RubyGems - tainted - Versions diffs - 0.2.0 → 0.3.0 - Mend

tainted 0.2.0 → 0.3.0

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2d61982c033f50c5e79a00dc34ef94fe612400097ef70e2e934d6def3f28cfac
-  data.tar.gz: 55314168a8b4a3026e4c0cf9c9c61adcd277ed306ef656078b29f9930cff8dcd
+  metadata.gz: 278da9234147c4a8df18795ca9666877032253e8cb4409219ba0fd8e4420444b
+  data.tar.gz: 16e24fa14406e9755b3f631809a23a13fcf255605b5f6a2f66fc60d27ecee27a
 SHA512:
-  metadata.gz: a211a22a04214a44ddb858930a69af6014f2c18aeb23c86c63ebcfbb8034f6f2da2d2f541088314fed8a0a59eb2a410ea9a9ca9e5527a89bef08e168a60eac5d
-  data.tar.gz: 1da46aac7509d85177687d1b4f1ab06824d6f7e944c2404dfc249cffe17c3cf9eb29b9470ca7914df86b113c8134655ee5a06e6c533a3164544fa4e6935b179e
+  metadata.gz: b1fdc6834f8e8727e6e7fa0328ddd4193d4a7433f3c020f16eacaa6d63ef61f96b682a7a7e8b34db7e39d28a4554c77373d96467bb3a9cab8b8b00348d4b0fd0
+  data.tar.gz: 96b9a1687308bed7f57317dd66ece9eca69a7d0e2a7544cc8e40861017911d447aa11244daf44d5e3d27620358e80150e117b008c3a7a97b76e633608ff73f31

data/README.md CHANGED Viewed

@@ -29,8 +29,13 @@ require 'tainted'
 file = "#{__dir__}/../fixtures/simple.rb"
 lint = Tainted::Lint.new(file, %i[tainted], %i[unsafe])
 lint.analyze
-# Method `unsafe()` consuming tainted variable `d`
-# Method `unsafe()` consuming tainted variable `c`
+=>
+[#<Tainted::Offense:0x0000000107caf690
+  @message="Method `unsafe()` consuming tainted variable `d`",
+  @node=(call nil nil (ident "unsafe") (arg_paren (args ((var_ref (ident "d"))))))>,
+ #<Tainted::Offense:0x0000000107caf5f0
+  @message="Method `unsafe()` consuming tainted variable `c`",
+  @node=(call nil nil (ident "unsafe") (arg_paren (args ((var_ref (ident "c"))))))>]
 ```
 ## Development

data/lib/tainted/lint.rb CHANGED Viewed

@@ -15,7 +15,7 @@ module Tainted
     def analyze
       @visitor.visit(SyntaxTree.parse_file(@filepath))
-      @visitor.result
+      @visitor.offenses
     end
   end
 end

data/lib/tainted/offense.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+module Tainted
+  class Offense
+    attr_reader :node, :message
+    def initialize(node, message)
+      @node = node
+      @message = message
+    end
+  end
+end

data/lib/tainted/static.rb CHANGED Viewed

@@ -2,14 +2,14 @@
 module Tainted
   class Static < SyntaxTree::Visitor
-    attr_reader :result
+    attr_reader :offenses
     def initialize(sources, sinks)
       super()
       @sources = sources
       @sinks = sinks
-      @result = []
+      @offenses = []
     end
     def visit(node)
@@ -58,7 +58,7 @@ module Tainted
       taint_statuses.each do |status|
         next unless status[1]
-        @result << "Method `#{method_name}()` consuming tainted variable `#{status[0].value.value}`"
+        @offenses << Offense.new(node, "Method `#{method_name}()` consuming tainted variable `#{status[0].value.value}`")
       end
     end

data/lib/tainted/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Tainted
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

data/lib/tainted.rb CHANGED Viewed

@@ -6,6 +6,7 @@ require_relative "tainted/state"
 require_relative "tainted/static"
 require_relative "tainted/lint"
 require_relative "tainted/dataflow"
+require_relative "tainted/offense"
 require_relative "tainted/version"
 module Tainted

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tainted
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Syed Faraaz Ahmad
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-11-04 00:00:00.000000000 Z
+date: 2023-11-09 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -26,6 +26,7 @@ files:
 - lib/tainted.rb
 - lib/tainted/dataflow.rb
 - lib/tainted/lint.rb
+- lib/tainted/offense.rb
 - lib/tainted/state.rb
 - lib/tainted/static.rb
 - lib/tainted/version.rb