brakeman 5.1.0 → 5.2.1

data/lib/brakeman/processors/haml_template_processor.rb

@@ -8,6 +8,7 @@ class Brakeman::HamlTemplateProcessor < Brakeman::TemplateProcessor
   HAML_HELPERS2 = s(:colon2, s(:colon3, :Haml), :Helpers)
   JAVASCRIPT_FILTER = s(:colon2, s(:colon2, s(:const, :Haml), :Filters), :Javascript)
   COFFEE_FILTER = s(:colon2, s(:colon2, s(:const, :Haml), :Filters), :Coffee)
+  ATTRIBUTE_BUILDER = s(:colon2, s(:colon3, :Haml), :AttributeBuilder)
 
   def initialize *args
     super
@@ -133,6 +134,8 @@ class Brakeman::HamlTemplateProcessor < Brakeman::TemplateProcessor
 
         get_pushed_value(exp.first_arg, default)
         @javascript = false
+      elsif haml_attribute_builder? exp
+        ignore # probably safe... seems escaped by default?
       else
         add_output exp, default
       end
@@ -154,6 +157,12 @@ class Brakeman::HamlTemplateProcessor < Brakeman::TemplateProcessor
       exp.method == :attributes
   end
 
+  def haml_attribute_builder? exp
+    call? exp and
+      exp.target == ATTRIBUTE_BUILDER and
+      exp.method == :build
+  end
+
   def fix_textareas? exp
     call? exp and
       exp.target == HAMLOUT and

data/lib/brakeman/processors/lib/call_conversion_helper.rb

@@ -89,6 +89,8 @@ module Brakeman
       end
     end
 
+    # You must check the return value for `nil`s -
+    # which indicate a key could not be found.
     def hash_values_at hash, keys
       values = keys.map do |key|
         process_hash_access hash, key

data/lib/brakeman/processors/lib/rails3_route_processor.rb

@@ -78,6 +78,8 @@ class Brakeman::Rails3RoutesProcessor < Brakeman::BasicProcessor
 
   #TODO: Need test for this
   def process_root exp
+    return exp unless hash? exp.first_arg
+
     if value = hash_access(exp.first_arg, :to)
       if string? value
         add_route_from_string value

data/lib/brakeman/processors/model_processor.rb

@@ -93,6 +93,7 @@ class Brakeman::ModelProcessor < Brakeman::BaseProcessor
   def add_enum_method call
     arg = call.first_arg
     return unless hash? arg
+    return unless symbol? arg[1]
 
     enum_name = arg[1].value # first key
     enums = arg[2] # first value

data/lib/brakeman/report/ignore/config.rb

@@ -100,14 +100,14 @@ module Brakeman
 
     # Read configuration to file
     def read_from_file file = @file
-      if File.exist? file.absolute
+      if File.exist? file
         begin
           @already_ignored = JSON.parse(File.read(file), :symbolize_names => true)[:ignored_warnings]
         rescue => e
-          raise e, "\nError[#{e.class}] while reading brakeman ignore file: #{file.relative}\n"
+          raise e, "\nError[#{e.class}] while reading brakeman ignore file: #{file}\n"
         end
       else
-        Brakeman.notify "[Notice] Could not find ignore configuration in #{file.relative}"
+        Brakeman.notify "[Notice] Could not find ignore configuration in #{file}"
         @already_ignored = []
       end
 
@@ -126,7 +126,7 @@ module Brakeman
 
         w[:note] = @notes[w[:fingerprint]] || ""
         w
-      end.sort_by { |w| [w[:fingerprint], w[:line]] }
+      end.sort_by { |w| [w[:fingerprint], w[:line] || 0] }
 
       output = {
         :ignored_warnings => warnings,
@@ -134,7 +134,7 @@ module Brakeman
         :brakeman_version => Brakeman::Version
       }
 
-      File.open file.absolute, "w" do |f|
+      File.open file, "w" do |f|
         f.puts JSON.pretty_generate(output)
       end
     end

data/lib/brakeman/report/report_csv.rb

@@ -17,7 +17,7 @@ class Brakeman::Report::CSV < Brakeman::Report::Base
     ]
 
     rows = tracker.filtered_warnings.sort_by do |w|
-      [w.confidence, w.warning_type, w.file, w.line, w.fingerprint]
+      [w.confidence, w.warning_type, w.file, w.line || 0, w.fingerprint]
     end.map do |warning|
       generate_row(headers, warning)
     end

data/lib/brakeman/report/report_sarif.rb

@@ -80,7 +80,7 @@ class Brakeman::Report::SARIF < Brakeman::Report::Base
             :location => {
               :physicalLocation => {
                 :artifactLocation => {
-                  :uri => @ignore_filter.file.relative,
+                  :uri => Brakeman::FilePath.from_app_tree(@app_tree, @ignore_filter.file).relative,
                   :uriBaseId => '%SRCROOT%',
                 },
               },
@@ -93,7 +93,7 @@ class Brakeman::Report::SARIF < Brakeman::Report::Base
     end
   end
 
-  # Returns a hash of all check descriptions, keyed by check namne
+  # Returns a hash of all check descriptions, keyed by check name
   def check_descriptions
     @check_descriptions ||= Brakeman::Checks.checks.map do |check|
       [check.name.gsub(/^Check/, ''), check.description]

data/lib/brakeman/report/report_text.rb

@@ -92,7 +92,7 @@ class Brakeman::Report::Text < Brakeman::Report::Base
       HighLine.color("No warnings found", :bold, :green)
     else
       warnings = tracker.filtered_warnings.sort_by do |w|
-        [w.confidence, w.warning_type, w.file, w.line, w.fingerprint]
+        [w.confidence, w.warning_type, w.file, w.line || 0, w.fingerprint]
       end.map do |w|
         output_warning w
       end

data/lib/brakeman/scanner.rb

@@ -40,32 +40,32 @@ class Brakeman::Scanner
 
   #Process everything in the Rails application
   def process
-    Brakeman.notify "Processing gems..."
+    Brakeman.notify "Processing gems...                    "
     process_gems
     guess_rails_version
-    Brakeman.notify "Processing configuration..."
+    Brakeman.notify "Processing configuration...           "
     process_config
-    Brakeman.notify "Parsing files..."
+    Brakeman.notify "Parsing files...                      "
     parse_files
-    Brakeman.notify "Detecting file types..."
+    Brakeman.notify "Detecting file types...               "
     detect_file_types
-    Brakeman.notify "Processing initializers..."
+    Brakeman.notify "Processing initializers...            "
     process_initializers
-    Brakeman.notify "Processing libs..."
+    Brakeman.notify "Processing libs...                    "
     process_libs
-    Brakeman.notify "Processing routes...          "
+    Brakeman.notify "Processing routes...                  "
     process_routes
-    Brakeman.notify "Processing templates...       "
+    Brakeman.notify "Processing templates...               "
     process_templates
-    Brakeman.notify "Processing data flow in templates..."
+    Brakeman.notify "Processing data flow in templates...  "
     process_template_data_flows
-    Brakeman.notify "Processing models...          "
+    Brakeman.notify "Processing models...                  "
     process_models
-    Brakeman.notify "Processing controllers...     "
+    Brakeman.notify "Processing controllers...             "
     process_controllers
     Brakeman.notify "Processing data flow in controllers..."
     process_controller_data_flows
-    Brakeman.notify "Indexing call sites...        "
+    Brakeman.notify "Indexing call sites...                "
     index_call_sites
     tracker
   end
@@ -137,7 +137,9 @@ class Brakeman::Scanner
     end
 
     if @app_tree.exists? ".ruby-version"
-      tracker.config.set_ruby_version @app_tree.file_path(".ruby-version").read
+      if version = @app_tree.file_path(".ruby-version").read[/(\d\.\d.\d+)/]
+        tracker.config.set_ruby_version version
+      end
     end
 
     tracker.config.load_rails_defaults

data/lib/brakeman/tracker/config.rb

@@ -14,7 +14,7 @@ module Brakeman
       @settings = {}
       @escape_html = nil
       @erubis = nil
-      @ruby_version = ""
+      @ruby_version = nil
       @rails_version = nil
     end
 
@@ -106,6 +106,13 @@ module Brakeman
             tracker.options[:rails5] = true
             tracker.options[:rails6] = true
             Brakeman.notify "[Notice] Detected Rails 6 application"
+          elsif @rails_version.start_with? "7"
+            tracker.options[:rails3] = true
+            tracker.options[:rails4] = true
+            tracker.options[:rails5] = true
+            tracker.options[:rails6] = true
+            tracker.options[:rails7] = true
+            Brakeman.notify "[Notice] Detected Rails 7 application"
           end
         end
       end

data/lib/brakeman/version.rb

@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "5.1.0"
+  Version = "5.2.1"
 end

data/lib/brakeman/warning_codes.rb

@@ -121,6 +121,10 @@ module Brakeman::WarningCodes
     :erb_template_injection => 117,
     :http_verb_confusion => 118,
     :unsafe_method_reflection => 119,
+    :eol_rails => 120,
+    :eol_ruby => 121,
+    :pending_eol_rails => 122,
+    :pending_eol_ruby => 123,
 
     :custom_check => 9090,
   }

data/lib/brakeman.rb

@@ -394,7 +394,7 @@ module Brakeman
     if options[:parallel_checks]
       notify "Running checks in parallel..."
     else
-      notify "Runnning checks..."
+      notify "Running checks..."
     end
 
     tracker.run_checks
@@ -479,7 +479,7 @@ module Brakeman
     $stderr.puts message if @debug
   end
 
-  # Compare JSON ouptut from a previous scan and return the diff of the two scans
+  # Compare JSON output from a previous scan and return the diff of the two scans
   def self.compare options
     require 'json'
     require 'brakeman/differ'
@@ -527,14 +527,12 @@ module Brakeman
 
   # Returns an array of alert fingerprints for any ignored warnings without
   # notes found in the specified ignore file (if it exists).
-  def self.ignore_file_entries_with_empty_notes file, options
+  def self.ignore_file_entries_with_empty_notes file
     return [] unless file
 
     require 'brakeman/report/ignore/config'
 
-    app_tree = Brakeman::AppTree.from_options(options)
-
-    config = IgnoreConfig.new(Brakeman::FilePath.from_app_tree(app_tree, file), nil)
+    config = IgnoreConfig.new(file, nil)
     config.read_from_file
     config.already_ignored_entries_with_empty_notes.map { |i| i[:fingerprint] }
   end
@@ -545,9 +543,9 @@ module Brakeman
     app_tree = Brakeman::AppTree.from_options(options)
 
     if options[:ignore_file]
-      file = Brakeman::FilePath.from_app_tree(app_tree, options[:ignore_file])
+      file = options[:ignore_file]
     elsif app_tree.exists? "config/brakeman.ignore"
-      file = Brakeman::FilePath.from_app_tree(app_tree, "config/brakeman.ignore")
+      file = app_tree.expand_path("config/brakeman.ignore")
     elsif not options[:interactive_ignore]
       return
     end

data/lib/ruby_parser/bm_sexp.rb

@@ -544,7 +544,7 @@ class Sexp
   end
 
   # Number of "statements" in a method.
-  # This is more effecient than `Sexp#body.length`
+  # This is more efficient than `Sexp#body.length`
   # because `Sexp#body` creates a new Sexp.
   def method_length
     expect :defn, :defs
@@ -642,4 +642,14 @@ end
   RUBY
 end
 
+class String
+  ##
+  # This is a hack used by the lexer to sneak in line numbers at the
+  # identifier level. This should be MUCH smaller than making
+  # process_token return [value, lineno] and modifying EVERYTHING that
+  # reduces tIDENTIFIER.
+
+  attr_accessor :lineno
+end
+
 class WrongSexpError < RuntimeError; end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: brakeman
 version: !ruby/object:Gem::Version
-  version: 5.1.0
+  version: 5.2.1
 platform: ruby
 authors:
 - Justin Collins
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-07-19 00:00:00.000000000 Z
+date: 2022-01-30 00:00:00.000000000 Z
 dependencies: []
 description: Brakeman detects security vulnerabilities in Ruby on Rails applications
   via static analysis.
@@ -56,46 +56,46 @@ files:
 - bundle/ruby/2.7.0/gems/erubis-2.7.0/lib/erubis/tiny.rb
 - bundle/ruby/2.7.0/gems/erubis-2.7.0/lib/erubis/util.rb
 - bundle/ruby/2.7.0/gems/erubis-2.7.0/setup.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/CHANGELOG.md
-- bundle/ruby/2.7.0/gems/haml-5.2.1/FAQ.md
-- bundle/ruby/2.7.0/gems/haml-5.2.1/Gemfile
-- bundle/ruby/2.7.0/gems/haml-5.2.1/MIT-LICENSE
-- bundle/ruby/2.7.0/gems/haml-5.2.1/README.md
-- bundle/ruby/2.7.0/gems/haml-5.2.1/REFERENCE.md
-- bundle/ruby/2.7.0/gems/haml-5.2.1/TODO
-- bundle/ruby/2.7.0/gems/haml-5.2.1/haml.gemspec
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/attribute_builder.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/attribute_compiler.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/attribute_parser.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/buffer.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/compiler.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/engine.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/error.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/escapable.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/exec.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/filters.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/generator.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/helpers.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/helpers/action_view_extensions.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/helpers/action_view_mods.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/helpers/action_view_xss_mods.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/helpers/safe_erubi_template.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/helpers/safe_erubis_template.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/helpers/xss_mods.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/options.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/parser.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/plugin.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/railtie.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/sass_rails_filter.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/template.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/template/options.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/temple_engine.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/temple_line_counter.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/util.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/version.rb
-- bundle/ruby/2.7.0/gems/haml-5.2.1/yard/default/fulldoc/html/css/common.sass
-- bundle/ruby/2.7.0/gems/haml-5.2.1/yard/default/layout/html/footer.erb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/CHANGELOG.md
+- bundle/ruby/2.7.0/gems/haml-5.2.2/FAQ.md
+- bundle/ruby/2.7.0/gems/haml-5.2.2/Gemfile
+- bundle/ruby/2.7.0/gems/haml-5.2.2/MIT-LICENSE
+- bundle/ruby/2.7.0/gems/haml-5.2.2/README.md
+- bundle/ruby/2.7.0/gems/haml-5.2.2/REFERENCE.md
+- bundle/ruby/2.7.0/gems/haml-5.2.2/TODO
+- bundle/ruby/2.7.0/gems/haml-5.2.2/haml.gemspec
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/attribute_builder.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/attribute_compiler.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/attribute_parser.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/buffer.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/compiler.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/engine.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/error.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/escapable.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/exec.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/filters.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/generator.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/helpers.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/helpers/action_view_extensions.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/helpers/action_view_mods.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/helpers/action_view_xss_mods.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/helpers/safe_erubi_template.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/helpers/safe_erubis_template.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/helpers/xss_mods.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/options.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/parser.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/plugin.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/railtie.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/sass_rails_filter.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/template.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/template/options.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/temple_engine.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/temple_line_counter.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/util.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/lib/haml/version.rb
+- bundle/ruby/2.7.0/gems/haml-5.2.2/yard/default/fulldoc/html/css/common.sass
+- bundle/ruby/2.7.0/gems/haml-5.2.2/yard/default/layout/html/footer.erb
 - bundle/ruby/2.7.0/gems/highline-2.0.3/AUTHORS
 - bundle/ruby/2.7.0/gems/highline-2.0.3/COPYING
 - bundle/ruby/2.7.0/gems/highline-2.0.3/Changelog.md
@@ -132,10 +132,10 @@ files:
 - bundle/ruby/2.7.0/gems/highline-2.0.3/lib/highline/terminal/unix_stty.rb
 - bundle/ruby/2.7.0/gems/highline-2.0.3/lib/highline/version.rb
 - bundle/ruby/2.7.0/gems/highline-2.0.3/lib/highline/wrapper.rb
-- bundle/ruby/2.7.0/gems/parallel-1.20.1/MIT-LICENSE.txt
-- bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel.rb
-- bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/processor_count.rb
-- bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/version.rb
+- bundle/ruby/2.7.0/gems/parallel-1.21.0/MIT-LICENSE.txt
+- bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel.rb
+- bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel/processor_count.rb
+- bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel/version.rb
 - bundle/ruby/2.7.0/gems/rexml-3.2.5/LICENSE.txt
 - bundle/ruby/2.7.0/gems/rexml-3.2.5/NEWS.md
 - bundle/ruby/2.7.0/gems/rexml-3.2.5/README.md
@@ -193,39 +193,42 @@ files:
 - bundle/ruby/2.7.0/gems/ruby2ruby-2.4.4/Manifest.txt
 - bundle/ruby/2.7.0/gems/ruby2ruby-2.4.4/README.rdoc
 - bundle/ruby/2.7.0/gems/ruby2ruby-2.4.4/lib/ruby2ruby.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/History.rdoc
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/Manifest.txt
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/README.rdoc
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/compare/normalize.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/debugging.md
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/rp_extensions.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/rp_stringscanner.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby20_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby20_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby21_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby21_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby22_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby22_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby23_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby23_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby24_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby24_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby25_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby25_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby26_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby26_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby27_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby27_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby30_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby30_parser.y
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby_lexer.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby_lexer.rex
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby_lexer.rex.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby_parser.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby_parser.yy
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby_parser_extras.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/tools/munge.rb
-- bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/tools/ripper.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/History.rdoc
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/Manifest.txt
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/README.rdoc
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/compare/normalize.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/debugging.md
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/gauntlet.md
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/rp_extensions.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/rp_stringscanner.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby20_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby20_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby21_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby21_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby22_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby22_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby23_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby23_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby24_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby24_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby25_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby25_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby26_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby26_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby27_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby27_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby30_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby30_parser.y
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby3_parser.yy
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_lexer.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_lexer.rex
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_lexer.rex.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_lexer_strings.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_parser.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_parser.yy
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_parser_extras.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/tools/munge.rb
+- bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/tools/ripper.rb
 - bundle/ruby/2.7.0/gems/ruby_parser-legacy-1.0.0/History.rdoc
 - bundle/ruby/2.7.0/gems/ruby_parser-legacy-1.0.0/Manifest.txt
 - bundle/ruby/2.7.0/gems/ruby_parser-legacy-1.0.0/README.rdoc
@@ -270,16 +273,16 @@ files:
 - bundle/ruby/2.7.0/gems/safe_yaml-1.0.5/lib/safe_yaml/version.rb
 - bundle/ruby/2.7.0/gems/safe_yaml-1.0.5/run_specs_all_ruby_versions.sh
 - bundle/ruby/2.7.0/gems/safe_yaml-1.0.5/safe_yaml.gemspec
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/History.rdoc
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/Manifest.txt
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/README.rdoc
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/lib/composite_sexp_processor.rb
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/lib/pt_testcase.rb
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/lib/sexp.rb
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/lib/sexp_matcher.rb
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/lib/sexp_processor.rb
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/lib/strict_sexp.rb
-- bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/lib/unique.rb
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/History.rdoc
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/Manifest.txt
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/README.rdoc
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/lib/composite_sexp_processor.rb
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/lib/pt_testcase.rb
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/lib/sexp.rb
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/lib/sexp_matcher.rb
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/lib/sexp_processor.rb
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/lib/strict_sexp.rb
+- bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/lib/unique.rb
 - bundle/ruby/2.7.0/gems/slim-4.1.0/CHANGES
 - bundle/ruby/2.7.0/gems/slim-4.1.0/Gemfile
 - bundle/ruby/2.7.0/gems/slim-4.1.0/LICENSE
@@ -422,15 +425,15 @@ files:
 - bundle/ruby/2.7.0/gems/tilt-2.0.10/lib/tilt/typescript.rb
 - bundle/ruby/2.7.0/gems/tilt-2.0.10/lib/tilt/wikicloth.rb
 - bundle/ruby/2.7.0/gems/tilt-2.0.10/lib/tilt/yajl.rb
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/CHANGELOG.md
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/MIT-LICENSE.txt
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/README.md
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/data/display_width.marshal.gz
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/lib/unicode/display_width.rb
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/lib/unicode/display_width/constants.rb
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/lib/unicode/display_width/index.rb
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/lib/unicode/display_width/no_string_ext.rb
-- bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/lib/unicode/display_width/string_ext.rb
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/CHANGELOG.md
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/MIT-LICENSE.txt
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/README.md
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/data/display_width.marshal.gz
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/lib/unicode/display_width.rb
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/lib/unicode/display_width/constants.rb
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/lib/unicode/display_width/index.rb
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/lib/unicode/display_width/no_string_ext.rb
+- bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/lib/unicode/display_width/string_ext.rb
 - lib/brakeman.rb
 - lib/brakeman/app_tree.rb
 - lib/brakeman/call_index.rb
@@ -449,6 +452,8 @@ files:
 - lib/brakeman/checks/check_digest_dos.rb
 - lib/brakeman/checks/check_divide_by_zero.rb
 - lib/brakeman/checks/check_dynamic_finders.rb
+- lib/brakeman/checks/check_eol_rails.rb
+- lib/brakeman/checks/check_eol_ruby.rb
 - lib/brakeman/checks/check_escape_function.rb
 - lib/brakeman/checks/check_evaluation.rb
 - lib/brakeman/checks/check_execute.rb
@@ -515,6 +520,7 @@ files:
 - lib/brakeman/checks/check_without_protection.rb
 - lib/brakeman/checks/check_xml_dos.rb
 - lib/brakeman/checks/check_yaml_parsing.rb
+- lib/brakeman/checks/eol_check.rb
 - lib/brakeman/codeclimate/engine_configuration.rb
 - lib/brakeman/commandline.rb
 - lib/brakeman/differ.rb
@@ -630,7 +636,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.4.0
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/processor_count.rb

@@ -1,42 +0,0 @@
-require 'etc'
-
-module Parallel
-  # TODO: inline this method into parallel.rb and kill physical_processor_count in next major release
-  module ProcessorCount
-    # Number of processors seen by the OS, used for process scheduling
-    def processor_count
-      @processor_count ||= Integer(ENV['PARALLEL_PROCESSOR_COUNT'] || Etc.nprocessors)
-    end
-
-    # Number of physical processor cores on the current system.
-    def physical_processor_count
-      @physical_processor_count ||= begin
-        ppc = case RbConfig::CONFIG["target_os"]
-        when /darwin1/
-          IO.popen("/usr/sbin/sysctl -n hw.physicalcpu").read.to_i
-        when /linux/
-          cores = {}  # unique physical ID / core ID combinations
-          phy = 0
-          IO.read("/proc/cpuinfo").scan(/^physical id.*|^core id.*/) do |ln|
-            if ln.start_with?("physical")
-              phy = ln[/\d+/]
-            elsif ln.start_with?("core")
-              cid = phy + ":" + ln[/\d+/]
-              cores[cid] = true if not cores[cid]
-            end
-          end
-          cores.count
-        when /mswin|mingw/
-          require 'win32ole'
-          result_set = WIN32OLE.connect("winmgmts://").ExecQuery(
-            "select NumberOfCores from Win32_Processor")
-          result_set.to_enum.collect(&:NumberOfCores).reduce(:+)
-        else
-          processor_count
-        end
-        # fall back to logical count if physical info is invalid
-        ppc > 0 ? ppc : processor_count
-      end
-    end
-  end
-end

data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/version.rb

@@ -1,3 +0,0 @@
-module Parallel
-  VERSION = Version = '1.20.1'
-end