guard-brakeman 0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +20 -0
- data/README.md +144 -0
- data/lib/guard/brakeman.rb +107 -0
- data/lib/guard/brakeman/inspector.rb +15 -0
- data/lib/guard/brakeman/runner.rb +31 -0
- data/lib/guard/brakeman/templates/Guardfile +6 -0
- data/lib/guard/brakeman/version.rb +5 -0
- metadata +110 -0
data/LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2012 Neil Matatall
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,144 @@
|
|
1
|
+
# Guard::Brakeman [![Build Status](https://secure.travis-ci.org/oreoshake/guard-brakeman.png)](http://travis-ci.org/oreoshake/guard-brakeman)
|
2
|
+
|
3
|
+
Guard::Brakeman allows you to automatically run Brakeman tests when files are modified.
|
4
|
+
|
5
|
+
|
6
|
+
## Install
|
7
|
+
|
8
|
+
The simplest way to install Guard is to use [Bundler](http://gembundler.com/).
|
9
|
+
Please make sure to have [Guard](https://github.com/guard/guard) installed before continue.
|
10
|
+
|
11
|
+
Add Guard::Brakeman to your `Gemfile`:
|
12
|
+
|
13
|
+
```bash
|
14
|
+
group :development do
|
15
|
+
gem 'guard-brakeman'
|
16
|
+
end
|
17
|
+
```
|
18
|
+
|
19
|
+
Add the default Guard::Brakeman template to your `Guardfile` by running:
|
20
|
+
|
21
|
+
```bash
|
22
|
+
$ guard init brakeman
|
23
|
+
```
|
24
|
+
|
25
|
+
## Usage
|
26
|
+
|
27
|
+
Please read the [Guard usage documentation](https://github.com/guard/guard#readme).
|
28
|
+
|
29
|
+
## Guardfile
|
30
|
+
|
31
|
+
Guard::Brakeman can be adapted to all kind of projects and comes with a default template that looks like this:
|
32
|
+
|
33
|
+
```ruby
|
34
|
+
guard 'brakeman' do
|
35
|
+
TODO
|
36
|
+
end
|
37
|
+
```
|
38
|
+
|
39
|
+
Please read the [Guard documentation](http://github.com/guard/guard#readme) for more information about the Guardfile DSL.
|
40
|
+
|
41
|
+
## Options
|
42
|
+
|
43
|
+
You can pass any of the standard Brakeman CLI options using the :cli option:
|
44
|
+
|
45
|
+
```ruby
|
46
|
+
guard 'brakeman', :cli => '-o output.tabs --message-limit -1 -q -x DefaultRoutes,Redirect'
|
47
|
+
```
|
48
|
+
|
49
|
+
Former `:color`, `:drb`, `:port` and `:profile` options are thus deprecated and have no effect anymore.
|
50
|
+
|
51
|
+
### List of available options
|
52
|
+
|
53
|
+
```ruby
|
54
|
+
:cli => '-o output.tabs -q' # Pass arbitrary Brakeman CLI arguments,
|
55
|
+
# default: nil (print everything to the screen)
|
56
|
+
|
57
|
+
:output => 'output.tabs' # Specify the output file (.tabs, .csv specify the format)
|
58
|
+
# default: nil
|
59
|
+
|
60
|
+
:format => 'csv' # Specify the report format
|
61
|
+
# default: nil
|
62
|
+
|
63
|
+
:disabled => ['DefaultRoutes','Redirect'] # Disable certain tests
|
64
|
+
# default: nil
|
65
|
+
|
66
|
+
:config => 'config/brakeman' # Use the specified brakeman configuraiton file
|
67
|
+
# default: '.brakeman'
|
68
|
+
|
69
|
+
|
70
|
+
:rvm => ['1.8.7', '1.9.2'] # Directly run your features on multiple ruby versions
|
71
|
+
# default: nil
|
72
|
+
|
73
|
+
```
|
74
|
+
|
75
|
+
## Brakeman configuration
|
76
|
+
|
77
|
+
Issues
|
78
|
+
------
|
79
|
+
|
80
|
+
You can report issues and feature requests to [GitHub Issues](https://github.com/netzpirat/guard-brakeman/issues). Try to figure out
|
81
|
+
where the issue belongs to: Is it an issue with Guard itself or with Guard::Brakeman? Please don't
|
82
|
+
ask the question in the issue tracker, instead join us in our [Google group](http://groups.google.com/group/guard-dev) or on
|
83
|
+
`#guard` (irc.freenode.net).
|
84
|
+
|
85
|
+
When you file an issue, please try to follow to these simple rules if applicable:
|
86
|
+
|
87
|
+
* Make sure you run Guard with `bundle exec` first.
|
88
|
+
* Add debug information to the issue by running Guard with the `--debug` option.
|
89
|
+
* Add your `Guardfile` and `Gemfile` to the issue.
|
90
|
+
* Make sure that the issue is reproducible with your description.
|
91
|
+
|
92
|
+
## Development
|
93
|
+
|
94
|
+
- Source hosted at [GitHub](https://github.com/netzpirat/guard-brakeman).
|
95
|
+
|
96
|
+
Pull requests are very welcome! Please try to follow these simple rules if applicable:
|
97
|
+
|
98
|
+
* Please create a topic branch for every separate change you make.
|
99
|
+
* Make sure your patches are well tested.
|
100
|
+
* Update the [Yard](http://yardoc.org/) documentation.
|
101
|
+
* Update the README.
|
102
|
+
* Update the CHANGELOG for noteworthy changes.
|
103
|
+
* Please **do not change** the version number.
|
104
|
+
|
105
|
+
For questions please join us in our [Google group](http://groups.google.com/group/guard-dev) or on
|
106
|
+
`#guard` (irc.freenode.net).
|
107
|
+
|
108
|
+
## Contributors
|
109
|
+
|
110
|
+
* [Neil Matatall](https://github.com/oreoshake)
|
111
|
+
* [Justin Collins](https://github.com/presidentbeef)
|
112
|
+
|
113
|
+
## Acknowledgment
|
114
|
+
|
115
|
+
The [Guard Team](https://github.com/guard/guard/contributors) for giving us such a nice pice of software
|
116
|
+
that is so easy to extend, one *has* to make a plugin for it!
|
117
|
+
|
118
|
+
All the authors of the numerous [Guards](http://github.com/guard) available for making the Guard ecosystem
|
119
|
+
so much growing and comprehensive.
|
120
|
+
|
121
|
+
## License
|
122
|
+
|
123
|
+
(The MIT License)
|
124
|
+
|
125
|
+
Copyright (c) 2010 - 2011 Neil Matatall
|
126
|
+
|
127
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
128
|
+
a copy of this software and associated documentation files (the
|
129
|
+
'Software'), to deal in the Software without restriction, including
|
130
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
131
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
132
|
+
permit persons to whom the Software is furnished to do so, subject to
|
133
|
+
the following conditions:
|
134
|
+
|
135
|
+
The above copyright notice and this permission notice shall be
|
136
|
+
included in all copies or substantial portions of the Software.
|
137
|
+
|
138
|
+
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
139
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
140
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
141
|
+
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
142
|
+
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
143
|
+
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
144
|
+
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
@@ -0,0 +1,107 @@
|
|
1
|
+
require 'guard'
|
2
|
+
require 'guard/guard'
|
3
|
+
require 'brakeman'
|
4
|
+
|
5
|
+
module Guard
|
6
|
+
|
7
|
+
# The Brakeman guard that gets notifications about the following
|
8
|
+
# Guard events: `start`, `stop`, `reload`, `run_all` and `run_on_change`.
|
9
|
+
#
|
10
|
+
class Brakeman < Guard
|
11
|
+
|
12
|
+
autoload :Runner, 'guard/brakeman/runner'
|
13
|
+
autoload :Inspector, 'guard/brakeman/inspector'
|
14
|
+
|
15
|
+
# Initialize Guard::Brakeman.
|
16
|
+
#
|
17
|
+
# @param [Array<Guard::Watcher>] watchers the watchers in the Guard block
|
18
|
+
# @param [Hash] options the options for the Guard
|
19
|
+
# @option options [Boolean] :notification show notifications
|
20
|
+
# @option options [Boolean] :format use a different brakeman format when running individual features - not implemented
|
21
|
+
# @option options [Boolean] :output specify the output file - not implemented
|
22
|
+
# @option options [Array<String>] :disabled specify tests to skip (comma separated) - not implemented"
|
23
|
+
#
|
24
|
+
def initialize(watchers = [], options = { })
|
25
|
+
super
|
26
|
+
@last_failed = false
|
27
|
+
@failed_paths = []
|
28
|
+
end
|
29
|
+
|
30
|
+
# Gets called once when Guard starts.
|
31
|
+
#
|
32
|
+
# @raise [:task_has_failed] when stop has failed
|
33
|
+
#
|
34
|
+
def start
|
35
|
+
@tracker = ::Brakeman.run :app_path => '.'
|
36
|
+
print_failed @tracker
|
37
|
+
end
|
38
|
+
|
39
|
+
def tracker=tracker
|
40
|
+
@tracker = tracker
|
41
|
+
end
|
42
|
+
|
43
|
+
# Gets called when all specs should be run.
|
44
|
+
#
|
45
|
+
# @raise [:task_has_failed] when stop has failed
|
46
|
+
#
|
47
|
+
def run_all
|
48
|
+
puts 'running all'
|
49
|
+
@tracker = ::Brakeman.run :app_path => '.'
|
50
|
+
|
51
|
+
passed = @tracker.checks.all_warnings.empty? && @tracker.errors.empty?
|
52
|
+
|
53
|
+
print_failed @tracker
|
54
|
+
|
55
|
+
if passed
|
56
|
+
@failed_paths = []
|
57
|
+
else
|
58
|
+
@failed_paths = get_failed_paths(@tracker)
|
59
|
+
end
|
60
|
+
|
61
|
+
@last_failed = !passed
|
62
|
+
|
63
|
+
throw :task_has_failed unless passed
|
64
|
+
end
|
65
|
+
|
66
|
+
# Gets called when the Guard should reload itself.
|
67
|
+
#
|
68
|
+
# @raise [:task_has_failed] when stop has failed
|
69
|
+
#
|
70
|
+
def reload
|
71
|
+
@failed_paths = []
|
72
|
+
end
|
73
|
+
|
74
|
+
# Gets called when watched paths and files have changes.
|
75
|
+
#
|
76
|
+
# @param [Array<String>] paths the changed paths and files
|
77
|
+
# @raise [:task_has_failed] when stop has failed
|
78
|
+
#
|
79
|
+
def run_on_change(paths)
|
80
|
+
report = Runner.run(paths, @tracker, options)
|
81
|
+
passed = !report.all_warnings.any?
|
82
|
+
|
83
|
+
print_failed report
|
84
|
+
|
85
|
+
if passed
|
86
|
+
@failed_paths -= paths if @options[:keep_failed]
|
87
|
+
else
|
88
|
+
@failed_paths += get_failed_paths if @options[:keep_failed]
|
89
|
+
@last_failed = true
|
90
|
+
end
|
91
|
+
|
92
|
+
throw :task_has_failed unless passed
|
93
|
+
end
|
94
|
+
|
95
|
+
private
|
96
|
+
|
97
|
+
def get_failed_paths tracker
|
98
|
+
end
|
99
|
+
|
100
|
+
def print_failed tracker
|
101
|
+
checks = tracker.is_a?(::Brakeman::Tracker) ? tracker.checks.all_warnings : tracker.all_warnings
|
102
|
+
checks.each do |w|
|
103
|
+
puts w.to_row
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'brakeman'
|
2
|
+
|
3
|
+
module Guard
|
4
|
+
class Brakeman
|
5
|
+
|
6
|
+
# The Cucumber runner handles the execution of the cucumber binary.
|
7
|
+
#
|
8
|
+
module Runner
|
9
|
+
class << self
|
10
|
+
|
11
|
+
# Run the supplied features.
|
12
|
+
#
|
13
|
+
# @param [Array<String>] paths the feature files or directories
|
14
|
+
# @param [Hash] options the options for the execution
|
15
|
+
# @option options [Boolean] :bundler use bundler or not
|
16
|
+
# @option options [Array<String>] :rvm a list of rvm version to use for the test
|
17
|
+
# @option options [Boolean] :notification show notifications
|
18
|
+
# @return [Boolean] the status of the execution
|
19
|
+
#
|
20
|
+
def run(paths, tracker, options = { })
|
21
|
+
return false if paths.empty?
|
22
|
+
|
23
|
+
message = options[:message] || (paths == ['.'] ? 'Run brakeman on the whole project' : "Run brakeman checks #{ paths.join(' ') }")
|
24
|
+
UI.info message, :reset => true
|
25
|
+
|
26
|
+
::Brakeman.rescan(tracker, paths)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
metadata
ADDED
@@ -0,0 +1,110 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: guard-brakeman
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: '0.1'
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Neil Matatall
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-01-17 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: guard
|
16
|
+
requirement: &70104236797260 !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ! '>='
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: 0.2.2
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: *70104236797260
|
25
|
+
- !ruby/object:Gem::Dependency
|
26
|
+
name: bundler
|
27
|
+
requirement: &70104236796560 !ruby/object:Gem::Requirement
|
28
|
+
none: false
|
29
|
+
requirements:
|
30
|
+
- - ! '>='
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 1.0.0
|
33
|
+
type: :runtime
|
34
|
+
prerelease: false
|
35
|
+
version_requirements: *70104236796560
|
36
|
+
- !ruby/object:Gem::Dependency
|
37
|
+
name: brakeman
|
38
|
+
requirement: &70104236795520 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ! '>='
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: '1.2'
|
44
|
+
type: :runtime
|
45
|
+
prerelease: false
|
46
|
+
version_requirements: *70104236795520
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: rspec
|
49
|
+
requirement: &70104236794920 !ruby/object:Gem::Requirement
|
50
|
+
none: false
|
51
|
+
requirements:
|
52
|
+
- - ~>
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: 2.6.0
|
55
|
+
type: :development
|
56
|
+
prerelease: false
|
57
|
+
version_requirements: *70104236794920
|
58
|
+
- !ruby/object:Gem::Dependency
|
59
|
+
name: guard-rspec
|
60
|
+
requirement: &70104236794340 !ruby/object:Gem::Requirement
|
61
|
+
none: false
|
62
|
+
requirements:
|
63
|
+
- - ~>
|
64
|
+
- !ruby/object:Gem::Version
|
65
|
+
version: 0.3.1
|
66
|
+
type: :development
|
67
|
+
prerelease: false
|
68
|
+
version_requirements: *70104236794340
|
69
|
+
description: Guard::Brakeman automatically scans your Rails app for vulnerabilities
|
70
|
+
email:
|
71
|
+
- neil@matatall.com
|
72
|
+
executables: []
|
73
|
+
extensions: []
|
74
|
+
extra_rdoc_files: []
|
75
|
+
files:
|
76
|
+
- lib/guard/brakeman/inspector.rb
|
77
|
+
- lib/guard/brakeman/runner.rb
|
78
|
+
- lib/guard/brakeman/templates/Guardfile
|
79
|
+
- lib/guard/brakeman/version.rb
|
80
|
+
- lib/guard/brakeman.rb
|
81
|
+
- LICENSE
|
82
|
+
- README.md
|
83
|
+
homepage: http://rubygems.org/gems/guard-brakeman
|
84
|
+
licenses: []
|
85
|
+
post_install_message:
|
86
|
+
rdoc_options:
|
87
|
+
- --charset=UTF-8
|
88
|
+
- --main=README.md
|
89
|
+
- --exclude='(lib|test|spec)|(Gem|Guard|Rake)file'
|
90
|
+
require_paths:
|
91
|
+
- lib
|
92
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
93
|
+
none: false
|
94
|
+
requirements:
|
95
|
+
- - ! '>='
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '0'
|
98
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
99
|
+
none: false
|
100
|
+
requirements:
|
101
|
+
- - ! '>='
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
requirements: []
|
105
|
+
rubyforge_project: guard-brakeman
|
106
|
+
rubygems_version: 1.8.10
|
107
|
+
signing_key:
|
108
|
+
specification_version: 3
|
109
|
+
summary: Guard gem for Brakeman
|
110
|
+
test_files: []
|