pronto-brakeman 0.11.0 → 0.11.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a850480c412d705bd265a0b24ea74728383ac7bd6b616a8e8a2023bfedc0845f
4
- data.tar.gz: b0542a31a845985491bc794c760e7c9b5618dc1ddcd409a09df58854e0e319d2
3
+ metadata.gz: 9675b2199073a2d7c5a699566908e328857df5b8436883a4ba0e3cd13cd2a21b
4
+ data.tar.gz: 968a3ca4b5c61613b7fc332bf2d6392dbd0c2d8d348508179305e3c0f49ce34a
5
5
  SHA512:
6
- metadata.gz: 57e884d484822acf06124a03f2f2e77bcfe851551e81fd3f347f7887c68bb26dc3784e026114efe1b09b1142201df32fd92f0494681bebe224f77ec70cb5892a
7
- data.tar.gz: 77b4892ce37db8e9a64b70a5e9d3cfda5c03f479f76c82180de2b1aa44df29436868a2e0d05a3eba4da1ba7fee699ec2de3790fe8ad30ec4853e769c77174294
6
+ metadata.gz: 272d5ccaabbfaa868d78d42fc95327206af72906c68f8f0ad0bee48e038a400647652ba027b9632c54c00943c7f5d093000ac9ce66170a15ae49960d95bf852b
7
+ data.tar.gz: 635580663ba6f66456e903e17a4f0acd1bb552e87edd382f15a3c687730d0e5a74a08a591de3bfbd61d0cbb939bf5efa74045ca90daafcd1feb1bd04973fd831
@@ -11,9 +11,10 @@ jobs:
11
11
  runs-on: ubuntu-latest
12
12
  strategy:
13
13
  matrix:
14
- ruby: ['2.3', '2.4', '2.5', '2.6', '2.7', '3.0']
14
+ ruby: ['2.5', '2.6', '2.7', '3.0', '3.1', '3.2']
15
+ fail-fast: false
15
16
  steps:
16
- - uses: actions/checkout@v2
17
+ - uses: actions/checkout@v3
17
18
  with:
18
19
  fetch-depth: 0 # required for "not a rails app" spec
19
20
  - uses: ruby/setup-ruby@v1
data/README.md CHANGED
@@ -1,9 +1,8 @@
1
1
  # Pronto runner for Brakeman
2
2
 
3
3
  [![Code Climate](https://codeclimate.com/github/prontolabs/pronto-brakeman.png)](https://codeclimate.com/github/prontolabs/pronto-brakeman)
4
- [![Build Status](https://travis-ci.org/prontolabs/pronto-brakeman.png)](https://travis-ci.org/prontolabs/pronto-brakeman)
4
+ [![Build Status](https://github.com/prontolabs/pronto-brakeman/actions/workflows/checks.yml/badge.svg)](https://github.com/prontolabs/pronto-brakeman/actions/workflows/checks.yml)
5
5
  [![Gem Version](https://badge.fury.io/rb/pronto-brakeman.png)](http://badge.fury.io/rb/pronto-brakeman)
6
- [![Dependency Status](https://gemnasium.com/prontolabs/pronto-brakeman.png)](https://gemnasium.com/prontolabs/pronto-brakeman)
7
6
 
8
7
  Pronto runner for [Brakeman](https://github.com/presidentbeef/brakeman), security vulnerability scanner for RoR. [What is Pronto?](https://github.com/prontolabs/pronto)
9
8
 
@@ -12,3 +11,24 @@ Pronto runner for [Brakeman](https://github.com/presidentbeef/brakeman), securit
12
11
  Brakeman [Confidence](https://github.com/presidentbeef/brakeman#confidence-levels) is mapped to severity levels on the
13
12
  messages generated by Pronto. High confidence maps to fatal, medium confidence maps to warning, and low confidence maps
14
13
  to info.
14
+
15
+ # Options
16
+ Brakeman also includes some optional checks and by setting the following in your `.pronto.yml` you can run every check included in the gem:
17
+
18
+ ## Run all checks
19
+
20
+ ```yaml
21
+ brakeman:
22
+ run_all_checks: true
23
+ ```
24
+
25
+ (This is the equivalent of running `brakeman -A` on the command line.)
26
+
27
+ ## Ignore file
28
+
29
+ ```yaml
30
+ brakeman:
31
+ ignore_file: '.brakeman'
32
+ ```
33
+
34
+ (This is the equivalent of running `brakeman -i IGNOREFILE` on the command line.)
@@ -1,5 +1,5 @@
1
1
  module Pronto
2
2
  module BrakemanVersion
3
- VERSION = '0.11.0'.freeze
3
+ VERSION = '0.11.2'.freeze
4
4
  end
5
5
  end
@@ -4,23 +4,26 @@ require 'brakeman'
4
4
  module Pronto
5
5
  class Brakeman < Runner
6
6
  def run
7
- files = ruby_patches.map do |patch|
7
+ patches = ruby_patches | erb_patches
8
+ files = patches.map do |patch|
8
9
  patch.new_file_full_path.relative_path_from(repo_path).to_s
9
- end
10
+ end.sort
10
11
 
11
12
  return [] unless files.any?
12
13
 
13
14
  output = ::Brakeman.run(app_path: repo_path,
14
15
  output_formats: [:to_s],
15
- only_files: files)
16
- messages_for(ruby_patches, output).compact
16
+ only_files: files,
17
+ run_all_checks: run_all_checks?,
18
+ ignore_file: ignore_file)
19
+ messages_for(patches, output).compact
17
20
  rescue ::Brakeman::NoApplication
18
21
  []
19
22
  end
20
23
 
21
- def messages_for(ruby_patches, output)
24
+ def messages_for(code_patches, output)
22
25
  output.filtered_warnings.map do |warning|
23
- patch = patch_for_warning(ruby_patches, warning)
26
+ patch = patch_for_warning(code_patches, warning)
24
27
 
25
28
  next unless patch
26
29
  line = patch.added_lines.find do |added_line|
@@ -49,10 +52,31 @@ module Pronto
49
52
  end
50
53
  end
51
54
 
52
- def patch_for_warning(ruby_patches, warning)
53
- ruby_patches.find do |patch|
55
+ def patch_for_warning(code_patches, warning)
56
+ code_patches.find do |patch|
54
57
  patch.new_file_full_path.to_s == warning.file.absolute
55
58
  end
56
59
  end
60
+
61
+ def run_all_checks?
62
+ pronto_brakeman_config['run_all_checks']
63
+ end
64
+
65
+ def ignore_file
66
+ pronto_brakeman_config['ignore_file']
67
+ end
68
+
69
+ def pronto_brakeman_config
70
+ pronto_brakeman_config ||= Pronto::ConfigFile.new.to_h['brakeman'] || {}
71
+ end
72
+
73
+ def erb_patches
74
+ @erb_patches ||= Array(@patches).select { |patch| patch.additions > 0 }
75
+ .select { |patch| erb_file?(patch.new_file_full_path) }
76
+ end
77
+
78
+ def erb_file?(path)
79
+ File.extname(path) == '.erb'
80
+ end
57
81
  end
58
82
  end
@@ -14,7 +14,7 @@ Gem::Specification.new do |s|
14
14
  s.summary = 'Pronto runner for Brakeman, security vulnerability scanner for RoR'
15
15
 
16
16
  s.licenses = ['MIT']
17
- s.required_ruby_version = '>= 2.3.0'
17
+ s.required_ruby_version = '>= 2.5.0'
18
18
  s.rubygems_version = '1.8.23'
19
19
 
20
20
  s.files = `git ls-files`.split($RS).reject do |file|
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pronto-brakeman
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.0
4
+ version: 0.11.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mindaugas Mozūras
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-01-31 00:00:00.000000000 Z
11
+ date: 2023-01-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: pronto
@@ -80,7 +80,7 @@ dependencies:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
82
  version: '1.2'
83
- description:
83
+ description:
84
84
  email: mindaugas.mozuras@gmail.com
85
85
  executables: []
86
86
  extensions: []
@@ -99,7 +99,7 @@ homepage: http://github.com/mmozuras/pronto-brakeman
99
99
  licenses:
100
100
  - MIT
101
101
  metadata: {}
102
- post_install_message:
102
+ post_install_message:
103
103
  rdoc_options: []
104
104
  require_paths:
105
105
  - lib
@@ -107,15 +107,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - ">="
109
109
  - !ruby/object:Gem::Version
110
- version: 2.3.0
110
+ version: 2.5.0
111
111
  required_rubygems_version: !ruby/object:Gem::Requirement
112
112
  requirements:
113
113
  - - ">="
114
114
  - !ruby/object:Gem::Version
115
115
  version: '0'
116
116
  requirements: []
117
- rubygems_version: 3.0.3
118
- signing_key:
117
+ rubygems_version: 3.0.9
118
+ signing_key:
119
119
  specification_version: 4
120
120
  summary: Pronto runner for Brakeman, security vulnerability scanner for RoR
121
121
  test_files: []