ruby-zoom 4.7.5 → 5.0.0

data/lib/zoom/profile/unsafe_js.rb

@@ -1,16 +1,10 @@
 class Zoom::SecurityProfile::UnsafeJs < Zoom::SecurityProfile
-    def initialize(n = nil, o = nil, f = nil, b = nil, a = nil)
-        case Zoom::ProfileManager.default_profile
-        when /^ack(-grep)?$/
-            f ||= "--smart-case --js"
-        when "ag", "pt"
-            f ||= "-S -G \"\\.js$\""
-        when "grep"
-            f ||= "-i --include=\"*.js\""
-        end
+    def initialize(n = nil, t = nil, f = nil, b = nil, a = nil)
+        t = Zoom::ProfileManager.default_tool
 
-        super(n, nil, f, b, a)
-        @pattern = [
+        super(n, t, f, b, a)
+        @exts = ["js", "jsx", "vue"]
+        @regex = [
             "\\.",
             "(",
             [
@@ -19,6 +13,5 @@ class Zoom::SecurityProfile::UnsafeJs < Zoom::SecurityProfile
             ].join("|"),
             ")"
         ].join
-        @taggable = true
     end
 end

data/lib/zoom/profile/unsafe_php.rb

@@ -1,62 +1,55 @@
 class Zoom::SecurityProfile::UnsafePhp < Zoom::SecurityProfile
-    def initialize(n = nil, o = nil, f = nil, b = nil, a = nil)
-        case Zoom::ProfileManager.default_profile
-        when /^ack(-grep)?$/
-            f ||= "--smart-case --php"
-        when "ag", "pt"
-            f ||= "-S -G \"\\.ph(p[345t]?|tml)$\""
-        when "grep"
-            f ||= [
-                "-i",
-                "--include=\"*.php\"",
-                "--include=\"*.php[345t]\"",
-                "--include=\"*.phtml\""
-            ].join(" ")
-        end
+    def initialize(n = nil, t = nil, f = nil, b = nil, a = nil)
+        t = Zoom::ProfileManager.default_tool
+
+        super(n, t, f, b, a)
+        @exts = ["php", "php3", "php4", "php5", "phpt", "phtml"]
 
-        super(n, nil, f, b, a)
         # From here: https://www.eukhost.com/blog/webhosting/dangerous-php-functions-must-be-disabled/
         # OMG is anything safe?!
-        @pattern = [
-            "\\`",
-            "|",
-            "\\$_GET\\[",
-            "|",
-            "(^|[^\\nA-Za-z_])",
-            "(",
-            "(include|require)(_once)?",
-            "|",
-            "(",
+        functions = [
+            "apache_(child_terminate|setenv)",
+            "assert",
+            "create_function",
+            "define_syslog_variables",
+            "escapeshell(arg|cmd)",
+            "eval",
+            "fp(ut)?",
+            "ftp_(connect|exec|get|login|(nb_f)?put|raw(list)?)",
+            "highlight_file",
+            "ini_(alter|get_all|restore)",
+            "inject_code",
+            "mysql_pconnect",
+            "openlog",
+            "passthru",
+            "pcntl_exec",
+            "php_uname",
+            "phpAds_(remoteInfo|XmlRpc|xmlrpc(De|En)code)",
+            "popen",
+            "posix_(getpwuid|kill|mkfifo|set(pg|s|u)id|uname)",
+            "preg_replace",
+            "proc_(close|get_status|nice|open|terminate)",
+            "(shell_)?exec",
+            "sys(log|tem)",
+            "xmlrpc_entity_decode"
+        ]
+        get_params = "\\$_GET\\["
+        includes = "(include|require)(_once)?"
+        shell = "`"
+        start_or_not_variable = "(^|[^\\nA-Za-z_])"
+
+        @regex = [
+            shell,
+            get_params,
             [
-                "apache_(child_terminate|setenv)",
-                "assert",
-                "create_function",
-                "define_syslog_variables",
-                "escapeshell(arg|cmd)",
-                "eval",
-                "fp(ut)?",
-                "ftp_(connect|exec|get|login|(nb_f)?put|raw(list)?)",
-                "highlight_file",
-                "ini_(alter|get_all|restore)",
-                "inject_code",
-                "mysql_pconnect",
-                "openlog",
-                "passthru",
-                "pcntl_exec",
-                "php_uname",
-                "phpAds_(remoteInfo|XmlRpc|xmlrpc(De|En)code)",
-                "popen",
-                "posix_(getpwuid|kill|mkfifo|set(pg|s|u)id|uname)",
-                "preg_replace",
-                "proc_(close|get_status|nice|open|terminate)",
-                "(shell_)?exec",
-                "sys(log|tem)",
-                "xmlrpc_entity_decode"
-            ].join("|"),
-            ")",
-            "\\(",
-            ")"
-        ].join
-        @taggable = true
+                start_or_not_variable,
+                "(",
+                [
+                    includes,
+                    "(#{functions.join("|")})\\(",
+                ].join("|"),
+                ")"
+            ].join
+        ].join("|")
     end
 end

data/lib/zoom/profile/unsafe_python.rb

@@ -1,29 +1,21 @@
 class Zoom::SecurityProfile::UnsafePython < Zoom::SecurityProfile
-    def initialize(n = nil, o = nil, f = nil, b = nil, a = nil)
-        case Zoom::ProfileManager.default_profile
-        when /^ack(-grep)?$/
-            f ||= "--smart-case --python"
-        when "ag", "pt"
-            f ||= "-S -G \"\\.py$\""
-        when "grep"
-            f ||= "-i --include=\"*.py\""
-        end
+    def initialize(n = nil, t = nil, f = nil, b = nil, a = nil)
+        t = Zoom::ProfileManager.default_tool
 
-        super(n, nil, f, b, a)
-        @pattern = [
-            "(^|[^\\nA-Za-z_])",
-            "(",
-            [
-                "c?[Pp]ickle\\.loads?",
-                "eval",
-                "exec",
-                "os\\.(popen|system)",
-                "subprocess\\.call",
-                "yaml\\.load"
-            ].join("|"),
-            ")",
-            "\\("
+        super(n, t, f, b, a)
+        @exts = ["py"]
+        functions = [
+            "c?[Pp]ickle\\.loads?",
+            "eval",
+            "exec",
+            "os\\.(popen|system)",
+            "subprocess\\.call",
+            "yaml\\.load"
+        ]
+        start_or_not_variable = "(^|[^\\nA-Za-z_])"
+        @regex = [
+            start_or_not_variable,
+            "(#{functions.join("|")})\\(",
         ].join
-        @taggable = true
     end
 end

data/lib/zoom/profile/unsafe_ruby.rb

@@ -1,29 +1,21 @@
 class Zoom::SecurityProfile::UnsafeRuby < Zoom::SecurityProfile
-    def initialize(n = nil, o = nil, f = nil, b = nil, a = nil)
-        case Zoom::ProfileManager.default_profile
-        when /^ack(-grep)?$/
-            f ||= "--smart-case --ruby"
-        when "ag", "pt"
-            f ||= [
-                "-S",
-                "-G \"\\.(erb|r(ake|b|html|js|xml)|spec)$|Rakefile\""
-            ].join(" ")
-        when "grep"
-            f ||= [
-                "-i",
-                "--include=\"*.erb\"",
-                "--include=\"*.rake\"",
-                "--include=\"*.rb\"",
-                "--include=\"*.rhtml\"",
-                "--include=\"*.rjs\"",
-                "--include=\"*.rxml\"",
-                "--include=\"*.spec\"",
-                "--include=\"Rakefile\""
-            ].join(" ")
-        end
+    def initialize(n = nil, t = nil, f = nil, b = nil, a = nil)
+        t = Zoom::ProfileManager.default_tool
 
-        super(n, nil, f, b, a)
-        @pattern = [
+        super(n, t, f, b, a)
+        @exts = [
+            "erb",
+            "gemspec",
+            "irbrc",
+            "rake",
+            "rb",
+            "rhtml",
+            "rjs",
+            "rxml",
+            "spec"
+        ]
+        @files = ["Gemfile", "Rakefile"]
+        @regex = [
             "%x\\(",
             "|",
             "\\.constantize",
@@ -37,6 +29,5 @@ class Zoom::SecurityProfile::UnsafeRuby < Zoom::SecurityProfile
             ].join("|"),
             ")"
         ].join
-        @taggable = true
     end
 end

data/lib/zoom/profile_manager.rb

@@ -3,32 +3,44 @@ require "scoobydoo"
 
 class Zoom::ProfileManager
     @@ranking = [
-        ["ag", "Zoom::Profile::Ag", "-Su"],
-        ["pt", "Zoom::Profile::Pt", "-SU --hidden"],
-        ["ack", "Zoom::Profile::Ack", ""],
-        ["ack-grep", "Zoom::Profile::Ack", ""],
-        ["grep", "Zoom::Profile::Grep", "-ai"],
-        ["find", "Zoom::Profile::Find", ""]
+        ["rg", "Zoom::Profile::Rg"],
+        ["ag", "Zoom::Profile::Ag"],
+        ["grep", "Zoom::Profile::Grep"],
+        ["pt", "Zoom::Profile::Pt"],
+        ["ack", "Zoom::Profile::Ack"],
+        ["ack-grep", "Zoom::Profile::Ack"],
+        ["find", "Zoom::Profile::Find"]
     ]
+    @@tool = nil
 
-    def self.default_profile
-        @@ranking.each do |op, clas, all|
-            return op if (ScoobyDoo.where_are_you(op))
+    def self.class_by_tool(t)
+        found = @@ranking.select do |tool, clas|
+            t == tool
         end
+        return found[0][1] if (!found.empty?)
+        return nil
+    end
+
+    def self.default_class
+        if (@@tool && ScoobyDoo.where_are_you(@@tool))
+            return class_by_tool(@@tool)
+        end
+
+        @@ranking.each do |tool, clas|
+            return clas if (ScoobyDoo.where_are_you(tool))
+        end
+
         return nil # shouldn't happen
     end
 
     def self.default_profiles
         profiles = Hash.new
 
-        @@ranking.each do |op, clas, all|
-            if (ScoobyDoo.where_are_you(op))
-                name = op.gsub("-grep", "")
+        @@ranking.each do |tool, clas|
+            if (ScoobyDoo.where_are_you(tool))
+                name = tool.gsub("-grep", "")
                 obj = Zoom::Profile.profile_by_name(clas)
                 profiles[name] = obj.new(name)
-                if (!all.empty?)
-                    profiles["all"] ||= obj.new("all", name, all)
-                end
             end
         end
 
@@ -36,7 +48,7 @@ class Zoom::ProfileManager
             case clas.to_s
             when /^Zoom::SecurityProfile.*/
                 # Ignore these
-            when /^Zoom::Profile::(Ag|Ack|Find|Grep|Pt)/
+            when /^Zoom::Profile::(Ag|Ack|Find|Grep|Pt|Rg)/
                 # Ignore these
             else
                 # Custom classes
@@ -48,6 +60,28 @@ class Zoom::ProfileManager
         return profiles
     end
 
+    def self.default_tool
+        if (@@tool && ScoobyDoo.where_are_you(@@tool))
+            return @@tool
+        end
+
+        @@ranking.each do |tool, clas|
+            return tool if (ScoobyDoo.where_are_you(tool))
+        end
+
+        return nil # shouldn't happen
+    end
+
+    def self.force_tool(tool = nil)
+        if (tool == "ack")
+            tool = "ack-grep" if (ScoobyDoo.where_are_you("ack-grep"))
+        end
+
+        tool = nil if (tool && !ScoobyDoo.where_are_you(tool))
+
+        @@tool = tool
+    end
+
     def self.security_profiles
         profiles = Array.new
         Zoom::SecurityProfile.subclasses.each do |clas|

data/lib/zoom/security_profile.rb

@@ -1,7 +1,62 @@
-clas = Zoom::ProfileManager.default_profile.capitalize
-superclass = Zoom::Profile.profile_by_name("Zoom::Profile::#{clas}")
-class Zoom::SecurityProfile < superclass
-    def initialize(n = nil, o = nil, f = nil, b = nil, a = nil)
-        super(n, Zoom::ProfileManager.default_profile, f, b, a)
+class Zoom::SecurityProfile < Zoom::Profile
+    def after(a = nil)
+        super
+        return @tool.after(a)
+    end
+
+    def before(b = nil)
+        super
+        return @tool.before(b)
+    end
+
+    def exe(header)
+        sync
+        return @tool.exe(header)
+    end
+
+    def flags(f = nil)
+        super
+        return @tool.flags(f)
+    end
+
+    def grep_like_format_flags(all = false)
+        super
+        @tool.grep_like_format_flags(all)
+        @format_flags = @tool.format_flags
+        @taggable = @tool.taggable
+    end
+
+    def initialize(n = nil, t = nil, f = nil, b = nil, a = nil)
+        clas = Zoom::ProfileManager.class_by_tool(t)
+        clas ||= Zoom::ProfileManager.default_class
+        @tool = Zoom::Profile.profile_by_name(clas).new(n)
+        super(n, @tool.tool, f, b, a)
+    end
+
+    def only_exts_and_files
+        @tool.exts = @exts
+        @tool.files = @files
+        return @tool.only_exts_and_files
+    end
+
+    def preprocess(header)
+        sync
+        return @tool.preprocess(header)
+    end
+
+    def sync
+        @tool.exts = @exts
+        @tool.files = @files
+        @tool.regex = @regex
+    end
+    private :sync
+
+    def tool(t = nil)
+        super
+        return @tool.tool(t)
+    end
+
+    def translate(from)
+        return @tool.translate(from)
     end
 end

data/lib/zoom/wish/edit_wish.rb

@@ -26,7 +26,7 @@ class EditWish < Djinni::Wish
         f, found, v = args.partition(" ")
 
         case f
-        when "class", "operator"
+        when "class", "tool"
             if (found.empty?)
                 usage
                 return
@@ -51,8 +51,8 @@ class EditWish < Djinni::Wish
             profiles[n] = profile
         when "flags"
             profile.flags(v)
-        when "operator"
-            profile.operator(v)
+        when "tool"
+            profile.tool(v)
         else
             usage
             return
@@ -71,7 +71,7 @@ class EditWish < Djinni::Wish
             "before" => "Prepend any ENV vars",
             "class" => "Modify the class",
             "flags" => "Specify any additional flags",
-            "operator" => "Specify an alternative operator"
+            "tool" => "Specify an alternative tool"
         }
     end
 

data/lib/zoom/wish/editor_wish.rb

@@ -1,5 +1,4 @@
 require "djinni"
-require "scoobydoo"
 
 class EditorWish < Djinni::Wish
     def aliases
@@ -11,17 +10,12 @@ class EditorWish < Djinni::Wish
     end
 
     def execute(args, djinni_env = {})
-        if (args.include?(" "))
+        if (args.empty?)
             usage
             return
         end
 
-        config = djinni_env["config"]
-        if (ScoobyDoo.where_are_you(args))
-            config.editor(args)
-        else
-            puts "Editor not found: #{args}"
-        end
+        djinni_env["config"].editor(args)
     end
 
     def usage