brakeman 3.2.0.pre1 → 3.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1e770766f6b12a78d68bb5578ca2f03edc16dbb0
-  data.tar.gz: d16b6325409502c5828ce379e364e43fbc10ec9e
+  metadata.gz: 29cc8c4c02ffe39935546b7fec4aea86bb445538
+  data.tar.gz: e7a969565a996a37c76ea94acb6f8011ca8ff6eb
 SHA512:
-  metadata.gz: 79dbc7972a53fd175306dd50e21943b1825870fa2273b489bb2fef00c7870c5f0c5fc48e90b919d78b57dd2ff46b1a1be7fdee40f55f545d8a0cbecfe0878826
-  data.tar.gz: 647e2c2f42057c5f2d64a4e5166f3541ed1764062d4b6bed7668e6ba31429214486dbb8a495435dc144a98f52ec7357330640cb2730c71157a236b23bd7fdbb4
+  metadata.gz: fc5dff0ab0695c08c08b76e596cf1353f4dbb36ad6e09542f524fc10aa271105672ba16ce89bc747f11dd85d34eb83c412ce962596554b0cc3ffba5f33075b4b
+  data.tar.gz: 7e4ba7803effc7765b7c7b699d4dc1d20516a9579df83783ec4c4cfde98c33761160e0aad8ca19b4d5284bb8b76aa019b1aecb9a1720c4e74d720674e681049e

data/CHANGES

@@ -1,5 +1,8 @@
-# 3.2.0.pre1
+# 3.2.0
 
+* Skip Symbol DoS check on Rails 5
+* Only update ignore config file on changes
+* Sort ignore config file
 * Support calls using `&.` operator
 * Update ruby_parser dependency to 3.8.1
 * Remove `fastercsv` dependency

data/lib/brakeman/checks/check_symbol_dos.rb

@@ -8,6 +8,8 @@ class Brakeman::CheckSymbolDoS < Brakeman::BaseCheck
   @description = "Checks for symbol denial of service"
 
   def run_check
+    return if rails_version > "5.0.0"
+
     tracker.find_call(:methods => UNSAFE_METHODS, :nested => true).each do |result|
       check_unsafe_symbol_creation(result)
     end

data/lib/brakeman/report/ignore/config.rb

@@ -13,6 +13,7 @@ module Brakeman
       @ignored_fingerprints = Set.new
       @notes = {}
       @shown_warnings = @ignored_warnings = nil
+      @changed = false
     end
 
     # Populate ignored_warnings and shown_warnings based on ignore
@@ -35,8 +36,8 @@ module Brakeman
     # Remove warning from ignored list
     def unignore warning
       @ignored_fingerprints.delete warning.fingerprint
-      @already_ignored.reject! do |w|
-        w[:fingerprint] == warning.fingerprint
+      if @already_ignored.reject! { |w|w[:fingerprint] == warning.fingerprint }
+        @changed = true
       end
     end
 
@@ -46,11 +47,13 @@ module Brakeman
     end
 
     def ignore warning
+      @changed = true unless ignored? warning
       @ignored_fingerprints << warning.fingerprint
     end
 
     # Add note for warning
     def add_note warning, note
+      @changed = true
       @notes[warning.fingerprint] = note
     end
 
@@ -98,7 +101,7 @@ module Brakeman
 
         w[:note] = @notes[w[:fingerprint]] || ""
         w
-      end
+      end.sort_by { |w| w[:fingerprint] }
 
       output = {
         :ignored_warnings => warnings,
@@ -124,7 +127,9 @@ module Brakeman
         end
       end
 
-      save_to_file warnings
+      if @changed
+        save_to_file warnings
+      end
     end
   end
 end

data/lib/brakeman/version.rb

@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "3.2.0.pre1"
+  Version = "3.2.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: brakeman
 version: !ruby/object:Gem::Version
-  version: 3.2.0.pre1
+  version: 3.2.0
 platform: ruby
 authors:
 - Justin Collins
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain:
 - brakeman-public_cert.pem
-date: 2016-02-22 00:00:00.000000000 Z
+date: 2016-02-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: test-unit
@@ -346,9 +346,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.4.8