spektr 0.3.1 → 0.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9fc4d66127ccaa7f2a28e6a7de2a6c1f319b078783e8361febbb4fc9a093211d
-  data.tar.gz: 388985f1b51fe5afd61b1e32033f303f74fceee1d84af8939511703ab6fc3147
+  metadata.gz: 1afb80e4a1c5d9cc60a44031a5f3e0b467728f0d5edc75c5ba96dc905afcad6b
+  data.tar.gz: a92f43e5cc7865642641df39ba697609c926e67bdbc3cf14130ee2aed186c106
 SHA512:
-  metadata.gz: f7e12fabb51be908626346c60fcfe944cbd4e77ea6e9a09c7b48ad47ec6950afde0bd12fcb7b703d975de68d920a0e2844314d495fcc61716a75c375d30ba82b
-  data.tar.gz: b040b33e65b875e4794748ee00c7cabfd006278923c8dd96d6fad4b8e28ce32579407432047d13d19d998a7320dda59bb3e82e53b14d2e34f4ac662b60b190fb
+  metadata.gz: e3369c1e335efd31cd527bd81b6848f50fe718dce399feef67ec3e5afe669629b09fce1acd0e09e5fc45b4fefaed6f5ac592918619306a750381b6aae9843e21
+  data.tar.gz: 6750ac48db9693f2b02448b13127456d0a8384f94e84d7d1c7d06ecc5f5320246d8c9bb6471a18d5c75bc7adf421b48d4f3145ba3e14a483cf0079e995734744

data/CHANGELOG.md

@@ -2,6 +2,18 @@
 
 ## Unreleased
 
+## 0.3.3
+
+* Remove hard dependency of haml 5
+
+## 0.3.2
+
+* Rescue from lib file parsing errors
+
+* Drop Active Support from dependencies
+
+* Improve Gemspec
+
 ## 0.3.0
 
 * Add support to ignore findings

data/lib/spektr/app.rb

@@ -94,8 +94,12 @@ module Spektr
       # TODO: load non-app lib too
       @lib_files = find_files('lib').map do |path|
         next if loaded_files.include?(path)
-
-        Targets::Base.new(path, File.read(path, encoding: 'utf-8'))
+        begin
+          Targets::Base.new(path, File.read(path, encoding: 'utf-8'))
+        rescue Parser::SyntaxError => e
+          ::Spektr.logger.debug "Couldn't parse #{path}: #{e.message}"
+          nil
+        end
       end.reject(&:nil?)
       self
     end

data/lib/spektr/core_ext/string.rb

@@ -0,0 +1,16 @@
+class String
+  def blank?
+    nil? || self == ""
+  end
+
+  def underscore
+    camel_cased_word = self
+    return camel_cased_word.to_s unless /[A-Z-]|::/.match?(camel_cased_word)
+    word = camel_cased_word.to_s.gsub("::", "/")
+    word.gsub!(/(?:(?<=([A-Za-z\d]))|\b)((?=a))(?=\b|[^a-z])/) { "#{$1 && '_' }#{$2.downcase}" }
+    word.gsub!(/([A-Z]+)(?=[A-Z][a-z])|([a-z\d])(?=[A-Z])/) { ($1 || $2) << "_" }
+    word.tr!("-", "_")
+    word.downcase!
+    word
+  end
+end

data/lib/spektr/processors/class_processor.rb

@@ -17,7 +17,6 @@ module Spektr
       end
 
       def on_class(node)
-        debugger
         puts "on class2: #{node.inspect}"
       end
     end

data/lib/spektr/version.rb

@@ -1,3 +1,3 @@
 module Spektr
-  VERSION = '0.3.1'
+  VERSION = '0.3.3'
 end

data/lib/spektr.rb

@@ -5,13 +5,11 @@ require 'parser'
 require 'parser/current'
 require 'unparser'
 require 'erb'
-require 'slim/erb_converter'
 require 'haml'
-require 'active_support/core_ext/string/inflections'
 require 'logger'
 require 'tty/spinner'
 require 'tty/table'
-
+require 'spektr/core_ext/string'
 require 'zeitwerk'
 loader = Zeitwerk::Loader.for_gem
 loader.collapse("#{__dir__}/processors")

data/spektr.gemspec

@@ -8,14 +8,14 @@ Gem::Specification.new do |spec|
 
   spec.summary = 'Rails static code analyzer for security issues'
   spec.description = 'Rails static code analyzer for security issues'
-  spec.homepage = 'https://railscop.com'
-  spec.license = 'MIT'
+  spec.homepage = 'https://spektrhq.com'
+  spec.license = 'Spektr Custom Licence'
   spec.required_ruby_version = Gem::Requirement.new('>= 2.3.0')
 
   # spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
 
   spec.metadata['homepage_uri'] = spec.homepage
-  # spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here."
+  spec.metadata["source_code_uri"] = "https://github.com/gregmolnar/spektr"
   # spec.metadata["changelog_uri"] = "TODO: Put your gem's CHANGELOG.md URL here."
 
   # Specify which files should be added to the gem when it is released.
@@ -23,13 +23,12 @@ Gem::Specification.new do |spec|
   spec.files = Dir.chdir(File.expand_path(__dir__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir = 'exe'
+  spec.bindir = 'bin'
   spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'activesupport', '~> 6.1.0'
   spec.add_dependency 'erubi'
-  spec.add_dependency 'haml', '~>5.1'
+  spec.add_dependency 'haml'
   spec.add_dependency 'parser', '~> 3.0.0'
   spec.add_dependency 'pastel'
   spec.add_dependency 'ruby_parser', '~>3.13'

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: spektr
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.3
 platform: ruby
 authors:
 - Greg Molnar
 autorequire:
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2022-10-27 00:00:00.000000000 Z
+date: 2022-11-10 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: activesupport
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 6.1.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 6.1.0
 - !ruby/object:Gem::Dependency
   name: erubi
   requirement: !ruby/object:Gem::Requirement
@@ -42,16 +28,16 @@ dependencies:
   name: haml
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: parser
   requirement: !ruby/object:Gem::Requirement
@@ -289,7 +275,6 @@ files:
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
-- Gemfile.lock
 - Guardfile
 - LICENSE.txt
 - README.md
@@ -329,6 +314,7 @@ files:
 - lib/spektr/checks/sqli.rb
 - lib/spektr/checks/xss.rb
 - lib/spektr/cli.rb
+- lib/spektr/core_ext/string.rb
 - lib/spektr/erubi.rb
 - lib/spektr/exp/assignment.rb
 - lib/spektr/exp/base.rb
@@ -350,11 +336,12 @@ files:
 - lib/spektr/warning.rb
 - railsgoat-example.png
 - spektr.gemspec
-homepage: https://railscop.com
+homepage: https://spektrhq.com
 licenses:
-- MIT
+- Spektr Custom Licence
 metadata:
-  homepage_uri: https://railscop.com
+  homepage_uri: https://spektrhq.com
+  source_code_uri: https://github.com/gregmolnar/spektr
 post_install_message:
 rdoc_options: []
 require_paths:

data/Gemfile.lock

@@ -1,138 +0,0 @@
-PATH
-  remote: .
-  specs:
-    spektr (0.3.1)
-      activesupport (~> 6.1.0)
-      erubi
-      haml (~> 5.1)
-      parser (~> 3.0.0)
-      pastel
-      ruby_parser (~> 3.13)
-      slim
-      tty-color
-      tty-option
-      tty-spinner
-      tty-table
-      unparser (~> 0.6.0)
-      zeitwerk
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    activesupport (6.1.7)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
-    ast (2.4.2)
-    byebug (11.1.3)
-    coderay (1.1.3)
-    concurrent-ruby (1.1.10)
-    diff-lcs (1.5.0)
-    erubi (1.11.0)
-    ffi (1.15.5)
-    formatador (0.3.0)
-    guard (2.18.0)
-      formatador (>= 0.2.4)
-      listen (>= 2.7, < 4.0)
-      lumberjack (>= 1.0.12, < 2.0)
-      nenv (~> 0.1)
-      notiffany (~> 0.0)
-      pry (>= 0.13.0)
-      shellany (~> 0.0)
-      thor (>= 0.18.1)
-    guard-compat (1.2.1)
-    guard-minitest (2.4.6)
-      guard-compat (~> 1.2)
-      minitest (>= 3.0)
-    haml (5.2.2)
-      temple (>= 0.8.0)
-      tilt
-    i18n (1.12.0)
-      concurrent-ruby (~> 1.0)
-    listen (3.7.1)
-      rb-fsevent (~> 0.10, >= 0.10.3)
-      rb-inotify (~> 0.9, >= 0.9.10)
-    lumberjack (1.2.8)
-    method_source (1.0.0)
-    minitest (5.15.0)
-    nenv (0.3.0)
-    notiffany (0.1.3)
-      nenv (~> 0.1)
-      shellany (~> 0.0)
-    parallel (1.21.0)
-    parser (3.0.3.2)
-      ast (~> 2.4.1)
-    pastel (0.8.0)
-      tty-color (~> 0.5)
-    pry (0.14.1)
-      coderay (~> 1.1)
-      method_source (~> 1.0)
-    rainbow (3.0.0)
-    rake (12.3.3)
-    rb-fsevent (0.11.0)
-    rb-inotify (0.10.1)
-      ffi (~> 1.0)
-    regexp_parser (2.2.0)
-    rexml (3.2.5)
-    rubocop (1.24.0)
-      parallel (~> 1.10)
-      parser (>= 3.0.0.0)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.15.0, < 2.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.15.0)
-      parser (>= 3.0.1.1)
-    ruby-progressbar (1.11.0)
-    ruby_parser (3.19.1)
-      sexp_processor (~> 4.16)
-    sexp_processor (4.16.1)
-    shellany (0.0.1)
-    slim (4.1.0)
-      temple (>= 0.7.6, < 0.9)
-      tilt (>= 2.0.6, < 2.1)
-    strings (0.2.1)
-      strings-ansi (~> 0.2)
-      unicode-display_width (>= 1.5, < 3.0)
-      unicode_utils (~> 1.4)
-    strings-ansi (0.2.0)
-    temple (0.8.2)
-    thor (1.2.1)
-    tilt (2.0.11)
-    tty-color (0.6.0)
-    tty-cursor (0.7.1)
-    tty-option (0.2.0)
-    tty-screen (0.8.1)
-    tty-spinner (0.9.3)
-      tty-cursor (~> 0.7)
-    tty-table (0.12.0)
-      pastel (~> 0.8)
-      strings (~> 0.2.0)
-      tty-screen (~> 0.8)
-    tzinfo (2.0.5)
-      concurrent-ruby (~> 1.0)
-    unicode-display_width (2.1.0)
-    unicode_utils (1.4.0)
-    unparser (0.6.2)
-      diff-lcs (~> 1.3)
-      parser (>= 3.0.0)
-    zeitwerk (2.6.1)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  byebug
-  guard
-  guard-minitest
-  minitest (~> 5.0)
-  rake (~> 12.0)
-  rubocop
-  spektr!
-
-BUNDLED WITH
-   2.1.4