codesake-dawn 0.70 → 0.72
Sign up to get free protection for your applications and to get access to all the features.
data/codesake-dawn.gemspec
CHANGED
data/lib/codesake/dawn/core.rb
CHANGED
@@ -2,10 +2,12 @@ module Codesake
|
|
2
2
|
module Dawn
|
3
3
|
class Core
|
4
4
|
def self.detect_mvc(target)
|
5
|
-
|
6
|
-
|
5
|
+
my_dir = Dir.pwd
|
6
|
+
Dir.chdir(target)
|
7
|
+
raise ArgumentError.new("no Gemfile.lock in #{target}") unless File.exist?("Gemfile.lock")
|
7
8
|
|
8
|
-
lockfile = Bundler::LockfileParser.new(Bundler.read_file(
|
9
|
+
lockfile = Bundler::LockfileParser.new(Bundler.read_file("Gemfile.lock"))
|
10
|
+
Dir.chdir(my_dir)
|
9
11
|
lockfile.specs.each do |s|
|
10
12
|
return Codesake::Dawn::Rails.new(target) if s.name == "rails"
|
11
13
|
# return Codesake::Dawn::Padrino.new if s.name == "padrino"
|
data/lib/codesake/dawn/engine.rb
CHANGED
@@ -218,7 +218,11 @@ module Codesake
|
|
218
218
|
end
|
219
219
|
|
220
220
|
def count_vulnerabilities
|
221
|
-
|
221
|
+
ret = 0
|
222
|
+
ret = @vulnerabilities.count unless @vulnerabilities.nil?
|
223
|
+
ret += @reflected_xss.count unless @reflected_xss.nil?
|
224
|
+
|
225
|
+
ret
|
222
226
|
end
|
223
227
|
|
224
228
|
private
|
@@ -230,7 +234,7 @@ module Codesake
|
|
230
234
|
def get_rvm_ruby_ver
|
231
235
|
return {:version=>"", :patchlevel=>""} unless File.exist?(File.join(@target, ".ruby-version"))
|
232
236
|
hash = File.read('.ruby-version').split('-')
|
233
|
-
return {:version=>hash[
|
237
|
+
return {:version=>hash[0], :patchlevel=>hash[1]}
|
234
238
|
end
|
235
239
|
|
236
240
|
end
|
@@ -18,7 +18,11 @@ module Codesake
|
|
18
18
|
def vuln?
|
19
19
|
Dir.glob(File.join("#{root_dir}", "*")).each do |filename|
|
20
20
|
matches = []
|
21
|
-
|
21
|
+
begin
|
22
|
+
matches = run(load_file(filename)) if File.exists?(filename) and File.file?(filename) and ! File.binary?(filename)
|
23
|
+
rescue ArgumentError => e
|
24
|
+
puts "Skipping pattern match check for #{filename}: #{e.message}"
|
25
|
+
end
|
22
26
|
@evidences << {:filename=>filename, :matches=>matches} unless matches.empty?
|
23
27
|
end
|
24
28
|
return ! @evidences.empty?
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: codesake-dawn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: '0.
|
4
|
+
version: '0.72'
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-06-
|
12
|
+
date: 2013-06-24 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: codesake_commons
|
@@ -91,6 +91,22 @@ dependencies:
|
|
91
91
|
- - ! '>='
|
92
92
|
- !ruby/object:Gem::Version
|
93
93
|
version: '0'
|
94
|
+
- !ruby/object:Gem::Dependency
|
95
|
+
name: ruby_parser
|
96
|
+
requirement: !ruby/object:Gem::Requirement
|
97
|
+
none: false
|
98
|
+
requirements:
|
99
|
+
- - ! '>='
|
100
|
+
- !ruby/object:Gem::Version
|
101
|
+
version: '0'
|
102
|
+
type: :runtime
|
103
|
+
prerelease: false
|
104
|
+
version_requirements: !ruby/object:Gem::Requirement
|
105
|
+
none: false
|
106
|
+
requirements:
|
107
|
+
- - ! '>='
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: '0'
|
94
110
|
- !ruby/object:Gem::Dependency
|
95
111
|
name: coveralls
|
96
112
|
requirement: !ruby/object:Gem::Requirement
|
@@ -463,7 +479,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
463
479
|
version: '0'
|
464
480
|
segments:
|
465
481
|
- 0
|
466
|
-
hash:
|
482
|
+
hash: 1262204685284581406
|
467
483
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
468
484
|
none: false
|
469
485
|
requirements:
|
@@ -472,7 +488,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
472
488
|
version: '0'
|
473
489
|
segments:
|
474
490
|
- 0
|
475
|
-
hash:
|
491
|
+
hash: 1262204685284581406
|
476
492
|
requirements: []
|
477
493
|
rubyforge_project:
|
478
494
|
rubygems_version: 1.8.25
|