brakeman 6.0.1 → 6.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +13 -0
- data/bundle/load.rb +14 -14
- data/bundle/ruby/3.0.0/gems/parallel-1.24.0/lib/parallel/version.rb +4 -0
- data/bundle/ruby/{3.1.0/gems/parallel-1.23.0 → 3.0.0/gems/parallel-1.24.0}/lib/parallel.rb +25 -1
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/NEWS.md +100 -2
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/README.md +10 -1
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/attribute.rb +14 -9
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/document.rb +1 -1
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/element.rb +3 -3
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/entity.rb +25 -15
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/formatters/pretty.rb +2 -2
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/namespace.rb +8 -4
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/xpathparser.rb +136 -86
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/rexml.rb +3 -1
- data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/text.rb +6 -4
- data/lib/brakeman/checks/check_ransack.rb +53 -0
- data/lib/brakeman/checks/check_sql.rb +1 -1
- data/lib/brakeman/options.rb +4 -0
- data/lib/brakeman/processors/alias_processor.rb +1 -2
- data/lib/brakeman/processors/lib/module_helper.rb +31 -1
- data/lib/brakeman/processors/library_processor.rb +6 -0
- data/lib/brakeman/scanner.rb +104 -42
- data/lib/brakeman/tracker/controller.rb +14 -10
- data/lib/brakeman/tracker.rb +1 -1
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning_codes.rb +1 -0
- metadata +419 -404
- data/bundle/ruby/3.1.0/gems/parallel-1.23.0/lib/parallel/version.rb +0 -4
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/CHANGES.txt +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/MIT-LICENSE +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/README.txt +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/contrib/erubis +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/contrib/erubis-run.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/contrib/inline-require +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/context.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/converter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/ec.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/ecpp.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/ejava.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/ejavascript.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/enhanced.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/eperl.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/ephp.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/eruby.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/escheme.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine/optimized.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/engine.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/enhancer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/error.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/evaluator.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/generator.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/helper.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/helpers/rails_form_helper.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/helpers/rails_helper.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/local-setting.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/main.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/preprocessing.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/tiny.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis/util.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/lib/erubis.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/erubis-2.7.0/setup.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/CHANGELOG.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/FAQ.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/Gemfile +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/MIT-LICENSE +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/README.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/REFERENCE.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/TODO +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/haml.gemspec +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/attribute_builder.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/attribute_compiler.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/attribute_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/buffer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/compiler.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/engine.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/error.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/escapable.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/exec.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/filters.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/generator.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/helpers/action_view_extensions.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/helpers/action_view_mods.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/helpers/action_view_xss_mods.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/helpers/safe_erubi_template.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/helpers/safe_erubis_template.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/helpers/xss_mods.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/helpers.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/options.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/plugin.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/railtie.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/sass_rails_filter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/template/options.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/template.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/temple_engine.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/temple_line_counter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/util.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml/version.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/lib/haml.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/yard/default/fulldoc/html/css/common.sass +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/haml-5.2.2/yard/default/layout/html/footer.erb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/AUTHORS +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/COPYING +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/Changelog.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/Gemfile +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/LICENSE +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/README.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/TODO +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/highline.gemspec +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/builtin_styles.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/color_scheme.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/compatibility.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/custom_errors.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/import.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/io_console_compatible.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/list.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/list_renderer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/menu/item.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/menu.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/paginator.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/question/answer_converter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/question.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/question_asker.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/simulate.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/statement.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/string.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/string_extensions.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/style.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/template_renderer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/terminal/io_console.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/terminal/ncurses.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/terminal/unix_stty.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/terminal.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/version.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline/wrapper.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/highline-2.1.0/lib/highline.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/parallel-1.23.0 → 3.0.0/gems/parallel-1.24.0}/MIT-LICENSE.txt +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/LICENSE.txt +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/attlistdecl.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/cdata.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/child.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/comment.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/doctype.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/dtd/attlistdecl.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/dtd/dtd.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/dtd/elementdecl.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/dtd/entitydecl.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/dtd/notationdecl.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/encoding.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/formatters/default.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/formatters/transitive.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/functions.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/instruction.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/light/node.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/node.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/output.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parent.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parseexception.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/baseparser.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/lightparser.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/pullparser.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/sax2parser.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/streamparser.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/treeparser.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/ultralightparser.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/quickpath.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/sax2listener.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/security.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/source.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/streamlistener.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/undefinednamespaceexception.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/validation/relaxng.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/validation/validation.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/validation/validationexception.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/xmldecl.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/xmltokens.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/xpath.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/xpath_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby2ruby-2.4.4/History.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby2ruby-2.4.4/Manifest.txt +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby2ruby-2.4.4/README.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby2ruby-2.4.4/lib/ruby2ruby.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/History.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/Manifest.txt +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/README.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/compare/normalize.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/debugging.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/gauntlet.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/rp_extensions.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/rp_stringscanner.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby20_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby20_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby21_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby21_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby22_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby22_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby23_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby23_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby24_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby24_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby25_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby25_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby26_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby26_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby27_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby27_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby30_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby30_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby31_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby31_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby32_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby32_parser.y +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby3_parser.yy +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby_lexer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby_lexer.rex +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby_lexer.rex.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby_lexer_strings.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby_parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby_parser.yy +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/lib/ruby_parser_extras.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/tools/munge.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/ruby_parser-3.20.3/tools/ripper.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/CHANGES.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/Gemfile +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/LICENSE.txt +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/README.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/bundle_install_all_ruby_versions.sh +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/deep.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/libyaml_checker.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/load.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/parse/date.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/parse/hexadecimal.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/parse/sexagesimal.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/psych_handler.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/psych_resolver.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/resolver.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/safe_to_ruby_visitor.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/store.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/syck_hack.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/syck_node_monkeypatch.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/syck_resolver.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_boolean.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_date.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_float.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_integer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_nil.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/to_symbol.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform/transformation_map.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/transform.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml/version.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/lib/safe_yaml.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/run_specs_all_ruby_versions.sh +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/safe_yaml-1.0.5/safe_yaml.gemspec +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/History.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/Manifest.txt +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/README.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/lib/composite_sexp_processor.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/lib/pt_testcase.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/lib/sexp.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/lib/sexp_matcher.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/lib/sexp_processor.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/lib/strict_sexp.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/sexp_processor-4.17.0/lib/unique.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/CHANGES +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/Gemfile +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/LICENSE +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/README.jp.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/README.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/code_attributes.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/command.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/controls.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/do_inserter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/embedded.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/end_inserter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/engine.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/erb_converter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/filter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/grammar.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/include.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/interpolation.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/logic_less/context.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/logic_less/filter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/logic_less.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/smart/escaper.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/smart/filter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/smart/parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/smart.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/splat/builder.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/splat/filter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/template.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/translator.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim/version.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/lib/slim.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/slim-4.1.0/slim.gemspec +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/CHANGES +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/EXPRESSIONS.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/Gemfile +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/LICENSE +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/README.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/engine.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/erb/engine.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/erb/parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/erb/template.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/erb/trimming.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/exceptions.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/code_merger.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/control_flow.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/dynamic_inliner.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/encoding.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/eraser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/escapable.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/multi_flattener.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/remove_bom.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/static_analyzer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/static_merger.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/string_splitter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/filters/validator.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/generator.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/generators/array.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/generators/array_buffer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/generators/erb.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/generators/rails_output_buffer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/generators/string_buffer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/grammar.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/html/attribute_merger.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/html/attribute_remover.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/html/attribute_sorter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/html/dispatcher.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/html/fast.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/html/filter.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/html/pretty.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/html/safe.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/map.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/mixins/dispatcher.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/mixins/engine_dsl.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/mixins/grammar_dsl.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/mixins/options.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/mixins/template.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/parser.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/static_analyzer.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/templates/rails.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/templates/tilt.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/templates.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/utils.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple/version.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/lib/temple.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/temple-0.8.2/temple.gemspec +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/Gemfile +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/History.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/LICENSE.txt +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/Manifest +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/README.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/Todo.rdoc +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table/cell.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table/import.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table/row.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table/separator.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table/style.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table/table.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table/table_helper.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table/version.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/lib/terminal-table.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/terminal-table-1.8.0/terminal-table.gemspec +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/COPYING +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/asciidoc.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/babel.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/bluecloth.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/builder.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/coffee.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/commonmarker.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/creole.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/csv.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/dummy.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/erb.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/erubi.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/erubis.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/etanni.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/haml.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/kramdown.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/less.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/liquid.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/livescript.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/mapping.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/markaby.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/maruku.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/nokogiri.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/pandoc.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/plain.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/prawn.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/radius.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/rdiscount.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/rdoc.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/redcarpet.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/redcloth.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/rst-pandoc.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/sass.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/sigil.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/string.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/template.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/typescript.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/wikicloth.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt/yajl.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/tilt-2.0.11/lib/tilt.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/CHANGELOG.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/MIT-LICENSE.txt +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/README.md +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/data/display_width.marshal.gz +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/lib/unicode/display_width/constants.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/lib/unicode/display_width/index.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/lib/unicode/display_width/no_string_ext.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/lib/unicode/display_width/string_ext.rb +0 -0
- /data/bundle/ruby/{3.1.0 → 3.0.0}/gems/unicode-display_width-1.8.0/lib/unicode/display_width.rb +0 -0
data/bundle/ruby/{3.1.0/gems/rexml-3.2.5 → 3.0.0/gems/rexml-3.2.6}/lib/rexml/parsers/xpathparser.rb
RENAMED
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: false
|
2
|
+
|
2
3
|
require_relative '../namespace'
|
3
4
|
require_relative '../xmltokens'
|
4
5
|
|
@@ -38,108 +39,143 @@ module REXML
|
|
38
39
|
parsed
|
39
40
|
end
|
40
41
|
|
41
|
-
def abbreviate(
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
42
|
+
def abbreviate(path_or_parsed)
|
43
|
+
if path_or_parsed.kind_of?(String)
|
44
|
+
parsed = parse(path_or_parsed)
|
45
|
+
else
|
46
|
+
parsed = path_or_parsed
|
47
|
+
end
|
48
|
+
components = []
|
49
|
+
component = nil
|
50
|
+
while parsed.size > 0
|
51
|
+
op = parsed.shift
|
47
52
|
case op
|
48
53
|
when :node
|
54
|
+
component << "node()"
|
49
55
|
when :attribute
|
50
|
-
|
51
|
-
|
56
|
+
component = "@"
|
57
|
+
components << component
|
52
58
|
when :child
|
53
|
-
|
59
|
+
component = ""
|
60
|
+
components << component
|
54
61
|
when :descendant_or_self
|
55
|
-
|
62
|
+
next_op = parsed[0]
|
63
|
+
if next_op == :node
|
64
|
+
parsed.shift
|
65
|
+
component = ""
|
66
|
+
components << component
|
67
|
+
else
|
68
|
+
component = "descendant-or-self::"
|
69
|
+
components << component
|
70
|
+
end
|
56
71
|
when :self
|
57
|
-
|
72
|
+
next_op = parsed[0]
|
73
|
+
if next_op == :node
|
74
|
+
parsed.shift
|
75
|
+
components << "."
|
76
|
+
else
|
77
|
+
component = "self::"
|
78
|
+
components << component
|
79
|
+
end
|
58
80
|
when :parent
|
59
|
-
|
81
|
+
next_op = parsed[0]
|
82
|
+
if next_op == :node
|
83
|
+
parsed.shift
|
84
|
+
components << ".."
|
85
|
+
else
|
86
|
+
component = "parent::"
|
87
|
+
components << component
|
88
|
+
end
|
60
89
|
when :any
|
61
|
-
|
90
|
+
component << "*"
|
62
91
|
when :text
|
63
|
-
|
92
|
+
component << "text()"
|
64
93
|
when :following, :following_sibling,
|
65
94
|
:ancestor, :ancestor_or_self, :descendant,
|
66
95
|
:namespace, :preceding, :preceding_sibling
|
67
|
-
|
68
|
-
|
69
|
-
string << "::"
|
96
|
+
component = op.to_s.tr("_", "-") << "::"
|
97
|
+
components << component
|
70
98
|
when :qname
|
71
|
-
prefix =
|
72
|
-
name =
|
73
|
-
|
74
|
-
|
99
|
+
prefix = parsed.shift
|
100
|
+
name = parsed.shift
|
101
|
+
component << prefix+":" if prefix.size > 0
|
102
|
+
component << name
|
75
103
|
when :predicate
|
76
|
-
|
77
|
-
|
78
|
-
|
104
|
+
component << '['
|
105
|
+
component << predicate_to_path(parsed.shift) {|x| abbreviate(x)}
|
106
|
+
component << ']'
|
79
107
|
when :document
|
80
|
-
|
108
|
+
components << ""
|
81
109
|
when :function
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
110
|
+
component << parsed.shift
|
111
|
+
component << "( "
|
112
|
+
component << predicate_to_path(parsed.shift[0]) {|x| abbreviate(x)}
|
113
|
+
component << " )"
|
86
114
|
when :literal
|
87
|
-
|
115
|
+
component << quote_literal(parsed.shift)
|
88
116
|
else
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
string << ")"
|
117
|
+
component << "UNKNOWN("
|
118
|
+
component << op.inspect
|
119
|
+
component << ")"
|
93
120
|
end
|
94
121
|
end
|
95
|
-
|
96
|
-
|
122
|
+
case components
|
123
|
+
when [""]
|
124
|
+
"/"
|
125
|
+
when ["", ""]
|
126
|
+
"//"
|
127
|
+
else
|
128
|
+
components.join("/")
|
129
|
+
end
|
97
130
|
end
|
98
131
|
|
99
|
-
def expand(
|
100
|
-
|
101
|
-
|
132
|
+
def expand(path_or_parsed)
|
133
|
+
if path_or_parsed.kind_of?(String)
|
134
|
+
parsed = parse(path_or_parsed)
|
135
|
+
else
|
136
|
+
parsed = path_or_parsed
|
137
|
+
end
|
138
|
+
path = ""
|
102
139
|
document = false
|
103
|
-
while
|
104
|
-
op =
|
140
|
+
while parsed.size > 0
|
141
|
+
op = parsed.shift
|
105
142
|
case op
|
106
143
|
when :node
|
107
|
-
|
144
|
+
path << "node()"
|
108
145
|
when :attribute, :child, :following, :following_sibling,
|
109
146
|
:ancestor, :ancestor_or_self, :descendant, :descendant_or_self,
|
110
147
|
:namespace, :preceding, :preceding_sibling, :self, :parent
|
111
|
-
|
112
|
-
|
113
|
-
|
148
|
+
path << "/" unless path.size == 0
|
149
|
+
path << op.to_s.tr("_", "-")
|
150
|
+
path << "::"
|
114
151
|
when :any
|
115
|
-
|
152
|
+
path << "*"
|
116
153
|
when :qname
|
117
|
-
prefix =
|
118
|
-
name =
|
119
|
-
|
120
|
-
|
154
|
+
prefix = parsed.shift
|
155
|
+
name = parsed.shift
|
156
|
+
path << prefix+":" if prefix.size > 0
|
157
|
+
path << name
|
121
158
|
when :predicate
|
122
|
-
|
123
|
-
|
124
|
-
|
159
|
+
path << '['
|
160
|
+
path << predicate_to_path( parsed.shift ) { |x| expand(x) }
|
161
|
+
path << ']'
|
125
162
|
when :document
|
126
163
|
document = true
|
127
164
|
else
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
string << ")"
|
165
|
+
path << "UNKNOWN("
|
166
|
+
path << op.inspect
|
167
|
+
path << ")"
|
132
168
|
end
|
133
169
|
end
|
134
|
-
|
135
|
-
|
170
|
+
path = "/"+path if document
|
171
|
+
path
|
136
172
|
end
|
137
173
|
|
138
|
-
def
|
139
|
-
|
140
|
-
case
|
174
|
+
def predicate_to_path(parsed, &block)
|
175
|
+
path = ""
|
176
|
+
case parsed[0]
|
141
177
|
when :and, :or, :mult, :plus, :minus, :neq, :eq, :lt, :gt, :lteq, :gteq, :div, :mod, :union
|
142
|
-
op =
|
178
|
+
op = parsed.shift
|
143
179
|
case op
|
144
180
|
when :eq
|
145
181
|
op = "="
|
@@ -156,36 +192,50 @@ module REXML
|
|
156
192
|
when :union
|
157
193
|
op = "|"
|
158
194
|
end
|
159
|
-
left =
|
160
|
-
right =
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
string << right
|
167
|
-
string << " "
|
195
|
+
left = predicate_to_path( parsed.shift, &block )
|
196
|
+
right = predicate_to_path( parsed.shift, &block )
|
197
|
+
path << left
|
198
|
+
path << " "
|
199
|
+
path << op.to_s
|
200
|
+
path << " "
|
201
|
+
path << right
|
168
202
|
when :function
|
169
|
-
|
170
|
-
name =
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
203
|
+
parsed.shift
|
204
|
+
name = parsed.shift
|
205
|
+
path << name
|
206
|
+
path << "("
|
207
|
+
parsed.shift.each_with_index do |argument, i|
|
208
|
+
path << ", " if i > 0
|
209
|
+
path << predicate_to_path(argument, &block)
|
210
|
+
end
|
211
|
+
path << ")"
|
175
212
|
when :literal
|
176
|
-
|
177
|
-
|
178
|
-
string << path.shift.inspect
|
179
|
-
string << " "
|
213
|
+
parsed.shift
|
214
|
+
path << quote_literal(parsed.shift)
|
180
215
|
else
|
181
|
-
|
182
|
-
string << yield( path )
|
183
|
-
string << " "
|
216
|
+
path << yield( parsed )
|
184
217
|
end
|
185
|
-
return
|
218
|
+
return path.squeeze(" ")
|
186
219
|
end
|
220
|
+
# For backward compatibility
|
221
|
+
alias_method :preciate_to_string, :predicate_to_path
|
187
222
|
|
188
223
|
private
|
224
|
+
def quote_literal( literal )
|
225
|
+
case literal
|
226
|
+
when String
|
227
|
+
# XPath 1.0 does not support escape characters.
|
228
|
+
# Assumes literal does not contain both single and double quotes.
|
229
|
+
if literal.include?("'")
|
230
|
+
"\"#{literal}\""
|
231
|
+
else
|
232
|
+
"'#{literal}'"
|
233
|
+
end
|
234
|
+
else
|
235
|
+
literal.inspect
|
236
|
+
end
|
237
|
+
end
|
238
|
+
|
189
239
|
#LocationPath
|
190
240
|
# | RelativeLocationPath
|
191
241
|
# | '/' RelativeLocationPath?
|
@@ -26,10 +26,12 @@
|
|
26
26
|
# - REXML::Document.
|
27
27
|
# - REXML::Element.
|
28
28
|
#
|
29
|
+
# There's also an {REXML tutorial}[doc/rexml/tutorial_rdoc.html].
|
30
|
+
#
|
29
31
|
module REXML
|
30
32
|
COPYRIGHT = "Copyright © 2001-2008 Sean Russell <ser@germane-software.com>"
|
31
33
|
DATE = "2008/019"
|
32
|
-
VERSION = "3.2.
|
34
|
+
VERSION = "3.2.6"
|
33
35
|
REVISION = ""
|
34
36
|
|
35
37
|
Copyright = COPYRIGHT
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# frozen_string_literal:
|
1
|
+
# frozen_string_literal: true
|
2
2
|
require_relative 'security'
|
3
3
|
require_relative 'entity'
|
4
4
|
require_relative 'doctype'
|
@@ -131,7 +131,7 @@ module REXML
|
|
131
131
|
def Text.check string, pattern, doctype
|
132
132
|
|
133
133
|
# illegal anywhere
|
134
|
-
if string
|
134
|
+
if !string.match?(VALID_XML_CHARS)
|
135
135
|
if String.method_defined? :encode
|
136
136
|
string.chars.each do |c|
|
137
137
|
case c.ord
|
@@ -371,7 +371,7 @@ module REXML
|
|
371
371
|
copy = input.to_s
|
372
372
|
# Doing it like this rather than in a loop improves the speed
|
373
373
|
#copy = copy.gsub( EREFERENCE, '&' )
|
374
|
-
copy = copy.gsub( "&", "&" )
|
374
|
+
copy = copy.gsub( "&", "&" ) if copy.include?("&")
|
375
375
|
if doctype
|
376
376
|
# Replace all ampersands that aren't part of an entity
|
377
377
|
doctype.entities.each_value do |entity|
|
@@ -382,7 +382,9 @@ module REXML
|
|
382
382
|
else
|
383
383
|
# Replace all ampersands that aren't part of an entity
|
384
384
|
DocType::DEFAULT_ENTITIES.each_value do |entity|
|
385
|
-
|
385
|
+
if copy.include?(entity.value)
|
386
|
+
copy = copy.gsub(entity.value, "&#{entity.name};" )
|
387
|
+
end
|
386
388
|
end
|
387
389
|
end
|
388
390
|
copy
|
@@ -0,0 +1,53 @@
|
|
1
|
+
require 'brakeman/checks/base_check'
|
2
|
+
|
3
|
+
class Brakeman::CheckRansack < Brakeman::BaseCheck
|
4
|
+
Brakeman::Checks.add self
|
5
|
+
|
6
|
+
@description = "Checks for dangerous use of the Ransack library"
|
7
|
+
|
8
|
+
def run_check
|
9
|
+
return unless version_between? "0.0.0", "3.99", tracker.config.gem_version(:ransack)
|
10
|
+
check_ransack_calls
|
11
|
+
end
|
12
|
+
|
13
|
+
def check_ransack_calls
|
14
|
+
tracker.find_call(method: :ransack, nested: true).each do |result|
|
15
|
+
next unless original? result
|
16
|
+
|
17
|
+
call = result[:call]
|
18
|
+
arg = call.first_arg
|
19
|
+
|
20
|
+
# If an allow list is defined anywhere in the
|
21
|
+
# class or super classes, consider it safe
|
22
|
+
class_name = result[:chain].first
|
23
|
+
|
24
|
+
next if ransackable_allow_list?(class_name)
|
25
|
+
|
26
|
+
if input = has_immediate_user_input?(arg)
|
27
|
+
confidence = if tracker.find_class(class_name).nil?
|
28
|
+
confidence = :low
|
29
|
+
elsif result[:location][:file].relative.include? 'admin'
|
30
|
+
confidence = :medium
|
31
|
+
else
|
32
|
+
confidence = :high
|
33
|
+
end
|
34
|
+
|
35
|
+
message = msg('Unrestricted search using ', msg_code('ransack'), ' library called with ', msg_input(input), '. Limit search by defining ', msg_code('ransackable_attributes'), ' and ', msg_code('ransackable_associations'), ' methods in class or upgrade Ransack to version 4.0.0 or newer')
|
36
|
+
|
37
|
+
warn result: result,
|
38
|
+
warning_type: 'Missing Authorization',
|
39
|
+
warning_code: :ransack_search,
|
40
|
+
message: message,
|
41
|
+
user_input: input,
|
42
|
+
confidence: confidence,
|
43
|
+
cwe_id: [862],
|
44
|
+
link: 'https://positive.security/blog/ransack-data-exfiltration'
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def ransackable_allow_list? class_name
|
50
|
+
tracker.find_method(:ransackable_attributes, class_name, :class) and
|
51
|
+
tracker.find_method(:ransackable_associations, class_name, :class)
|
52
|
+
end
|
53
|
+
end
|
@@ -591,7 +591,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
|
|
591
591
|
:sanitize_sql_for_assignment, :sanitize_sql_for_conditions, :sanitize_sql_hash,
|
592
592
|
:sanitize_sql_hash_for_assignment, :sanitize_sql_hash_for_conditions,
|
593
593
|
:to_sql, :sanitize, :primary_key, :table_name_prefix, :table_name_suffix,
|
594
|
-
:where_values_hash, :foreign_key, :uuid
|
594
|
+
:where_values_hash, :foreign_key, :uuid, :escape, :escape_string
|
595
595
|
]
|
596
596
|
|
597
597
|
def ignore_methods_in_sql
|
data/lib/brakeman/options.rb
CHANGED
@@ -244,6 +244,10 @@ module Brakeman::Options
|
|
244
244
|
options[:debug] = true
|
245
245
|
end
|
246
246
|
|
247
|
+
opts.on "--timing", "Measure time for scan steps" do
|
248
|
+
options[:show_timing] = true
|
249
|
+
end
|
250
|
+
|
247
251
|
opts.on "-f",
|
248
252
|
"--format TYPE",
|
249
253
|
[:pdf, :text, :html, :csv, :tabs, :json, :markdown, :codeclimate, :cc, :plain, :table, :junit, :sarif, :sonar, :github],
|
@@ -84,6 +84,9 @@ module Brakeman::ModuleHelper
|
|
84
84
|
res.line(exp.line)
|
85
85
|
@current_method = nil
|
86
86
|
|
87
|
+
# TODO: if target is not self/nil, then
|
88
|
+
# the method should be added to `target`, not current class
|
89
|
+
|
87
90
|
if @current_class
|
88
91
|
@current_class.add_method @visibility, name, res, @current_file
|
89
92
|
elsif @current_module
|
@@ -96,7 +99,13 @@ module Brakeman::ModuleHelper
|
|
96
99
|
name = exp.method_name
|
97
100
|
|
98
101
|
@current_method = name
|
99
|
-
|
102
|
+
|
103
|
+
if @inside_sclass
|
104
|
+
res = Sexp.new :defs, s(:self), name, exp.formal_args, *process_all!(exp.body)
|
105
|
+
else
|
106
|
+
res = Sexp.new :defn, name, exp.formal_args, *process_all!(exp.body)
|
107
|
+
end
|
108
|
+
|
100
109
|
res.line(exp.line)
|
101
110
|
@current_method = nil
|
102
111
|
|
@@ -108,4 +117,25 @@ module Brakeman::ModuleHelper
|
|
108
117
|
|
109
118
|
res
|
110
119
|
end
|
120
|
+
|
121
|
+
# class << self
|
122
|
+
def process_sclass exp
|
123
|
+
@inside_sclass = true
|
124
|
+
|
125
|
+
process_all! exp
|
126
|
+
|
127
|
+
exp
|
128
|
+
ensure
|
129
|
+
@inside_sclass = false
|
130
|
+
end
|
131
|
+
|
132
|
+
def make_defs exp
|
133
|
+
# 'What if' there was some crazy code that had a
|
134
|
+
# defs inside a def inside an sclass? :|
|
135
|
+
return exp if node_type? exp, :defs
|
136
|
+
|
137
|
+
raise "Unexpected node type: #{exp.node_type}" unless node_type? exp, :defn
|
138
|
+
|
139
|
+
Sexp.new(:defs, s(:self), exp.method_name, exp.formal_args, *exp.body).line(exp.line)
|
140
|
+
end
|
111
141
|
end
|
@@ -30,6 +30,12 @@ class Brakeman::LibraryProcessor < Brakeman::BaseProcessor
|
|
30
30
|
end
|
31
31
|
|
32
32
|
def process_defn exp
|
33
|
+
# TODO: Why is this different from ModuleHelper?
|
34
|
+
|
35
|
+
if @inside_sclass
|
36
|
+
exp = make_defs(exp)
|
37
|
+
end
|
38
|
+
|
33
39
|
if exp.method_name == :initialize
|
34
40
|
@alias_processor.process_safely exp.body_list
|
35
41
|
@initializer_env = @alias_processor.only_ivars
|