spektr 0.3.1 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +8 -0
  3. data/Gemfile.lock +12 -24
  4. data/lib/spektr/app.rb +6 -2
  5. data/lib/spektr/core_ext/string.rb +16 -0
  6. data/lib/spektr/processors/class_processor.rb +0 -1
  7. data/lib/spektr/version.rb +1 -1
  8. data/lib/spektr.rb +1 -3
  9. data/spektr.gemspec +3 -4
  10. metadata +7 -19
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9fc4d66127ccaa7f2a28e6a7de2a6c1f319b078783e8361febbb4fc9a093211d
4
- data.tar.gz: 388985f1b51fe5afd61b1e32033f303f74fceee1d84af8939511703ab6fc3147
3
+ metadata.gz: 3d7d98d8662fedb18efc042f20233dafdca93b7a36d6e77f325681cd9c3e5e1e
4
+ data.tar.gz: c8345b0fcef1fa3518dac8f7ebffa46649359720974b6f1ac6447657d1726b58
5
5
  SHA512:
6
- metadata.gz: f7e12fabb51be908626346c60fcfe944cbd4e77ea6e9a09c7b48ad47ec6950afde0bd12fcb7b703d975de68d920a0e2844314d495fcc61716a75c375d30ba82b
7
- data.tar.gz: b040b33e65b875e4794748ee00c7cabfd006278923c8dd96d6fad4b8e28ce32579407432047d13d19d998a7320dda59bb3e82e53b14d2e34f4ac662b60b190fb
6
+ metadata.gz: c934a656cff9db1547ef716651cdfb09d00fd8373f1e35e2b6c3611bbb56583d47922ab433d72be69d4c52fc1801f4609933f43013d254fd0d0a5df535121a77
7
+ data.tar.gz: bcbdbca3f012640d96c8dd4249e27bc3da3256d6a21f6f37229f1b3e632a913a7d120740257eb8cdde338abf538ad425f5742deb15b70314828a3b28f45325df
data/CHANGELOG.md CHANGED
@@ -2,6 +2,14 @@
2
2
 
3
3
  ## Unreleased
4
4
 
5
+ ## 0.3.2
6
+
7
+ * Rescue from lib file parsing errors
8
+
9
+ * Drop Active Support from dependencies
10
+
11
+ * Improve Gemspec
12
+
5
13
  ## 0.3.0
6
14
 
7
15
  * Add support to ignore findings
data/Gemfile.lock CHANGED
@@ -1,8 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- spektr (0.3.1)
5
- activesupport (~> 6.1.0)
4
+ spektr (0.3.2)
6
5
  erubi
7
6
  haml (~> 5.1)
8
7
  parser (~> 3.0.0)
@@ -19,20 +18,13 @@ PATH
19
18
  GEM
20
19
  remote: https://rubygems.org/
21
20
  specs:
22
- activesupport (6.1.7)
23
- concurrent-ruby (~> 1.0, >= 1.0.2)
24
- i18n (>= 1.6, < 2)
25
- minitest (>= 5.1)
26
- tzinfo (~> 2.0)
27
- zeitwerk (~> 2.3)
28
21
  ast (2.4.2)
29
22
  byebug (11.1.3)
30
23
  coderay (1.1.3)
31
- concurrent-ruby (1.1.10)
32
24
  diff-lcs (1.5.0)
33
25
  erubi (1.11.0)
34
26
  ffi (1.15.5)
35
- formatador (0.3.0)
27
+ formatador (1.1.0)
36
28
  guard (2.18.0)
37
29
  formatador (>= 0.2.4)
38
30
  listen (>= 2.7, < 4.0)
@@ -49,19 +41,17 @@ GEM
49
41
  haml (5.2.2)
50
42
  temple (>= 0.8.0)
51
43
  tilt
52
- i18n (1.12.0)
53
- concurrent-ruby (~> 1.0)
54
44
  listen (3.7.1)
55
45
  rb-fsevent (~> 0.10, >= 0.10.3)
56
46
  rb-inotify (~> 0.9, >= 0.9.10)
57
47
  lumberjack (1.2.8)
58
48
  method_source (1.0.0)
59
- minitest (5.15.0)
49
+ minitest (5.16.3)
60
50
  nenv (0.3.0)
61
51
  notiffany (0.1.3)
62
52
  nenv (~> 0.1)
63
53
  shellany (~> 0.0)
64
- parallel (1.21.0)
54
+ parallel (1.22.1)
65
55
  parser (3.0.3.2)
66
56
  ast (~> 2.4.1)
67
57
  pastel (0.8.0)
@@ -69,23 +59,23 @@ GEM
69
59
  pry (0.14.1)
70
60
  coderay (~> 1.1)
71
61
  method_source (~> 1.0)
72
- rainbow (3.0.0)
62
+ rainbow (3.1.1)
73
63
  rake (12.3.3)
74
- rb-fsevent (0.11.0)
64
+ rb-fsevent (0.11.2)
75
65
  rb-inotify (0.10.1)
76
66
  ffi (~> 1.0)
77
- regexp_parser (2.2.0)
67
+ regexp_parser (2.6.0)
78
68
  rexml (3.2.5)
79
- rubocop (1.24.0)
69
+ rubocop (1.24.1)
80
70
  parallel (~> 1.10)
81
71
  parser (>= 3.0.0.0)
82
72
  rainbow (>= 2.2.2, < 4.0)
83
73
  regexp_parser (>= 1.8, < 3.0)
84
74
  rexml
85
- rubocop-ast (>= 1.15.0, < 2.0)
75
+ rubocop-ast (>= 1.15.1, < 2.0)
86
76
  ruby-progressbar (~> 1.7)
87
77
  unicode-display_width (>= 1.4.0, < 3.0)
88
- rubocop-ast (1.15.0)
78
+ rubocop-ast (1.15.2)
89
79
  parser (>= 3.0.1.1)
90
80
  ruby-progressbar (1.11.0)
91
81
  ruby_parser (3.19.1)
@@ -113,14 +103,12 @@ GEM
113
103
  pastel (~> 0.8)
114
104
  strings (~> 0.2.0)
115
105
  tty-screen (~> 0.8)
116
- tzinfo (2.0.5)
117
- concurrent-ruby (~> 1.0)
118
- unicode-display_width (2.1.0)
106
+ unicode-display_width (2.3.0)
119
107
  unicode_utils (1.4.0)
120
108
  unparser (0.6.2)
121
109
  diff-lcs (~> 1.3)
122
110
  parser (>= 3.0.0)
123
- zeitwerk (2.6.1)
111
+ zeitwerk (2.6.6)
124
112
 
125
113
  PLATFORMS
126
114
  ruby
data/lib/spektr/app.rb CHANGED
@@ -94,8 +94,12 @@ module Spektr
94
94
  # TODO: load non-app lib too
95
95
  @lib_files = find_files('lib').map do |path|
96
96
  next if loaded_files.include?(path)
97
-
98
- Targets::Base.new(path, File.read(path, encoding: 'utf-8'))
97
+ begin
98
+ Targets::Base.new(path, File.read(path, encoding: 'utf-8'))
99
+ rescue Parser::SyntaxError => e
100
+ ::Spektr.logger.debug "Couldn't parse #{path}: #{e.message}"
101
+ nil
102
+ end
99
103
  end.reject(&:nil?)
100
104
  self
101
105
  end
data/lib/spektr/core_ext/string.rb ADDED
@@ -0,0 +1,16 @@
1
+ class String
2
+ def blank?
3
+ nil? || self == ""
4
+ end
5
+
6
+ def underscore
7
+ camel_cased_word = self
8
+ return camel_cased_word.to_s unless /[A-Z-]|::/.match?(camel_cased_word)
9
+ word = camel_cased_word.to_s.gsub("::", "/")
10
+ word.gsub!(/(?:(?<=([A-Za-z\d]))|\b)((?=a))(?=\b|[^a-z])/) { "#{$1 && '_' }#{$2.downcase}" }
11
+ word.gsub!(/([A-Z]+)(?=[A-Z][a-z])|([a-z\d])(?=[A-Z])/) { ($1 || $2) << "_" }
12
+ word.tr!("-", "_")
13
+ word.downcase!
14
+ word
15
+ end
16
+ end
data/lib/spektr/processors/class_processor.rb CHANGED
@@ -17,7 +17,6 @@ module Spektr
17
17
  end
18
18
 
19
19
  def on_class(node)
20
- debugger
21
20
  puts "on class2: #{node.inspect}"
22
21
  end
23
22
  end
data/lib/spektr/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Spektr
2
- VERSION = '0.3.1'
2
+ VERSION = '0.3.2'
3
3
  end
data/lib/spektr.rb CHANGED
@@ -5,13 +5,11 @@ require 'parser'
5
5
  require 'parser/current'
6
6
  require 'unparser'
7
7
  require 'erb'
8
- require 'slim/erb_converter'
9
8
  require 'haml'
10
- require 'active_support/core_ext/string/inflections'
11
9
  require 'logger'
12
10
  require 'tty/spinner'
13
11
  require 'tty/table'
14
-
12
+ require 'spektr/core_ext/string'
15
13
  require 'zeitwerk'
16
14
  loader = Zeitwerk::Loader.for_gem
17
15
  loader.collapse("#{__dir__}/processors")
data/spektr.gemspec CHANGED
@@ -8,14 +8,14 @@ Gem::Specification.new do |spec|
8
8
 
9
9
  spec.summary = 'Rails static code analyzer for security issues'
10
10
  spec.description = 'Rails static code analyzer for security issues'
11
- spec.homepage = 'https://railscop.com'
12
- spec.license = 'MIT'
11
+ spec.homepage = 'https://spektrhq.com'
12
+ spec.license = 'Spektr Custom Licence'
13
13
  spec.required_ruby_version = Gem::Requirement.new('>= 2.3.0')
14
14
 
15
15
  # spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
16
16
 
17
17
  spec.metadata['homepage_uri'] = spec.homepage
18
- # spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here."
18
+ spec.metadata["source_code_uri"] = "https://github.com/gregmolnar/spektr"
19
19
  # spec.metadata["changelog_uri"] = "TODO: Put your gem's CHANGELOG.md URL here."
20
20
 
21
21
  # Specify which files should be added to the gem when it is released.
@@ -27,7 +27,6 @@ Gem::Specification.new do |spec|
27
27
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
28
28
  spec.require_paths = ['lib']
29
29
 
30
- spec.add_dependency 'activesupport', '~> 6.1.0'
31
30
  spec.add_dependency 'erubi'
32
31
  spec.add_dependency 'haml', '~>5.1'
33
32
  spec.add_dependency 'parser', '~> 3.0.0'
metadata CHANGED
@@ -1,29 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spektr
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.1
4
+ version: 0.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Greg Molnar
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-10-27 00:00:00.000000000 Z
11
+ date: 2022-11-10 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: activesupport
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: 6.1.0
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - "~>"
25
- - !ruby/object:Gem::Version
26
- version: 6.1.0
27
13
  - !ruby/object:Gem::Dependency
28
14
  name: erubi
29
15
  requirement: !ruby/object:Gem::Requirement
@@ -329,6 +315,7 @@ files:
329
315
  - lib/spektr/checks/sqli.rb
330
316
  - lib/spektr/checks/xss.rb
331
317
  - lib/spektr/cli.rb
318
+ - lib/spektr/core_ext/string.rb
332
319
  - lib/spektr/erubi.rb
333
320
  - lib/spektr/exp/assignment.rb
334
321
  - lib/spektr/exp/base.rb
@@ -350,11 +337,12 @@ files:
350
337
  - lib/spektr/warning.rb
351
338
  - railsgoat-example.png
352
339
  - spektr.gemspec
353
- homepage: https://railscop.com
340
+ homepage: https://spektrhq.com
354
341
  licenses:
355
- - MIT
342
+ - Spektr Custom Licence
356
343
  metadata:
357
- homepage_uri: https://railscop.com
344
+ homepage_uri: https://spektrhq.com
345
+ source_code_uri: https://github.com/gregmolnar/spektr
358
346
  post_install_message:
359
347
  rdoc_options: []
360
348
  require_paths: