rails-audit 0.50.0 → 0.51.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +3 -4
- data/config/audit.yml +3 -0
- data/lib/rails-audit/audit.rb +4 -4
- data/lib/rails-audit/audits.rb +1 -1
- data/lib/rails-audit/audits/brakeman.rb +1 -1
- data/lib/rails-audit/audits/bundler_audit.rb +1 -1
- data/lib/rails-audit/audits/cane.rb +1 -1
- data/lib/rails-audit/audits/consistency_fail.rb +1 -1
- data/lib/rails-audit/audits/license_finder.rb +1 -1
- data/lib/rails-audit/audits/rails_best_practices.rb +1 -1
- data/lib/rails-audit/runner.rb +7 -8
- data/lib/rails-audit/version.rb +1 -1
- data/rails-audit.gemspec +13 -15
- metadata +10 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 73ff27c392af426d534b8d827b7b4df84a507f2279e717f0b0d32831e85248c0
|
4
|
+
data.tar.gz: 004b65dfb37c7338412d989e31b236469bbf2b120838498ecb939896d95a3e5a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0efc5536d2ee514628fdf3a66f495c423164a7382c46ebd66aa3256d2374e5ad958d4afec44acde644b1539773a1b3673f225157ddfc8615e4feebe35082e11f
|
7
|
+
data.tar.gz: 6b9ff375beed429b368c9cda41447d44a04e016615edaeb83eb10d9e2852efce59a9db42801d952a820bc6684f38839e66835c327bfc21476462b78eb0de4841
|
data/README.md
CHANGED
@@ -1,5 +1,4 @@
|
|
1
1
|
[![Gem Version](https://badge.fury.io/rb/rails-audit.png)](http://badge.fury.io/rb/rails-audit)
|
2
|
-
[![Dependency Status](https://gemnasium.com/cschramm/rails-audit.png)](https://gemnasium.com/cschramm/rails-audit)
|
3
2
|
[![Code Climate](https://codeclimate.com/github/cschramm/rails-audit.png)](https://codeclimate.com/github/cschramm/rails-audit)
|
4
3
|
|
5
4
|
# Rails Audit
|
@@ -18,14 +17,14 @@ vary if a specific version of this gem is included in a project's bundle.
|
|
18
17
|
|
19
18
|
## Configuration
|
20
19
|
|
21
|
-
Additional parameters can be passed to any audit's binary by using
|
22
|
-
file. A configuration for cane could look like the following:
|
20
|
+
Additional parameters can be passed to any audit's binary by using a
|
21
|
+
config/audit.yml file. A configuration for cane could look like the following:
|
23
22
|
|
24
23
|
Cane:
|
25
24
|
Parameters: '--style-measure 120 --no-doc'
|
26
25
|
|
27
26
|
This can also be used to extend the command and e.g. redirect the output.
|
28
|
-
(WARNING:
|
27
|
+
(WARNING: Thi hase obvious security implications!) Suppressing the
|
29
28
|
license_finder spinner, which is a good idea in CI, would work like this:
|
30
29
|
|
31
30
|
LicenseFinder:
|
data/config/audit.yml
CHANGED
data/lib/rails-audit/audit.rb
CHANGED
@@ -1,16 +1,16 @@
|
|
1
1
|
module RailsAudit
|
2
2
|
class Audit
|
3
|
-
def self.command(
|
3
|
+
def self.command(_rails)
|
4
4
|
self::COMMAND
|
5
5
|
end
|
6
6
|
|
7
7
|
def self.run(config)
|
8
8
|
return true unless config[:enabled] && (config[:rails] || !self::RAILS)
|
9
|
-
system "
|
9
|
+
system "#{command config[:rails]} #{config[:params]}"
|
10
10
|
end
|
11
11
|
|
12
|
-
def self.
|
13
|
-
|
12
|
+
def self.name
|
13
|
+
super.split('::')[-1]
|
14
14
|
end
|
15
15
|
end
|
16
16
|
end
|
data/lib/rails-audit/audits.rb
CHANGED
data/lib/rails-audit/runner.rb
CHANGED
@@ -4,9 +4,8 @@ module RailsAudit
|
|
4
4
|
class Runner
|
5
5
|
def initialize
|
6
6
|
@config = { 'Concurrency' => true, 'Rails' => true }
|
7
|
-
|
8
|
-
|
9
|
-
end
|
7
|
+
return unless File.exist? 'config/audit.yml'
|
8
|
+
@config = @config.merge YAML.load_file('config/audit.yml')
|
10
9
|
end
|
11
10
|
|
12
11
|
def get_config(name)
|
@@ -36,8 +35,8 @@ module RailsAudit
|
|
36
35
|
failures = []
|
37
36
|
|
38
37
|
Audits::ALL.each do |audit|
|
39
|
-
success = audit.run get_config(audit.
|
40
|
-
failures << audit.
|
38
|
+
success = audit.run get_config(audit.name)
|
39
|
+
failures << audit.name unless success
|
41
40
|
end
|
42
41
|
|
43
42
|
failures
|
@@ -49,12 +48,12 @@ module RailsAudit
|
|
49
48
|
|
50
49
|
threads = Audits::ALL.map do |audit|
|
51
50
|
Thread.new do
|
52
|
-
success = audit.run get_config(audit.
|
53
|
-
mutex.synchronize { failures << audit.
|
51
|
+
success = audit.run get_config(audit.name)
|
52
|
+
mutex.synchronize { failures << audit.name unless success }
|
54
53
|
end
|
55
54
|
end
|
56
55
|
|
57
|
-
threads.each
|
56
|
+
threads.each(&:join)
|
58
57
|
|
59
58
|
failures
|
60
59
|
end
|
data/lib/rails-audit/version.rb
CHANGED
data/rails-audit.gemspec
CHANGED
@@ -1,37 +1,35 @@
|
|
1
|
-
|
2
|
-
require File.expand_path('../lib/rails-audit/version', __FILE__)
|
1
|
+
require File.expand_path('lib/rails-audit/version', __dir__)
|
3
2
|
|
4
|
-
Gem::Specification.new do |s|
|
3
|
+
Gem::Specification.new do |s| # rubocop:disable Metrics/BlockLength
|
5
4
|
s.name = 'rails-audit'
|
6
5
|
s.version = RailsAudit::Version.to_s
|
7
6
|
s.platform = Gem::Platform::RUBY
|
8
7
|
s.author = 'Christopher Schramm'
|
9
|
-
s.email = 'cschramm
|
8
|
+
s.email = 'rails-audit@cschramm.eu'
|
10
9
|
s.homepage = 'https://github.com/cschramm/rails-audit'
|
11
|
-
s.description = %
|
10
|
+
s.description = %(
|
12
11
|
Runs multiple audit and review tools to ensure quality and security of
|
13
12
|
Rails projects
|
14
|
-
|
15
|
-
s.summary =
|
16
|
-
Runs multiple audit and review tools to ensure quality and security of
|
17
|
-
Rails projects
|
18
|
-
}
|
13
|
+
)
|
14
|
+
s.summary = s.description
|
19
15
|
s.licenses = ['MIT']
|
20
16
|
s.files = `git ls-files`.split("\n")
|
21
17
|
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
22
|
-
s.executables = `git ls-files -- bin/*`.split("\n").map
|
23
|
-
|
18
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map do |f|
|
19
|
+
File.basename(f)
|
20
|
+
end
|
21
|
+
s.require_paths = %w[lib]
|
24
22
|
s.extra_rdoc_files = ['README.md']
|
25
23
|
|
26
24
|
s.add_development_dependency 'rake'
|
27
25
|
|
28
26
|
s.add_dependency 'bundler'
|
29
27
|
|
30
|
-
s.add_runtime_dependency 'brakeman', '~> 3.
|
28
|
+
s.add_runtime_dependency 'brakeman', '~> 4.3.0'
|
31
29
|
s.add_runtime_dependency 'bundler-audit'
|
32
30
|
s.add_runtime_dependency 'cane', '~> 3.0.0'
|
33
31
|
s.add_runtime_dependency 'consistency_fail'
|
34
32
|
s.add_runtime_dependency 'license_finder'
|
35
|
-
s.add_runtime_dependency 'rails_best_practices', '~> 1.
|
36
|
-
s.add_runtime_dependency 'rubocop', '~> 0.
|
33
|
+
s.add_runtime_dependency 'rails_best_practices', '~> 1.19.2'
|
34
|
+
s.add_runtime_dependency 'rubocop', '~> 0.56.0'
|
37
35
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails-audit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.51.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Christopher Schramm
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2018-05-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rake
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 3.
|
47
|
+
version: 4.3.0
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 3.
|
54
|
+
version: 4.3.0
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: bundler-audit
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -114,31 +114,31 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - "~>"
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 1.
|
117
|
+
version: 1.19.2
|
118
118
|
type: :runtime
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - "~>"
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 1.
|
124
|
+
version: 1.19.2
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: rubocop
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
128
128
|
requirements:
|
129
129
|
- - "~>"
|
130
130
|
- !ruby/object:Gem::Version
|
131
|
-
version: 0.
|
131
|
+
version: 0.56.0
|
132
132
|
type: :runtime
|
133
133
|
prerelease: false
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
135
135
|
requirements:
|
136
136
|
- - "~>"
|
137
137
|
- !ruby/object:Gem::Version
|
138
|
-
version: 0.
|
138
|
+
version: 0.56.0
|
139
139
|
description: "\n Runs multiple audit and review tools to ensure quality and security
|
140
140
|
of\n Rails projects\n "
|
141
|
-
email: cschramm
|
141
|
+
email: rails-audit@cschramm.eu
|
142
142
|
executables:
|
143
143
|
- rails-audit
|
144
144
|
extensions: []
|
@@ -187,10 +187,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
187
187
|
version: '0'
|
188
188
|
requirements: []
|
189
189
|
rubyforge_project:
|
190
|
-
rubygems_version: 2.
|
190
|
+
rubygems_version: 2.7.6
|
191
191
|
signing_key:
|
192
192
|
specification_version: 4
|
193
193
|
summary: Runs multiple audit and review tools to ensure quality and security of Rails
|
194
194
|
projects
|
195
195
|
test_files: []
|
196
|
-
has_rdoc:
|