spektr 0.3.1 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9fc4d66127ccaa7f2a28e6a7de2a6c1f319b078783e8361febbb4fc9a093211d
-  data.tar.gz: 388985f1b51fe5afd61b1e32033f303f74fceee1d84af8939511703ab6fc3147
+  metadata.gz: 3d7d98d8662fedb18efc042f20233dafdca93b7a36d6e77f325681cd9c3e5e1e
+  data.tar.gz: c8345b0fcef1fa3518dac8f7ebffa46649359720974b6f1ac6447657d1726b58
 SHA512:
-  metadata.gz: f7e12fabb51be908626346c60fcfe944cbd4e77ea6e9a09c7b48ad47ec6950afde0bd12fcb7b703d975de68d920a0e2844314d495fcc61716a75c375d30ba82b
-  data.tar.gz: b040b33e65b875e4794748ee00c7cabfd006278923c8dd96d6fad4b8e28ce32579407432047d13d19d998a7320dda59bb3e82e53b14d2e34f4ac662b60b190fb
+  metadata.gz: c934a656cff9db1547ef716651cdfb09d00fd8373f1e35e2b6c3611bbb56583d47922ab433d72be69d4c52fc1801f4609933f43013d254fd0d0a5df535121a77
+  data.tar.gz: bcbdbca3f012640d96c8dd4249e27bc3da3256d6a21f6f37229f1b3e632a913a7d120740257eb8cdde338abf538ad425f5742deb15b70314828a3b28f45325df

data/CHANGELOG.md

@@ -2,6 +2,14 @@
 
 ## Unreleased
 
+## 0.3.2
+
+* Rescue from lib file parsing errors
+
+* Drop Active Support from dependencies
+
+* Improve Gemspec
+
 ## 0.3.0
 
 * Add support to ignore findings

data/Gemfile.lock

@@ -1,8 +1,7 @@
 PATH
   remote: .
   specs:
-    spektr (0.3.1)
-      activesupport (~> 6.1.0)
+    spektr (0.3.2)
       erubi
       haml (~> 5.1)
       parser (~> 3.0.0)
@@ -19,20 +18,13 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (6.1.7)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
     ast (2.4.2)
     byebug (11.1.3)
     coderay (1.1.3)
-    concurrent-ruby (1.1.10)
     diff-lcs (1.5.0)
     erubi (1.11.0)
     ffi (1.15.5)
-    formatador (0.3.0)
+    formatador (1.1.0)
     guard (2.18.0)
       formatador (>= 0.2.4)
       listen (>= 2.7, < 4.0)
@@ -49,19 +41,17 @@ GEM
     haml (5.2.2)
       temple (>= 0.8.0)
       tilt
-    i18n (1.12.0)
-      concurrent-ruby (~> 1.0)
     listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
     lumberjack (1.2.8)
     method_source (1.0.0)
-    minitest (5.15.0)
+    minitest (5.16.3)
     nenv (0.3.0)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    parallel (1.21.0)
+    parallel (1.22.1)
     parser (3.0.3.2)
       ast (~> 2.4.1)
     pastel (0.8.0)
@@ -69,23 +59,23 @@ GEM
     pry (0.14.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    rainbow (3.0.0)
+    rainbow (3.1.1)
     rake (12.3.3)
-    rb-fsevent (0.11.0)
+    rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    regexp_parser (2.2.0)
+    regexp_parser (2.6.0)
     rexml (3.2.5)
-    rubocop (1.24.0)
+    rubocop (1.24.1)
       parallel (~> 1.10)
       parser (>= 3.0.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml
-      rubocop-ast (>= 1.15.0, < 2.0)
+      rubocop-ast (>= 1.15.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.15.0)
+    rubocop-ast (1.15.2)
       parser (>= 3.0.1.1)
     ruby-progressbar (1.11.0)
     ruby_parser (3.19.1)
@@ -113,14 +103,12 @@ GEM
       pastel (~> 0.8)
       strings (~> 0.2.0)
       tty-screen (~> 0.8)
-    tzinfo (2.0.5)
-      concurrent-ruby (~> 1.0)
-    unicode-display_width (2.1.0)
+    unicode-display_width (2.3.0)
     unicode_utils (1.4.0)
     unparser (0.6.2)
       diff-lcs (~> 1.3)
       parser (>= 3.0.0)
-    zeitwerk (2.6.1)
+    zeitwerk (2.6.6)
 
 PLATFORMS
   ruby

data/lib/spektr/app.rb

@@ -94,8 +94,12 @@ module Spektr
       # TODO: load non-app lib too
       @lib_files = find_files('lib').map do |path|
         next if loaded_files.include?(path)
-
-        Targets::Base.new(path, File.read(path, encoding: 'utf-8'))
+        begin
+          Targets::Base.new(path, File.read(path, encoding: 'utf-8'))
+        rescue Parser::SyntaxError => e
+          ::Spektr.logger.debug "Couldn't parse #{path}: #{e.message}"
+          nil
+        end
       end.reject(&:nil?)
       self
     end

data/lib/spektr/core_ext/string.rb

@@ -0,0 +1,16 @@
+class String
+  def blank?
+    nil? || self == ""
+  end
+
+  def underscore
+    camel_cased_word = self
+    return camel_cased_word.to_s unless /[A-Z-]|::/.match?(camel_cased_word)
+    word = camel_cased_word.to_s.gsub("::", "/")
+    word.gsub!(/(?:(?<=([A-Za-z\d]))|\b)((?=a))(?=\b|[^a-z])/) { "#{$1 && '_' }#{$2.downcase}" }
+    word.gsub!(/([A-Z]+)(?=[A-Z][a-z])|([a-z\d])(?=[A-Z])/) { ($1 || $2) << "_" }
+    word.tr!("-", "_")
+    word.downcase!
+    word
+  end
+end

data/lib/spektr/processors/class_processor.rb

@@ -17,7 +17,6 @@ module Spektr
       end
 
       def on_class(node)
-        debugger
         puts "on class2: #{node.inspect}"
       end
     end

data/lib/spektr/version.rb

@@ -1,3 +1,3 @@
 module Spektr
-  VERSION = '0.3.1'
+  VERSION = '0.3.2'
 end

data/lib/spektr.rb

@@ -5,13 +5,11 @@ require 'parser'
 require 'parser/current'
 require 'unparser'
 require 'erb'
-require 'slim/erb_converter'
 require 'haml'
-require 'active_support/core_ext/string/inflections'
 require 'logger'
 require 'tty/spinner'
 require 'tty/table'
-
+require 'spektr/core_ext/string'
 require 'zeitwerk'
 loader = Zeitwerk::Loader.for_gem
 loader.collapse("#{__dir__}/processors")

data/spektr.gemspec

@@ -8,14 +8,14 @@ Gem::Specification.new do |spec|
 
   spec.summary = 'Rails static code analyzer for security issues'
   spec.description = 'Rails static code analyzer for security issues'
-  spec.homepage = 'https://railscop.com'
-  spec.license = 'MIT'
+  spec.homepage = 'https://spektrhq.com'
+  spec.license = 'Spektr Custom Licence'
   spec.required_ruby_version = Gem::Requirement.new('>= 2.3.0')
 
   # spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
 
   spec.metadata['homepage_uri'] = spec.homepage
-  # spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here."
+  spec.metadata["source_code_uri"] = "https://github.com/gregmolnar/spektr"
   # spec.metadata["changelog_uri"] = "TODO: Put your gem's CHANGELOG.md URL here."
 
   # Specify which files should be added to the gem when it is released.
@@ -27,7 +27,6 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'activesupport', '~> 6.1.0'
   spec.add_dependency 'erubi'
   spec.add_dependency 'haml', '~>5.1'
   spec.add_dependency 'parser', '~> 3.0.0'

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: spektr
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors:
 - Greg Molnar
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-10-27 00:00:00.000000000 Z
+date: 2022-11-10 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: activesupport
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 6.1.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 6.1.0
 - !ruby/object:Gem::Dependency
   name: erubi
   requirement: !ruby/object:Gem::Requirement
@@ -329,6 +315,7 @@ files:
 - lib/spektr/checks/sqli.rb
 - lib/spektr/checks/xss.rb
 - lib/spektr/cli.rb
+- lib/spektr/core_ext/string.rb
 - lib/spektr/erubi.rb
 - lib/spektr/exp/assignment.rb
 - lib/spektr/exp/base.rb
@@ -350,11 +337,12 @@ files:
 - lib/spektr/warning.rb
 - railsgoat-example.png
 - spektr.gemspec
-homepage: https://railscop.com
+homepage: https://spektrhq.com
 licenses:
-- MIT
+- Spektr Custom Licence
 metadata:
-  homepage_uri: https://railscop.com
+  homepage_uri: https://spektrhq.com
+  source_code_uri: https://github.com/gregmolnar/spektr
 post_install_message:
 rdoc_options: []
 require_paths: