pronto-brakeman 0.11.0 → 0.11.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a850480c412d705bd265a0b24ea74728383ac7bd6b616a8e8a2023bfedc0845f
4
- data.tar.gz: b0542a31a845985491bc794c760e7c9b5618dc1ddcd409a09df58854e0e319d2
3
+ metadata.gz: cab70317e2e7947ea734fd71d2068ce514b9c9cbe5abafd31c0afd47f1dfeb8c
4
+ data.tar.gz: 69b0a138c4db8c02fd51bf5d55ac311e21b4dc153e8d200f6d150b53629aeb75
5
5
  SHA512:
6
- metadata.gz: 57e884d484822acf06124a03f2f2e77bcfe851551e81fd3f347f7887c68bb26dc3784e026114efe1b09b1142201df32fd92f0494681bebe224f77ec70cb5892a
7
- data.tar.gz: 77b4892ce37db8e9a64b70a5e9d3cfda5c03f479f76c82180de2b1aa44df29436868a2e0d05a3eba4da1ba7fee699ec2de3790fe8ad30ec4853e769c77174294
6
+ metadata.gz: 979f1c9c6ee6dd53b12334e38fb83fd81b203f0930dd7645a07d255de7e25dab31d43468273511b08d913e59fb80b66e8d5842537e90efb09ea04d674369cd10
7
+ data.tar.gz: 1de572cc71827b47ff58c376a52f0c585ef185540d7ec3c7e21becaacc7d73e61e725efc71894fb1ff2cd983c24fb294522c90955759534b004e7683c0e97776
@@ -11,7 +11,7 @@ jobs:
11
11
  runs-on: ubuntu-latest
12
12
  strategy:
13
13
  matrix:
14
- ruby: ['2.3', '2.4', '2.5', '2.6', '2.7', '3.0']
14
+ ruby: ['2.5', '2.6', '2.7', '3.0']
15
15
  steps:
16
16
  - uses: actions/checkout@v2
17
17
  with:
data/README.md CHANGED
@@ -1,9 +1,8 @@
1
1
  # Pronto runner for Brakeman
2
2
 
3
3
  [![Code Climate](https://codeclimate.com/github/prontolabs/pronto-brakeman.png)](https://codeclimate.com/github/prontolabs/pronto-brakeman)
4
- [![Build Status](https://travis-ci.org/prontolabs/pronto-brakeman.png)](https://travis-ci.org/prontolabs/pronto-brakeman)
4
+ [![Build Status](https://github.com/prontolabs/pronto-brakeman/actions/workflows/checks.yml/badge.svg)](https://github.com/prontolabs/pronto-brakeman/actions/workflows/checks.yml)
5
5
  [![Gem Version](https://badge.fury.io/rb/pronto-brakeman.png)](http://badge.fury.io/rb/pronto-brakeman)
6
- [![Dependency Status](https://gemnasium.com/prontolabs/pronto-brakeman.png)](https://gemnasium.com/prontolabs/pronto-brakeman)
7
6
 
8
7
  Pronto runner for [Brakeman](https://github.com/presidentbeef/brakeman), security vulnerability scanner for RoR. [What is Pronto?](https://github.com/prontolabs/pronto)
9
8
 
@@ -12,3 +11,14 @@ Pronto runner for [Brakeman](https://github.com/presidentbeef/brakeman), securit
12
11
  Brakeman [Confidence](https://github.com/presidentbeef/brakeman#confidence-levels) is mapped to severity levels on the
13
12
  messages generated by Pronto. High confidence maps to fatal, medium confidence maps to warning, and low confidence maps
14
13
  to info.
14
+
15
+ ## Run all checks
16
+
17
+ Brakeman also includes some optional checks and by setting the following in your `.pronto.yml` you can run every check included in the gem:
18
+
19
+ ```yaml
20
+ brakeman:
21
+ run_all_checks: true
22
+ ```
23
+
24
+ (This is the equivalent of running `brakeman -A` on the command line.)
@@ -1,5 +1,5 @@
1
1
  module Pronto
2
2
  module BrakemanVersion
3
- VERSION = '0.11.0'.freeze
3
+ VERSION = '0.11.1'.freeze
4
4
  end
5
5
  end
@@ -4,23 +4,25 @@ require 'brakeman'
4
4
  module Pronto
5
5
  class Brakeman < Runner
6
6
  def run
7
- files = ruby_patches.map do |patch|
7
+ patches = ruby_patches | erb_patches
8
+ files = patches.map do |patch|
8
9
  patch.new_file_full_path.relative_path_from(repo_path).to_s
9
- end
10
+ end.sort
10
11
 
11
12
  return [] unless files.any?
12
13
 
13
14
  output = ::Brakeman.run(app_path: repo_path,
14
15
  output_formats: [:to_s],
15
- only_files: files)
16
- messages_for(ruby_patches, output).compact
16
+ only_files: files,
17
+ run_all_checks: run_all_checks?)
18
+ messages_for(patches, output).compact
17
19
  rescue ::Brakeman::NoApplication
18
20
  []
19
21
  end
20
22
 
21
- def messages_for(ruby_patches, output)
23
+ def messages_for(code_patches, output)
22
24
  output.filtered_warnings.map do |warning|
23
- patch = patch_for_warning(ruby_patches, warning)
25
+ patch = patch_for_warning(code_patches, warning)
24
26
 
25
27
  next unless patch
26
28
  line = patch.added_lines.find do |added_line|
@@ -49,10 +51,27 @@ module Pronto
49
51
  end
50
52
  end
51
53
 
52
- def patch_for_warning(ruby_patches, warning)
53
- ruby_patches.find do |patch|
54
+ def patch_for_warning(code_patches, warning)
55
+ code_patches.find do |patch|
54
56
  patch.new_file_full_path.to_s == warning.file.absolute
55
57
  end
56
58
  end
59
+
60
+ def run_all_checks?
61
+ pronto_brakeman_config['run_all_checks']
62
+ end
63
+
64
+ def pronto_brakeman_config
65
+ pronto_brakeman_config ||= Pronto::ConfigFile.new.to_h['brakeman'] || {}
66
+ end
67
+
68
+ def erb_patches
69
+ @erb_patches ||= Array(@patches).select { |patch| patch.additions > 0 }
70
+ .select { |patch| erb_file?(patch.new_file_full_path) }
71
+ end
72
+
73
+ def erb_file?(path)
74
+ File.extname(path) == '.erb'
75
+ end
57
76
  end
58
77
  end
@@ -14,7 +14,7 @@ Gem::Specification.new do |s|
14
14
  s.summary = 'Pronto runner for Brakeman, security vulnerability scanner for RoR'
15
15
 
16
16
  s.licenses = ['MIT']
17
- s.required_ruby_version = '>= 2.3.0'
17
+ s.required_ruby_version = '>= 2.5.0'
18
18
  s.rubygems_version = '1.8.23'
19
19
 
20
20
  s.files = `git ls-files`.split($RS).reject do |file|
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pronto-brakeman
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.0
4
+ version: 0.11.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mindaugas Mozūras
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-01-31 00:00:00.000000000 Z
11
+ date: 2021-12-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: pronto
@@ -107,14 +107,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - ">="
109
109
  - !ruby/object:Gem::Version
110
- version: 2.3.0
110
+ version: 2.5.0
111
111
  required_rubygems_version: !ruby/object:Gem::Requirement
112
112
  requirements:
113
113
  - - ">="
114
114
  - !ruby/object:Gem::Version
115
115
  version: '0'
116
116
  requirements: []
117
- rubygems_version: 3.0.3
117
+ rubygems_version: 3.2.5
118
118
  signing_key:
119
119
  specification_version: 4
120
120
  summary: Pronto runner for Brakeman, security vulnerability scanner for RoR