fudge 0.2.3 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/fudge/tasks.rb +1 -0
- data/lib/fudge/tasks/brakeman.rb +50 -0
- data/lib/fudge/version.rb +1 -1
- data/spec/lib/fudge/tasks/brakeman_spec.rb +61 -0
- metadata +6 -3
data/lib/fudge/tasks.rb
CHANGED
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
module Fudge
|
|
2
|
+
module Tasks
|
|
3
|
+
# Allow use of Brakeman securty scanner
|
|
4
|
+
#
|
|
5
|
+
# task :brakeman
|
|
6
|
+
# runs brakeman with max score of 0
|
|
7
|
+
#
|
|
8
|
+
# task :brakeman, :max => 2
|
|
9
|
+
#
|
|
10
|
+
# sets max score to 2
|
|
11
|
+
#
|
|
12
|
+
# Any and all options can be defined
|
|
13
|
+
#
|
|
14
|
+
# task :brakeman
|
|
15
|
+
class Brakeman < Shell
|
|
16
|
+
include Helpers::BundleAware
|
|
17
|
+
|
|
18
|
+
private
|
|
19
|
+
|
|
20
|
+
def cmd(options={})
|
|
21
|
+
bundle_cmd("brakeman #{arguments}", options)
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
def check_for
|
|
26
|
+
[check_regex, method(:brakeman_checker)]
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def check_regex
|
|
30
|
+
/\| Security Warnings \| (?<score>\d+) /
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def brakeman_checker(matches)
|
|
34
|
+
score = matches[:score].to_i
|
|
35
|
+
if score > max_score
|
|
36
|
+
"Brakeman reported more than #{max_score} issues."
|
|
37
|
+
else
|
|
38
|
+
true
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def max_score
|
|
43
|
+
options.fetch(:max, 0)
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
register Brakeman
|
|
49
|
+
end
|
|
50
|
+
end
|
data/lib/fudge/version.rb
CHANGED
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe Fudge::Tasks::Brakeman do
|
|
4
|
+
it { should be_registered_as :brakeman }
|
|
5
|
+
|
|
6
|
+
it_should_behave_like 'bundle aware'
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
let(:output_good) do
|
|
10
|
+
<<-EOF
|
|
11
|
+
| Errors | 0 |
|
|
12
|
+
| Security Warnings | 0 (0) |
|
|
13
|
+
+-------------------+-------+
|
|
14
|
+
|
|
15
|
+
EOF
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
let(:output_bad) do
|
|
19
|
+
<<-EOF
|
|
20
|
+
| Errors | 0 |
|
|
21
|
+
| Security Warnings | 1 (0) |
|
|
22
|
+
+-------------------+-------+
|
|
23
|
+
|
|
24
|
+
+-----------------+-------+
|
|
25
|
+
| Warning Type | Total |
|
|
26
|
+
+-----------------+-------+
|
|
27
|
+
| Mass Assignment | 1 |
|
|
28
|
+
+-----------------+-------+
|
|
29
|
+
|
|
30
|
+
|
|
31
|
+
|
|
32
|
+
Model Warnings:
|
|
33
|
+
|
|
34
|
+
+------------+---------+-----------------+----------------------------------------------------------------------------+
|
|
35
|
+
| Confidence | Model | Warning Type | Message |
|
|
36
|
+
+------------+---------+-----------------+----------------------------------------------------------------------------+
|
|
37
|
+
| Weak | Address | Mass Assignment | Potentially dangerous attribute via_type_id available for mass assignment. |
|
|
38
|
+
+------------+---------+-----------------+----------------------------------------------------------------------------+
|
|
39
|
+
|
|
40
|
+
EOF
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
describe :run do
|
|
44
|
+
it 'runs brakeman on the codebase' do
|
|
45
|
+
subject.should run_command 'brakeman '
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
it { should_not succeed_with_output output_bad }
|
|
49
|
+
it { should succeed_with_output output_good }
|
|
50
|
+
|
|
51
|
+
context 'when :max score is supplied' do
|
|
52
|
+
it 'fails when score is higher than max' do
|
|
53
|
+
task = described_class.new :max => 0
|
|
54
|
+
task.should_not succeed_with_output output_bad
|
|
55
|
+
|
|
56
|
+
task = described_class.new :max => 1
|
|
57
|
+
task.should succeed_with_output output_bad
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fudge
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -332,6 +332,7 @@ files:
|
|
|
332
332
|
- lib/fudge/tasks/composite_task.rb
|
|
333
333
|
- lib/fudge/tasks/each_directory.rb
|
|
334
334
|
- lib/fudge/tasks/shell.rb
|
|
335
|
+
- lib/fudge/tasks/brakeman.rb
|
|
335
336
|
- lib/fudge/tasks/rspec.rb
|
|
336
337
|
- lib/fudge/tasks/flog.rb
|
|
337
338
|
- lib/fudge/tasks/in_directory.rb
|
|
@@ -362,6 +363,7 @@ files:
|
|
|
362
363
|
- spec/lib/fudge/with_directory_spec.rb
|
|
363
364
|
- spec/lib/fudge/tasks/in_directory_spec.rb
|
|
364
365
|
- spec/lib/fudge/tasks/cane_spec.rb
|
|
366
|
+
- spec/lib/fudge/tasks/brakeman_spec.rb
|
|
365
367
|
- spec/lib/fudge/tasks/bundler_spec.rb
|
|
366
368
|
- spec/lib/fudge/tasks/rspec_spec.rb
|
|
367
369
|
- spec/lib/fudge/tasks/flog_spec.rb
|
|
@@ -391,7 +393,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
391
393
|
version: '0'
|
|
392
394
|
segments:
|
|
393
395
|
- 0
|
|
394
|
-
hash:
|
|
396
|
+
hash: 2966992207496478267
|
|
395
397
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
396
398
|
none: false
|
|
397
399
|
requirements:
|
|
@@ -400,7 +402,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
400
402
|
version: '0'
|
|
401
403
|
segments:
|
|
402
404
|
- 0
|
|
403
|
-
hash:
|
|
405
|
+
hash: 2966992207496478267
|
|
404
406
|
requirements: []
|
|
405
407
|
rubyforge_project: fudge
|
|
406
408
|
rubygems_version: 1.8.23
|
|
@@ -419,6 +421,7 @@ test_files:
|
|
|
419
421
|
- spec/lib/fudge/with_directory_spec.rb
|
|
420
422
|
- spec/lib/fudge/tasks/in_directory_spec.rb
|
|
421
423
|
- spec/lib/fudge/tasks/cane_spec.rb
|
|
424
|
+
- spec/lib/fudge/tasks/brakeman_spec.rb
|
|
422
425
|
- spec/lib/fudge/tasks/bundler_spec.rb
|
|
423
426
|
- spec/lib/fudge/tasks/rspec_spec.rb
|
|
424
427
|
- spec/lib/fudge/tasks/flog_spec.rb
|