paraxial 1.4.1 → 1.4.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/paraxial/cli.rb +5 -1
  3. data/lib/paraxial/version.rb +1 -1
  4. data/lib/paraxial.rb +1 -0
  5. data/lib/rubocop/cop/paraxial/csrf.rb +11 -10
  6. data/lib/rubocop/cop/paraxial/csrf_skip.rb +28 -0
  7. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a049e14f86235b3984d52cb9d0401e42ec85deb103ae479df22ee73f52020f76
4
- data.tar.gz: a05102fc73df7dc030be7a009de6a77be503aab05722dc7ff23fc8db10246f05
3
+ metadata.gz: 1ead60a9bfb6d11bc119e5ba5287ce722c2e41b4c61865840bd219a3e4fd4be1
4
+ data.tar.gz: af7a4ec6f5c52fd468a071fbe98edda8db847ca68e7d50a8fdf7343728e67bf5
5
5
  SHA512:
6
- metadata.gz: 2f3af29e03215f6315ada3200487edadbd4c8bce1dba0c2ef1ff7dc73af72a1fb870a6474b40276e8a43e89baf94aedd286118bbc052216605bb39226ba67df8
7
- data.tar.gz: 10ab830e631b9fa6b550b74a9c88ce87ed4917014574ecd8cbd25acee4fc76401bcc73994e83f73c5b0018641e6ab43f40d700737dbcbe58a2833799eaa8edb3
6
+ metadata.gz: 604c966182e021b459e5e0e5ed9604b310acb3f31ea2cba61229a2d82b5f2f98ef80500763cd9c724a13cc7327050cea5a83857b5e0a71f32a079666dbb8fc76
7
+ data.tar.gz: b9c0f345377e3493c2bf699b3f640b9fe3b89db5537dc922489dc5a3e8ce225580c7f582fd3ceca8a8d5e37369b20a1af7c0f45b0e481f9e75f8cac5d849ec44
data/lib/paraxial/cli.rb CHANGED
@@ -88,7 +88,11 @@ module Paraxial
88
88
  m = JSON.parse(response.body)
89
89
 
90
90
  if m['ok'].nil?
91
- puts "[Paraxial] Upload failed, check if PARAXIAL_API_KEY is valid"
91
+ if m['error']&.start_with?("Free tier limited")
92
+ puts "[Paraxial] Upload failed, free tier limit reached"
93
+ else
94
+ puts "[Paraxial] Upload failed, check if PARAXIAL_API_KEY is valid"
95
+ end
92
96
  exit(1)
93
97
  end
94
98
 
data/lib/paraxial/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Paraxial
4
- VERSION = '1.4.1'
4
+ VERSION = '1.4.3'
5
5
  end
data/lib/paraxial.rb CHANGED
@@ -4,6 +4,7 @@ require 'thor'
4
4
  require 'paraxial/engine'
5
5
  require 'rubocop'
6
6
  require_relative 'rubocop/cop/paraxial/csrf'
7
+ require_relative 'rubocop/cop/paraxial/csrf_skip'
7
8
  require_relative 'rubocop/cop/paraxial/system'
8
9
  require_relative 'rubocop/cop/paraxial/send'
9
10
  require_relative 'rubocop/cop/paraxial/constantize'
data/lib/rubocop/cop/paraxial/csrf.rb CHANGED
@@ -2,21 +2,22 @@ module RuboCop
2
2
  module Cop
3
3
  module Paraxial
4
4
  class CSRF < Base
5
- MSG = 'CSRF, no protect_from_forgery in ApplicationController.'
5
+ include RangeHelp
6
6
 
7
- def_node_search :protect_from_forgery_call, <<~PATTERN
8
- (send nil? :protect_from_forgery ...)
9
- PATTERN
7
+ MSG = "CSRF, action_dispatch.cookies_same_site_protection set to `nil` or `:none`."
10
8
 
11
- def on_class(node)
12
- class_name = node.loc.name.source
9
+ def on_send(node)
10
+ return unless node.method_name == :cookies_same_site_protection=
13
11
 
14
- return unless class_name == 'ApplicationController'
12
+ argument = node.arguments.first
15
13
 
16
- protect_from_forgery = protect_from_forgery_call(node).first
17
-
18
- add_offense(node) unless protect_from_forgery
14
+ if !argument.respond_to?(:value)
15
+ add_offense(node)
16
+ elsif argument.value == :none
17
+ add_offense(node)
18
+ end
19
19
  end
20
+
20
21
  end
21
22
  end
22
23
  end
data/lib/rubocop/cop/paraxial/csrf_skip.rb ADDED
@@ -0,0 +1,28 @@
1
+ module RuboCop
2
+ module Cop
3
+ module Paraxial
4
+ class SkipAuthenticityToken < Base
5
+
6
+ MSG = "CSRF, skip_before_action :verify_authenticity_token in controller."
7
+
8
+ def on_send(node)
9
+ # Ensure that the cop only applies to controller files
10
+ return unless in_controller_file?
11
+
12
+ # Check if the node is `skip_before_action :verify_authenticity_token`
13
+ return unless node.method_name == :skip_before_action
14
+ return unless node.arguments.any? { |arg| arg.respond_to?(:value) && arg.value == :verify_authenticity_token }
15
+
16
+ add_offense(node)
17
+ end
18
+
19
+ private
20
+
21
+ def in_controller_file?
22
+ # Check the current file path to ensure it's a controller file
23
+ processed_source.file_path.include?('app/controllers')
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: paraxial
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.1
4
+ version: 1.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael Lubas
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-12-04 00:00:00.000000000 Z
11
+ date: 2025-01-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec
@@ -104,6 +104,7 @@ files:
104
104
  - lib/paraxial/version.rb
105
105
  - lib/rubocop/cop/paraxial/constantize.rb
106
106
  - lib/rubocop/cop/paraxial/csrf.rb
107
+ - lib/rubocop/cop/paraxial/csrf_skip.rb
107
108
  - lib/rubocop/cop/paraxial/html_safe.rb
108
109
  - lib/rubocop/cop/paraxial/raw.rb
109
110
  - lib/rubocop/cop/paraxial/send.rb