
30
+ script that fixes the file dates to their publication date and deletes
31
+ any gems that have invalid specs. This can argue with the mirror a
32
+ bit, but it is pretty minimal (currently ~20 bad gems).
33
+
34
+ ## Curating an Archive of Ruby Files
35
+
36
+ Next, I process the gem mirror into a much more digestable structure
37
+ using `hash.rb` (TODO: needs a better name):
38
+
39
+ ```
40
+ % cd RP
41
+ % /Volumes/StuffA/gauntlet/bin/unpack_gems.rb
42
+ ... waaaait ...
43
+ % mv hashed.noindex gauntlet.$(today).noindex
44
+ % lrztar gauntlet.$(today).noindex
45
+ % mv gauntlet.$(today).noindex.lrz /Volumes/StuffA/gauntlet/
46
+ ```
47
+
48
+ This script filters all the newer gems (TODO: WHY?), unpacks them,
49
+ finds all the files that look like they're valid ruby, ensures they're
50
+ valid ruby (using the current version of ruby to compile them), and
51
+ then moves them into a SHA dir structure that looks something like
52
+ this:
53
+
54
+ ```
55
+ hashed.noindex/a/b/c/<full_file_sha>.rb
56
+ ```
57
+
58
+ This removes all duplicates and puts everything in a fairly even,
59
+ wide, flat directory layout.
60
+
61
+ This process takes a very long time, even with a lot of
62
+ parallelization. There are currently about 160k gems in the mirror.
63
+ Unpacking, validating, SHA'ing everything is disk and CPU intensive.
64
+ The `.noindex` extension stops spotlight from indexing the continous
65
+ churn of files being unpacked and moved and saves time.
66
+
67
+ Finally, I rename and archive it all up (currently using lrztar, but
68
+ I'm not in love with it).
69
+
70
+ ### Stats
71
+
72
+ ```
73
+ 9696 % find gauntlet.$(today).noindex -type f | lc
74
+ 561270
75
+ 3.5G gauntlet.2021-08-06.noindex
76
+ 239M gauntlet.2021-08-06.noindex.tar.lrz
77
+ ```
78
+
79
+ So I wind up with a little over half a million unique ruby files to
80
+ parse. It's about 3.5g but compresses very nicely down to 240m
81
+
82
+ ## Running the Gauntlet
83
+
84
+ Assuming you're starting from scratch, unpack the archive once:
85
+
86
+ ```
87
+ % lrzuntar gauntlet.$(today).noindex.lrz
88
+ ```
89
+
90
+ Then, either run a single process (easier to read):
91
+
92
+ ```
93
+ % ./gauntlet/bin/gauntlet.rb gauntlet/*.noindex/?
94
+ ```
95
+
96
+ Or max out your machine using xargs (note the `-P 16` and choose accordingly):
97
+
98
+ ```
99
+ % ls -d gauntlet/*.noindex/?/? | xargs -n 1 -P 16 ./gauntlet/bin/gauntlet.rb
100
+ ```
101
+
102
+ In another terminal I usually monitor the progress like so:
103
+
104
+ ```
105
+ % while true ; do clear; fd . -t d -t e gauntlet/*.noindex -X rmdir -p 2> /dev/null ; for D in gauntlet/*.noindex/? ; do echo -n "$D: "; fd .rb $D | wc -l ; done ; echo ; sleep 30 ; done
106
+ ```
@@ -12,26 +12,24 @@ class Regexp
12
12
  end
13
13
  # :startdoc:
14
14
 
15
- ############################################################
16
- # HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK
17
-
18
- unless "".respond_to?(:grep) then
19
- class String
20
- def grep re
21
- lines.grep re
22
- end
15
+ class Array
16
+ def prepend *vals
17
+ self[0,0] = vals
23
18
  end
24
- end
19
+ end unless [].respond_to?(:prepend)
25
20
 
26
- class String
27
- ##
28
- # This is a hack used by the lexer to sneak in line numbers at the
29
- # identifier level. This should be MUCH smaller than making
30
- # process_token return [value, lineno] and modifying EVERYTHING that
31
- # reduces tIDENTIFIER.
21
+ # :stopdoc:
22
+ class Symbol
23
+ def end_with? o
24
+ self.to_s.end_with? o
25
+ end
26
+ end unless :woot.respond_to?(:end_with?)
27
+ # :startdoc:
32
28
 
33
- attr_accessor :lineno
29
+ ############################################################
30
+ # HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK
34
31
 
32
+ class String
35
33
  def clean_caller
36
34
  self.sub(File.dirname(__FILE__), "./lib").sub(/:in.*/, "")
37
35
  end if $DEBUG
@@ -40,34 +38,15 @@ end
40
38
  require "sexp"
41
39
 
42
40
  class Sexp
43
- attr_writer :paren
41
+ attr_writer :paren # TODO: retire
44
42
 
45
43
  def paren
46
44
  @paren ||= false
47
45
  end
48
46
 
49
- def value
50
- raise "multi item sexp" if size > 2
51
- last
52
- end
53
-
54
- def to_sym
55
- raise "no: #{self.inspect}.to_sym is a bug"
56
- self.value.to_sym
57
- end
58
-
59
- alias :add :<<
60
-
61
- def add_all x
62
- self.concat x.sexp_body
63
- end
64
-
65
47
  def block_pass?
66
48
  any? { |s| Sexp === s && s.sexp_type == :block_pass }
67
49
  end
68
-
69
- alias :node_type :sexp_type
70
- alias :values :sexp_body # TODO: retire
71
50
  end
72
51
 
73
52
  # END HACK