RubyGems - brakeman - Versions diffs - 2.0.0.pre2 → 2.0.0 - Mend

brakeman 2.0.0.pre2 → 2.0.0

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA512:
-  data.tar.gz: 0fa96dca9b41558e7db8c55a2ec2a2e4dc95fc79afba243d0e656fe0c120fbe5b8c71c6c2216a4d27036efc5a57db9cd9661d2a2952e6b92f4c98777a4e26173
-  metadata.gz: 6ed79f61f202f946c7c417f2945ae57ebba267a4e4f46e45eb07fd0eddebe947046d907ff18775bb942073ec3ea00a2a8a9ccaf9b1b31e66d2afa8d62a95166b
+  metadata.gz: 95e0a31af1fc7aa297e1f155cb6218de1fe20d7d9eddcaf786eda7ef1f933bf7c70381abb4db3062a04c74929be0e852056c1b227b304fe72727a8493b57c501
+  data.tar.gz: d12356b9a94db23b53e3e554818a2dc3e6f04e64caa8b6d8764c93c20da885166f4f2e580e7291c76c4da2225d8c5d8bcbb85d17c6345dea5f73fbddc6229423
 SHA1:
-  data.tar.gz: ca68abc07bbc2bafc9af02bcabab84d4756447b7
-  metadata.gz: fad7234ee850e69edbe9bacf2783605edbcf7b64
+  metadata.gz: 1e770b74ee4544b1b2187fd7db6e828769db0e97
+  data.tar.gz: 621f6b0a236d44ac7828d32b64bd46d56effae2f

data/CHANGES CHANGED Viewed

@@ -8,6 +8,8 @@
  * Medium confidence for mass assignment to attr_protected models
  * Remove "timestamp" key from JSON reports
  * Remove deprecated config file locations
+ * Relative paths are used by default in JSON reports
+ * `--absolute-paths` replaces `--relative-paths`
  * Only treat classes with names containing `Controller` like controllers
  * Better handling of classes nested inside controllers
  * Better handling of controller classes nested in classes/modules
@@ -24,6 +26,7 @@
  * Fix model path guesses to use "models/" instead of "controllers/"
  * Clean up SQL CVE warning messages
  * Use exceptions instead of abort in brakeman lib
+ * Update to Ruby2Ruby 2.0.5
 # 1.9.5

@@ -77,13 +77,12 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
     end
     tracker.each_template do |name, template|
+      Brakeman.debug "Checking #{name} for XSS"
       @current_template = template
-      template[:outputs].each do |out|
-        Brakeman.debug "Checking #{name} for direct XSS"
+      template[:outputs].each do |out|
         unless check_for_immediate_xss out
-          Brakeman.debug "Checking #{name} for indirect XSS"
           @matched = false
           @mark = false
           process out

@@ -74,6 +74,8 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
   def process_methdef exp
     meth_name = exp.method_name
+    Brakeman.debug "Processing #{@current_class}##{meth_name}"
     #Skip if instructed to only process a specific method
     #(but don't skip if this method was called from elsewhere)
     return exp if @current_method.nil? and @only_method and @only_method != meth_name

data/lib/brakeman/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "2.0.0.pre2"
+  Version = "2.0.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: brakeman
 version: !ruby/object:Gem::Version
-  version: 2.0.0.pre2
+  version: 2.0.0
 platform: ruby
 authors:
 - Justin Collins
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-05-16 00:00:00 Z
+date: 2013-05-20 00:00:00 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ruby_parser
@@ -232,7 +232,6 @@ files:
 - lib/ruby_parser/bm_sexp.rb
 - lib/ruby_parser/bm_sexp_processor.rb
 - lib/brakeman.rb
-- lib/tasks/brakeman.rake
 homepage: http://brakemanscanner.org
 licenses:
 - MIT
@@ -245,14 +244,13 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - &id011
+    - ">="
     - !ruby/object:Gem::Version
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
-    - !ruby/object:Gem::Version
-      version: 1.3.1
+  - *id011
 requirements: []
 rubyforge_project:

data/lib/tasks/brakeman.rake DELETED Viewed

@@ -1,10 +0,0 @@
-namespace :brakeman do
-  desc "Run Brakeman"
-  task :run, :output_files do |t, args|
-    require 'brakeman'
-    files = args[:output_files].split(' ') if args[:output_files]
-    Brakeman.run :app_path => ".", :output_files => files, :print_report => true
-  end
-end