pronto-brakeman 0.7.0 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 1462c9ae1fe88941d78c4aae1e391e776073897e
4
- data.tar.gz: 40e6028d592db09efc5a1d2572e44606b289c1bd
2
+ SHA256:
3
+ metadata.gz: a850480c412d705bd265a0b24ea74728383ac7bd6b616a8e8a2023bfedc0845f
4
+ data.tar.gz: b0542a31a845985491bc794c760e7c9b5618dc1ddcd409a09df58854e0e319d2
5
5
  SHA512:
6
- metadata.gz: 87eaf9ca3c3fe14329edf0d5dbfd353056be8b95366b3127562c2c9fc163928b39c2ffd9af8f9021bd44fa1cd36dda2f183bfa7228638389fbba98055299c030
7
- data.tar.gz: 03e4e874af4e5995c7f7ffb0766a62ea3d7fa558975934e4c220928e08dd9eee9fa77205e4656b9db11382fa1486f472e10e42a2e396287b0a07abaead87dd4a
6
+ metadata.gz: 57e884d484822acf06124a03f2f2e77bcfe851551e81fd3f347f7887c68bb26dc3784e026114efe1b09b1142201df32fd92f0494681bebe224f77ec70cb5892a
7
+ data.tar.gz: 77b4892ce37db8e9a64b70a5e9d3cfda5c03f479f76c82180de2b1aa44df29436868a2e0d05a3eba4da1ba7fee699ec2de3790fe8ad30ec4853e769c77174294
@@ -0,0 +1,3 @@
1
+ # Order is important. The last matching pattern takes the most precedence.
2
+ # Default owners for everything in the repo.
3
+ * @prontolabs/core
@@ -0,0 +1,24 @@
1
+ name: Checks
2
+
3
+ on:
4
+ push:
5
+ branches: [ master ]
6
+ pull_request:
7
+ branches: [ master ]
8
+
9
+ jobs:
10
+ ruby:
11
+ runs-on: ubuntu-latest
12
+ strategy:
13
+ matrix:
14
+ ruby: ['2.3', '2.4', '2.5', '2.6', '2.7', '3.0']
15
+ steps:
16
+ - uses: actions/checkout@v2
17
+ with:
18
+ fetch-depth: 0 # required for "not a rails app" spec
19
+ - uses: ruby/setup-ruby@v1
20
+ with:
21
+ ruby-version: ${{ matrix.ruby }}
22
+ bundler-cache: true
23
+ - name: rake spec
24
+ run: bundle exec rake spec
data/LICENSE CHANGED
@@ -1,6 +1,6 @@
1
1
  The MIT License
2
2
 
3
- Copyright (c) 2016 Mindaugas Mozūras
3
+ Copyright (c) 2017 Mindaugas Mozūras
4
4
 
5
5
  Permission is hereby granted, free of charge, to any person obtaining a copy
6
6
  of this software and associated documentation files (the "Software"), to deal
data/README.md CHANGED
@@ -1,14 +1,14 @@
1
1
  # Pronto runner for Brakeman
2
2
 
3
- [![Code Climate](https://codeclimate.com/github/mmozuras/pronto-brakeman.png)](https://codeclimate.com/github/mmozuras/pronto-brakeman)
4
- [![Build Status](https://travis-ci.org/mmozuras/pronto-brakeman.png)](https://travis-ci.org/mmozuras/pronto-brakeman)
3
+ [![Code Climate](https://codeclimate.com/github/prontolabs/pronto-brakeman.png)](https://codeclimate.com/github/prontolabs/pronto-brakeman)
4
+ [![Build Status](https://travis-ci.org/prontolabs/pronto-brakeman.png)](https://travis-ci.org/prontolabs/pronto-brakeman)
5
5
  [![Gem Version](https://badge.fury.io/rb/pronto-brakeman.png)](http://badge.fury.io/rb/pronto-brakeman)
6
- [![Dependency Status](https://gemnasium.com/mmozuras/pronto-brakeman.png)](https://gemnasium.com/mmozuras/pronto-brakeman)
6
+ [![Dependency Status](https://gemnasium.com/prontolabs/pronto-brakeman.png)](https://gemnasium.com/prontolabs/pronto-brakeman)
7
7
 
8
- Pronto runner for [Brakeman](https://github.com/presidentbeef/brakeman), security vulnerability scanner for RoR. [What is Pronto?](https://github.com/mmozuras/pronto)
8
+ Pronto runner for [Brakeman](https://github.com/presidentbeef/brakeman), security vulnerability scanner for RoR. [What is Pronto?](https://github.com/prontolabs/pronto)
9
9
 
10
10
  ## Severity mapping
11
11
 
12
- Brakeman [Confiedence](https://github.com/presidentbeef/brakeman#confidence-levels) is mapped to severity levels on the
12
+ Brakeman [Confidence](https://github.com/presidentbeef/brakeman#confidence-levels) is mapped to severity levels on the
13
13
  messages generated by Pronto. High confidence maps to fatal, medium confidence maps to warning, and low confidence maps
14
14
  to info.
@@ -34,7 +34,7 @@ module Pronto
34
34
  def new_message(line, warning)
35
35
  Message.new(line.patch.delta.new_file[:path], line,
36
36
  severity_for_confidence(warning.confidence),
37
- "Possible security vulnerability: #{warning.message}",
37
+ "Possible security vulnerability: [#{warning.message}](#{warning.link})",
38
38
  nil, self.class)
39
39
  end
40
40
 
@@ -51,7 +51,7 @@ module Pronto
51
51
 
52
52
  def patch_for_warning(ruby_patches, warning)
53
53
  ruby_patches.find do |patch|
54
- patch.new_file_full_path.to_s == warning.file
54
+ patch.new_file_full_path.to_s == warning.file.absolute
55
55
  end
56
56
  end
57
57
  end
@@ -1,5 +1,5 @@
1
1
  module Pronto
2
2
  module BrakemanVersion
3
- VERSION = '0.7.0'.freeze
3
+ VERSION = '0.11.0'.freeze
4
4
  end
5
5
  end
@@ -10,11 +10,11 @@ Gem::Specification.new do |s|
10
10
  s.platform = Gem::Platform::RUBY
11
11
  s.author = 'Mindaugas Mozūras'
12
12
  s.email = 'mindaugas.mozuras@gmail.com'
13
- s.homepage = 'http://github.org/mmozuras/pronto-brakeman'
13
+ s.homepage = 'http://github.com/mmozuras/pronto-brakeman'
14
14
  s.summary = 'Pronto runner for Brakeman, security vulnerability scanner for RoR'
15
15
 
16
16
  s.licenses = ['MIT']
17
- s.required_ruby_version = '>= 1.9.3'
17
+ s.required_ruby_version = '>= 2.3.0'
18
18
  s.rubygems_version = '1.8.23'
19
19
 
20
20
  s.files = `git ls-files`.split($RS).reject do |file|
@@ -32,9 +32,9 @@ Gem::Specification.new do |s|
32
32
  s.extra_rdoc_files = ['LICENSE', 'README.md']
33
33
  s.require_paths = ['lib']
34
34
 
35
- s.add_runtime_dependency('pronto', '~> 0.7.0')
36
- s.add_runtime_dependency('brakeman', '~> 3.2', '>= 3.2.0')
37
- s.add_development_dependency('rake', '~> 11.0')
35
+ s.add_runtime_dependency('pronto', '~> 0.11.0')
36
+ s.add_runtime_dependency('brakeman', '>= 3.2.0')
37
+ s.add_development_dependency('rake', '~> 12.0')
38
38
  s.add_development_dependency('rspec', '~> 3.4')
39
39
  s.add_development_dependency('rspec-its', '~> 1.2')
40
40
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pronto-brakeman
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.0
4
+ version: 0.11.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mindaugas Mozūras
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-08-07 00:00:00.000000000 Z
11
+ date: 2021-01-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: pronto
@@ -16,21 +16,18 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 0.7.0
19
+ version: 0.11.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 0.7.0
26
+ version: 0.11.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: brakeman
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - "~>"
32
- - !ruby/object:Gem::Version
33
- version: '3.2'
34
31
  - - ">="
35
32
  - !ruby/object:Gem::Version
36
33
  version: 3.2.0
@@ -38,9 +35,6 @@ dependencies:
38
35
  prerelease: false
39
36
  version_requirements: !ruby/object:Gem::Requirement
40
37
  requirements:
41
- - - "~>"
42
- - !ruby/object:Gem::Version
43
- version: '3.2'
44
38
  - - ">="
45
39
  - !ruby/object:Gem::Version
46
40
  version: 3.2.0
@@ -50,14 +44,14 @@ dependencies:
50
44
  requirements:
51
45
  - - "~>"
52
46
  - !ruby/object:Gem::Version
53
- version: '11.0'
47
+ version: '12.0'
54
48
  type: :development
55
49
  prerelease: false
56
50
  version_requirements: !ruby/object:Gem::Requirement
57
51
  requirements:
58
52
  - - "~>"
59
53
  - !ruby/object:Gem::Version
60
- version: '11.0'
54
+ version: '12.0'
61
55
  - !ruby/object:Gem::Dependency
62
56
  name: rspec
63
57
  requirement: !ruby/object:Gem::Requirement
@@ -94,12 +88,14 @@ extra_rdoc_files:
94
88
  - LICENSE
95
89
  - README.md
96
90
  files:
91
+ - ".github/CODEOWNERS"
92
+ - ".github/workflows/checks.yml"
97
93
  - LICENSE
98
94
  - README.md
99
95
  - lib/pronto/brakeman.rb
100
96
  - lib/pronto/brakeman/version.rb
101
97
  - pronto-brakeman.gemspec
102
- homepage: http://github.org/mmozuras/pronto-brakeman
98
+ homepage: http://github.com/mmozuras/pronto-brakeman
103
99
  licenses:
104
100
  - MIT
105
101
  metadata: {}
@@ -111,15 +107,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
111
107
  requirements:
112
108
  - - ">="
113
109
  - !ruby/object:Gem::Version
114
- version: 1.9.3
110
+ version: 2.3.0
115
111
  required_rubygems_version: !ruby/object:Gem::Requirement
116
112
  requirements:
117
113
  - - ">="
118
114
  - !ruby/object:Gem::Version
119
115
  version: '0'
120
116
  requirements: []
121
- rubyforge_project:
122
- rubygems_version: 2.4.5
117
+ rubygems_version: 3.0.3
123
118
  signing_key:
124
119
  specification_version: 4
125
120
  summary: Pronto runner for Brakeman, security vulnerability scanner for RoR