brakeman 4.5.0 → 4.5.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of brakeman might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGES.md +15 -0
- data/README.md +6 -6
- data/bundle/load.rb +3 -3
- data/bundle/ruby/2.5.0/gems/{highline-1.7.10 → highline-2.0.2}/AUTHORS +0 -0
- data/bundle/ruby/2.5.0/gems/{highline-1.7.10 → highline-2.0.2}/COPYING +0 -0
- data/bundle/ruby/2.5.0/gems/{highline-1.7.10 → highline-2.0.2}/Changelog.md +211 -15
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/Gemfile +22 -0
- data/bundle/ruby/2.5.0/gems/{highline-1.7.10 → highline-2.0.2}/LICENSE +0 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/README.md +202 -0
- data/bundle/ruby/2.5.0/gems/{highline-1.7.10 → highline-2.0.2}/TODO +0 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/appveyor.yml +37 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/highline.gemspec +35 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline.rb +650 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/builtin_styles.rb +129 -0
- data/bundle/ruby/2.5.0/gems/{highline-1.7.10 → highline-2.0.2}/lib/highline/color_scheme.rb +49 -32
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/compatibility.rb +23 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/custom_errors.rb +57 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/import.rb +48 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/io_console_compatible.rb +37 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/list.rb +177 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/list_renderer.rb +261 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/menu.rb +576 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/menu/item.rb +32 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/paginator.rb +52 -0
- data/bundle/ruby/2.5.0/gems/{highline-1.7.10 → highline-2.0.2}/lib/highline/question.rb +281 -131
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/question/answer_converter.rb +103 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/question_asker.rb +150 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/simulate.rb +59 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/statement.rb +88 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/string.rb +36 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/string_extensions.rb +130 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/style.rb +325 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/template_renderer.rb +62 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/terminal.rb +190 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/terminal/io_console.rb +36 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/terminal/ncurses.rb +38 -0
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/terminal/unix_stty.rb +51 -0
- data/bundle/ruby/2.5.0/gems/{highline-1.7.10 → highline-2.0.2}/lib/highline/version.rb +3 -1
- data/bundle/ruby/2.5.0/gems/highline-2.0.2/lib/highline/wrapper.rb +53 -0
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/History.rdoc +32 -0
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/Manifest.txt +0 -0
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/README.rdoc +0 -0
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/compare/normalize.rb +0 -0
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/debugging.md +0 -0
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/rp_extensions.rb +1 -1
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/rp_stringscanner.rb +0 -0
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby20_parser.rb +2427 -2432
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby20_parser.y +32 -29
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby21_parser.rb +2101 -2109
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby21_parser.y +32 -29
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby22_parser.rb +2080 -2095
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby22_parser.y +32 -29
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0/lib/ruby25_parser.rb → ruby_parser-3.13.1/lib/ruby23_parser.rb} +2339 -2333
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby23_parser.y +32 -29
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby24_parser.rb +2347 -2335
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby24_parser.y +32 -23
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0/lib/ruby23_parser.rb → ruby_parser-3.13.1/lib/ruby25_parser.rb} +2349 -2337
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby25_parser.y +32 -23
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby26_parser.rb +2351 -2338
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby26_parser.y +32 -23
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby_lexer.rb +253 -161
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby_lexer.rex +25 -25
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby_lexer.rex.rb +68 -26
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby_parser.rb +3 -1
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby_parser.yy +34 -23
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/lib/ruby_parser_extras.rb +64 -43
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/tools/munge.rb +2 -1
- data/bundle/ruby/2.5.0/gems/{ruby_parser-3.13.0 → ruby_parser-3.13.1}/tools/ripper.rb +6 -1
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/CHANGELOG.md +4 -0
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/MIT-LICENSE.txt +0 -0
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/README.md +1 -1
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/data/display_width.marshal.gz +0 -0
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/lib/unicode/display_width.rb +0 -0
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/lib/unicode/display_width/constants.rb +2 -2
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/lib/unicode/display_width/index.rb +0 -0
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/lib/unicode/display_width/no_string_ext.rb +0 -0
- data/bundle/ruby/2.5.0/gems/{unicode-display_width-1.5.0 → unicode-display_width-1.6.0}/lib/unicode/display_width/string_ext.rb +0 -0
- data/lib/brakeman.rb +7 -0
- data/lib/brakeman/app_tree.rb +34 -22
- data/lib/brakeman/checks.rb +7 -7
- data/lib/brakeman/checks/base_check.rb +9 -9
- data/lib/brakeman/checks/check_cross_site_scripting.rb +5 -0
- data/lib/brakeman/checks/check_default_routes.rb +5 -0
- data/lib/brakeman/checks/check_deserialize.rb +52 -0
- data/lib/brakeman/checks/check_dynamic_finders.rb +1 -1
- data/lib/brakeman/checks/check_force_ssl.rb +27 -0
- data/lib/brakeman/checks/check_json_parsing.rb +5 -0
- data/lib/brakeman/checks/check_link_to_href.rb +6 -1
- data/lib/brakeman/checks/check_mail_to.rb +1 -1
- data/lib/brakeman/checks/check_model_attr_accessible.rb +1 -1
- data/lib/brakeman/checks/check_model_attributes.rb +12 -50
- data/lib/brakeman/checks/check_model_serialize.rb +1 -1
- data/lib/brakeman/checks/check_nested_attributes_bypass.rb +3 -3
- data/lib/brakeman/checks/check_secrets.rb +1 -1
- data/lib/brakeman/checks/check_session_settings.rb +10 -10
- data/lib/brakeman/checks/check_simple_format.rb +5 -0
- data/lib/brakeman/checks/check_skip_before_filter.rb +1 -1
- data/lib/brakeman/checks/check_sql.rb +15 -17
- data/lib/brakeman/checks/check_validation_regex.rb +1 -1
- data/lib/brakeman/file_parser.rb +6 -8
- data/lib/brakeman/file_path.rb +71 -0
- data/lib/brakeman/options.rb +7 -0
- data/lib/brakeman/parsers/template_parser.rb +3 -3
- data/lib/brakeman/processor.rb +3 -4
- data/lib/brakeman/processors/alias_processor.rb +12 -6
- data/lib/brakeman/processors/base_processor.rb +8 -7
- data/lib/brakeman/processors/controller_alias_processor.rb +10 -7
- data/lib/brakeman/processors/controller_processor.rb +5 -9
- data/lib/brakeman/processors/haml_template_processor.rb +5 -0
- data/lib/brakeman/processors/lib/module_helper.rb +8 -8
- data/lib/brakeman/processors/lib/processor_helper.rb +3 -3
- data/lib/brakeman/processors/lib/rails2_config_processor.rb +3 -3
- data/lib/brakeman/processors/lib/rails2_route_processor.rb +2 -2
- data/lib/brakeman/processors/lib/rails3_config_processor.rb +3 -3
- data/lib/brakeman/processors/lib/rails3_route_processor.rb +2 -2
- data/lib/brakeman/processors/lib/render_helper.rb +2 -2
- data/lib/brakeman/processors/lib/render_path.rb +18 -1
- data/lib/brakeman/processors/library_processor.rb +5 -5
- data/lib/brakeman/processors/model_processor.rb +4 -5
- data/lib/brakeman/processors/output_processor.rb +5 -0
- data/lib/brakeman/processors/template_alias_processor.rb +4 -5
- data/lib/brakeman/processors/template_processor.rb +4 -4
- data/lib/brakeman/report.rb +3 -3
- data/lib/brakeman/report/ignore/config.rb +2 -3
- data/lib/brakeman/report/ignore/interactive.rb +2 -2
- data/lib/brakeman/report/pager.rb +1 -0
- data/lib/brakeman/report/report_base.rb +51 -6
- data/lib/brakeman/report/report_codeclimate.rb +3 -3
- data/lib/brakeman/report/report_hash.rb +1 -1
- data/lib/brakeman/report/report_html.rb +2 -2
- data/lib/brakeman/report/report_json.rb +1 -24
- data/lib/brakeman/report/report_table.rb +20 -4
- data/lib/brakeman/report/report_tabs.rb +1 -1
- data/lib/brakeman/report/report_text.rb +2 -2
- data/lib/brakeman/rescanner.rb +9 -12
- data/lib/brakeman/scanner.rb +19 -14
- data/lib/brakeman/tracker.rb +4 -4
- data/lib/brakeman/tracker/collection.rb +4 -3
- data/lib/brakeman/tracker/config.rb +6 -0
- data/lib/brakeman/util.rb +1 -147
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning.rb +23 -13
- data/lib/brakeman/warning_codes.rb +1 -0
- data/lib/ruby_parser/bm_sexp_processor.rb +1 -0
- metadata +78 -61
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/Gemfile +0 -11
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/INSTALL +0 -59
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/README.rdoc +0 -74
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/highline.gemspec +0 -37
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/lib/highline.rb +0 -1048
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/lib/highline/compatibility.rb +0 -16
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/lib/highline/import.rb +0 -41
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/lib/highline/menu.rb +0 -381
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/lib/highline/simulate.rb +0 -48
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/lib/highline/string_extensions.rb +0 -111
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/lib/highline/style.rb +0 -192
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/lib/highline/system_extensions.rb +0 -254
- data/bundle/ruby/2.5.0/gems/highline-1.7.10/setup.rb +0 -1360
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7b421b3c9b1e3511d9f76869f86e07c04ce9267569d5d4f2d0965d8ce7303b93
|
4
|
+
data.tar.gz: 1189f4d043614c6624148f72b855db712c3297a51e4c87dcf12afa3a55150554
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d3217750dd567855b96f0ad573f4386c07ba6540781e93da79305cc78e5dbd900a770bb7c06e068f539442b2aa6dfcf407b3be92c219cc0b139f1b11cfa4e1f5
|
7
|
+
data.tar.gz: 158479b5adb292bd783c817606a2bef28f114a6043e7bd906ba4ef8a6f56696028c86dfa0872e494b9a39a9b52bf8fec217ef5d463f987317eeb3bf485323e6e
|
data/CHANGES.md
CHANGED
@@ -1,3 +1,18 @@
|
|
1
|
+
# 4.5.1
|
2
|
+
|
3
|
+
* Add `Brakeman::FilePath` to represent file paths
|
4
|
+
* Handle trailing comma in block args
|
5
|
+
* Properly handle empty partial name
|
6
|
+
* Use relative paths for `__FILE__`
|
7
|
+
* Convert `!!` calls to boolean value
|
8
|
+
* Add optional check for `config.force_ssl`
|
9
|
+
* Remove code for Ruby versions prior to 1.9
|
10
|
+
* Check `link_to` with block for href XSS
|
11
|
+
* Add SQL injection checks for `find_or_create_by` and friends
|
12
|
+
* Add deserialization warning for `Oj.load/object_load`
|
13
|
+
* Add initial Rails 6 support
|
14
|
+
* Add SQL injection checks for `destroy_by`/`delete_by`
|
15
|
+
|
1
16
|
# 4.5.0
|
2
17
|
|
3
18
|
* Update `ruby_parser`, use `ruby_parser-legacy`
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
[![Brakeman Logo](http://brakemanscanner.org/images/logo_medium.png)](http://brakemanscanner.org/)
|
2
2
|
|
3
|
-
[![Build Status](https://
|
3
|
+
[![Build Status](https://circleci.com/gh/presidentbeef/brakeman.svg?style=svg)](https://circleci.com/gh/presidentbeef/brakeman)
|
4
4
|
[![Maintainability](https://api.codeclimate.com/v1/badges/1b08a5c74695cb0d11ec/maintainability)](https://codeclimate.com/github/presidentbeef/brakeman/maintainability)
|
5
5
|
[![Test Coverage](https://api.codeclimate.com/v1/badges/1b08a5c74695cb0d11ec/test_coverage)](https://codeclimate.com/github/presidentbeef/brakeman/test_coverage)
|
6
6
|
[![Gitter](https://badges.gitter.im/presidentbeef/brakeman.svg)](https://gitter.im/presidentbeef/brakeman)
|
@@ -47,25 +47,25 @@ Outside of Rails root:
|
|
47
47
|
|
48
48
|
From a Rails application's root directory:
|
49
49
|
|
50
|
-
docker run -v "$(pwd)":/code brakeman
|
50
|
+
docker run -v "$(pwd)":/code presidentbeef/brakeman
|
51
51
|
|
52
52
|
With a little nicer color:
|
53
53
|
|
54
|
-
docker run -v "$(pwd)":/code brakeman --color
|
54
|
+
docker run -v "$(pwd)":/code presidentbeef/brakeman --color
|
55
55
|
|
56
56
|
For an HTML report:
|
57
57
|
|
58
|
-
docker run -v "$(pwd)":/code brakeman -o brakeman_results.html
|
58
|
+
docker run -v "$(pwd)":/code presidentbeef/brakeman -o brakeman_results.html
|
59
59
|
|
60
60
|
Outside of Rails root (note that the output file is relative to path/to/rails/application):
|
61
61
|
|
62
|
-
docker run -v 'path/to/rails/application':/code brakeman -o brakeman_results.html
|
62
|
+
docker run -v 'path/to/rails/application':/code presidentbeef/brakeman -o brakeman_results.html
|
63
63
|
|
64
64
|
# Compatibility
|
65
65
|
|
66
66
|
Brakeman should work with any version of Rails from 2.3.x to 5.x.
|
67
67
|
|
68
|
-
Brakeman can analyze code written with Ruby 1.8 syntax and newer, but requires at least Ruby
|
68
|
+
Brakeman can analyze code written with Ruby 1.8 syntax and newer, but requires at least Ruby 2.3.0 to run.
|
69
69
|
|
70
70
|
# Basic Options
|
71
71
|
|
data/bundle/load.rb
CHANGED
@@ -2,13 +2,13 @@ path = File.expand_path('../..', __FILE__)
|
|
2
2
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/ruby2ruby-2.4.2/lib"
|
3
3
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/haml-4.0.7/lib"
|
4
4
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/slim-4.0.1/lib"
|
5
|
+
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/ruby_parser-3.13.1/lib"
|
5
6
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/temple-0.8.1/lib"
|
6
|
-
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/highline-1.7.10/lib"
|
7
7
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/terminal-table-1.8.0/lib"
|
8
|
-
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/
|
8
|
+
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/highline-2.0.2/lib"
|
9
9
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/sexp_processor-4.12.0/lib"
|
10
10
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/ruby_parser-legacy-1.0.0/lib"
|
11
|
+
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/unicode-display_width-1.6.0/lib"
|
11
12
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/erubis-2.7.0/lib"
|
12
13
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/tilt-2.0.9/lib"
|
13
|
-
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/unicode-display_width-1.5.0/lib"
|
14
14
|
$:.unshift "#{path}/bundle/ruby/2.5.0/gems/safe_yaml-1.0.5/lib"
|
File without changes
|
File without changes
|
@@ -2,26 +2,222 @@
|
|
2
2
|
|
3
3
|
Below is a complete listing of changes for each revision of HighLine.
|
4
4
|
|
5
|
-
###
|
6
|
-
* Add
|
5
|
+
### 2.0.2 / 2019-04-08
|
6
|
+
* PR #243 - Add new capital_letter option to menu index (@Ana06)
|
7
|
+
* This is a really special PR. It has come from "The Biggest
|
8
|
+
Mobprogramming Session Ever" and around 250 people
|
9
|
+
participated in crafting it!
|
10
|
+
* PR #241 - CI: Add 2.6 (@olleolleolle)
|
11
|
+
* PR #240 - Avoid YARD warning UnknownParam (@olleolleolle)
|
7
12
|
|
8
|
-
###
|
9
|
-
*
|
13
|
+
### 2.0.1 / 2019-01-23
|
14
|
+
* PR #238 / I #237 - Rescue Errno::ENOTTY when pipeing
|
10
15
|
|
11
|
-
###
|
12
|
-
*
|
16
|
+
### 2.0.0 / 2018-06-10
|
17
|
+
* Release 2.0.0 (major version release).
|
13
18
|
|
14
|
-
###
|
15
|
-
*
|
19
|
+
### 2.0.0-develop.16 / 2018-05-12
|
20
|
+
* PR #231 - Deprecate safe_level of ERB.new in Ruby 2.6 (@koic)
|
21
|
+
* PR #230 - Fix behavior when shell and gather options are selected together
|
16
22
|
|
17
|
-
###
|
18
|
-
*
|
23
|
+
### 2.0.0-develop.15 / 2017-12-28
|
24
|
+
* PR #229 - Update .travis.yml. Add Ruby 2.5 to matrix (@abinoam)
|
19
25
|
|
20
|
-
###
|
21
|
-
*
|
26
|
+
### 2.0.0-develop.14 / 2017-11-21
|
27
|
+
* PR #222 / I #221 - Fix inconsistent behaviour when using agree with readline (@abinoam, @ailisp)
|
22
28
|
|
23
|
-
###
|
24
|
-
*
|
29
|
+
### 2.0.0-develop.13 / 2017-11-05
|
30
|
+
* PR #219 - Make possible to use a callable as response (@abinoam)
|
31
|
+
|
32
|
+
### 2.0.0-develop.12 / 2017-10-19
|
33
|
+
* PR #218 - Ease transition from 1.7.x to 2.0.x (@abinoam)
|
34
|
+
* Copy use_color from HighLine.default_instance
|
35
|
+
* Expose IOConsoleCompatible
|
36
|
+
* PR #216 - Update .appveyor.yml - Fix Windows CI (@abinoam)
|
37
|
+
|
38
|
+
### 2.0.0-develop.11 / 2017-09-25
|
39
|
+
* PR #215 - Apply several Rubocop stylistic suggestions (@abinoam)
|
40
|
+
* Update gemspec/Gemfile to newer standards
|
41
|
+
* Update travis configuration fixing 1.9 problem
|
42
|
+
* Adjust .rubocop.yml with things we don't want to change
|
43
|
+
|
44
|
+
### 2.0.0-develop.10 / 2017-06-29
|
45
|
+
* PR #214 - Remove `$terminal` (global variable) (@abinoam)
|
46
|
+
* Use HighLine.default_instance instead
|
47
|
+
* Reorganize/Group code at lib/highline.rb
|
48
|
+
|
49
|
+
### 2.0.0-develop.9 / 2017-06-24
|
50
|
+
|
51
|
+
* PR #211 / PR #212 - HighLine#use_color= and use_color? as instance methods (@abinoam, @phiggins)
|
52
|
+
* PR #203 / I #191 - Default values are shown in menus by Frederico (@fredrb)
|
53
|
+
* PR #201 / I #198 - Confirm in question now accepts Proc (@mmihira)
|
54
|
+
* PR #197 - Some HighLine::Menu improvements
|
55
|
+
* Move Menu::MenuItem to Menu::Item with its own file
|
56
|
+
* Some small refactorings
|
57
|
+
|
58
|
+
### 2.0.0-develop.8 / 2016-06-03
|
59
|
+
|
60
|
+
* PR #195 - Add PRONTO to development group at Gemfile by Abinoam Jr. (@abinoam)
|
61
|
+
|
62
|
+
### 2.0.0-develop.7 / 2016-05-31
|
63
|
+
|
64
|
+
* PR #194 - Indices coloring on HighLine::Menu by Aregic (@aregic)
|
65
|
+
* PR #190 - Add Ruby 2.3.0 to travis matrix by Koichi (@koic/ruby-23)
|
66
|
+
* PR #189 - Improve #agree tests by @kevinoid
|
67
|
+
|
68
|
+
### 2.0.0-develop.6 / 2016-02-01
|
69
|
+
|
70
|
+
* PR #184 - Menu improvements, bug fixes, and more tests by Geoff Lee (@matrinox)
|
71
|
+
* Add third arg to menu that overides the choice displayed to the user
|
72
|
+
* FIX: autocomplete prompt does not include menu choices after the first
|
73
|
+
* Add specs to cover the new features and the bug fix
|
74
|
+
* PR #183 - Fix menu example in README.md by Fabien Foerster (@fabienfoerster)
|
75
|
+
|
76
|
+
### 2.0.0-develop.5 / 2015-12-27
|
77
|
+
|
78
|
+
* Fix #180 with PR #181 - Make it possible to overwrite the menu prompt shown on errors.
|
79
|
+
|
80
|
+
### 2.0.0-develop.4 / 2015-12-14
|
81
|
+
|
82
|
+
This versions makes the code documentation 100% 'A' grade on inch.
|
83
|
+
We have used inch and http://inch-ci.org to guide the priorities
|
84
|
+
on documentation production.
|
85
|
+
|
86
|
+
The grade 'A' (on inch) number of objects on master branch was 44,22% (153/346).
|
87
|
+
After this PR we have a 100% grade 'A' (344 objects).
|
88
|
+
|
89
|
+
There's already a inch-ci.org badge on README.md. And now it's all green!
|
90
|
+
|
91
|
+
We also bring some improvement on CodeClimate scores.
|
92
|
+
|
93
|
+
#### CHANGES SUMMARY
|
94
|
+
|
95
|
+
* PR #179 - Make inch happy. Grade "A" for the whole HighLine documentation. By Abinoam Jr. (@abinoam)
|
96
|
+
* PR #178 - Improve score on Code Climate by applying some refactoring. By Abinoam Jr. (@abinoam)
|
97
|
+
* PR #172 - Initial work on documentation by Abinoam Jr. (@abinoam)
|
98
|
+
* Use yard
|
99
|
+
* Use inch
|
100
|
+
* New Readme file
|
101
|
+
* Fix #166 with PR #173 by (@matugm)
|
102
|
+
|
103
|
+
|
104
|
+
### 2.0.0-develop.3 / 2015-10-28
|
105
|
+
|
106
|
+
This version brings some improvements on documentation (switch to Yardoc).
|
107
|
+
This is the first 2.0.0-develop.x version to be release as gem.
|
108
|
+
|
109
|
+
### 2.0.0-develop.2 / 2015-09-09
|
110
|
+
|
111
|
+
(by Abinoam P. Marques Jr. - @abinoam)
|
112
|
+
|
113
|
+
#### NOTES
|
114
|
+
|
115
|
+
This version brings greater compatibility with JRuby and Windows.
|
116
|
+
But we still have a lot of small issues in both platforms.
|
117
|
+
We were able to unify/converge all approaches into using io/console,
|
118
|
+
so we could delete old code that relied solely on stty, termios, java api and
|
119
|
+
windows apis (DL and Fiddle).
|
120
|
+
|
121
|
+
Another improvement is the beginning of what I called "acceptance tests".
|
122
|
+
If you type ```rake acceptance``` you'll be guided through some tests
|
123
|
+
where you have to input some thing and see if everything work as expected.
|
124
|
+
This makes easier to catch bugs that otherwise would be over-sighted.
|
125
|
+
|
126
|
+
#### CHANGES SUMMARY
|
127
|
+
|
128
|
+
* Fix Simplecov - it was reporting erroneous code coverage
|
129
|
+
* Add new tests. Improves code coverage
|
130
|
+
* Extract HighLine::BuiltinStyles
|
131
|
+
* Try to avoid nil checking
|
132
|
+
* Try to avoid class variables (mis)use
|
133
|
+
* Fix RDoc include path and some small fixes to the docs
|
134
|
+
* Move HighLine::String to its own file
|
135
|
+
* Add HighLine::Terminal::IOConsole
|
136
|
+
- Add an IOConsoleCompatibility module with some stubbed
|
137
|
+
methods for using at StringIO, File and Tempfile to help
|
138
|
+
on tests.
|
139
|
+
- Any enviroment that can require 'io/console' will
|
140
|
+
use HighLine::Terminal::IOConsole by default. This kind
|
141
|
+
of unifies most environments where HighLine runs. For
|
142
|
+
example, we can use Terminal::IOConsole on JRuby!!!
|
143
|
+
* Add ruby-head and JRuby (19mode and head) to Travis CI matrix. Yes, this
|
144
|
+
our first step to a more peaceful JRuby compatibility.
|
145
|
+
* Add AppVeyor Continuous Integration for Windows
|
146
|
+
* Add _acceptance_ tests for HighLine
|
147
|
+
- Use ```rake acceptance``` to run them
|
148
|
+
- Basically it interactively asks the user to confirm if
|
149
|
+
some expected HighLine behavior is actually happening.
|
150
|
+
After that it gather some environment debug information,
|
151
|
+
so the use could send to the HighLine contributors in case
|
152
|
+
of failure.
|
153
|
+
* Remove old and unused files (as a result of relying on io/console)
|
154
|
+
- JRuby
|
155
|
+
- Windows (DL and Fiddle)
|
156
|
+
- Termios
|
157
|
+
* Fix some small (old and new) bugs
|
158
|
+
* Make some more tuning for Windows compatibility
|
159
|
+
* Make some more tuning for JRuby compatibility
|
160
|
+
|
161
|
+
### 2.0.0-develop.1 / 2015-06-11
|
162
|
+
|
163
|
+
This is the first development version of the 2.0.0 series. It's the begining of a refactoring phase on HighLine development cycle.
|
164
|
+
|
165
|
+
#### SOME HISTORY
|
166
|
+
|
167
|
+
In 2014 I emailed James Edward Gray II (@JEG2) about HighLine. One of his ideas was to completely refactor the library so that it could be easier to reuse and improve it. I've began my contributions to HighLine trying to fix some of the open issues at that time so that we could "freeze" a stable version of HighLine that people could rely on. Then I've began to study HighLine source code with James' help and started to refactor some parts of the code. Abinoam P. Marques Jr. (@abinoam)
|
168
|
+
|
169
|
+
#### NOTES
|
170
|
+
|
171
|
+
* This release differs from current master branch by more than 180 commits.
|
172
|
+
* The main changes will be only summarized bellow (as there are many, and a detailed description of each is not productive).
|
173
|
+
* You could try `git log -p` to see all of them.
|
174
|
+
* During the last commits, all possible efforts were taken to preserve the tests passing status.
|
175
|
+
* 100% test passing gives you no guarantee that this new version will work for you. This happens for many reasons. One of them is that we don't currently have 100% test coverage.
|
176
|
+
* So, this version is not suitable for use in production.
|
177
|
+
* [Metric_fu](https://github.com/metricfu/metric_fu) and [Code Climate](https://codeclimate.com/github/abinoam/highline) were used here not to strictly "guide" what should be changed, but to have some way to objectively measure the progresses made so far.
|
178
|
+
|
179
|
+
#### CHANGES SUMMARY
|
180
|
+
* Extracted a lot of smaller methods from bigger ones
|
181
|
+
* Extracted smaller classes/modules from bigger ones, so they could be self contained with less external dependencies as possible, for example:
|
182
|
+
* HighLine::Statement
|
183
|
+
* HighLine::List
|
184
|
+
* HighLine::ListRenderer
|
185
|
+
* HighLine::TemplateRenderer
|
186
|
+
* HighLine::Question::AnswerConverter
|
187
|
+
* HighLine::Terminal
|
188
|
+
* HighLine::Terminal::UnixStty
|
189
|
+
* HighLine::Paginator
|
190
|
+
* HighLine::Wrapper
|
191
|
+
* After extracting each class/module some refactoring were applied to them lowering code complexity
|
192
|
+
|
193
|
+
#### METRICS SUMMARY
|
194
|
+
Some of the metrics used to track progress are summarized bellow. Some of them have got a lot better as Flay, Flog and Reek, others like Cane haven't (probably because we didn't commented out the new code yet)
|
195
|
+
|
196
|
+
__CODECLIMATE__
|
197
|
+
|
198
|
+
* GPA: 3.60 -> 3.67 (higher is better)
|
199
|
+
|
200
|
+
__CANE__ - reports code quality threshold violations (lower is better)
|
201
|
+
|
202
|
+
* Total 92 -> 105
|
203
|
+
* Methods exceeding allowed Abc complexity: 14 -> 10
|
204
|
+
* Lines violating style requirements: 69 -> 72
|
205
|
+
* Class definitions requiring comments: 9 -> 23
|
206
|
+
|
207
|
+
__FLAY__ - analyzes ruby code for structural similarities (code duplication - lower is better)
|
208
|
+
|
209
|
+
* Total: 490 -> 94
|
210
|
+
|
211
|
+
__FLOG__ - measures code complexity (lower is better)
|
212
|
+
|
213
|
+
* Top 5% average: 127.9458 -> 40.99812
|
214
|
+
* Average: 17.37982 -> 7.663875
|
215
|
+
* Total: 2158.5 -> 1969.6
|
216
|
+
|
217
|
+
__REEK__ - detects common code smells in ruby code (lower is better)
|
218
|
+
|
219
|
+
* DuplicateMethodCall: 144 -> 54
|
220
|
+
* TooManyStatements: 26 -> 30
|
25
221
|
|
26
222
|
### 1.7.3 / 2015-06-29
|
27
223
|
* Add HighLine::Simulator tests (Bala Paranj (@bparanj) and Abinoam Marques Jr. (@abinoam), #142, PR #143)
|
@@ -391,7 +587,7 @@ Patch by Jeremy Hinegardner:
|
|
391
587
|
HighLine's own cross-platform terminal input routine.
|
392
588
|
* Improved type conversion to handle user defined classes.
|
393
589
|
|
394
|
-
### 0.2.0
|
590
|
+
### 0.2.0 / 2005-04-29
|
395
591
|
|
396
592
|
* Added Unit Tests to cover an already fixed output bug in the future.
|
397
593
|
* Added Rakefile and setup test action (default).
|
@@ -0,0 +1,22 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
|
3
|
+
source "https://rubygems.org"
|
4
|
+
|
5
|
+
git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
|
6
|
+
|
7
|
+
# Specify your gem's dependencies in tgem.gemspec
|
8
|
+
gemspec
|
9
|
+
|
10
|
+
platform :ruby do
|
11
|
+
# Running only on MRI
|
12
|
+
gem "simplecov", group: :test
|
13
|
+
end
|
14
|
+
|
15
|
+
group :code_quality do
|
16
|
+
gem "flog", require: false
|
17
|
+
gem "pronto", require: false, platform: :ruby
|
18
|
+
gem "pronto-flay", require: false, platform: :ruby
|
19
|
+
gem "pronto-poper", require: false, platform: :ruby
|
20
|
+
gem "pronto-reek", require: false, platform: :ruby
|
21
|
+
gem "pronto-rubocop", require: false, platform: :ruby
|
22
|
+
end
|
File without changes
|
@@ -0,0 +1,202 @@
|
|
1
|
+
HighLine
|
2
|
+
========
|
3
|
+
|
4
|
+
[![Build Status](https://travis-ci.org/JEG2/highline.svg?branch=master)](https://travis-ci.org/JEG2/highline)
|
5
|
+
[![Build status](https://ci.appveyor.com/api/projects/status/4p05fijpah77d28x/branch/master?svg=true)](https://ci.appveyor.com/project/JEG2/highline/branch/master)
|
6
|
+
[![Gem Version](https://badge.fury.io/rb/highline.svg)](https://badge.fury.io/rb/highline)
|
7
|
+
[![Code Climate](https://codeclimate.com/github/JEG2/highline/badges/gpa.svg)](https://codeclimate.com/github/JEG2/highline)
|
8
|
+
[![Test Coverage](https://codeclimate.com/github/JEG2/highline/badges/coverage.svg)](https://codeclimate.com/github/JEG2/highline/coverage)
|
9
|
+
[![Inline docs](http://inch-ci.org/github/JEG2/highline.svg?branch=master)](http://inch-ci.org/github/JEG2/highline)
|
10
|
+
|
11
|
+
Description
|
12
|
+
-----------
|
13
|
+
|
14
|
+
Welcome to HighLine.
|
15
|
+
|
16
|
+
HighLine was designed to ease the tedious tasks of doing console input and
|
17
|
+
output with low-level methods like ```gets``` and ```puts```. HighLine provides a
|
18
|
+
robust system for requesting data from a user, without needing to code all the
|
19
|
+
error checking and validation rules and without needing to convert the typed
|
20
|
+
Strings into what your program really needs. Just tell HighLine what you're
|
21
|
+
after, and let it do all the work.
|
22
|
+
|
23
|
+
Documentation
|
24
|
+
-------------
|
25
|
+
|
26
|
+
See: [Rubydoc.info for HighLine](http://www.rubydoc.info/github/JEG2/highline/master).
|
27
|
+
Specially [HighLine](http://www.rubydoc.info/github/JEG2/highline/master/HighLine) and [HighLine::Question](http://www.rubydoc.info/github/JEG2/highline/master/HighLine/Question).
|
28
|
+
|
29
|
+
Usage
|
30
|
+
-----
|
31
|
+
|
32
|
+
```ruby
|
33
|
+
|
34
|
+
require 'highline'
|
35
|
+
|
36
|
+
# Basic usage
|
37
|
+
|
38
|
+
cli = HighLine.new
|
39
|
+
answer = cli.ask "What do you think?"
|
40
|
+
puts "You have answered: #{answer}"
|
41
|
+
|
42
|
+
|
43
|
+
# Default answer
|
44
|
+
|
45
|
+
cli.ask("Company? ") { |q| q.default = "none" }
|
46
|
+
|
47
|
+
|
48
|
+
# Validation
|
49
|
+
|
50
|
+
cli.ask("Age? ", Integer) { |q| q.in = 0..105 }
|
51
|
+
cli.ask("Name? (last, first) ") { |q| q.validate = /\A\w+, ?\w+\Z/ }
|
52
|
+
|
53
|
+
|
54
|
+
# Type conversion for answers:
|
55
|
+
|
56
|
+
cli.ask("Birthday? ", Date)
|
57
|
+
cli.ask("Interests? (comma sep list) ", lambda { |str| str.split(/,\s*/) })
|
58
|
+
|
59
|
+
|
60
|
+
# Reading passwords:
|
61
|
+
|
62
|
+
cli.ask("Enter your password: ") { |q| q.echo = false }
|
63
|
+
cli.ask("Enter your password: ") { |q| q.echo = "x" }
|
64
|
+
|
65
|
+
|
66
|
+
# ERb based output (with HighLine's ANSI color tools):
|
67
|
+
|
68
|
+
cli.say("This should be <%= color('bold', BOLD) %>!")
|
69
|
+
|
70
|
+
|
71
|
+
# Menus:
|
72
|
+
|
73
|
+
cli.choose do |menu|
|
74
|
+
menu.prompt = "Please choose your favorite programming language? "
|
75
|
+
menu.choice(:ruby) { cli.say("Good choice!") }
|
76
|
+
menu.choices(:python, :perl) { cli.say("Not from around here, are you?") }
|
77
|
+
menu.default = :ruby
|
78
|
+
end
|
79
|
+
|
80
|
+
## Using colored indices on Menus
|
81
|
+
|
82
|
+
HighLine::Menu.index_color = :rgb_77bbff # set default index color
|
83
|
+
|
84
|
+
cli.choose do |menu|
|
85
|
+
menu.index_color = :rgb_999999 # override default color of index
|
86
|
+
# you can also use constants like :blue
|
87
|
+
menu.prompt = "Please choose your favorite programming language? "
|
88
|
+
menu.choice(:ruby) { cli.say("Good choice!") }
|
89
|
+
menu.choices(:python, :perl) { cli.say("Not from around here, are you?") }
|
90
|
+
end
|
91
|
+
```
|
92
|
+
|
93
|
+
If you want to save some characters, you can inject/import HighLine methods on Kernel by doing the following. Just be sure to avoid name collisions in the top-level namespace.
|
94
|
+
|
95
|
+
|
96
|
+
```ruby
|
97
|
+
require 'highline/import'
|
98
|
+
|
99
|
+
say "Now you can use #say directly"
|
100
|
+
```
|
101
|
+
|
102
|
+
For more examples see the examples/ directory of this project.
|
103
|
+
|
104
|
+
Requirements
|
105
|
+
------------
|
106
|
+
|
107
|
+
HighLine from version >= 1.7.0 requires ruby >= 1.9.3
|
108
|
+
|
109
|
+
Installing
|
110
|
+
----------
|
111
|
+
|
112
|
+
To install HighLine, use the following command:
|
113
|
+
|
114
|
+
```sh
|
115
|
+
$ gem install highline
|
116
|
+
```
|
117
|
+
|
118
|
+
(Add `sudo` if you're installing under a POSIX system as root)
|
119
|
+
|
120
|
+
If you're using [Bundler](http://bundler.io/), add this to your Gemfile:
|
121
|
+
|
122
|
+
```ruby
|
123
|
+
source "https://rubygems.org"
|
124
|
+
gem 'highline'
|
125
|
+
```
|
126
|
+
|
127
|
+
And then run:
|
128
|
+
|
129
|
+
```sh
|
130
|
+
$ bundle
|
131
|
+
```
|
132
|
+
|
133
|
+
If you want to build the gem locally, use the following command from the root of the sources:
|
134
|
+
|
135
|
+
```sh
|
136
|
+
$ rake package
|
137
|
+
```
|
138
|
+
|
139
|
+
You can also build and install directly:
|
140
|
+
|
141
|
+
```sh
|
142
|
+
$ rake install
|
143
|
+
```
|
144
|
+
|
145
|
+
Contributing
|
146
|
+
------------
|
147
|
+
|
148
|
+
1. Open an issue
|
149
|
+
- https://github.com/JEG2/highline/issues
|
150
|
+
|
151
|
+
2. Fork the repository
|
152
|
+
- https://github.com/JEG2/highline/fork
|
153
|
+
|
154
|
+
3. Clone it locally
|
155
|
+
- ```git clone git@github.com:YOUR-USERNAME/highline.git```
|
156
|
+
|
157
|
+
4. Add the main HighLine repository as the __upstream__ remote
|
158
|
+
- ```cd highline``` # to enter the cloned repository directory.
|
159
|
+
- ```git remote add upstream https://github.com/JEG2/highline```
|
160
|
+
|
161
|
+
5. Keep your fork in sync with __upstream__
|
162
|
+
- ```git fetch upstream```
|
163
|
+
- ```git checkout master```
|
164
|
+
- ```git merge upstream/master```
|
165
|
+
|
166
|
+
6. Create your feature branch
|
167
|
+
- ```git checkout -b your_branch```
|
168
|
+
|
169
|
+
7. Hack the source code, run the tests and __pronto__
|
170
|
+
- ```rake test```
|
171
|
+
- ```rake acceptance```
|
172
|
+
- ```pronto run```
|
173
|
+
|
174
|
+
8. Commit your changes
|
175
|
+
- ```git commit -am "Your commit message"```
|
176
|
+
|
177
|
+
9. Push it
|
178
|
+
- ```git push```
|
179
|
+
|
180
|
+
10. Open a pull request
|
181
|
+
- https://github.com/JEG2/highline/pulls
|
182
|
+
|
183
|
+
Details on:
|
184
|
+
|
185
|
+
* GitHub Guide to Contributing to Open Source - https://guides.github.com/activities/contributing-to-open-source/
|
186
|
+
* GitHub issues - https://guides.github.com/features/issues/
|
187
|
+
* Forking - https://help.github.com/articles/fork-a-repo/
|
188
|
+
* Cloning - https://help.github.com/articles/cloning-a-repository/
|
189
|
+
* Adding upstream - https://help.github.com/articles/configuring-a-remote-for-a-fork/
|
190
|
+
* Syncing your fork - https://help.github.com/articles/syncing-a-fork/
|
191
|
+
* Branching - https://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging
|
192
|
+
* Commiting - https://git-scm.com/book/en/v2/Git-Basics-Recording-Changes-to-the-Repository
|
193
|
+
* Pushing - https://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes
|
194
|
+
|
195
|
+
The Core HighLine Team
|
196
|
+
----------------------
|
197
|
+
|
198
|
+
* [James Edward Gray II](https://github.com/JEG2) - Author
|
199
|
+
* [Gregory Brown](https://github.com/practicingruby) - Core contributor
|
200
|
+
* [Abinoam P. Marques Jr.](https://github.com/abinoam) - Core contributor
|
201
|
+
|
202
|
+
_For a list of people who have contributed to the codebase, see [GitHub's list of contributors](https://github.com/JEG2/highline/contributors)._
|