guard-brakeman 0.1

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2012 Neil Matatall
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,144 @@
+# Guard::Brakeman [![Build Status](https://secure.travis-ci.org/oreoshake/guard-brakeman.png)](http://travis-ci.org/oreoshake/guard-brakeman)
+
+Guard::Brakeman allows you to automatically run Brakeman tests when files are modified.
+
+
+## Install
+
+The simplest way to install Guard is to use [Bundler](http://gembundler.com/).
+Please make sure to have [Guard](https://github.com/guard/guard) installed before continue.
+
+Add Guard::Brakeman to your `Gemfile`:
+
+```bash
+group :development do
+  gem 'guard-brakeman'
+end
+```
+
+Add the default Guard::Brakeman template to your `Guardfile` by running:
+
+```bash
+$ guard init brakeman
+```
+
+## Usage
+
+Please read the [Guard usage documentation](https://github.com/guard/guard#readme).
+
+## Guardfile
+
+Guard::Brakeman can be adapted to all kind of projects and comes with a default template that looks like this:
+
+```ruby
+guard 'brakeman' do
+  TODO
+end
+```
+
+Please read the [Guard documentation](http://github.com/guard/guard#readme) for more information about the Guardfile DSL.
+
+## Options
+
+You can pass any of the standard Brakeman CLI options using the :cli option:
+
+```ruby
+guard 'brakeman', :cli => '-o output.tabs --message-limit -1 -q -x DefaultRoutes,Redirect'
+```
+
+Former `:color`, `:drb`, `:port` and `:profile` options are thus deprecated and have no effect anymore.
+
+### List of available options
+
+```ruby
+:cli => '-o output.tabs -q'                # Pass arbitrary Brakeman CLI arguments,
+                                           # default: nil (print everything to the screen)
+
+:output => 'output.tabs'                   # Specify the output file (.tabs, .csv specify the format)
+                                           # default: nil
+
+:format => 'csv'                           # Specify the report format
+                                           # default: nil
+
+:disabled => ['DefaultRoutes','Redirect']  # Disable certain tests
+                                           # default: nil
+
+:config => 'config/brakeman'               # Use the specified brakeman configuraiton file
+                                           # default: '.brakeman'
+
+
+:rvm => ['1.8.7', '1.9.2']                 # Directly run your features on multiple ruby versions
+                                           # default: nil
+
+```
+
+## Brakeman configuration
+
+Issues
+------
+
+You can report issues and feature requests to [GitHub Issues](https://github.com/netzpirat/guard-brakeman/issues). Try to figure out
+where the issue belongs to: Is it an issue with Guard itself or with Guard::Brakeman? Please don't
+ask the question in the issue tracker, instead join us in our [Google group](http://groups.google.com/group/guard-dev) or on
+`#guard` (irc.freenode.net).
+
+When you file an issue, please try to follow to these simple rules if applicable:
+
+* Make sure you run Guard with `bundle exec` first.
+* Add debug information to the issue by running Guard with the `--debug` option.
+* Add your `Guardfile` and `Gemfile` to the issue.
+* Make sure that the issue is reproducible with your description.
+
+## Development
+
+- Source hosted at [GitHub](https://github.com/netzpirat/guard-brakeman).
+
+Pull requests are very welcome! Please try to follow these simple rules if applicable:
+
+* Please create a topic branch for every separate change you make.
+* Make sure your patches are well tested.
+* Update the [Yard](http://yardoc.org/) documentation.
+* Update the README.
+* Update the CHANGELOG for noteworthy changes.
+* Please **do not change** the version number.
+
+For questions please join us in our [Google group](http://groups.google.com/group/guard-dev) or on
+`#guard` (irc.freenode.net).
+
+## Contributors
+
+* [Neil Matatall](https://github.com/oreoshake)
+* [Justin Collins](https://github.com/presidentbeef)
+
+## Acknowledgment
+
+The [Guard Team](https://github.com/guard/guard/contributors) for giving us such a nice pice of software
+that is so easy to extend, one *has* to make a plugin for it!
+
+All the authors of the numerous [Guards](http://github.com/guard) available for making the Guard ecosystem
+so much growing and comprehensive.
+
+## License
+
+(The MIT License)
+
+Copyright (c) 2010 - 2011 Neil Matatall
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/lib/guard/brakeman.rb

@@ -0,0 +1,107 @@
+require 'guard'
+require 'guard/guard'
+require 'brakeman'
+
+module Guard
+
+  # The Brakeman guard that gets notifications about the following
+  # Guard events: `start`, `stop`, `reload`, `run_all` and `run_on_change`.
+  #
+  class Brakeman < Guard
+
+    autoload :Runner, 'guard/brakeman/runner'
+    autoload :Inspector, 'guard/brakeman/inspector'
+
+    # Initialize Guard::Brakeman.
+    #
+    # @param [Array<Guard::Watcher>] watchers the watchers in the Guard block
+    # @param [Hash] options the options for the Guard
+    # @option options [Boolean] :notification show notifications
+    # @option options [Boolean] :format use a different brakeman format when running individual features - not implemented
+    # @option options [Boolean] :output specify the output file - not implemented
+    # @option options [Array<String>] :disabled specify tests to skip (comma separated) - not implemented"
+    #
+    def initialize(watchers = [], options = { })
+      super
+      @last_failed  = false
+      @failed_paths = []
+    end
+
+    # Gets called once when Guard starts.
+    #
+    # @raise [:task_has_failed] when stop has failed
+    #
+    def start
+      @tracker = ::Brakeman.run :app_path => '.'
+      print_failed @tracker
+    end
+
+    def tracker=tracker
+      @tracker = tracker
+    end
+
+    # Gets called when all specs should be run.
+    #
+    # @raise [:task_has_failed] when stop has failed
+    #
+    def run_all
+      puts 'running all'
+      @tracker = ::Brakeman.run :app_path => '.'
+      
+      passed = @tracker.checks.all_warnings.empty? && @tracker.errors.empty?
+
+      print_failed @tracker
+
+      if passed
+        @failed_paths = []
+      else
+        @failed_paths = get_failed_paths(@tracker)
+      end
+
+      @last_failed = !passed
+
+      throw :task_has_failed unless passed
+    end
+
+    # Gets called when the Guard should reload itself.
+    #
+    # @raise [:task_has_failed] when stop has failed
+    #
+    def reload
+      @failed_paths = []
+    end
+
+    # Gets called when watched paths and files have changes.
+    #
+    # @param [Array<String>] paths the changed paths and files
+    # @raise [:task_has_failed] when stop has failed
+    #
+    def run_on_change(paths)
+      report = Runner.run(paths, @tracker, options)
+      passed = !report.all_warnings.any?
+
+      print_failed report
+
+      if passed
+        @failed_paths -= paths if @options[:keep_failed]
+      else
+        @failed_paths += get_failed_paths if @options[:keep_failed]
+        @last_failed = true
+      end
+
+      throw :task_has_failed unless passed
+    end
+
+    private
+
+    def get_failed_paths tracker
+    end
+
+    def print_failed tracker
+      checks = tracker.is_a?(::Brakeman::Tracker) ? tracker.checks.all_warnings : tracker.all_warnings
+      checks.each do |w|
+        puts w.to_row
+      end
+    end
+  end
+end

data/lib/guard/brakeman/inspector.rb

@@ -0,0 +1,15 @@
+module Guard
+  class Brakeman
+
+    # The inspector verifies of the changed paths are valid
+    # for Guard::Cucumber.
+    #
+    module Inspector
+      class << self
+        def clean paths
+          return paths
+        end
+      end
+    end
+  end
+end

data/lib/guard/brakeman/runner.rb

@@ -0,0 +1,31 @@
+require 'brakeman'
+
+module Guard
+  class Brakeman
+
+    # The Cucumber runner handles the execution of the cucumber binary.
+    #
+    module Runner
+      class << self
+
+        # Run the supplied features.
+        #
+        # @param [Array<String>] paths the feature files or directories
+        # @param [Hash] options the options for the execution
+        # @option options [Boolean] :bundler use bundler or not
+        # @option options [Array<String>] :rvm a list of rvm version to use for the test
+        # @option options [Boolean] :notification show notifications
+        # @return [Boolean] the status of the execution
+        #
+        def run(paths, tracker, options = { })
+          return false if paths.empty?
+
+          message = options[:message] || (paths == ['.'] ? 'Run brakeman on the whole project' : "Run brakeman checks #{ paths.join(' ') }")
+          UI.info message, :reset => true
+
+          ::Brakeman.rescan(tracker, paths)
+        end
+      end
+    end
+  end
+end

data/lib/guard/brakeman/templates/Guardfile

@@ -0,0 +1,6 @@
+guard 'brakeman' do
+  watch(%r{^app/.+\.(erb|haml|rhtml|rb)$})
+  watch(%r{^config/.+\.rb$})
+  watch(%r{^lib/.+\.rb$})
+  watch('Gemfile')
+end

data/lib/guard/brakeman/version.rb

@@ -0,0 +1,5 @@
+require 'guard'
+
+module Guard::Brakeman
+  VERSION = "0.1"
+end

metadata

@@ -0,0 +1,110 @@
+--- !ruby/object:Gem::Specification
+name: guard-brakeman
+version: !ruby/object:Gem::Version
+  version: '0.1'
+  prerelease: 
+platform: ruby
+authors:
+- Neil Matatall
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-01-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: guard
+  requirement: &70104236797260 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.2.2
+  type: :runtime
+  prerelease: false
+  version_requirements: *70104236797260
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: &70104236796560 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *70104236796560
+- !ruby/object:Gem::Dependency
+  name: brakeman
+  requirement: &70104236795520 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70104236795520
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70104236794920 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.6.0
+  type: :development
+  prerelease: false
+  version_requirements: *70104236794920
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  requirement: &70104236794340 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.3.1
+  type: :development
+  prerelease: false
+  version_requirements: *70104236794340
+description: Guard::Brakeman automatically scans your Rails app for vulnerabilities
+email:
+- neil@matatall.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/guard/brakeman/inspector.rb
+- lib/guard/brakeman/runner.rb
+- lib/guard/brakeman/templates/Guardfile
+- lib/guard/brakeman/version.rb
+- lib/guard/brakeman.rb
+- LICENSE
+- README.md
+homepage: http://rubygems.org/gems/guard-brakeman
+licenses: []
+post_install_message: 
+rdoc_options:
+- --charset=UTF-8
+- --main=README.md
+- --exclude='(lib|test|spec)|(Gem|Guard|Rake)file'
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: guard-brakeman
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Guard gem for Brakeman
+test_files: []