brakeman 5.1.2 → 5.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +21 -0
- data/bundle/load.rb +2 -2
- data/bundle/ruby/2.7.0/gems/{parallel-1.21.0 → parallel-1.22.1}/MIT-LICENSE.txt +0 -0
- data/bundle/ruby/2.7.0/gems/{parallel-1.21.0 → parallel-1.22.1}/lib/parallel/processor_count.rb +2 -3
- data/bundle/ruby/2.7.0/gems/parallel-1.22.1/lib/parallel/version.rb +4 -0
- data/bundle/ruby/2.7.0/gems/{parallel-1.21.0 → parallel-1.22.1}/lib/parallel.rb +84 -4
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/History.rdoc +40 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/Manifest.txt +2 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/README.rdoc +8 -6
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/compare/normalize.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/debugging.md +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/gauntlet.md +19 -18
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/rp_extensions.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/rp_stringscanner.rb +0 -0
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby20_parser.rb +10973 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby20_parser.y +23 -30
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby21_parser.rb +10980 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby21_parser.y +23 -30
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby22_parser.rb +11123 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby22_parser.y +23 -30
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby23_parser.rb +11132 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby23_parser.y +23 -30
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby24_parser.rb +11231 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby24_parser.y +23 -30
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby25_parser.rb +11231 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby25_parser.y +23 -30
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby26_parser.rb +11253 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby26_parser.y +23 -30
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby27_parser.rb +12980 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby27_parser.y +28 -44
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby30_parser.rb +13242 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby30_parser.y +77 -93
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby31_parser.rb +13622 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0/lib/ruby3_parser.yy → ruby_parser-3.19.1/lib/ruby31_parser.y} +121 -107
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby3_parser.yy +3536 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby_lexer.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby_lexer.rex +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby_lexer.rex.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby_lexer_strings.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby_parser.rb +2 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby_parser.yy +28 -44
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/lib/ruby_parser_extras.rb +55 -2
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/tools/munge.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.18.0 → ruby_parser-3.19.1}/tools/ripper.rb +0 -0
- data/lib/brakeman/checks/base_check.rb +10 -0
- data/lib/brakeman/checks/check_eol_rails.rb +23 -0
- data/lib/brakeman/checks/check_eol_ruby.rb +26 -0
- data/lib/brakeman/checks/check_sql.rb +6 -4
- data/lib/brakeman/checks/check_symbol_dos.rb +1 -1
- data/lib/brakeman/checks/check_unsafe_reflection.rb +7 -2
- data/lib/brakeman/checks/eol_check.rb +47 -0
- data/lib/brakeman/options.rb +8 -0
- data/lib/brakeman/processors/alias_processor.rb +17 -1
- data/lib/brakeman/processors/gem_processor.rb +3 -0
- data/lib/brakeman/processors/lib/rails3_route_processor.rb +2 -0
- data/lib/brakeman/scanner.rb +3 -1
- data/lib/brakeman/tracker/config.rb +8 -1
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning_codes.rb +4 -0
- metadata +48 -43
- data/bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel/version.rb +0 -4
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby20_parser.rb +0 -7122
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby21_parser.rb +0 -7176
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby22_parser.rb +0 -7222
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby23_parser.rb +0 -7231
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby24_parser.rb +0 -7262
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby25_parser.rb +0 -7262
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby26_parser.rb +0 -7281
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby27_parser.rb +0 -8511
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.0/lib/ruby30_parser.rb +0 -8741
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: brakeman
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.
|
4
|
+
version: 5.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Collins
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-04-06 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Brakeman detects security vulnerabilities in Ruby on Rails applications
|
14
14
|
via static analysis.
|
@@ -132,10 +132,10 @@ files:
|
|
132
132
|
- bundle/ruby/2.7.0/gems/highline-2.0.3/lib/highline/terminal/unix_stty.rb
|
133
133
|
- bundle/ruby/2.7.0/gems/highline-2.0.3/lib/highline/version.rb
|
134
134
|
- bundle/ruby/2.7.0/gems/highline-2.0.3/lib/highline/wrapper.rb
|
135
|
-
- bundle/ruby/2.7.0/gems/parallel-1.
|
136
|
-
- bundle/ruby/2.7.0/gems/parallel-1.
|
137
|
-
- bundle/ruby/2.7.0/gems/parallel-1.
|
138
|
-
- bundle/ruby/2.7.0/gems/parallel-1.
|
135
|
+
- bundle/ruby/2.7.0/gems/parallel-1.22.1/MIT-LICENSE.txt
|
136
|
+
- bundle/ruby/2.7.0/gems/parallel-1.22.1/lib/parallel.rb
|
137
|
+
- bundle/ruby/2.7.0/gems/parallel-1.22.1/lib/parallel/processor_count.rb
|
138
|
+
- bundle/ruby/2.7.0/gems/parallel-1.22.1/lib/parallel/version.rb
|
139
139
|
- bundle/ruby/2.7.0/gems/rexml-3.2.5/LICENSE.txt
|
140
140
|
- bundle/ruby/2.7.0/gems/rexml-3.2.5/NEWS.md
|
141
141
|
- bundle/ruby/2.7.0/gems/rexml-3.2.5/README.md
|
@@ -193,42 +193,44 @@ files:
|
|
193
193
|
- bundle/ruby/2.7.0/gems/ruby2ruby-2.4.4/Manifest.txt
|
194
194
|
- bundle/ruby/2.7.0/gems/ruby2ruby-2.4.4/README.rdoc
|
195
195
|
- bundle/ruby/2.7.0/gems/ruby2ruby-2.4.4/lib/ruby2ruby.rb
|
196
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
197
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
198
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
199
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
200
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
201
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
202
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
203
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
204
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
205
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
206
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
207
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
208
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
209
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
210
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
211
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
212
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
213
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
214
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
215
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
216
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
217
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
218
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
219
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
220
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
221
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
222
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
223
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
224
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
225
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
226
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
227
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
228
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
229
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
230
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
231
|
-
- bundle/ruby/2.7.0/gems/ruby_parser-3.
|
196
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/History.rdoc
|
197
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/Manifest.txt
|
198
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/README.rdoc
|
199
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/compare/normalize.rb
|
200
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/debugging.md
|
201
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/gauntlet.md
|
202
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/rp_extensions.rb
|
203
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/rp_stringscanner.rb
|
204
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby20_parser.rb
|
205
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby20_parser.y
|
206
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby21_parser.rb
|
207
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby21_parser.y
|
208
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby22_parser.rb
|
209
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby22_parser.y
|
210
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby23_parser.rb
|
211
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby23_parser.y
|
212
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby24_parser.rb
|
213
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby24_parser.y
|
214
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby25_parser.rb
|
215
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby25_parser.y
|
216
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby26_parser.rb
|
217
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby26_parser.y
|
218
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby27_parser.rb
|
219
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby27_parser.y
|
220
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby30_parser.rb
|
221
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby30_parser.y
|
222
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby31_parser.rb
|
223
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby31_parser.y
|
224
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby3_parser.yy
|
225
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby_lexer.rb
|
226
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby_lexer.rex
|
227
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby_lexer.rex.rb
|
228
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby_lexer_strings.rb
|
229
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby_parser.rb
|
230
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby_parser.yy
|
231
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/lib/ruby_parser_extras.rb
|
232
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/tools/munge.rb
|
233
|
+
- bundle/ruby/2.7.0/gems/ruby_parser-3.19.1/tools/ripper.rb
|
232
234
|
- bundle/ruby/2.7.0/gems/ruby_parser-legacy-1.0.0/History.rdoc
|
233
235
|
- bundle/ruby/2.7.0/gems/ruby_parser-legacy-1.0.0/Manifest.txt
|
234
236
|
- bundle/ruby/2.7.0/gems/ruby_parser-legacy-1.0.0/README.rdoc
|
@@ -452,6 +454,8 @@ files:
|
|
452
454
|
- lib/brakeman/checks/check_digest_dos.rb
|
453
455
|
- lib/brakeman/checks/check_divide_by_zero.rb
|
454
456
|
- lib/brakeman/checks/check_dynamic_finders.rb
|
457
|
+
- lib/brakeman/checks/check_eol_rails.rb
|
458
|
+
- lib/brakeman/checks/check_eol_ruby.rb
|
455
459
|
- lib/brakeman/checks/check_escape_function.rb
|
456
460
|
- lib/brakeman/checks/check_evaluation.rb
|
457
461
|
- lib/brakeman/checks/check_execute.rb
|
@@ -518,6 +522,7 @@ files:
|
|
518
522
|
- lib/brakeman/checks/check_without_protection.rb
|
519
523
|
- lib/brakeman/checks/check_xml_dos.rb
|
520
524
|
- lib/brakeman/checks/check_yaml_parsing.rb
|
525
|
+
- lib/brakeman/checks/eol_check.rb
|
521
526
|
- lib/brakeman/codeclimate/engine_configuration.rb
|
522
527
|
- lib/brakeman/commandline.rb
|
523
528
|
- lib/brakeman/differ.rb
|
@@ -633,7 +638,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
633
638
|
requirements:
|
634
639
|
- - ">="
|
635
640
|
- !ruby/object:Gem::Version
|
636
|
-
version: 2.
|
641
|
+
version: 2.5.0
|
637
642
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
638
643
|
requirements:
|
639
644
|
- - ">="
|