pronto-brakeman 0.10.0 → 0.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/CODEOWNERS +3 -0
- data/.github/workflows/checks.yml +24 -0
- data/lib/pronto/brakeman.rb +2 -2
- data/lib/pronto/brakeman/version.rb +1 -1
- data/pronto-brakeman.gemspec +1 -1
- metadata +7 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a850480c412d705bd265a0b24ea74728383ac7bd6b616a8e8a2023bfedc0845f
|
4
|
+
data.tar.gz: b0542a31a845985491bc794c760e7c9b5618dc1ddcd409a09df58854e0e319d2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 57e884d484822acf06124a03f2f2e77bcfe851551e81fd3f347f7887c68bb26dc3784e026114efe1b09b1142201df32fd92f0494681bebe224f77ec70cb5892a
|
7
|
+
data.tar.gz: 77b4892ce37db8e9a64b70a5e9d3cfda5c03f479f76c82180de2b1aa44df29436868a2e0d05a3eba4da1ba7fee699ec2de3790fe8ad30ec4853e769c77174294
|
data/.github/CODEOWNERS
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
name: Checks
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches: [ master ]
|
6
|
+
pull_request:
|
7
|
+
branches: [ master ]
|
8
|
+
|
9
|
+
jobs:
|
10
|
+
ruby:
|
11
|
+
runs-on: ubuntu-latest
|
12
|
+
strategy:
|
13
|
+
matrix:
|
14
|
+
ruby: ['2.3', '2.4', '2.5', '2.6', '2.7', '3.0']
|
15
|
+
steps:
|
16
|
+
- uses: actions/checkout@v2
|
17
|
+
with:
|
18
|
+
fetch-depth: 0 # required for "not a rails app" spec
|
19
|
+
- uses: ruby/setup-ruby@v1
|
20
|
+
with:
|
21
|
+
ruby-version: ${{ matrix.ruby }}
|
22
|
+
bundler-cache: true
|
23
|
+
- name: rake spec
|
24
|
+
run: bundle exec rake spec
|
data/lib/pronto/brakeman.rb
CHANGED
@@ -34,7 +34,7 @@ module Pronto
|
|
34
34
|
def new_message(line, warning)
|
35
35
|
Message.new(line.patch.delta.new_file[:path], line,
|
36
36
|
severity_for_confidence(warning.confidence),
|
37
|
-
"Possible security vulnerability: #{warning.message}",
|
37
|
+
"Possible security vulnerability: [#{warning.message}](#{warning.link})",
|
38
38
|
nil, self.class)
|
39
39
|
end
|
40
40
|
|
@@ -51,7 +51,7 @@ module Pronto
|
|
51
51
|
|
52
52
|
def patch_for_warning(ruby_patches, warning)
|
53
53
|
ruby_patches.find do |patch|
|
54
|
-
patch.new_file_full_path.to_s == warning.file
|
54
|
+
patch.new_file_full_path.to_s == warning.file.absolute
|
55
55
|
end
|
56
56
|
end
|
57
57
|
end
|
data/pronto-brakeman.gemspec
CHANGED
@@ -32,7 +32,7 @@ Gem::Specification.new do |s|
|
|
32
32
|
s.extra_rdoc_files = ['LICENSE', 'README.md']
|
33
33
|
s.require_paths = ['lib']
|
34
34
|
|
35
|
-
s.add_runtime_dependency('pronto', '~> 0.
|
35
|
+
s.add_runtime_dependency('pronto', '~> 0.11.0')
|
36
36
|
s.add_runtime_dependency('brakeman', '>= 3.2.0')
|
37
37
|
s.add_development_dependency('rake', '~> 12.0')
|
38
38
|
s.add_development_dependency('rspec', '~> 3.4')
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pronto-brakeman
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.11.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mindaugas Mozūras
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-01-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: pronto
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.11.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.11.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: brakeman
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -88,6 +88,8 @@ extra_rdoc_files:
|
|
88
88
|
- LICENSE
|
89
89
|
- README.md
|
90
90
|
files:
|
91
|
+
- ".github/CODEOWNERS"
|
92
|
+
- ".github/workflows/checks.yml"
|
91
93
|
- LICENSE
|
92
94
|
- README.md
|
93
95
|
- lib/pronto/brakeman.rb
|
@@ -112,7 +114,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
112
114
|
- !ruby/object:Gem::Version
|
113
115
|
version: '0'
|
114
116
|
requirements: []
|
115
|
-
rubygems_version: 3.0.
|
117
|
+
rubygems_version: 3.0.3
|
116
118
|
signing_key:
|
117
119
|
specification_version: 4
|
118
120
|
summary: Pronto runner for Brakeman, security vulnerability scanner for RoR
|