paraxial 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/paraxial/cli.rb +10 -2
- data/lib/paraxial/initializers/startup.rb +1 -1
- data/lib/paraxial/version.rb +1 -1
- data/lib/rubocop/cop/paraxial/sql.rb +6 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3849213ba15a24d63699e026fbf59c0c3633d66c2f9c3a20a787ecbb43d6a727
|
|
4
|
+
data.tar.gz: ea7d9cf3fcd4909b51c98c0922b83e834c7d04a5df204cfc64e44b2701e0eb09
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 860660578753aa78749fbadedcf1fc5789bc41ad1d89d1afbf17b60c10dfc6ddc8f6900a082d99b4e915db65e3e99c9c36ee490c05e49853dd681071865546a7
|
|
7
|
+
data.tar.gz: fb5bfb5f315482914d0fad182489180558be34975f8e1224ce07f906b29ca59c7642d153505b0ec6cb5903e8c7b24e492ca301e91a2015c64b0379ae93d01e8d
|
data/lib/paraxial/cli.rb
CHANGED
|
@@ -16,9 +16,10 @@ module Paraxial
|
|
|
16
16
|
option :repo_name, type: :string, desc: 'Repository name'
|
|
17
17
|
option :pr_number, type: :numeric, desc: 'Pull request number'
|
|
18
18
|
option :exit_code, type: :boolean, default: false, desc: 'Non-zero exit code if findings > 0'
|
|
19
|
+
option :debug_rubocop, type: :boolean, default: false, desc: "Run rubocop in debug mode"
|
|
19
20
|
|
|
20
21
|
def scan
|
|
21
|
-
puts
|
|
22
|
+
puts "[Paraxial] v#{Paraxial::VERSION} Scan starting..."
|
|
22
23
|
if check_rubocop_configuration
|
|
23
24
|
puts '[Paraxial] .rubocop.yml is valid.'
|
|
24
25
|
else
|
|
@@ -39,7 +40,14 @@ module Paraxial
|
|
|
39
40
|
exit_code = options[:exit_code]
|
|
40
41
|
|
|
41
42
|
cops = 'Paraxial,Security/Eval,Security/IoMethods,Security/JSONLoad,Security/MarshalLoad,Security/Open,Security/YAMLLoad'
|
|
42
|
-
|
|
43
|
+
if options[:debug_rubocop]
|
|
44
|
+
puts '[Paraxial] rubocop debug enabled'
|
|
45
|
+
rubocop = `rubocop --require paraxial --only #{cops} --disable-pending-cops --format json 2>/dev/null`
|
|
46
|
+
debug_rubocop = `rubocop -d --require paraxial --only #{cops} --disable-pending-cops 2>&1`
|
|
47
|
+
puts debug_rubocop
|
|
48
|
+
else
|
|
49
|
+
rubocop = `rubocop --require paraxial --only #{cops} --disable-pending-cops --format json`
|
|
50
|
+
end
|
|
43
51
|
lockfile = File.read('./Gemfile.lock')
|
|
44
52
|
api_key = ENV['PARAXIAL_API_KEY']
|
|
45
53
|
uri = URI.parse(Paraxial::Helpers.get_paraxial_url + '/api/ruby_scan')
|
|
@@ -9,7 +9,7 @@ Bundler.setup
|
|
|
9
9
|
|
|
10
10
|
unless Rails.env.test? || File.basename($0) == 'rake' || defined?(Rails::Generators)
|
|
11
11
|
Rails.application.config.to_prepare do
|
|
12
|
-
puts
|
|
12
|
+
puts "[Paraxial] v#{Paraxial::VERSION} Agent starting..."
|
|
13
13
|
api_key = Paraxial::Helpers.get_api_key
|
|
14
14
|
|
|
15
15
|
if api_key.nil?
|
data/lib/paraxial/version.rb
CHANGED
|
@@ -86,6 +86,10 @@ module RuboCop
|
|
|
86
86
|
where
|
|
87
87
|
].freeze
|
|
88
88
|
|
|
89
|
+
def_node_matcher :object_manipulation?, <<~'PATTERN'
|
|
90
|
+
(send _ _ (send ...)) # Matches object methods (send node within a send)
|
|
91
|
+
PATTERN
|
|
92
|
+
|
|
89
93
|
def_node_matcher :non_literal_condition?, <<~'PATTERN'
|
|
90
94
|
(
|
|
91
95
|
send _ _ # Match `where` and `Model.find_by`
|
|
@@ -100,6 +104,8 @@ module RuboCop
|
|
|
100
104
|
end
|
|
101
105
|
|
|
102
106
|
def on_send(node)
|
|
107
|
+
return if object_manipulation?(node)
|
|
108
|
+
|
|
103
109
|
return unless non_literal_condition?(node)
|
|
104
110
|
|
|
105
111
|
add_offense(node)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: paraxial
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Michael Lubas
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-10-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|