guard-brakeman 0.8.3 → 0.8.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +1 -1
- data/lib/guard/brakeman.rb +29 -15
- data/lib/guard/brakeman/templates/Guardfile +1 -1
- metadata +28 -15
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 2541290e9789eeffbcb3b044a6e00357a77bdfdd769a4e1535fe468d7e9d27a1
|
|
4
|
+
data.tar.gz: 8ec143521f641ea82fbee2f7b9d37e57225d2f44abbbd2d17f211ff7baa2ca0b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 14fc831923193ff101f155b992565e3385675d450d151b4e65b5724c21d3bfa94703131828c0e1674530728dc6473fd85a3f2e894e389f7102e6f4bb03f8379b
|
|
7
|
+
data.tar.gz: 4fd83223a0e8e62003573010e1be2daf405cb62c130813afbc95e1e34ad4d783bdc863f03cb7e2d1526b4550929b73aa749bfe40cc658b030b03a32ee99ed6a0
|
data/README.md
CHANGED
|
@@ -34,7 +34,7 @@ Please read the [Guard usage documentation](https://github.com/guard/guard#readm
|
|
|
34
34
|
Guard::Brakeman can be adapted to all kind of projects and comes with a default template that looks like this:
|
|
35
35
|
|
|
36
36
|
```ruby
|
|
37
|
-
guard
|
|
37
|
+
guard :brakeman, run_on_start: true do
|
|
38
38
|
watch(%r{^app/.+\.(erb|haml|rhtml|rb)$})
|
|
39
39
|
watch(%r{^config/.+\.rb$})
|
|
40
40
|
watch(%r{^lib/.+\.rb$})
|
data/lib/guard/brakeman.rb
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
require
|
|
2
|
-
require 'guard/plugin'
|
|
1
|
+
# Don't require "guard/plugin" here or in any other plugin's files
|
|
2
|
+
require 'guard/compat/plugin'
|
|
3
3
|
|
|
4
4
|
require 'brakeman'
|
|
5
5
|
require 'brakeman/scanner'
|
|
@@ -37,9 +37,10 @@ module Guard
|
|
|
37
37
|
:notifications => true,
|
|
38
38
|
:run_on_start => false,
|
|
39
39
|
:chatty => false,
|
|
40
|
-
:min_confidence =>
|
|
40
|
+
:min_confidence => 2,
|
|
41
41
|
:quiet => false
|
|
42
42
|
}.merge!(options)
|
|
43
|
+
@scanner_opts = ::Brakeman::set_options({:app_path => '.'}.merge(@options))
|
|
43
44
|
end
|
|
44
45
|
|
|
45
46
|
# Gets called once when Guard starts.
|
|
@@ -54,7 +55,7 @@ module Guard
|
|
|
54
55
|
if @options[:run_on_start]
|
|
55
56
|
run_all
|
|
56
57
|
elsif @options[:chatty]
|
|
57
|
-
|
|
58
|
+
Guard::Compat::Notifier.notify("Brakeman is ready to work!", :title => "Brakeman started", :image => :pending)
|
|
58
59
|
end
|
|
59
60
|
end
|
|
60
61
|
|
|
@@ -63,6 +64,7 @@ module Guard
|
|
|
63
64
|
# @raise [:task_has_failed] when stop has failed
|
|
64
65
|
#
|
|
65
66
|
def run_all
|
|
67
|
+
fail "no scanner opts (start not called?)!" if @scanner_opts.nil?
|
|
66
68
|
@tracker.run_checks
|
|
67
69
|
::Brakeman.filter_warnings @tracker, @scanner_opts
|
|
68
70
|
print_failed(@tracker)
|
|
@@ -76,7 +78,7 @@ module Guard
|
|
|
76
78
|
#
|
|
77
79
|
def run_on_changes paths
|
|
78
80
|
return run_all unless @tracker.checks
|
|
79
|
-
info "\n\nrescanning #{paths}, running all checks"
|
|
81
|
+
info "\n\nrescanning #{paths}, running all checks" unless options[:quiet]
|
|
80
82
|
report = ::Brakeman::rescan(@tracker, paths)
|
|
81
83
|
print_changed(report)
|
|
82
84
|
throw :task_has_failed if report.any_warnings?
|
|
@@ -85,7 +87,7 @@ module Guard
|
|
|
85
87
|
private
|
|
86
88
|
|
|
87
89
|
def print_failed tracker
|
|
88
|
-
info "\n------ brakeman warnings --------\n"
|
|
90
|
+
info "\n------ brakeman warnings --------\n" unless options[:quiet]
|
|
89
91
|
all_warnings = tracker.filtered_warnings
|
|
90
92
|
icon = all_warnings.count > 0 ? :failed : :success
|
|
91
93
|
message = "#{all_warnings.count} brakeman findings"
|
|
@@ -96,7 +98,7 @@ module Guard
|
|
|
96
98
|
end
|
|
97
99
|
|
|
98
100
|
if @options[:chatty] && all_warnings.any?
|
|
99
|
-
|
|
101
|
+
Guard::Compat::UI.notify(message, :title => "Full Brakeman results", :image => icon)
|
|
100
102
|
end
|
|
101
103
|
|
|
102
104
|
info(message, 'yellow')
|
|
@@ -104,7 +106,7 @@ module Guard
|
|
|
104
106
|
end
|
|
105
107
|
|
|
106
108
|
def print_changed report
|
|
107
|
-
info "\n------ brakeman warnings --------\n"
|
|
109
|
+
info "\n------ brakeman warnings --------\n" unless options[:quiet]
|
|
108
110
|
|
|
109
111
|
message = []
|
|
110
112
|
should_alert = false
|
|
@@ -157,7 +159,7 @@ module Guard
|
|
|
157
159
|
end
|
|
158
160
|
|
|
159
161
|
if @options[:notifications] && should_alert
|
|
160
|
-
|
|
162
|
+
Guard::Compat::UI.notify(message.join(", ").chomp, :title => title, :image => icon)
|
|
161
163
|
end
|
|
162
164
|
end
|
|
163
165
|
|
|
@@ -179,7 +181,7 @@ module Guard
|
|
|
179
181
|
end
|
|
180
182
|
|
|
181
183
|
def info(message, color = :white)
|
|
182
|
-
UI.info(UI.
|
|
184
|
+
Guard::Compat::UI.info(Guard::Compat::UI.color(message, color))
|
|
183
185
|
end
|
|
184
186
|
|
|
185
187
|
def warning_info(warnings, color = :white)
|
|
@@ -198,16 +200,28 @@ module Guard
|
|
|
198
200
|
:white
|
|
199
201
|
end
|
|
200
202
|
|
|
201
|
-
|
|
203
|
+
msg = ::Brakeman::Warning::TEXT_CONFIDENCE[warning.confidence], color
|
|
204
|
+
output = Guard::Compat::UI.color(msg)
|
|
202
205
|
output << " - #{warning.warning_type} - #{warning.message}"
|
|
203
206
|
output << " near line #{warning.line}" if warning.line
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
output << " in #{filename}"
|
|
207
|
+
|
|
208
|
+
if path = relative_warning_path(warning)
|
|
209
|
+
output << " in #{path}"
|
|
208
210
|
end
|
|
211
|
+
|
|
209
212
|
output << ": #{warning.format_code}" if warning.code
|
|
210
213
|
output
|
|
211
214
|
end
|
|
215
|
+
|
|
216
|
+
def relative_warning_path warning
|
|
217
|
+
case
|
|
218
|
+
when warning.file.nil? # This should never really happen
|
|
219
|
+
nil
|
|
220
|
+
when warning.respond_to?(:relative_path) # For Brakeman < 4.5.1
|
|
221
|
+
warning.relative_path
|
|
222
|
+
else # Must be new Brakeman::FilePath, Brakeman >= 4.5.1
|
|
223
|
+
warning.file.relative
|
|
224
|
+
end
|
|
225
|
+
end
|
|
212
226
|
end
|
|
213
227
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: guard-brakeman
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neil Matatall
|
|
@@ -9,34 +9,48 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2019-08-12 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: guard
|
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
|
-
- -
|
|
18
|
+
- - ">="
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
20
|
version: 2.0.0
|
|
21
21
|
type: :runtime
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
|
-
- -
|
|
25
|
+
- - ">="
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
27
|
version: 2.0.0
|
|
28
|
+
- !ruby/object:Gem::Dependency
|
|
29
|
+
name: guard-compat
|
|
30
|
+
requirement: !ruby/object:Gem::Requirement
|
|
31
|
+
requirements:
|
|
32
|
+
- - "~>"
|
|
33
|
+
- !ruby/object:Gem::Version
|
|
34
|
+
version: '1.0'
|
|
35
|
+
type: :runtime
|
|
36
|
+
prerelease: false
|
|
37
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
38
|
+
requirements:
|
|
39
|
+
- - "~>"
|
|
40
|
+
- !ruby/object:Gem::Version
|
|
41
|
+
version: '1.0'
|
|
28
42
|
- !ruby/object:Gem::Dependency
|
|
29
43
|
name: brakeman
|
|
30
44
|
requirement: !ruby/object:Gem::Requirement
|
|
31
45
|
requirements:
|
|
32
|
-
- -
|
|
46
|
+
- - ">="
|
|
33
47
|
- !ruby/object:Gem::Version
|
|
34
48
|
version: 2.1.1
|
|
35
49
|
type: :runtime
|
|
36
50
|
prerelease: false
|
|
37
51
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
52
|
requirements:
|
|
39
|
-
- -
|
|
53
|
+
- - ">="
|
|
40
54
|
- !ruby/object:Gem::Version
|
|
41
55
|
version: 2.1.1
|
|
42
56
|
description: Guard::Brakeman automatically scans your Rails app for vulnerabilities
|
|
@@ -46,34 +60,33 @@ executables: []
|
|
|
46
60
|
extensions: []
|
|
47
61
|
extra_rdoc_files: []
|
|
48
62
|
files:
|
|
49
|
-
- lib/guard/brakeman/templates/Guardfile
|
|
50
|
-
- lib/guard/brakeman.rb
|
|
51
63
|
- LICENSE
|
|
52
64
|
- README.md
|
|
65
|
+
- lib/guard/brakeman.rb
|
|
66
|
+
- lib/guard/brakeman/templates/Guardfile
|
|
53
67
|
homepage: https://github.com/guard/guard-brakeman
|
|
54
68
|
licenses:
|
|
55
69
|
- MIT
|
|
56
70
|
metadata: {}
|
|
57
71
|
post_install_message:
|
|
58
72
|
rdoc_options:
|
|
59
|
-
- --charset=UTF-8
|
|
60
|
-
- --main=README.md
|
|
61
|
-
- --exclude='(test|spec)|(Gem|Guard|Rake)file'
|
|
73
|
+
- "--charset=UTF-8"
|
|
74
|
+
- "--main=README.md"
|
|
75
|
+
- "--exclude='(test|spec)|(Gem|Guard|Rake)file'"
|
|
62
76
|
require_paths:
|
|
63
77
|
- lib
|
|
64
78
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
65
79
|
requirements:
|
|
66
|
-
- -
|
|
80
|
+
- - ">="
|
|
67
81
|
- !ruby/object:Gem::Version
|
|
68
82
|
version: '0'
|
|
69
83
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
70
84
|
requirements:
|
|
71
|
-
- -
|
|
85
|
+
- - ">="
|
|
72
86
|
- !ruby/object:Gem::Version
|
|
73
87
|
version: '0'
|
|
74
88
|
requirements: []
|
|
75
|
-
|
|
76
|
-
rubygems_version: 2.0.14
|
|
89
|
+
rubygems_version: 3.0.3
|
|
77
90
|
signing_key:
|
|
78
91
|
specification_version: 4
|
|
79
92
|
summary: Guard gem for Brakeman
|