code_hunter 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in code_hunter.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Ryo Nakamura
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,15 @@
+# Code Hunter
+Hunt out weak spots in your rails application with 2 static metrics tools:
+
+* [Brakeman](https://github.com/presidentbeef/brakeman) - A static analysis security vulnerability scanner for Rails
+* [RailsBestPractices](https://github.com/railsbp/rails_best_practices) - A code metric tool for rails projects
+
+## Usage
+```
+$ ./bin/code_hunter --help
+Usage: code_hunter [options]
+        --application-path=          (default: ./) rails application root path
+```
+
+## Requirements
+* Ruby >= 1.9

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/bin/code_hunter

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+
+$LOAD_PATH.unshift File.expand_path("../../lib", __FILE__)
+require "code_hunter"
+
+CodeHunter::Runner.run(ARGV)

data/code_hunter.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "code_hunter/version"
+
+Gem::Specification.new do |gem|
+  gem.name          = "code_hunter"
+  gem.version       = CodeHunter::VERSION
+  gem.authors       = ["Ryo Nakamura"]
+  gem.email         = ["r7kamura@gmail.com"]
+  gem.description   = "Hunt out weak spots in your rails application"
+  gem.summary       = "Code hunter"
+  gem.homepage      = "https://github.com/r7kamura/code_hunter"
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+
+  gem.add_dependency "nokogiri"
+  gem.add_dependency "activesupport"
+  gem.add_dependency "brakeman"
+  gem.add_dependency "rails_best_practices"
+
+  gem.add_development_dependency "rspec", ">= 2.12.0"
+  gem.add_development_dependency "simplecov"
+end

data/lib/code_hunter.rb

@@ -0,0 +1,9 @@
+require "active_support/all"
+
+require "code_hunter/version"
+require "code_hunter/option_parser"
+require "code_hunter/runner"
+require "code_hunter/renderer"
+require "code_hunter/brakeman"
+require "code_hunter/rails_best_practices"
+require "code_hunter/git_blamer"

data/lib/code_hunter/brakeman.rb

@@ -0,0 +1,40 @@
+require "code_hunter/brakeman/invoker"
+require "code_hunter/brakeman/summarizer"
+require "pathname"
+require "tmpdir"
+
+module CodeHunter
+  class Brakeman
+    TEMPORAL_PATHNAME = Pathname.new("#{Dir.tmpdir}/brakeman.html")
+
+    attr_reader :options
+
+    delegate :invoke, :to => :invoker
+    delegate :summarize, :to => :summarizer
+
+    def initialize(options = {})
+      @options = options
+    end
+
+    def run
+      invoke
+      summarize
+    ensure
+      clean
+    end
+
+    private
+
+    def clean
+      TEMPORAL_PATHNAME.delete if TEMPORAL_PATHNAME.exist?
+    end
+
+    def summarizer
+      Summarizer.new(options)
+    end
+
+    def invoker
+      Invoker.new(options)
+    end
+  end
+end

data/lib/code_hunter/brakeman/invoker.rb

@@ -0,0 +1,18 @@
+module CodeHunter
+  class Brakeman
+    class Invoker
+      attr_reader :options
+
+      def initialize(options = {})
+        @options = options
+      end
+
+      def invoke
+        system(
+          "brakeman",
+          "--output", Brakeman::TEMPORAL_PATHNAME.to_s
+        )
+      end
+    end
+  end
+end

data/lib/code_hunter/brakeman/summarizer.rb

@@ -0,0 +1,57 @@
+require "nokogiri"
+
+module CodeHunter
+  class Brakeman
+    class Summarizer
+      attr_reader :options
+
+      def initialize(options = {})
+        @options = options
+      end
+
+      def summarize
+        warning_elements.map do |element|
+          {
+            :service => "brakeman",
+            :line    => find_line(element),
+            :path    => find_path(element),
+            :message => find_message(element),
+          }
+        end
+      end
+
+      def find_line(element)
+        find_message(element)[/near line (\d+)/, 1].try(:to_i)
+      end
+
+      def find_message(element)
+        element.child.text.strip
+      end
+
+      def find_path(element)
+        element.css("caption").text.strip
+      end
+
+      def warning_elements
+        tree.css(".warning_message")
+      end
+
+      def tree
+        Nokogiri.HTML(content)
+      end
+
+      def content
+        Brakeman::TEMPORAL_PATHNAME.read
+      end
+
+      def summarize_with_file_existence_check
+        if Brakeman::TEMPORAL_PATHNAME.exist?
+          summarize_without_file_existence_check
+        else
+          warn "Brakeman output file is not found"
+        end
+      end
+      alias_method_chain :summarize, :file_existence_check
+    end
+  end
+end

data/lib/code_hunter/git_blamer.rb

@@ -0,0 +1,26 @@
+module CodeHunter
+  class GitBlamer
+    def initialize(args)
+      @path = args[:path]
+      @line = args[:line]
+    end
+
+    def blame
+      result = invoke
+      parse(result) unless result.empty?
+    end
+
+    def parse(str)
+      {
+        :sha1        => str.lines.to_a[0][/^[0-9a-f]+/],
+        :author      => str[/author (.+)/, 1],
+        :email       => str[/author-mail <(.+)>/, 1],
+        :modified_at => str[/author-time (\d+)/, 1].to_i,
+      }
+    end
+
+    def invoke
+      `git blame #{File.realpath(@path)} -L #@line,+1 -l -e -p`
+    end
+  end
+end

data/lib/code_hunter/option_parser.rb

@@ -0,0 +1,84 @@
+require "optparse"
+
+module CodeHunter
+  class OptionParser < ::OptionParser
+    OPTIONS = [
+      "--application-path=", "(default:   ./) rails application root path",
+      "--format=",           "(default: yaml) output format (yaml or json)",
+    ]
+
+    def self.parse!(argv)
+      new.parse!(argv)
+    end
+
+    def self.help
+      new.help
+    end
+
+    def initialize(*)
+      super
+      configure_options
+    end
+
+    def parse!(*)
+      super
+      options
+    end
+
+    def options
+      @options ||= {}
+    end
+
+    private
+
+    def configure_options
+      arguments.each do |argument|
+        on(argument.key, argument.description) do |value|
+          options[argument.to_sym] = value
+        end
+      end
+    end
+
+    def arguments
+      OPTIONS.each_slice(2).map do |key, description|
+        Argument.new(key, description)
+      end
+    end
+
+    class Argument
+      attr_reader :key, :description
+
+      def initialize(key, description)
+        @key         = key
+        @description = description
+      end
+
+      def to_sym
+        str = @key
+        str = without_head_hyphen(str)
+        str = without_head_no(str)
+        str = without_last_equal(str)
+        str = underscored(str)
+        str.to_sym
+      end
+
+      private
+
+      def underscored(str)
+        str.gsub("-", "_")
+      end
+
+      def without_head_hyphen(str)
+        str.gsub(/^--/, "")
+      end
+
+      def without_head_no(str)
+        str.gsub(/^no-/, "")
+      end
+
+      def without_last_equal(str)
+        str.gsub(/=$/, "")
+      end
+    end
+  end
+end

data/lib/code_hunter/rails_best_practices.rb

@@ -0,0 +1,40 @@
+require "code_hunter/rails_best_practices/invoker"
+require "code_hunter/rails_best_practices/summarizer"
+require "pathname"
+require "tmpdir"
+
+module CodeHunter
+  class RailsBestPractices
+    TEMPORAL_PATHNAME = Pathname.new("#{Dir.tmpdir}/rails_best_practices.html")
+
+    attr_reader :options
+
+    delegate :invoke, :to => :invoker
+    delegate :summarize, :to => :summarizer
+
+    def initialize(options = {})
+      @options = options
+    end
+
+    def run
+      invoke
+      summarize
+    ensure
+      clean
+    end
+
+    private
+
+    def clean
+      TEMPORAL_PATHNAME.delete if TEMPORAL_PATHNAME.exist?
+    end
+
+    def summarizer
+      Summarizer.new(options)
+    end
+
+    def invoker
+      Invoker.new(options)
+    end
+  end
+end

data/lib/code_hunter/rails_best_practices/invoker.rb

@@ -0,0 +1,19 @@
+module CodeHunter
+  class RailsBestPractices
+    class Invoker
+      attr_reader :options
+
+      def initialize(options = {})
+        @options = options
+      end
+
+      def invoke
+        system(
+          "rails_best_practices",
+          "--format", "html",
+          "--output-file", RailsBestPractices::TEMPORAL_PATHNAME.to_s
+        )
+      end
+    end
+  end
+end

data/lib/code_hunter/rails_best_practices/summarizer.rb

@@ -0,0 +1,48 @@
+require "nokogiri"
+
+module CodeHunter
+  class RailsBestPractices
+    class Summarizer
+      attr_reader :options
+
+      def initialize(options = {})
+        @options = options
+      end
+
+      def summarize
+        warning_elements.map do |element|
+          {
+            :service => "rails_best_practices",
+            :line    => find_line(element),
+            :path    => find_path(element),
+            :message => find_message(element),
+          }
+        end
+      end
+
+      def find_line(element)
+        element.css(".line").text.strip.to_i
+      end
+
+      def find_path(element)
+        element.css(".filename").text.strip
+      end
+
+      def find_message(element)
+        element.css(".message").text.strip
+      end
+
+      def warning_elements
+        tree.css(".result tbody tr")
+      end
+
+      def tree
+        Nokogiri.HTML(content)
+      end
+
+      def content
+        RailsBestPractices::TEMPORAL_PATHNAME.read
+      end
+    end
+  end
+end

data/lib/code_hunter/renderer.rb

@@ -0,0 +1,36 @@
+require "json"
+require "yaml"
+
+module CodeHunter
+  # Render warnings to string with the specified format.
+  # As its format, AVAILABLE_FORMATS are available ("yaml" is default).
+  class Renderer
+    AVAILABLE_FORMATS = %w[json yaml]
+
+    def self.render(*args)
+      new(*args).render
+    end
+
+    def initialize(warnings, options = {})
+      @warnings = warnings
+      @format   = options[:format] || "yaml"
+    end
+
+    def render
+      case format
+      when "yaml"
+        @warnings.to_yaml
+      when "json"
+        JSON.unparse(@warnings)
+      else
+        raise ArgumentError, "format #{format} is not available. Use #{AVAILABLE_FORMATS}"
+      end
+    end
+
+    private
+
+    def format
+      @format.to_s
+    end
+  end
+end

data/lib/code_hunter/runner.rb

@@ -0,0 +1,46 @@
+module CodeHunter
+  class Runner
+    attr_reader :options
+
+    def self.run(*args)
+      new(*args).run
+    end
+
+    def initialize(argv = [])
+      @options = OptionParser.parse!(argv)
+    end
+
+    def run
+      warnings = collect_warnings
+      warnings = merge_git_metadata(warnings)
+      output   = Renderer.render(warnings, :format => options[:format])
+      puts output
+    end
+
+    def collect_warnings
+      services.map(&:run).compact.inject([], :+)
+    end
+
+    def merge_git_metadata(warnings)
+      warnings.map do |warning|
+        metadata = GitBlamer.new(warning).blame or next
+        warning.merge(metadata)
+      end.compact
+    end
+
+    private
+
+    def services
+      [Brakeman, RailsBestPractices].map {|klass| klass.new(options) }
+    end
+
+    def run_with_application_path
+      Dir.chdir(application_path) { run_without_application_path }
+    end
+    alias_method_chain :run, :application_path
+
+    def application_path
+      options[:application_path] || "./"
+    end
+  end
+end

data/lib/code_hunter/version.rb

@@ -0,0 +1,3 @@
+module CodeHunter
+  VERSION = "0.0.1"
+end

data/spec/code_hunter/renderer_spec.rb

@@ -0,0 +1,59 @@
+require "spec_helper"
+require "active_support/core_ext/string/strip"
+
+module CodeHunter
+  describe Renderer do
+    describe ".render(warnings, options = {})" do
+      subject do
+        described_class.render(warnings, options)
+      end
+
+      let(:warnings) do
+        [{ :a => :b }]
+      end
+
+      let(:options) do
+        { :format => format }
+      end
+
+      shared_examples_for "render warnings with yaml" do
+        it "renders warnings as yaml" do
+          should == <<-EOS.strip_heredoc
+            ---
+            - :a: :b
+          EOS
+        end
+      end
+
+      context "when options[:format] is not specified" do
+        let(:format) do
+          nil
+        end
+        include_examples "render warnings with yaml"
+      end
+
+      context "when options[:format] is :yaml" do
+        let(:format) do
+          :yaml
+        end
+        include_examples "render warnings with yaml"
+      end
+
+      context "when options[:format] is :json" do
+        let(:format) do
+          :json
+        end
+        it "renders warnings as json" do
+          should == '[{"a":"b"}]'
+        end
+      end
+
+      context "when options[:format] is invalid" do
+        let(:format) do
+          :invalid
+        end
+        it { expect { subject }.to raise_error(ArgumentError) }
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+$LOAD_PATH.unshift File.expand_path("../../lib", __FILE__)
+require "code_hunter"
+
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+end

metadata

@@ -0,0 +1,165 @@
+--- !ruby/object:Gem::Specification
+name: code_hunter
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Ryo Nakamura
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-01-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: brakeman
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails_best_practices
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.12.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.12.0
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Hunt out weak spots in your rails application
+email:
+- r7kamura@gmail.com
+executables:
+- code_hunter
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/code_hunter
+- code_hunter.gemspec
+- lib/code_hunter.rb
+- lib/code_hunter/brakeman.rb
+- lib/code_hunter/brakeman/invoker.rb
+- lib/code_hunter/brakeman/summarizer.rb
+- lib/code_hunter/git_blamer.rb
+- lib/code_hunter/option_parser.rb
+- lib/code_hunter/rails_best_practices.rb
+- lib/code_hunter/rails_best_practices/invoker.rb
+- lib/code_hunter/rails_best_practices/summarizer.rb
+- lib/code_hunter/renderer.rb
+- lib/code_hunter/runner.rb
+- lib/code_hunter/version.rb
+- spec/code_hunter/renderer_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/r7kamura/code_hunter
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Code hunter
+test_files:
+- spec/code_hunter/renderer_spec.rb
+- spec/spec_helper.rb