semgrep-changes 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 0aa83eaad5bc8a14618a813f8170a85c424ec4a815302c32c35d74301360f7c3
4
+ data.tar.gz: 3d9049a86bca5cef1f24d7d6f0c613997fb80b13fcb1c0350c269a17637ca942
5
+ SHA512:
6
+ metadata.gz: a2a5b7f7a90083cd15e26b0c54dfa64dd6aa9a0cfb892a4eb4f2fccbf65b489af60f517331202f410a6af77af34e3c446c6e2e13e0686e6636780e296e40dad8
7
+ data.tar.gz: 236536504073966d8de3dd0172dbe7469d9b4c739f0e33618b66aae4a9e71ba81f8071d0a22faf2b3ec72be752b97e22ae0a7eb9b2605d8219b816a19c7363f5
@@ -0,0 +1,23 @@
1
+ name: CI
2
+
3
+ on: [push, pull_request]
4
+
5
+ jobs:
6
+ test:
7
+
8
+ runs-on: ubuntu-latest
9
+
10
+ strategy:
11
+ fail-fast: false
12
+ matrix:
13
+ ruby: ["2.5", "2.6", "2.7", "3.0", "3.1", ruby-head]
14
+
15
+ steps:
16
+ - uses: actions/checkout@v2
17
+ - name: Set up Ruby
18
+ uses: ruby/setup-ruby@v1
19
+ with:
20
+ bundler-cache: true # 'bundle install' and cache gems
21
+ ruby-version: ${{ matrix.ruby }}
22
+ - name: Run tests
23
+ run: bundle exec rake
data/.gitignore ADDED
@@ -0,0 +1,15 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
9
+
10
+ # rspec failure tracking
11
+ .rspec_status
12
+ .byebug_history
13
+
14
+ *.gem
15
+ .idea
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/.rubocop.yml ADDED
@@ -0,0 +1,27 @@
1
+ AllCops:
2
+ TargetRubyVersion: 2.5
3
+ NewCops: disable
4
+
5
+ Lint/RaiseException:
6
+ Enabled: false
7
+
8
+ Lint/StructNewOverride:
9
+ Enabled: false
10
+
11
+ Style/HashEachMethods:
12
+ Enabled: false
13
+
14
+ Style/HashTransformKeys:
15
+ Enabled: false
16
+
17
+ Style/HashTransformValues:
18
+ Enabled: false
19
+
20
+ Style/Documentation:
21
+ Enabled: false
22
+
23
+ Style/FrozenStringLiteralComment:
24
+ Enabled: false
25
+
26
+ Layout/LineLength:
27
+ Max: 120
data/.semgrep.yml ADDED
@@ -0,0 +1,6 @@
1
+ rules:
2
+ - id: dont-use-method
3
+ pattern: method($X)
4
+ message: Do not use &method calls
5
+ languages: [ruby]
6
+ severity: ERROR
@@ -0,0 +1,74 @@
1
+ # Contributor Covenant Code of Conduct
2
+
3
+ ## Our Pledge
4
+
5
+ In the interest of fostering an open and welcoming environment, we as
6
+ contributors and maintainers pledge to making participation in our project and
7
+ our community a harassment-free experience for everyone, regardless of age, body
8
+ size, disability, ethnicity, gender identity and expression, level of experience,
9
+ nationality, personal appearance, race, religion, or sexual identity and
10
+ orientation.
11
+
12
+ ## Our Standards
13
+
14
+ Examples of behavior that contributes to creating a positive environment
15
+ include:
16
+
17
+ * Using welcoming and inclusive language
18
+ * Being respectful of differing viewpoints and experiences
19
+ * Gracefully accepting constructive criticism
20
+ * Focusing on what is best for the community
21
+ * Showing empathy towards other community members
22
+
23
+ Examples of unacceptable behavior by participants include:
24
+
25
+ * The use of sexualized language or imagery and unwelcome sexual attention or
26
+ advances
27
+ * Trolling, insulting/derogatory comments, and personal or political attacks
28
+ * Public or private harassment
29
+ * Publishing others' private information, such as a physical or electronic
30
+ address, without explicit permission
31
+ * Other conduct which could reasonably be considered inappropriate in a
32
+ professional setting
33
+
34
+ ## Our Responsibilities
35
+
36
+ Project maintainers are responsible for clarifying the standards of acceptable
37
+ behavior and are expected to take appropriate and fair corrective action in
38
+ response to any instances of unacceptable behavior.
39
+
40
+ Project maintainers have the right and responsibility to remove, edit, or
41
+ reject comments, commits, code, wiki edits, issues, and other contributions
42
+ that are not aligned to this Code of Conduct, or to ban temporarily or
43
+ permanently any contributor for other behaviors that they deem inappropriate,
44
+ threatening, offensive, or harmful.
45
+
46
+ ## Scope
47
+
48
+ This Code of Conduct applies both within project spaces and in public spaces
49
+ when an individual is representing the project or its community. Examples of
50
+ representing a project or community include using an official project e-mail
51
+ address, posting via an official social media account, or acting as an appointed
52
+ representative at an online or offline event. Representation of a project may be
53
+ further defined and clarified by project maintainers.
54
+
55
+ ## Enforcement
56
+
57
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
58
+ reported by contacting the project team at fcsonline@gmail.com. All
59
+ complaints will be reviewed and investigated and will result in a response that
60
+ is deemed necessary and appropriate to the circumstances. The project team is
61
+ obligated to maintain confidentiality with regard to the reporter of an incident.
62
+ Further details of specific enforcement policies may be posted separately.
63
+
64
+ Project maintainers who do not follow or enforce the Code of Conduct in good
65
+ faith may face temporary or permanent repercussions as determined by other
66
+ members of the project's leadership.
67
+
68
+ ## Attribution
69
+
70
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
71
+ available at [http://contributor-covenant.org/version/1/4][version]
72
+
73
+ [homepage]: http://contributor-covenant.org
74
+ [version]: http://contributor-covenant.org/version/1/4/
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in semgrep-changes.gemspec
4
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,39 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ semgrep-changes (0.1.0)
5
+ git_diff_parser (~> 3.2)
6
+
7
+ GEM
8
+ remote: https://rubygems.org/
9
+ specs:
10
+ byebug (10.0.2)
11
+ diff-lcs (1.3)
12
+ git_diff_parser (3.2.0)
13
+ rake (13.0.3)
14
+ rspec (3.9.0)
15
+ rspec-core (~> 3.9.0)
16
+ rspec-expectations (~> 3.9.0)
17
+ rspec-mocks (~> 3.9.0)
18
+ rspec-core (3.9.0)
19
+ rspec-support (~> 3.9.0)
20
+ rspec-expectations (3.9.0)
21
+ diff-lcs (>= 1.2.0, < 2.0)
22
+ rspec-support (~> 3.9.0)
23
+ rspec-mocks (3.9.0)
24
+ diff-lcs (>= 1.2.0, < 2.0)
25
+ rspec-support (~> 3.9.0)
26
+ rspec-support (3.9.0)
27
+
28
+ PLATFORMS
29
+ ruby
30
+
31
+ DEPENDENCIES
32
+ bundler (~> 2.0)
33
+ byebug (~> 10.0)
34
+ rake (~> 13.0)
35
+ rspec (~> 3.0)
36
+ semgrep-changes!
37
+
38
+ BUNDLED WITH
39
+ 2.3.12
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2022 Ferran Basora
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2019 Ferran Basora
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,53 @@
1
+ # Semgrep::Changes
2
+
3
+ [![Gem Version](https://img.shields.io/gem/v/semgrep-changes)](https://rubygems.org/gems/semgrep-changes)
4
+ [![Build Status](https://github.com/fcsonline/semgrep-changes/actions/workflows/ci.yml/badge.svg)](https://github.com/fcsonline/semgrep-changes/actions/workflows/ci.yml)
5
+
6
+ `semgrep-changes` shows only the offenses you introduced since the fork point
7
+ of your git branch. Will not complain about existing offenses in your main
8
+ branch.
9
+
10
+ This is useful for CI checks for your pull requests but it could be useful too
11
+ for you daily work, to know new offenses created by you.
12
+
13
+ Internally `semgrep-changes` reads the `json` output from `semgrep` and a `git
14
+ diff` and does the intersection of line numbers to know the new offenses you
15
+ are introducing to you main branch.
16
+
17
+ ## Installation
18
+
19
+ Add this line to your application's Gemfile:
20
+
21
+ ```ruby
22
+ gem 'semgrep-changes'
23
+ ```
24
+
25
+ And then execute:
26
+
27
+ $ bundle
28
+
29
+ Or install it yourself as:
30
+
31
+ $ gem install semgrep-changes
32
+
33
+ ## Usage
34
+
35
+ $ bundle exec semgrep-changes
36
+
37
+ ## Development
38
+
39
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
40
+
41
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
42
+
43
+ ## Contributing
44
+
45
+ Bug reports and pull requests are welcome on GitHub at https://github.com/fcsonline/semgrep-changes. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
46
+
47
+ ## License
48
+
49
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
50
+
51
+ ## Code of Conduct
52
+
53
+ Everyone interacting in the Semgrep::Changes project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/fcsonline/semgrep-changes/blob/master/CODE_OF_CONDUCT.md).
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require 'bundler/gem_tasks'
2
+ require 'rspec/core/rake_task'
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task default: :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'bundler/setup'
4
+ require 'semgrep/changes'
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require 'irb'
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,16 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require 'semgrep/changes/checker'
5
+ require 'semgrep/changes/options'
6
+
7
+ args = Semgrep::Changes::Options.new.parse!
8
+
9
+ offenses = Semgrep::Changes::Checker.new(
10
+ report: args.report,
11
+ quiet: args.quiet,
12
+ commit: args.commit,
13
+ base_branch: args.base_branch
14
+ ).run
15
+
16
+ exit offenses.positive? ? 1 : 0
@@ -0,0 +1,41 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Semgrep
4
+ module Changes
5
+ class Check
6
+ def initialize(path, analysis, patch)
7
+ @path = path
8
+ @analysis = analysis
9
+ @patch = patch
10
+ end
11
+
12
+ def offenses
13
+ analysis.select do |offense|
14
+ line_numbers.include?(line(offense))
15
+ end
16
+ end
17
+
18
+ attr_reader :path, :analysis, :patch
19
+
20
+ private
21
+
22
+ def line_numbers
23
+ lines_from_diff & lines_from_semgrep
24
+ end
25
+
26
+ def lines_from_diff
27
+ patch.changed_line_numbers
28
+ end
29
+
30
+ def lines_from_semgrep
31
+ analysis
32
+ .map(&method(:line)) # Change me
33
+ .uniq
34
+ end
35
+
36
+ def line(offense)
37
+ offense.start.line
38
+ end
39
+ end
40
+ end
41
+ end
@@ -0,0 +1,108 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'git_diff_parser'
4
+ require 'json'
5
+
6
+ require 'semgrep/changes/check'
7
+ require 'semgrep/changes/shell'
8
+
9
+ module Semgrep
10
+ module Changes
11
+ class UnknownForkPointError < StandardError; end
12
+
13
+ class Checker
14
+ def initialize(report:, quiet:, commit:, base_branch:)
15
+ @report = report
16
+ @quiet = quiet
17
+ @commit = commit
18
+ @base_branch = base_branch
19
+ end
20
+
21
+ def run
22
+ raise UnknownForkPointError if fork_point.empty?
23
+
24
+ print_offenses! unless quiet
25
+
26
+ total_offenses
27
+ end
28
+
29
+ private
30
+
31
+ attr_reader :report, :format, :quiet, :commit
32
+
33
+ def fork_point
34
+ @fork_point ||= Shell.run(command)
35
+ end
36
+
37
+ def command
38
+ return "git merge-base HEAD origin/#{@base_branch}" unless commit
39
+
40
+ "git log -n 1 --pretty=format:\"%h\" #{commit}"
41
+ end
42
+
43
+ def diff
44
+ Shell.run("git diff #{fork_point}")
45
+ end
46
+
47
+ def patches
48
+ @patches ||= GitDiffParser.parse(diff)
49
+ end
50
+
51
+ def changed_files
52
+ patches.map(&:file)
53
+ end
54
+
55
+ def semgrep_json
56
+ @semgrep_json ||= JSON.parse(File.read(report), object_class: OpenStruct)
57
+ end
58
+
59
+ def checks
60
+ @checks ||= changed_files.map do |file|
61
+ analysis = semgrep_json.results.select { |item| item.path == file }
62
+ patch = patches.find { |item| item.file == file }
63
+
64
+ next unless analysis
65
+
66
+ Check.new(file, analysis, patch)
67
+ end.compact
68
+ end
69
+
70
+ def total_offenses
71
+ checks.map { |check| check.offenses.size }.inject(0, :+)
72
+ end
73
+
74
+ def print_offenses!
75
+ msg "Findings:"
76
+ msg ""
77
+
78
+ checks.each do |check|
79
+ print_offenses_for_check(check)
80
+ end
81
+
82
+ msg "Some files were skipped."
83
+ msg " Scan was limited to files tracked by git."
84
+ msg ""
85
+ msg "Ran 1 rule on 11 files: #{total_offenses} finding."
86
+ end
87
+
88
+ def print_offenses_for_check(check)
89
+ return unless check.offenses.length > 0
90
+
91
+ msg " #{check.path}"
92
+ check.offenses.map do |offense|
93
+ msg " #{offense.check_id}"
94
+ msg " #{offense.extra.message}"
95
+ msg ""
96
+ msg " #{offense.start.line}┆ #{offense.extra.lines&.strip}"
97
+ msg ""
98
+ end
99
+ end
100
+
101
+ def msg(message)
102
+ return if ENV['RACK_ENV'] == 'test'
103
+
104
+ puts message
105
+ end
106
+ end
107
+ end
108
+ end
@@ -0,0 +1,80 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'optparse'
4
+
5
+ module Semgrep
6
+ module Changes
7
+ class Options
8
+ Options = Struct.new(:report, :quiet, :commit, :base_branch)
9
+
10
+ def initialize
11
+ @args = Options.new(nil, false, nil, 'main') # Defaults
12
+ end
13
+
14
+ def parse!
15
+ OptionParser.new do |opts|
16
+ opts.banner = 'Usage: semgrep-changes [options]'
17
+
18
+ parse_report!(opts)
19
+ parse_commit!(opts)
20
+ parse_quiet!(opts)
21
+ parse_help!(opts)
22
+ parse_version!(opts)
23
+ parse_base_branch!(opts)
24
+ end.parse!
25
+
26
+ args
27
+ end
28
+
29
+ private
30
+
31
+ attr_reader :args
32
+
33
+ def parse_report!(opts)
34
+ opts.on(
35
+ '-r',
36
+ '--report [REPORT]',
37
+ "Specify the semgrep report in json format"
38
+ ) do |r|
39
+ args.report = r
40
+ end
41
+ end
42
+
43
+ def parse_commit!(opts)
44
+ opts.on(
45
+ '-c',
46
+ '--commit [COMMIT_ID]',
47
+ 'Compare from some specific point on git history'
48
+ ) do |c|
49
+ args.commit = c
50
+ end
51
+ end
52
+
53
+ def parse_quiet!(opts)
54
+ opts.on('-q', '--quiet', 'Be quiet') do |v|
55
+ args.quiet = v
56
+ end
57
+ end
58
+
59
+ def parse_base_branch!(opts)
60
+ opts.on('-b', '--base_branch [BRANCH]', 'Base branch to compare') do |v|
61
+ args.base_branch = v
62
+ end
63
+ end
64
+
65
+ def parse_help!(opts)
66
+ opts.on('-h', '--help', 'Prints this help') do
67
+ puts opts
68
+ exit
69
+ end
70
+ end
71
+
72
+ def parse_version!(opts)
73
+ opts.on('--version', 'Display version') do
74
+ puts Semgrep::Changes::VERSION
75
+ exit 0
76
+ end
77
+ end
78
+ end
79
+ end
80
+ end
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Semgrep
4
+ module Changes
5
+ class Shell
6
+ def self.run(command)
7
+ `#{command}`.strip
8
+ end
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Semgrep
4
+ module Changes
5
+ VERSION = '0.1.0'
6
+ end
7
+ end
@@ -0,0 +1,8 @@
1
+ require 'semgrep/changes/version'
2
+
3
+ module Semgrep
4
+ module Changes
5
+ class Error < StandardError; end
6
+ # Your code goes here...
7
+ end
8
+ end
@@ -0,0 +1,45 @@
1
+ lib = File.expand_path('lib', __dir__)
2
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
+ require 'semgrep/changes/version'
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = 'semgrep-changes'
7
+ spec.version = Semgrep::Changes::VERSION
8
+ spec.platform = Gem::Platform::RUBY
9
+ spec.required_ruby_version = '>= 2.5.0'
10
+ spec.authors = ['Ferran Basora']
11
+ spec.email = ['fcsonline@gmail.com']
12
+
13
+ spec.summary = 'Semgrep on changed lines from git fork point'
14
+ spec.description = <<-DESCRIPTION
15
+ semgrep-changes will run semgrep on changed lines from forked point in your main branch.
16
+ It will not complain about existing offenses in master branch on your git prioject.
17
+ This gem is perfect as a Continuous Integration tool
18
+ DESCRIPTION
19
+
20
+ spec.homepage = 'https://rubygems.org/gems/semgrep-changes'
21
+ spec.license = 'MIT'
22
+
23
+ spec.metadata = {
24
+ 'source_code_uri' => 'https://github.com/fcsonline/semgrep-changes',
25
+ 'bug_tracker_uri' => 'https://github.com/fcsonline/semgrep-changes/issues'
26
+ }
27
+
28
+ # Specify which files should be added to the gem when it is released.
29
+ # The `git ls-files -z` loads the files in the RubyGem that have been added
30
+ # into git.
31
+ spec.files = Dir.chdir(File.expand_path(__dir__)) do
32
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
33
+ end
34
+ spec.bindir = 'exe'
35
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
36
+ spec.extra_rdoc_files = ['LICENSE.txt', 'README.md']
37
+ spec.require_paths = ['lib']
38
+
39
+ spec.add_runtime_dependency 'git_diff_parser', '~> 3.2'
40
+
41
+ spec.add_development_dependency 'bundler', '~> 2.0'
42
+ spec.add_development_dependency 'byebug', '~> 10.0'
43
+ spec.add_development_dependency 'rake', '~> 13.0'
44
+ spec.add_development_dependency 'rspec', '~> 3.0'
45
+ end
metadata ADDED
@@ -0,0 +1,143 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: semgrep-changes
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Ferran Basora
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2022-05-02 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: git_diff_parser
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '3.2'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '3.2'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '2.0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '2.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: byebug
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '10.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '10.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '13.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '13.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rspec
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '3.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '3.0'
83
+ description: |2
84
+ semgrep-changes will run semgrep on changed lines from forked point in your main branch.
85
+ It will not complain about existing offenses in master branch on your git prioject.
86
+ This gem is perfect as a Continuous Integration tool
87
+ email:
88
+ - fcsonline@gmail.com
89
+ executables:
90
+ - semgrep-changes
91
+ extensions: []
92
+ extra_rdoc_files:
93
+ - LICENSE.txt
94
+ - README.md
95
+ files:
96
+ - ".github/workflows/ci.yml"
97
+ - ".gitignore"
98
+ - ".rspec"
99
+ - ".rubocop.yml"
100
+ - ".semgrep.yml"
101
+ - CODE_OF_CONDUCT.md
102
+ - Gemfile
103
+ - Gemfile.lock
104
+ - LICENSE
105
+ - LICENSE.txt
106
+ - README.md
107
+ - Rakefile
108
+ - bin/console
109
+ - bin/setup
110
+ - exe/semgrep-changes
111
+ - lib/semgrep/changes.rb
112
+ - lib/semgrep/changes/check.rb
113
+ - lib/semgrep/changes/checker.rb
114
+ - lib/semgrep/changes/options.rb
115
+ - lib/semgrep/changes/shell.rb
116
+ - lib/semgrep/changes/version.rb
117
+ - semgrep-changes.gemspec
118
+ homepage: https://rubygems.org/gems/semgrep-changes
119
+ licenses:
120
+ - MIT
121
+ metadata:
122
+ source_code_uri: https://github.com/fcsonline/semgrep-changes
123
+ bug_tracker_uri: https://github.com/fcsonline/semgrep-changes/issues
124
+ post_install_message:
125
+ rdoc_options: []
126
+ require_paths:
127
+ - lib
128
+ required_ruby_version: !ruby/object:Gem::Requirement
129
+ requirements:
130
+ - - ">="
131
+ - !ruby/object:Gem::Version
132
+ version: 2.5.0
133
+ required_rubygems_version: !ruby/object:Gem::Requirement
134
+ requirements:
135
+ - - ">="
136
+ - !ruby/object:Gem::Version
137
+ version: '0'
138
+ requirements: []
139
+ rubygems_version: 3.1.2
140
+ signing_key:
141
+ specification_version: 4
142
+ summary: Semgrep on changed lines from git fork point
143
+ test_files: []