pluginscan 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +13 -0
- data/.gitlab-ci.yml +16 -0
- data/.rspec +3 -0
- data/.rubocop.yml +46 -0
- data/.rubocop_todo.yml +36 -0
- data/CHANGELOG.md +89 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +90 -0
- data/README.md +56 -0
- data/Rakefile +2 -0
- data/TODO.md +8 -0
- data/bin/pluginscan +53 -0
- data/lib/file_creator.rb +18 -0
- data/lib/pluginscan.rb +69 -0
- data/lib/pluginscan/error.rb +9 -0
- data/lib/pluginscan/error_printer.rb +17 -0
- data/lib/pluginscan/file_finder.rb +42 -0
- data/lib/pluginscan/printer.rb +14 -0
- data/lib/pluginscan/reports/cloc_report.rb +27 -0
- data/lib/pluginscan/reports/cloc_report/cloc.rb +21 -0
- data/lib/pluginscan/reports/cloc_report/cloc_printer.rb +42 -0
- data/lib/pluginscan/reports/cloc_report/cloc_scanner.rb +41 -0
- data/lib/pluginscan/reports/cloc_report/system_cloc.rb +33 -0
- data/lib/pluginscan/reports/issues_report.rb +24 -0
- data/lib/pluginscan/reports/issues_report/error_list_printer.rb +99 -0
- data/lib/pluginscan/reports/issues_report/issue_checks.rb +382 -0
- data/lib/pluginscan/reports/issues_report/issue_checks/check.rb +55 -0
- data/lib/pluginscan/reports/issues_report/issue_checks/comment_checker.rb +13 -0
- data/lib/pluginscan/reports/issues_report/issue_checks/function_check.rb +32 -0
- data/lib/pluginscan/reports/issues_report/issue_checks/variable_check.rb +14 -0
- data/lib/pluginscan/reports/issues_report/issue_checks/variable_safety_checker.rb +112 -0
- data/lib/pluginscan/reports/issues_report/issues_models/check_findings.rb +29 -0
- data/lib/pluginscan/reports/issues_report/issues_models/issues.rb +31 -0
- data/lib/pluginscan/reports/issues_report/issues_printer.rb +34 -0
- data/lib/pluginscan/reports/issues_report/issues_printer/check_findings_printer.rb +37 -0
- data/lib/pluginscan/reports/issues_report/issues_printer/file_issues_printer.rb +36 -0
- data/lib/pluginscan/reports/issues_report/issues_printer/finding_printer.rb +38 -0
- data/lib/pluginscan/reports/issues_report/issues_printer_factory.rb +19 -0
- data/lib/pluginscan/reports/issues_report/issues_scanner.rb +49 -0
- data/lib/pluginscan/reports/issues_report/issues_scanner/file_issues_scanner.rb +39 -0
- data/lib/pluginscan/reports/issues_report/issues_scanner/line_issues_scanner.rb +15 -0
- data/lib/pluginscan/reports/issues_report/issues_scanner/utf8_checker.rb +14 -0
- data/lib/pluginscan/reports/sloccount_report.rb +26 -0
- data/lib/pluginscan/reports/sloccount_report/sloccount.rb +19 -0
- data/lib/pluginscan/reports/sloccount_report/sloccount_printer.rb +22 -0
- data/lib/pluginscan/reports/sloccount_report/sloccount_scanner.rb +86 -0
- data/lib/pluginscan/reports/vulnerability_report.rb +28 -0
- data/lib/pluginscan/reports/vulnerability_report/advisories_api.rb +23 -0
- data/lib/pluginscan/reports/vulnerability_report/vulnerabilities_printer.rb +55 -0
- data/lib/pluginscan/reports/vulnerability_report/vulnerability_scanner.rb +17 -0
- data/lib/pluginscan/reports/vulnerability_report/wp_vuln_db_api.rb +77 -0
- data/lib/pluginscan/version.rb +3 -0
- data/pluginscan.gemspec +31 -0
- data/spec/acceptance/cloc_spec.rb +54 -0
- data/spec/acceptance/create_error_list_file_spec.rb +29 -0
- data/spec/acceptance/issues_spec.rb +197 -0
- data/spec/acceptance/pluginscan_spec.rb +18 -0
- data/spec/acceptance/sloccount_spec.rb +39 -0
- data/spec/acceptance/vulnerabilities_spec.rb +57 -0
- data/spec/acceptance_spec_helper.rb +10 -0
- data/spec/checks_examples_spec.rb +352 -0
- data/spec/file_creator_spec.rb +51 -0
- data/spec/pluginscan/cloc_scanner/cloc_scanner_spec.rb +64 -0
- data/spec/pluginscan/cloc_scanner/cloc_spec.rb +30 -0
- data/spec/pluginscan/file_finder_spec.rb +91 -0
- data/spec/pluginscan/issues_scanner/check_findings_spec.rb +22 -0
- data/spec/pluginscan/issues_scanner/error_list_printer_ignores_spec.rb +35 -0
- data/spec/pluginscan/issues_scanner/error_list_printer_spec.rb +42 -0
- data/spec/pluginscan/issues_scanner/file_issues_scanner_spec.rb +25 -0
- data/spec/pluginscan/issues_scanner/issues_printer_factory_spec.rb +9 -0
- data/spec/pluginscan/issues_scanner/issues_spec.rb +55 -0
- data/spec/pluginscan/issues_scanner/variable_check_spec.rb +13 -0
- data/spec/pluginscan/issues_scanner/variable_safety_checker_spec.rb +81 -0
- data/spec/pluginscan/issues_scanner_spec.rb +21 -0
- data/spec/pluginscan/sloccount_scanner/sloccount_scanner_spec.rb +95 -0
- data/spec/pluginscan/sloccount_scanner/sloccount_spec.rb +72 -0
- data/spec/pluginscan/vulnerability_scanner_spec.rb +96 -0
- data/spec/process_spec_helper.rb +6 -0
- data/spec/spec_helper.rb +70 -0
- data/spec/support/acceptance_helpers.rb +68 -0
- data/spec/support/file_helpers.rb +35 -0
- data/spec/support/heredoc_helper.rb +7 -0
- data/spec/support/process_helpers.rb +25 -0
- data/spec/support/shared_examples_for_issue_checks.rb +31 -0
- data/spec/support/vcr_helper.rb +6 -0
- data/vcr_cassettes/wpvulndb/relevanssi.yml +78 -0
- metadata +342 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 3fd3f13b583f2ef96ad68acb954c5f5b14573031
|
4
|
+
data.tar.gz: e5cef407d0b0a09949e55fc7aee1376ca4b0c8a0
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 368bf1737a01983e977ee3020e13ab24cc61c38a2a2c68145e35cf35d26a65c2f796769ac8e4b4f23ffa3ce8385ffdc8367ec1fb787ebdbcf7dcac90f9496f68
|
7
|
+
data.tar.gz: e1896d9b70bb9a9425849525f10b8c910a7370e535bc6e836d788836e5a804e2406e434b86f717e8db42aef97cd52de8e12df58b36e83800ff3467ccaaece3e6
|
data/.gitignore
ADDED
data/.gitlab-ci.yml
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
image: ruby:2.3
|
2
|
+
|
3
|
+
before_script:
|
4
|
+
- ruby -v
|
5
|
+
- which ruby
|
6
|
+
- gem install bundler --no-ri --no-rdoc
|
7
|
+
- bundle install --jobs $(nproc) "${FLAGS[@]}"
|
8
|
+
|
9
|
+
rspec:
|
10
|
+
script:
|
11
|
+
- apt-get update -qq; apt-get install -y -qq cloc
|
12
|
+
- bundle exec rspec
|
13
|
+
|
14
|
+
rubocop:
|
15
|
+
script:
|
16
|
+
- bundle exec rubocop
|
data/.rspec
ADDED
data/.rubocop.yml
ADDED
@@ -0,0 +1,46 @@
|
|
1
|
+
inherit_from: .rubocop_todo.yml
|
2
|
+
|
3
|
+
AllCops:
|
4
|
+
TargetRubyVersion: 2.3
|
5
|
+
|
6
|
+
Metrics/LineLength:
|
7
|
+
Enabled: false
|
8
|
+
|
9
|
+
Style/StringLiterals:
|
10
|
+
Enabled: false
|
11
|
+
|
12
|
+
Style/FrozenStringLiteralComment:
|
13
|
+
Enabled: false
|
14
|
+
|
15
|
+
Style/TrailingBlankLines:
|
16
|
+
Enabled: false
|
17
|
+
|
18
|
+
Style/TrailingCommaInLiteral:
|
19
|
+
EnforcedStyleForMultiline: comma
|
20
|
+
|
21
|
+
Style/TrailingCommaInArguments:
|
22
|
+
Enabled: false
|
23
|
+
|
24
|
+
Style/AccessModifierIndentation:
|
25
|
+
Enabled: false
|
26
|
+
|
27
|
+
Style/SpaceBeforeBlockBraces:
|
28
|
+
Enabled: false
|
29
|
+
|
30
|
+
Style/Documentation:
|
31
|
+
Enabled: false
|
32
|
+
|
33
|
+
Style/EmptyLines:
|
34
|
+
Enabled: false
|
35
|
+
|
36
|
+
Style/Not:
|
37
|
+
Enabled: false
|
38
|
+
|
39
|
+
Style/BlockDelimiters:
|
40
|
+
Enabled: false
|
41
|
+
|
42
|
+
Style/UnneededPercentQ:
|
43
|
+
Enabled: false
|
44
|
+
|
45
|
+
Style/SignalException:
|
46
|
+
Enabled: false
|
data/.rubocop_todo.yml
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
# This configuration was generated by
|
2
|
+
# `rubocop --auto-gen-config`
|
3
|
+
# on 2016-11-29 16:12:32 +0000 using RuboCop version 0.45.0.
|
4
|
+
# The point is for the user to remove these configuration records
|
5
|
+
# one by one as the offenses are removed from the code base.
|
6
|
+
# Note that changes in the inspected code, or installation of new
|
7
|
+
# versions of RuboCop, may require this file to be generated again.
|
8
|
+
|
9
|
+
# Offense count: 1
|
10
|
+
# Configuration parameters: CountComments.
|
11
|
+
Metrics/BlockLength:
|
12
|
+
Max: 32
|
13
|
+
|
14
|
+
# Offense count: 1
|
15
|
+
# Configuration parameters: CountComments.
|
16
|
+
Metrics/MethodLength:
|
17
|
+
Max: 11
|
18
|
+
|
19
|
+
# Offense count: 1
|
20
|
+
# Configuration parameters: CountComments.
|
21
|
+
Metrics/ModuleLength:
|
22
|
+
Max: 271
|
23
|
+
Exclude:
|
24
|
+
- 'lib/pluginscan/reports/issues_report/issue_checks.rb'
|
25
|
+
|
26
|
+
# Offense count: 1
|
27
|
+
# Configuration parameters: MinBodyLength.
|
28
|
+
Style/GuardClause:
|
29
|
+
Exclude:
|
30
|
+
- 'lib/pluginscan/reports/cloc_report/cloc_scanner.rb'
|
31
|
+
|
32
|
+
# Offense count: 1
|
33
|
+
# Cop supports --auto-correct.
|
34
|
+
Style/MutableConstant:
|
35
|
+
Exclude:
|
36
|
+
- 'spec/pluginscan/cloc_scanner/cloc_spec.rb'
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,89 @@
|
|
1
|
+
## NEXT VERSION
|
2
|
+
* Add an Advisory report, calling into https://wpvulndb.com/api
|
3
|
+
* Add `strlen` to the list of functions which make variable usage safe
|
4
|
+
|
5
|
+
## Version 0.8.1
|
6
|
+
* (Bugfix): Lines in the error list file are now ignored or not, depending on
|
7
|
+
the option requested
|
8
|
+
|
9
|
+
## Version 0.8.0
|
10
|
+
* Add a parameter (-e) for outputting a vim-compatible error list to a file, in addition to showing normal output on the terminal
|
11
|
+
* Bugfix: Corrected some checks for bad function names which were probably not getting run properly as part of the scan
|
12
|
+
* Bugfix: In the main output: count the total number of issues found, not the number of checks
|
13
|
+
|
14
|
+
## Version 0.7.2
|
15
|
+
* Bugfix: Ignored lines can be hidden in the main issues report
|
16
|
+
* When calling pluginscan from the command line, no arguments is interpreted as meaning "run in the current directory" - even if options are passed
|
17
|
+
* Add -h as a command line flag to show help
|
18
|
+
* Add -v as a command line flag to show the version
|
19
|
+
|
20
|
+
## Version 0.7.1
|
21
|
+
* Bugfix: source lines with colons (:) in them have those colons escaped
|
22
|
+
(otherwise the lines can't be parsed by vim)
|
23
|
+
* Removed the file list printer: it was probably never going to get used
|
24
|
+
|
25
|
+
## Version 0.7.0
|
26
|
+
* The vim-compatable error list output now displays [IGNORE] on lines we're
|
27
|
+
confident are safe, and respects the -g flag (hide ignores)
|
28
|
+
* New Check: Check for use of unreliable indicators of IP addresses - e.g.
|
29
|
+
HTTP\_FORWARDED\_FOR
|
30
|
+
* Add 'unserialize()' to the list of functions which constitute php object injection
|
31
|
+
|
32
|
+
## Version 0.6.0
|
33
|
+
* Allow ignored lines (things which matched but are believed to be safe) to be hidden in the main issues report by passing '-g' on the command line
|
34
|
+
|
35
|
+
## Version 0.5.1
|
36
|
+
* Bugfix: Command line now calls the library correctly
|
37
|
+
|
38
|
+
## Version 0.5.0
|
39
|
+
* New Check: Look for inline JavaScript (script tags without src=)
|
40
|
+
* New Check: Look for inline CSS (style tags)
|
41
|
+
* New Check: Look for HTML event attributes - these can execute JavaScript (e.g. onclick)
|
42
|
+
* New Check: Look for parse_str() and extract() - these extract variables from input
|
43
|
+
* Bugfix: column numbers are now correctly calculated (for the vim error list
|
44
|
+
formatter)
|
45
|
+
|
46
|
+
## Version 0.4.0
|
47
|
+
* Add formatters which can print out the list of files and a vim-compatible
|
48
|
+
error list
|
49
|
+
* Allow the formatter to be selected from the command line
|
50
|
+
* Allow the sloccount and cloc reports to be selectively disabled by passing
|
51
|
+
command line flags (call with -h for full details)
|
52
|
+
* Ignore variables and functions which are on commented lines
|
53
|
+
* Add 'hardening' to the list of trigger words
|
54
|
+
|
55
|
+
## Version 0.3.4
|
56
|
+
* Add 'switch' to the list of functions which make superglobals safe (because they check them rather than use them)
|
57
|
+
|
58
|
+
## Version 0.3.3
|
59
|
+
* Bugfix: '=>' was being treated as a safe infix (it's array assignment)
|
60
|
+
* Bugfix: some infixes were getting double-counted - e.g. '==' and '===' - leading to false negatives
|
61
|
+
* Changes to how database access lines are ignored
|
62
|
+
|
63
|
+
## Version 0.3.2
|
64
|
+
* Handle malformed CSVs
|
65
|
+
|
66
|
+
## Version 0.3.1
|
67
|
+
* Make sure that sloccount and cloc don't prevent execution of the rest of the tool if they blow up
|
68
|
+
|
69
|
+
## Version 0.3.0
|
70
|
+
* Higlighing of matched terms in the output of line checks
|
71
|
+
* Lots of Superglobal false positives are marked as ignores (e.g. when wrapped in an 'isset')
|
72
|
+
* More refactoring
|
73
|
+
* Added some additional functions to SAFE_FUNCTIONS and SAFE_INFIXES to improve ignore coverage
|
74
|
+
|
75
|
+
## Version 0.2.0
|
76
|
+
* Add integration with sloccount and cloc
|
77
|
+
* Thorough test suite and major refactoring
|
78
|
+
|
79
|
+
## Version 0.1.2
|
80
|
+
* Added a proper test suite
|
81
|
+
* Major refactoring
|
82
|
+
* Various minor bugfixes
|
83
|
+
|
84
|
+
## Version 0.1.1
|
85
|
+
* Significant refactoring for the sake of sanity (but without tests!)
|
86
|
+
* Various minor bugfixes
|
87
|
+
|
88
|
+
## Version 0.1.0
|
89
|
+
Initial version
|
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,90 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
pluginscan (0.9.0)
|
5
|
+
httparty (< 1)
|
6
|
+
rainbow (~> 2.0)
|
7
|
+
|
8
|
+
GEM
|
9
|
+
remote: https://rubygems.org/
|
10
|
+
specs:
|
11
|
+
addressable (2.5.0)
|
12
|
+
public_suffix (~> 2.0, >= 2.0.2)
|
13
|
+
ast (2.3.0)
|
14
|
+
coderay (1.1.1)
|
15
|
+
crack (0.4.3)
|
16
|
+
safe_yaml (~> 1.0.0)
|
17
|
+
diff-lcs (1.2.5)
|
18
|
+
docile (1.1.5)
|
19
|
+
fuubar (2.2.0)
|
20
|
+
rspec-core (~> 3.0)
|
21
|
+
ruby-progressbar (~> 1.4)
|
22
|
+
geminabox-release (0.2.0)
|
23
|
+
hashdiff (0.3.1)
|
24
|
+
httparty (0.14.0)
|
25
|
+
multi_xml (>= 0.5.2)
|
26
|
+
json (2.0.2)
|
27
|
+
method_source (0.8.2)
|
28
|
+
multi_xml (0.5.5)
|
29
|
+
parser (2.3.3.0)
|
30
|
+
ast (~> 2.2)
|
31
|
+
powerpack (0.1.1)
|
32
|
+
pry (0.10.4)
|
33
|
+
coderay (~> 1.1.0)
|
34
|
+
method_source (~> 0.8.1)
|
35
|
+
slop (~> 3.4)
|
36
|
+
public_suffix (2.0.4)
|
37
|
+
rainbow (2.1.0)
|
38
|
+
rake (11.3.0)
|
39
|
+
rspec (3.4.0)
|
40
|
+
rspec-core (~> 3.4.0)
|
41
|
+
rspec-expectations (~> 3.4.0)
|
42
|
+
rspec-mocks (~> 3.4.0)
|
43
|
+
rspec-core (3.4.4)
|
44
|
+
rspec-support (~> 3.4.0)
|
45
|
+
rspec-expectations (3.4.0)
|
46
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
47
|
+
rspec-support (~> 3.4.0)
|
48
|
+
rspec-mocks (3.4.1)
|
49
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
50
|
+
rspec-support (~> 3.4.0)
|
51
|
+
rspec-support (3.4.1)
|
52
|
+
rubocop (0.45.0)
|
53
|
+
parser (>= 2.3.1.1, < 3.0)
|
54
|
+
powerpack (~> 0.1)
|
55
|
+
rainbow (>= 1.99.1, < 3.0)
|
56
|
+
ruby-progressbar (~> 1.7)
|
57
|
+
unicode-display_width (~> 1.0, >= 1.0.1)
|
58
|
+
ruby-progressbar (1.8.1)
|
59
|
+
safe_yaml (1.0.4)
|
60
|
+
simplecov (0.12.0)
|
61
|
+
docile (~> 1.1.0)
|
62
|
+
json (>= 1.8, < 3)
|
63
|
+
simplecov-html (~> 0.10.0)
|
64
|
+
simplecov-html (0.10.0)
|
65
|
+
slop (3.6.0)
|
66
|
+
unicode-display_width (1.1.1)
|
67
|
+
vcr (3.0.3)
|
68
|
+
webmock (2.1.0)
|
69
|
+
addressable (>= 2.3.6)
|
70
|
+
crack (>= 0.3.2)
|
71
|
+
hashdiff
|
72
|
+
|
73
|
+
PLATFORMS
|
74
|
+
ruby
|
75
|
+
|
76
|
+
DEPENDENCIES
|
77
|
+
bundler (~> 1.5)
|
78
|
+
fuubar (~> 2)
|
79
|
+
geminabox-release (~> 0.2, >= 0.2.0)
|
80
|
+
pluginscan!
|
81
|
+
pry (~> 0)
|
82
|
+
rake (>= 10.0.0)
|
83
|
+
rspec (~> 3.4.0, >= 3.4.0)
|
84
|
+
rubocop (< 1)
|
85
|
+
simplecov (< 1)
|
86
|
+
vcr (< 4)
|
87
|
+
webmock (< 3)
|
88
|
+
|
89
|
+
BUNDLED WITH
|
90
|
+
1.13.1
|
data/README.md
ADDED
@@ -0,0 +1,56 @@
|
|
1
|
+
# pluginscan
|
2
|
+
|
3
|
+
Scans WordPress plugins for issues
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
### Installing from geminabox
|
8
|
+
|
9
|
+
% sources -a http://gems.dxw.net/
|
10
|
+
% gem install pluginscan
|
11
|
+
|
12
|
+
### Installing from source
|
13
|
+
|
14
|
+
You'll need recent versions of Ruby and rubygems
|
15
|
+
|
16
|
+
% gem build pluginscan.gemspec
|
17
|
+
% gem install pluginscan-*.gem
|
18
|
+
|
19
|
+
### Optional: install sloccount and cloc
|
20
|
+
|
21
|
+
On OSX:
|
22
|
+
|
23
|
+
% brew install sloccount
|
24
|
+
% brew install cloc
|
25
|
+
|
26
|
+
On Linux:
|
27
|
+
|
28
|
+
% apt-get install sloccount
|
29
|
+
% apt-get install cloc
|
30
|
+
|
31
|
+
## Usage
|
32
|
+
|
33
|
+
% cd /path/to/plugin
|
34
|
+
% pluginscan
|
35
|
+
|
36
|
+
Help/documentation:
|
37
|
+
|
38
|
+
% pluginscan -h
|
39
|
+
|
40
|
+
|
41
|
+
## Development
|
42
|
+
|
43
|
+
### Run the tests
|
44
|
+
|
45
|
+
% bundle install
|
46
|
+
% rspec
|
47
|
+
|
48
|
+
### Check style
|
49
|
+
|
50
|
+
% bundle install
|
51
|
+
% rubocop
|
52
|
+
|
53
|
+
### Release a new gem version
|
54
|
+
|
55
|
+
1. Update version number in `lib/pluginscan/version`
|
56
|
+
2. `rake inabox:release`
|
data/Rakefile
ADDED
data/TODO.md
ADDED
data/bin/pluginscan
ADDED
@@ -0,0 +1,53 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require 'pluginscan'
|
4
|
+
require 'pluginscan/version' # TODO: Should this be required in lib/pluginscan?
|
5
|
+
require 'optparse'
|
6
|
+
require 'file_creator'
|
7
|
+
|
8
|
+
options = {}
|
9
|
+
OptionParser.new do |opts|
|
10
|
+
opts.banner = "Usage: pluginscan plugin/directory/path [options]"
|
11
|
+
|
12
|
+
opts.on("-s", "--[no-]sloccount", "SLOCCount source lines report (default)") do |s|
|
13
|
+
options[:sloccount] = s
|
14
|
+
end
|
15
|
+
opts.on("-c", "--[no-]cloc", "CLOC source lines report (default)") do |c|
|
16
|
+
options[:cloc] = c
|
17
|
+
end
|
18
|
+
opts.on("-a", "--[no-]advisories", "Advisories report (default)") do |a|
|
19
|
+
options[:advisories] = a
|
20
|
+
end
|
21
|
+
opts.on("-i", "--issues-format FORMAT", [:report, :error_list], "Format of the issues report (report, error_list). Default: 'report'") do |format|
|
22
|
+
options[:issues_format] = format
|
23
|
+
end
|
24
|
+
opts.on("-g", "--[no-]hide-ignores", "Hide/show ignored lines (i.e. matches which are probably safe)") do |g|
|
25
|
+
options[:hide_ignores] = g
|
26
|
+
end
|
27
|
+
opts.on("-e", "--error-list-file FILENAME", "File for outputting the error_list (vim-compatible errorfile)") do |filename|
|
28
|
+
begin
|
29
|
+
options[:error_list_file] = FileCreator.new.create(filename)
|
30
|
+
rescue FileCreator::Error => e
|
31
|
+
puts "[ERROR] Invalid filename: #{e.message}"
|
32
|
+
exit(1)
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
# These options exit early:
|
37
|
+
opts.on_tail("-v", "--version", "Show gem version") do
|
38
|
+
puts Pluginscan::VERSION
|
39
|
+
exit
|
40
|
+
end
|
41
|
+
opts.on_tail("-h", "--help", "Show this message") do
|
42
|
+
puts opts
|
43
|
+
exit
|
44
|
+
end
|
45
|
+
end.parse!
|
46
|
+
|
47
|
+
plugin_directory = ARGV[-1] || '.'
|
48
|
+
|
49
|
+
if Dir.exist? plugin_directory
|
50
|
+
Pluginscan::Scanner.new(options).scan(plugin_directory)
|
51
|
+
else
|
52
|
+
puts "No such file or directory: #{plugin_directory}"
|
53
|
+
end
|
data/lib/file_creator.rb
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
# Responsible for creating a file and creating error messages which we can present back to the user if it failed
|
2
|
+
class FileCreator
|
3
|
+
class Error < StandardError; end
|
4
|
+
attr_reader :error
|
5
|
+
def create(file_name)
|
6
|
+
File.new(file_name, 'w')
|
7
|
+
rescue Errno::EACCES
|
8
|
+
raise Error, "You do not have permission to write to that location (#{file_name})"
|
9
|
+
rescue Errno::EISDIR
|
10
|
+
raise Error, "File name is a directory (#{file_name})"
|
11
|
+
rescue Errno::ENOTDIR
|
12
|
+
raise Error, "File name refers to a directory which does not exist (#{file_name})"
|
13
|
+
end
|
14
|
+
# Errno errors handle error numbers returned by the operating system and translate them into rubyish errors
|
15
|
+
# Therefore there may be slightly different errors on different operating systems,
|
16
|
+
# but hopefully the ones we care about are generally applicable: http://ruby-doc.org/core/Errno.html
|
17
|
+
end
|
18
|
+
|