brakeman 5.1.0 → 5.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGES.md +4 -0
  3. data/lib/brakeman.rb +4 -6
  4. data/lib/brakeman/commandline.rb +1 -1
  5. data/lib/brakeman/report/ignore/config.rb +4 -4
  6. data/lib/brakeman/report/report_sarif.rb +1 -1
  7. data/lib/brakeman/version.rb +1 -1
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c88d1f3523d338078a793a9a379cd767ef35d2cecd35c6154aed1bec15b84cf9
4
- data.tar.gz: 31e6ff14d2be549c2f96057c6fcfc7b0db3e3b00a05fc93ef833f080571f30ad
3
+ metadata.gz: cafb4506d0cbb4ef2ab84459c03a8d356ed916c29ceca5104536b836162a91ed
4
+ data.tar.gz: b1166612e496c77ffc41f07dc4c7a1226c19ee0726d1e02e3241c792ce4463a8
5
5
  SHA512:
6
- metadata.gz: b8961a72c6a386e0719b1cf043eef5adb633e3b20ed7a33c6d61cd338839e21ecfbe6214e054c544664051b0c0ad691f837dfad9d9ec8e220f39008be47581af
7
- data.tar.gz: d8a23a7dce1b9e1095991d4b5500def6803f2a52dc40a56d8049a374036100f7ca90e6b5f7d8b9839424ea2efa0ac0a457251509f63e389ddef8708050129be4
6
+ metadata.gz: 70920cb9dd7d8647ee9767502575c8336768cfe7d6c418cef810c90b7f3a9a9ea2fb48fb70af123dd8853bb60851cac3def642b0412fb5a4422c47b2f37fd6dd
7
+ data.tar.gz: '083ba7226c065d0e15ddaf5bbf3023326a35bcf167c9070080629fedb517110726d17fac3cf3c4f2f24232ce49dc1b5476d4bf46c60aa55869c4407c6e79bc92'
data/CHANGES.md CHANGED
@@ -1,3 +1,7 @@
1
+ # 5.1.1 - 2021-07-19
2
+
3
+ * Unrefactor IgnoreConfig's use of `Brakeman::FilePath`
4
+
1
5
  # 5.1.0 - 2021-07-19
2
6
 
3
7
  * Initial support for ActiveRecord enums
data/lib/brakeman.rb CHANGED
@@ -527,14 +527,12 @@ module Brakeman
527
527
 
528
528
  # Returns an array of alert fingerprints for any ignored warnings without
529
529
  # notes found in the specified ignore file (if it exists).
530
- def self.ignore_file_entries_with_empty_notes file, options
530
+ def self.ignore_file_entries_with_empty_notes file
531
531
  return [] unless file
532
532
 
533
533
  require 'brakeman/report/ignore/config'
534
534
 
535
- app_tree = Brakeman::AppTree.from_options(options)
536
-
537
- config = IgnoreConfig.new(Brakeman::FilePath.from_app_tree(app_tree, file), nil)
535
+ config = IgnoreConfig.new(file, nil)
538
536
  config.read_from_file
539
537
  config.already_ignored_entries_with_empty_notes.map { |i| i[:fingerprint] }
540
538
  end
@@ -545,9 +543,9 @@ module Brakeman
545
543
  app_tree = Brakeman::AppTree.from_options(options)
546
544
 
547
545
  if options[:ignore_file]
548
- file = Brakeman::FilePath.from_app_tree(app_tree, options[:ignore_file])
546
+ file = options[:ignore_file]
549
547
  elsif app_tree.exists? "config/brakeman.ignore"
550
- file = Brakeman::FilePath.from_app_tree(app_tree, "config/brakeman.ignore")
548
+ file = app_tree.expand_path("config/brakeman.ignore")
551
549
  elsif not options[:interactive_ignore]
552
550
  return
553
551
  end
data/lib/brakeman/commandline.rb CHANGED
@@ -126,7 +126,7 @@ module Brakeman
126
126
 
127
127
  ensure_ignore_notes_failed = false
128
128
  if tracker.options[:ensure_ignore_notes]
129
- fingerprints = Brakeman::ignore_file_entries_with_empty_notes tracker.ignored_filter&.file, options
129
+ fingerprints = Brakeman::ignore_file_entries_with_empty_notes tracker.ignored_filter&.file
130
130
 
131
131
  unless fingerprints.empty?
132
132
  ensure_ignore_notes_failed = true
data/lib/brakeman/report/ignore/config.rb CHANGED
@@ -100,14 +100,14 @@ module Brakeman
100
100
 
101
101
  # Read configuration to file
102
102
  def read_from_file file = @file
103
- if File.exist? file.absolute
103
+ if File.exist? file
104
104
  begin
105
105
  @already_ignored = JSON.parse(File.read(file), :symbolize_names => true)[:ignored_warnings]
106
106
  rescue => e
107
- raise e, "\nError[#{e.class}] while reading brakeman ignore file: #{file.relative}\n"
107
+ raise e, "\nError[#{e.class}] while reading brakeman ignore file: #{file}\n"
108
108
  end
109
109
  else
110
- Brakeman.notify "[Notice] Could not find ignore configuration in #{file.relative}"
110
+ Brakeman.notify "[Notice] Could not find ignore configuration in #{file}"
111
111
  @already_ignored = []
112
112
  end
113
113
 
@@ -134,7 +134,7 @@ module Brakeman
134
134
  :brakeman_version => Brakeman::Version
135
135
  }
136
136
 
137
- File.open file.absolute, "w" do |f|
137
+ File.open file, "w" do |f|
138
138
  f.puts JSON.pretty_generate(output)
139
139
  end
140
140
  end
data/lib/brakeman/report/report_sarif.rb CHANGED
@@ -80,7 +80,7 @@ class Brakeman::Report::SARIF < Brakeman::Report::Base
80
80
  :location => {
81
81
  :physicalLocation => {
82
82
  :artifactLocation => {
83
- :uri => @ignore_filter.file.relative,
83
+ :uri => Brakeman::FilePath.from_app_tree(@app_tree, @ignore_filter.file).relative,
84
84
  :uriBaseId => '%SRCROOT%',
85
85
  },
86
86
  },
data/lib/brakeman/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Brakeman
2
- Version = "5.1.0"
2
+ Version = "5.1.1"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: brakeman
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.1.0
4
+ version: 5.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Justin Collins
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-07-19 00:00:00.000000000 Z
11
+ date: 2021-07-20 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Brakeman detects security vulnerabilities in Ruby on Rails applications
14
14
  via static analysis.