claws-scan 0.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (52) hide show
  1. checksums.yaml +7 -0
  2. data/.rspec +3 -0
  3. data/.rubocop.yml +31 -0
  4. data/.ruby-version +1 -0
  5. data/Gemfile +17 -0
  6. data/Gemfile.lock +99 -0
  7. data/README.md +557 -0
  8. data/Rakefile +12 -0
  9. data/bin/analyze +62 -0
  10. data/config.yml +16 -0
  11. data/corpus/automerge_via_action.yml +28 -0
  12. data/corpus/automerge_via_cli.yml +14 -0
  13. data/corpus/build-docker-image-run-drc-for-cell-gds-using-magic.yml +170 -0
  14. data/corpus/cmd.yml +14 -0
  15. data/corpus/container.yml +19 -0
  16. data/corpus/container_docker.yml +9 -0
  17. data/corpus/dispatch_command_injection.yml +17 -0
  18. data/corpus/inherit_secrets.yml +20 -0
  19. data/corpus/nameless.yml +11 -0
  20. data/corpus/permissions.yml +19 -0
  21. data/corpus/ruby.yml +12 -0
  22. data/corpus/shellcheck.yml +12 -0
  23. data/corpus/unsafe_checkout_code_execution.yml +21 -0
  24. data/corpus/unsafe_checkout_token_leak.yml +33 -0
  25. data/corpus/unscoped_secrets.yml +16 -0
  26. data/github_action.yml +36 -0
  27. data/lib/claws/application.rb +237 -0
  28. data/lib/claws/base_rule.rb +94 -0
  29. data/lib/claws/cli/color.rb +30 -0
  30. data/lib/claws/cli/yaml_with_lines.rb +124 -0
  31. data/lib/claws/engine.rb +25 -0
  32. data/lib/claws/formatter/github.rb +17 -0
  33. data/lib/claws/formatter/stdout.rb +13 -0
  34. data/lib/claws/formatters.rb +4 -0
  35. data/lib/claws/rule/automatic_merge.rb +49 -0
  36. data/lib/claws/rule/bulk_permissions.rb +20 -0
  37. data/lib/claws/rule/command_injection.rb +14 -0
  38. data/lib/claws/rule/empty_name.rb +14 -0
  39. data/lib/claws/rule/inherited_secrets.rb +17 -0
  40. data/lib/claws/rule/no_containers.rb +28 -0
  41. data/lib/claws/rule/risky_triggers.rb +32 -0
  42. data/lib/claws/rule/shellcheck.rb +109 -0
  43. data/lib/claws/rule/special_permissions.rb +37 -0
  44. data/lib/claws/rule/unapproved_runners.rb +31 -0
  45. data/lib/claws/rule/unpinned_action.rb +30 -0
  46. data/lib/claws/rule/unsafe_checkout.rb +36 -0
  47. data/lib/claws/rule.rb +13 -0
  48. data/lib/claws/version.rb +5 -0
  49. data/lib/claws/violation.rb +11 -0
  50. data/lib/claws/workflow.rb +221 -0
  51. data/lib/claws.rb +6 -0
  52. metadata +151 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: f15bd23a5e2ccdc04f377f54a4677eb06544c37eb1dd9f42e92f839e253c03a0
4
+ data.tar.gz: 6e353d3efc9cd6df847ca00115e4825db51849e93dc67ef3bd9ebb929d87b8ac
5
+ SHA512:
6
+ metadata.gz: 74852855d340e5de4e3fe8ea435e53206483ff21b3b52a19ecb97855646e2d9012ab6b410a173be63b022da292506235b8e2f346dc2e1ce44436d8688317350a
7
+ data.tar.gz: 1a88c82829b81082cef734cd46b101f1c207daeffebe5b4862322536127eebd67526f6a31fc7844587092e579b06fb175e62438c02b0fb072d4bfd6db0fe1f10
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/.rubocop.yml ADDED
@@ -0,0 +1,31 @@
1
+ AllCops:
2
+ TargetRubyVersion: 3.0
3
+
4
+ Style/StringLiterals:
5
+ Enabled: true
6
+ EnforcedStyle: double_quotes
7
+
8
+ Style/StringLiteralsInInterpolation:
9
+ Enabled: true
10
+ EnforcedStyle: double_quotes
11
+
12
+ Layout/LineLength:
13
+ Max: 120
14
+
15
+ Metrics/ClassLength:
16
+ Enabled: false
17
+
18
+ Metrics/BlockLength:
19
+ Enabled: false
20
+
21
+ Metrics/MethodLength:
22
+ Enabled: false
23
+
24
+ Style/FrozenStringLiteralComment:
25
+ Enabled: false
26
+
27
+ Style/Documentation:
28
+ Enabled: false
29
+
30
+ Style/AndOr:
31
+ Enabled: false
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ 3.2.3
data/Gemfile ADDED
@@ -0,0 +1,17 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gemspec
6
+
7
+ gem "rake", "~> 13.0"
8
+ gem "rspec", "~> 3.0"
9
+ gem "rubocop", "~> 1.21"
10
+
11
+ gem "equation"
12
+ gem "fakefs"
13
+ gem "faraday-retry"
14
+ gem "octokit"
15
+ gem "pry"
16
+ gem "slop", "~> 4.9"
17
+ gem "treetop"
data/Gemfile.lock ADDED
@@ -0,0 +1,99 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ claws-scan (0.7.3)
5
+ equation (~> 0.6)
6
+ pry
7
+ slop (~> 4.9)
8
+ treetop
9
+
10
+ GEM
11
+ remote: https://rubygems.org/
12
+ specs:
13
+ addressable (2.8.1)
14
+ public_suffix (>= 2.0.2, < 6.0)
15
+ ast (2.4.2)
16
+ coderay (1.1.3)
17
+ diff-lcs (1.5.0)
18
+ equation (0.6.2)
19
+ fakefs (2.3.0)
20
+ faraday (2.7.4)
21
+ faraday-net_http (>= 2.0, < 3.1)
22
+ ruby2_keywords (>= 0.0.4)
23
+ faraday-net_http (3.0.2)
24
+ faraday-retry (2.0.0)
25
+ faraday (~> 2.0)
26
+ json (2.6.2)
27
+ method_source (1.0.0)
28
+ octokit (6.0.1)
29
+ faraday (>= 1, < 3)
30
+ sawyer (~> 0.9)
31
+ parallel (1.22.1)
32
+ parser (3.1.2.1)
33
+ ast (~> 2.4.1)
34
+ polyglot (0.3.5)
35
+ pry (0.14.2)
36
+ coderay (~> 1.1)
37
+ method_source (~> 1.0)
38
+ public_suffix (5.0.1)
39
+ rainbow (3.1.1)
40
+ rake (13.0.6)
41
+ regexp_parser (2.6.0)
42
+ rexml (3.3.9)
43
+ rspec (3.11.0)
44
+ rspec-core (~> 3.11.0)
45
+ rspec-expectations (~> 3.11.0)
46
+ rspec-mocks (~> 3.11.0)
47
+ rspec-core (3.11.0)
48
+ rspec-support (~> 3.11.0)
49
+ rspec-expectations (3.11.1)
50
+ diff-lcs (>= 1.2.0, < 2.0)
51
+ rspec-support (~> 3.11.0)
52
+ rspec-mocks (3.11.1)
53
+ diff-lcs (>= 1.2.0, < 2.0)
54
+ rspec-support (~> 3.11.0)
55
+ rspec-support (3.11.1)
56
+ rubocop (1.38.0)
57
+ json (~> 2.3)
58
+ parallel (~> 1.10)
59
+ parser (>= 3.1.2.1)
60
+ rainbow (>= 2.2.2, < 4.0)
61
+ regexp_parser (>= 1.8, < 3.0)
62
+ rexml (>= 3.2.5, < 4.0)
63
+ rubocop-ast (>= 1.23.0, < 2.0)
64
+ ruby-progressbar (~> 1.7)
65
+ unicode-display_width (>= 1.4.0, < 3.0)
66
+ rubocop-ast (1.23.0)
67
+ parser (>= 3.1.1.0)
68
+ ruby-progressbar (1.11.0)
69
+ ruby2_keywords (0.0.5)
70
+ sawyer (0.9.2)
71
+ addressable (>= 2.3.5)
72
+ faraday (>= 0.17.3, < 3)
73
+ slop (4.9.3)
74
+ treetop (1.6.12)
75
+ polyglot (~> 0.3)
76
+ unicode-display_width (2.3.0)
77
+
78
+ PLATFORMS
79
+ arm64-darwin-21
80
+ arm64-darwin-22
81
+ arm64-darwin-23
82
+ arm64-darwin-24
83
+ x86_64-linux
84
+
85
+ DEPENDENCIES
86
+ claws-scan!
87
+ equation
88
+ fakefs
89
+ faraday-retry
90
+ octokit
91
+ pry
92
+ rake (~> 13.0)
93
+ rspec (~> 3.0)
94
+ rubocop (~> 1.21)
95
+ slop (~> 4.9)
96
+ treetop
97
+
98
+ BUNDLED WITH
99
+ 2.4.2