RubyGems - brakeman - Versions diffs - 2.0.0.pre2 → 2.0.0 - Mend

brakeman 2.0.0.pre2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGES +3 -0
data/lib/brakeman/checks/check_cross_site_scripting.rb +3 -4
data/lib/brakeman/processors/controller_alias_processor.rb +2 -0
data/lib/brakeman/version.rb +1 -1
metadata +5 -7
data/lib/tasks/brakeman.rake +0 -10

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA512:
-  data.tar.gz: 0fa96dca9b41558e7db8c55a2ec2a2e4dc95fc79afba243d0e656fe0c120fbe5b8c71c6c2216a4d27036efc5a57db9cd9661d2a2952e6b92f4c98777a4e26173
-  metadata.gz: 6ed79f61f202f946c7c417f2945ae57ebba267a4e4f46e45eb07fd0eddebe947046d907ff18775bb942073ec3ea00a2a8a9ccaf9b1b31e66d2afa8d62a95166b
+  metadata.gz: 95e0a31af1fc7aa297e1f155cb6218de1fe20d7d9eddcaf786eda7ef1f933bf7c70381abb4db3062a04c74929be0e852056c1b227b304fe72727a8493b57c501
+  data.tar.gz: d12356b9a94db23b53e3e554818a2dc3e6f04e64caa8b6d8764c93c20da885166f4f2e580e7291c76c4da2225d8c5d8bcbb85d17c6345dea5f73fbddc6229423
 SHA1:
-  data.tar.gz: ca68abc07bbc2bafc9af02bcabab84d4756447b7
-  metadata.gz: fad7234ee850e69edbe9bacf2783605edbcf7b64
+  metadata.gz: 1e770b74ee4544b1b2187fd7db6e828769db0e97
+  data.tar.gz: 621f6b0a236d44ac7828d32b64bd46d56effae2f

data/CHANGES CHANGED Viewed

@@ -8,6 +8,8 @@
  * Medium confidence for mass assignment to attr_protected models
  * Remove "timestamp" key from JSON reports
  * Remove deprecated config file locations
+ * Relative paths are used by default in JSON reports
+ * `--absolute-paths` replaces `--relative-paths`
  * Only treat classes with names containing `Controller` like controllers
  * Better handling of classes nested inside controllers
  * Better handling of controller classes nested in classes/modules
@@ -24,6 +26,7 @@
  * Fix model path guesses to use "models/" instead of "controllers/"
  * Clean up SQL CVE warning messages
  * Use exceptions instead of abort in brakeman lib
+ * Update to Ruby2Ruby 2.0.5
 # 1.9.5

data/lib/brakeman/checks/check_cross_site_scripting.rb CHANGED Viewed

@@ -77,13 +77,12 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
     end
     tracker.each_template do |name, template|
+      Brakeman.debug "Checking #{name} for XSS"
       @current_template = template
-      template[:outputs].each do |out|
-        Brakeman.debug "Checking #{name} for direct XSS"
+      template[:outputs].each do |out|
         unless check_for_immediate_xss out
-          Brakeman.debug "Checking #{name} for indirect XSS"
           @matched = false
           @mark = false
           process out

data/lib/brakeman/processors/controller_alias_processor.rb CHANGED Viewed

@@ -74,6 +74,8 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
   def process_methdef exp
     meth_name = exp.method_name
+    Brakeman.debug "Processing #{@current_class}##{meth_name}"
     #Skip if instructed to only process a specific method
     #(but don't skip if this method was called from elsewhere)
     return exp if @current_method.nil? and @only_method and @only_method != meth_name

data/lib/brakeman/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "2.0.0.pre2"
+  Version = "2.0.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: brakeman
 version: !ruby/object:Gem::Version
-  version: 2.0.0.pre2
+  version: 2.0.0
 platform: ruby
 authors:
 - Justin Collins
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-05-16 00:00:00 Z
+date: 2013-05-20 00:00:00 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ruby_parser
@@ -232,7 +232,6 @@ files:
 - lib/ruby_parser/bm_sexp.rb
 - lib/ruby_parser/bm_sexp_processor.rb
 - lib/brakeman.rb
-- lib/tasks/brakeman.rake
 homepage: http://brakemanscanner.org
 licenses:
 - MIT
@@ -245,14 +244,13 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - &id011
+    - ">="
     - !ruby/object:Gem::Version
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
-    - !ruby/object:Gem::Version
-      version: 1.3.1
+  - *id011
 requirements: []
 rubyforge_project:

data/lib/tasks/brakeman.rake DELETED Viewed

@@ -1,10 +0,0 @@
-namespace :brakeman do
-  desc "Run Brakeman"
-  task :run, :output_files do |t, args|
-    require 'brakeman'
-    files = args[:output_files].split(' ') if args[:output_files]
-    Brakeman.run :app_path => ".", :output_files => files, :print_report => true
-  end
-end