danger-brakeman 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +56 -28
- data/lib/brakeman/gem_version.rb +1 -1
- data/lib/brakeman/plugin.rb +6 -8
- data/spec/brakeman_spec.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 057df1866d792d5339be76ad25063b7eba3f84b2d43a936fe41631f8669f1bbb
|
|
4
|
+
data.tar.gz: 1be3375fa1857703b8720822fca0ae4ccc1005ecf551a37890a83a3612ded67e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1aa197c075dcaf45c407c218681734f8e0bd012cd06a2f0d574fcc0d911586804fa5bfc397e20df60c2773f60ddf5206e8c2311bb79d3a74bb75b80a181d3470
|
|
7
|
+
data.tar.gz: ee590133684adf8c9c975104c8291ef8e9671828fa0f416644716efdf757331b9cc8bfe45b2e670e32cb32a73bfdd9e7a3a4cc1762b6f81a7961693eb3c2b003
|
data/Gemfile.lock
CHANGED
|
@@ -1,18 +1,18 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
danger-brakeman (0.0.
|
|
4
|
+
danger-brakeman (0.0.3)
|
|
5
5
|
brakeman
|
|
6
6
|
danger-plugin-api (~> 1.0)
|
|
7
7
|
|
|
8
8
|
GEM
|
|
9
9
|
remote: https://rubygems.org/
|
|
10
10
|
specs:
|
|
11
|
-
addressable (2.
|
|
12
|
-
public_suffix (>= 2.0.2, <
|
|
11
|
+
addressable (2.8.1)
|
|
12
|
+
public_suffix (>= 2.0.2, < 6.0)
|
|
13
13
|
ast (2.4.0)
|
|
14
|
-
brakeman (
|
|
15
|
-
claide (1.0
|
|
14
|
+
brakeman (5.3.1)
|
|
15
|
+
claide (1.1.0)
|
|
16
16
|
claide-plugins (0.9.2)
|
|
17
17
|
cork
|
|
18
18
|
nap
|
|
@@ -21,29 +21,52 @@ GEM
|
|
|
21
21
|
colored2 (3.1.2)
|
|
22
22
|
cork (0.3.0)
|
|
23
23
|
colored2 (~> 3.1)
|
|
24
|
-
danger (6.
|
|
24
|
+
danger (8.6.1)
|
|
25
25
|
claide (~> 1.0)
|
|
26
26
|
claide-plugins (>= 0.9.2)
|
|
27
27
|
colored2 (~> 3.1)
|
|
28
28
|
cork (~> 0.1)
|
|
29
|
-
faraday (
|
|
30
|
-
faraday-http-cache (~>
|
|
31
|
-
git (~> 1.
|
|
32
|
-
kramdown (~> 2.
|
|
29
|
+
faraday (>= 0.9.0, < 2.0)
|
|
30
|
+
faraday-http-cache (~> 2.0)
|
|
31
|
+
git (~> 1.7)
|
|
32
|
+
kramdown (~> 2.3)
|
|
33
33
|
kramdown-parser-gfm (~> 1.0)
|
|
34
34
|
no_proxy_fix
|
|
35
35
|
octokit (~> 4.7)
|
|
36
|
-
terminal-table (
|
|
36
|
+
terminal-table (>= 1, < 4)
|
|
37
37
|
danger-plugin-api (1.0.0)
|
|
38
38
|
danger (> 2.0)
|
|
39
39
|
diff-lcs (1.3)
|
|
40
|
-
faraday (
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
faraday (~>
|
|
40
|
+
faraday (1.10.2)
|
|
41
|
+
faraday-em_http (~> 1.0)
|
|
42
|
+
faraday-em_synchrony (~> 1.0)
|
|
43
|
+
faraday-excon (~> 1.1)
|
|
44
|
+
faraday-httpclient (~> 1.0)
|
|
45
|
+
faraday-multipart (~> 1.0)
|
|
46
|
+
faraday-net_http (~> 1.0)
|
|
47
|
+
faraday-net_http_persistent (~> 1.0)
|
|
48
|
+
faraday-patron (~> 1.0)
|
|
49
|
+
faraday-rack (~> 1.0)
|
|
50
|
+
faraday-retry (~> 1.0)
|
|
51
|
+
ruby2_keywords (>= 0.0.4)
|
|
52
|
+
faraday-em_http (1.0.0)
|
|
53
|
+
faraday-em_synchrony (1.0.0)
|
|
54
|
+
faraday-excon (1.1.0)
|
|
55
|
+
faraday-http-cache (2.4.1)
|
|
56
|
+
faraday (>= 0.8)
|
|
57
|
+
faraday-httpclient (1.0.1)
|
|
58
|
+
faraday-multipart (1.0.4)
|
|
59
|
+
multipart-post (~> 2)
|
|
60
|
+
faraday-net_http (1.0.1)
|
|
61
|
+
faraday-net_http_persistent (1.2.0)
|
|
62
|
+
faraday-patron (1.0.0)
|
|
63
|
+
faraday-rack (1.0.0)
|
|
64
|
+
faraday-retry (1.0.3)
|
|
44
65
|
ffi (1.10.0)
|
|
45
66
|
formatador (0.2.5)
|
|
46
|
-
git (1.
|
|
67
|
+
git (1.12.0)
|
|
68
|
+
addressable (~> 2.8)
|
|
69
|
+
rchardet (~> 1.8)
|
|
47
70
|
guard (2.15.0)
|
|
48
71
|
formatador (>= 0.2.4)
|
|
49
72
|
listen (>= 2.7, < 4.0)
|
|
@@ -59,23 +82,25 @@ GEM
|
|
|
59
82
|
guard-compat (~> 1.1)
|
|
60
83
|
rspec (>= 2.99.0, < 4.0)
|
|
61
84
|
jaro_winkler (1.5.2)
|
|
62
|
-
kramdown (2.
|
|
63
|
-
|
|
85
|
+
kramdown (2.4.0)
|
|
86
|
+
rexml
|
|
87
|
+
kramdown-parser-gfm (1.1.0)
|
|
64
88
|
kramdown (~> 2.0)
|
|
65
89
|
listen (3.0.7)
|
|
66
90
|
rb-fsevent (>= 0.9.3)
|
|
67
91
|
rb-inotify (>= 0.9.7)
|
|
68
92
|
lumberjack (1.0.13)
|
|
69
93
|
method_source (0.9.2)
|
|
70
|
-
multipart-post (2.
|
|
94
|
+
multipart-post (2.2.3)
|
|
71
95
|
nap (1.1.0)
|
|
72
96
|
nenv (0.3.0)
|
|
73
97
|
no_proxy_fix (0.1.2)
|
|
74
98
|
notiffany (0.1.1)
|
|
75
99
|
nenv (~> 0.1)
|
|
76
100
|
shellany (~> 0.0)
|
|
77
|
-
octokit (4.
|
|
78
|
-
|
|
101
|
+
octokit (4.25.1)
|
|
102
|
+
faraday (>= 1, < 3)
|
|
103
|
+
sawyer (~> 0.9)
|
|
79
104
|
open4 (1.3.4)
|
|
80
105
|
parallel (1.17.0)
|
|
81
106
|
parser (2.6.2.0)
|
|
@@ -84,12 +109,14 @@ GEM
|
|
|
84
109
|
coderay (~> 1.1.0)
|
|
85
110
|
method_source (~> 0.9.0)
|
|
86
111
|
psych (3.1.0)
|
|
87
|
-
public_suffix (
|
|
112
|
+
public_suffix (5.0.0)
|
|
88
113
|
rainbow (3.0.0)
|
|
89
114
|
rake (13.0.1)
|
|
90
115
|
rb-fsevent (0.10.3)
|
|
91
116
|
rb-inotify (0.10.0)
|
|
92
117
|
ffi (~> 1.0)
|
|
118
|
+
rchardet (1.8.0)
|
|
119
|
+
rexml (3.2.5)
|
|
93
120
|
rspec (3.8.0)
|
|
94
121
|
rspec-core (~> 3.8.0)
|
|
95
122
|
rspec-expectations (~> 3.8.0)
|
|
@@ -112,12 +139,13 @@ GEM
|
|
|
112
139
|
ruby-progressbar (~> 1.7)
|
|
113
140
|
unicode-display_width (>= 1.4.0, < 1.6)
|
|
114
141
|
ruby-progressbar (1.10.0)
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
142
|
+
ruby2_keywords (0.0.5)
|
|
143
|
+
sawyer (0.9.2)
|
|
144
|
+
addressable (>= 2.3.5)
|
|
145
|
+
faraday (>= 0.17.3, < 3)
|
|
118
146
|
shellany (0.0.1)
|
|
119
|
-
terminal-table (
|
|
120
|
-
unicode-display_width (
|
|
147
|
+
terminal-table (3.0.2)
|
|
148
|
+
unicode-display_width (>= 1.1.1, < 3)
|
|
121
149
|
thor (0.20.3)
|
|
122
150
|
unicode-display_width (1.5.0)
|
|
123
151
|
yard (0.9.20)
|
|
@@ -138,4 +166,4 @@ DEPENDENCIES
|
|
|
138
166
|
yard
|
|
139
167
|
|
|
140
168
|
BUNDLED WITH
|
|
141
|
-
2.
|
|
169
|
+
2.2.18
|
data/lib/brakeman/gem_version.rb
CHANGED
data/lib/brakeman/plugin.rb
CHANGED
|
@@ -33,14 +33,12 @@ module Danger
|
|
|
33
33
|
|
|
34
34
|
def _add_warning_for_each_line(brakeman_result)
|
|
35
35
|
brakeman_result.each do |warning|
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
]
|
|
43
|
-
warn(*arguments)
|
|
36
|
+
offense_message = "[brakeman] #{warning['message']}"
|
|
37
|
+
kw_args = {
|
|
38
|
+
file: warning['file'],
|
|
39
|
+
line: warning['line']
|
|
40
|
+
}
|
|
41
|
+
warn(offense_message, **kw_args)
|
|
44
42
|
end
|
|
45
43
|
end
|
|
46
44
|
|
data/spec/brakeman_spec.rb
CHANGED
|
@@ -69,8 +69,8 @@ module Danger
|
|
|
69
69
|
|
|
70
70
|
outputs = @brakeman.violation_report[:warnings].map(&:to_s)
|
|
71
71
|
|
|
72
|
-
expect(outputs.first).to include('Violation [brakeman] Unsafe reflection method `constantize` called with parameter value { sticky: false, file: app/controllers/vuls_controller.rb, line: 45 }')
|
|
73
|
-
expect(outputs.last).to include('Violation [brakeman] `protect_from_forgery` should be called in `VulsController` { sticky: false, file: app/vuls_controller.rb, line: 1 }')
|
|
72
|
+
expect(outputs.first).to include('Violation [brakeman] Unsafe reflection method `constantize` called with parameter value { sticky: false, file: app/controllers/vuls_controller.rb, line: 45, type: warning }')
|
|
73
|
+
expect(outputs.last).to include('Violation [brakeman] `protect_from_forgery` should be called in `VulsController` { sticky: false, file: app/vuls_controller.rb, line: 1, type: warning }')
|
|
74
74
|
end
|
|
75
75
|
end
|
|
76
76
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: danger-brakeman
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yuichi Nakamura
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-02-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: brakeman
|