veracode 1.0.0.alpha17 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/veracode.rb +128 -46
- data/lib/veracode/version.rb +2 -2
- metadata +12 -13
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 76b474d0295eea0d4627632242cae9e9af1e897af7ac846776b035cb58a0c89b
|
|
4
|
+
data.tar.gz: 65b8f267cbbba773839d7b6980f6de4c85dfdd2e559d793bcb63edc0c8140a99
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a29acbc7213e4f7dd56cbbdeb8fb15bdeb35162955b4ad2fa6c3aaabc557cc7ed2523f562e5c97731fe7ebc44224c772342bcf939001ec3a3ef83a0b3a51ddd9
|
|
7
|
+
data.tar.gz: 86d3da0ae6a302e1df67008f40203b0d2f1fc8c003c7ac109e808f78a8b17ef1df01f8bb2e9aeebafd4df1628822a09bb33fc077f203278ce39f6619135bddf8
|
data/lib/veracode.rb
CHANGED
|
@@ -36,6 +36,7 @@ module Veracode
|
|
|
36
36
|
@archive_filename = nil
|
|
37
37
|
@archive_dirname = nil
|
|
38
38
|
|
|
39
|
+
@expanded_app_dir = Dir.getwd
|
|
39
40
|
|
|
40
41
|
def self.init
|
|
41
42
|
if Gem::Dependency.new('', '~> 2.2.0').match?('', RUBY_VERSION)
|
|
@@ -120,10 +121,11 @@ module Veracode
|
|
|
120
121
|
|
|
121
122
|
@manifest += Dir.glob("*").keep_if {|f| File.file?(f)}
|
|
122
123
|
|
|
123
|
-
#
|
|
124
|
-
%w{app config
|
|
124
|
+
#{app config db doc lib log public script test tmp vendor}
|
|
125
|
+
%w{app config lib log public script}.each {|dirname|
|
|
125
126
|
@manifest += Dir[File.join(dirname, "**", "*")].keep_if {|f| File.file?(f)}
|
|
126
127
|
}
|
|
128
|
+
@manifest += Dir[File.join("vendor", "**", "*.rb")]
|
|
127
129
|
@manifest += Dir[File.join("db", "**", "*.rb")]
|
|
128
130
|
|
|
129
131
|
if $options[:archive_source]
|
|
@@ -288,23 +290,27 @@ module Veracode
|
|
|
288
290
|
end
|
|
289
291
|
|
|
290
292
|
def self.safe_name(o)
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
( o.name.nil? ? o.to_s : o.name.to_s )
|
|
297
|
-
rescue
|
|
293
|
+
begin
|
|
294
|
+
case
|
|
295
|
+
when o == ActiveSupport::TimeWithZone
|
|
296
|
+
"ActiveSupport::TimeWithZone"
|
|
297
|
+
when o.is_a?(Module)
|
|
298
298
|
begin
|
|
299
|
-
( o.nil? ?
|
|
299
|
+
( o.name.nil? ? o.to_s : o.name.to_s )
|
|
300
300
|
rescue
|
|
301
|
-
|
|
301
|
+
begin
|
|
302
|
+
( o.nil? ? "nil" : o.to_s )
|
|
303
|
+
rescue
|
|
304
|
+
( o == nil ? "nil" : o.to_s ) # in case of monkey patched nil?
|
|
305
|
+
end
|
|
302
306
|
end
|
|
307
|
+
when o.is_a?(Method), o.is_a?(UnboundMethod)
|
|
308
|
+
o.name.to_s
|
|
309
|
+
else
|
|
310
|
+
o.to_s
|
|
303
311
|
end
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
else
|
|
307
|
-
o.to_s
|
|
312
|
+
rescue
|
|
313
|
+
"Veracode" #should result in this being dropped from the archive since we can't get a safe name for it
|
|
308
314
|
end
|
|
309
315
|
end
|
|
310
316
|
|
|
@@ -396,8 +402,8 @@ module Veracode
|
|
|
396
402
|
|
|
397
403
|
if with_disasm
|
|
398
404
|
insns = RubyVM::InstructionSequence.disassemble(m)
|
|
399
|
-
formatted += ( (insns.nil? || insns.empty?) ?
|
|
400
|
-
"
|
|
405
|
+
formatted += ( (insns.nil? || insns.empty? || insns[/.*#{@expanded_app_dir}.*/].nil?) ?
|
|
406
|
+
"\n" :
|
|
401
407
|
"#{insns}== end disasm\n"
|
|
402
408
|
)
|
|
403
409
|
end
|
|
@@ -540,7 +546,14 @@ module Veracode
|
|
|
540
546
|
end
|
|
541
547
|
|
|
542
548
|
def self.object_contents(o, with_disasm=true)
|
|
543
|
-
|
|
549
|
+
begin
|
|
550
|
+
return "" unless !o.nil?
|
|
551
|
+
rescue Exception => e
|
|
552
|
+
log_error "Error testing #{o} with nil?. Probable monkey patching. #{e.message}"
|
|
553
|
+
return "" if o == nil
|
|
554
|
+
end
|
|
555
|
+
|
|
556
|
+
return "" unless o.is_a?(Object)
|
|
544
557
|
|
|
545
558
|
puts " object contents" if $options[:verbose]
|
|
546
559
|
|
|
@@ -584,12 +597,28 @@ module Veracode
|
|
|
584
597
|
##############################################################################
|
|
585
598
|
# Archiving Objects
|
|
586
599
|
def self.archive(objects, with_disasm=true)
|
|
587
|
-
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
600
|
+
veracode_artifacts = Set[
|
|
601
|
+
safe_name(Veracode),
|
|
602
|
+
safe_name(Veracode::ActiveRecord),
|
|
603
|
+
safe_name(Veracode::ActiveRecord::Model),
|
|
604
|
+
safe_name(Veracode::ActiveRecord::Schema)
|
|
605
|
+
]
|
|
606
|
+
rails_filters = [
|
|
607
|
+
"ActionCable::",
|
|
608
|
+
"ActionController::",
|
|
609
|
+
"ActionDispatch::",
|
|
610
|
+
"ActionMailer::",
|
|
611
|
+
"ActiveJob::",
|
|
612
|
+
"ActiveSupport::",
|
|
613
|
+
"ActiveStorage::",
|
|
614
|
+
"ActionView::(?!CompiledTemplates)", #Allows Compiled templates with the not group
|
|
615
|
+
"ActiveRecord::",
|
|
616
|
+
]
|
|
617
|
+
objects = objects.reject do |o|
|
|
618
|
+
sn = safe_name(o).dup
|
|
619
|
+
while with_disasm && !sn.slice!(/^#<(Class|Module):/).nil? do sn = sn[0..-2] end #strip #<Class: and #<Module: prefix, strip corresponding > suffix
|
|
620
|
+
veracode_artifacts.include?(sn) || (with_disasm && sn[/^(#{rails_filters.join('|')}).*/])
|
|
621
|
+
end
|
|
593
622
|
|
|
594
623
|
if $options[:verbose]
|
|
595
624
|
puts "Archiving #{objects.count.to_s} objects" + (with_disasm ? " with disassembly" : "")
|
|
@@ -598,18 +627,47 @@ module Veracode
|
|
|
598
627
|
|
|
599
628
|
objects.sort_by {|o| safe_name(o) }.each do |o|
|
|
600
629
|
|
|
601
|
-
|
|
630
|
+
sn = safe_name(o)
|
|
631
|
+
puts "archiving #{o.class.to_s.downcase} #{quote(sn)}" if $options[:verbose]
|
|
602
632
|
|
|
603
|
-
|
|
633
|
+
add_to_archive "#{o.class.to_s.downcase} #{quote(sn)}\n" +
|
|
604
634
|
( o.is_a?(Class) ? class_header(o) : "") + # superclass
|
|
635
|
+
( @rails6 && sn == "ActionView::Base" ? "include \"ActionView::CompiledTemplates\"\n" : "") + #hack for rails 6 compiled template output
|
|
605
636
|
( o.is_a?(Module) ? module_header(o) : "") + # included modules
|
|
606
|
-
(
|
|
637
|
+
( o.is_a?(Object) ? object_contents(o, with_disasm) : "") +
|
|
607
638
|
( o.is_a?(Module) ? module_contents(o, with_disasm) : "") +
|
|
608
639
|
"end#{o.class.to_s.downcase}\n" +
|
|
609
640
|
"\n"
|
|
610
641
|
end
|
|
611
642
|
end
|
|
612
643
|
|
|
644
|
+
def self.archive_rails6_templates
|
|
645
|
+
puts "archiving views" if $options[:verbose]
|
|
646
|
+
o = @view.compiled_method_container
|
|
647
|
+
compiled_views = o.instance_methods - @view_methods
|
|
648
|
+
formatted_contents = ""
|
|
649
|
+
for m_symbol in compiled_views
|
|
650
|
+
begin
|
|
651
|
+
m = o.instance_method(m_symbol)
|
|
652
|
+
formatted_contents += format_method(m, "public_instance", true)
|
|
653
|
+
rescue Exception => e
|
|
654
|
+
log_error "Error archiving singleton method #{m_symbol.to_s.dump}: #{e.message}"
|
|
655
|
+
end
|
|
656
|
+
end
|
|
657
|
+
# fake the module outpput to match what SAF expects from Rails <= 5
|
|
658
|
+
add_to_archive "module \"ActionView::CompiledTemplates\"\n" +
|
|
659
|
+
"extend \"ActiveSupport::Dependencies::ModuleConstMissing\"\n" +
|
|
660
|
+
"extend \"Module::Concerning\"\n" +
|
|
661
|
+
"extend \"ActiveSupport::ToJsonWithActiveSupportEncoder\"\n" +
|
|
662
|
+
"extend \"PP::ObjectMixin\"\n" +
|
|
663
|
+
"extend \"ActiveSupport::Dependencies::Loadable\"\n" +
|
|
664
|
+
"extend \"JSON::Ext::Generator::GeneratorMethods::Object\"\n" +
|
|
665
|
+
"extend \"ActiveSupport::Tryable\"\n" +
|
|
666
|
+
"extend \"Kernel\"\n" +
|
|
667
|
+
formatted_contents +
|
|
668
|
+
"endmodule\n"
|
|
669
|
+
end
|
|
670
|
+
|
|
613
671
|
|
|
614
672
|
def self.compile_templates
|
|
615
673
|
|
|
@@ -672,9 +730,11 @@ module Veracode
|
|
|
672
730
|
end
|
|
673
731
|
}
|
|
674
732
|
|
|
675
|
-
|
|
676
|
-
|
|
677
|
-
|
|
733
|
+
unless @rails6
|
|
734
|
+
puts "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates" if $options[:verbose]
|
|
735
|
+
log_error "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates"
|
|
736
|
+
log_error "Not all templates were compiled" if ActionView::CompiledTemplates.instance_methods.count < templates.count
|
|
737
|
+
end
|
|
678
738
|
end
|
|
679
739
|
|
|
680
740
|
def self.compile_erb_templates
|
|
@@ -717,7 +777,9 @@ module Veracode
|
|
|
717
777
|
)
|
|
718
778
|
|
|
719
779
|
case t.method(:compile).arity
|
|
720
|
-
when
|
|
780
|
+
when 1 # Rails 6
|
|
781
|
+
t.send(:compile, @view)
|
|
782
|
+
when 2 # Rails 3.1.0+
|
|
721
783
|
t.send(:compile, ActionView::Base.new, ActionView::CompiledTemplates)
|
|
722
784
|
when 3
|
|
723
785
|
t.send(:compile, {}, ActionView::Base.new, ActionView::CompiledTemplates)
|
|
@@ -730,7 +792,7 @@ module Veracode
|
|
|
730
792
|
|
|
731
793
|
}
|
|
732
794
|
|
|
733
|
-
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose]
|
|
795
|
+
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose] && !@rails6
|
|
734
796
|
|
|
735
797
|
end
|
|
736
798
|
|
|
@@ -773,7 +835,9 @@ module Veracode
|
|
|
773
835
|
)
|
|
774
836
|
|
|
775
837
|
case t.method(:compile).arity
|
|
776
|
-
when
|
|
838
|
+
when 1 # Rails 6
|
|
839
|
+
t.send(:compile, @view)
|
|
840
|
+
when 2 # Rails 3.1.0+
|
|
777
841
|
t.send(:compile, ActionView::Base.new, ActionView::CompiledTemplates)
|
|
778
842
|
when 3
|
|
779
843
|
t.send(:compile, {}, ActionView::Base.new, ActionView::CompiledTemplates)
|
|
@@ -786,7 +850,7 @@ module Veracode
|
|
|
786
850
|
|
|
787
851
|
}
|
|
788
852
|
|
|
789
|
-
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose]
|
|
853
|
+
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose] && !@rails6
|
|
790
854
|
|
|
791
855
|
end
|
|
792
856
|
|
|
@@ -804,6 +868,9 @@ module Veracode
|
|
|
804
868
|
lib = "#{part}/#{lib}"
|
|
805
869
|
lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
|
|
806
870
|
begin
|
|
871
|
+
if @rails6 && (lib =~ /node_modules/ || lib == 'debug')
|
|
872
|
+
next
|
|
873
|
+
end
|
|
807
874
|
if cond_require lib
|
|
808
875
|
puts "requiring #{lib}" if $options[:verbose]
|
|
809
876
|
end
|
|
@@ -843,9 +910,6 @@ def self.require_rails(gemdir)
|
|
|
843
910
|
end
|
|
844
911
|
end
|
|
845
912
|
|
|
846
|
-
|
|
847
|
-
|
|
848
|
-
|
|
849
913
|
################################################################################
|
|
850
914
|
# Subcommands
|
|
851
915
|
def self.prepare
|
|
@@ -897,11 +961,12 @@ end
|
|
|
897
961
|
puts "Required rails" if $options[:verbose]
|
|
898
962
|
end
|
|
899
963
|
|
|
964
|
+
@rails6 = Gem::Version.new(Rails.version) >= Gem::Version.new("6.0.0")
|
|
900
965
|
## Imitate script/rails
|
|
901
966
|
# APP_PATH = File.expand_path('config/application')
|
|
902
967
|
# APP_PATH is already set in bin/veracode
|
|
903
968
|
#require File.expand_path('../../config/boot', __FILE__)
|
|
904
|
-
|
|
969
|
+
glob_require "config/boot.rb"
|
|
905
970
|
#require 'rails/commands'
|
|
906
971
|
# this will trigger the console to be launched
|
|
907
972
|
# ARGV.clear
|
|
@@ -910,7 +975,7 @@ end
|
|
|
910
975
|
# require 'rails/commands'
|
|
911
976
|
|
|
912
977
|
## Imitate rails/commands when console
|
|
913
|
-
if Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
|
|
978
|
+
if @rails6 || Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
|
|
914
979
|
cond_require 'rails/command.rb'
|
|
915
980
|
cond_require 'rails/command/actions.rb'
|
|
916
981
|
cond_require 'rails/command/base.rb'
|
|
@@ -964,13 +1029,26 @@ end
|
|
|
964
1029
|
puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
|
|
965
1030
|
end
|
|
966
1031
|
|
|
967
|
-
|
|
968
|
-
|
|
969
|
-
|
|
970
|
-
|
|
1032
|
+
begin
|
|
1033
|
+
if @rails6
|
|
1034
|
+
self.update
|
|
1035
|
+
@view = ActionView::Base.with_empty_template_cache
|
|
1036
|
+
@view_methods = @view.compiled_method_container.instance_methods
|
|
1037
|
+
compile_erb_templates
|
|
1038
|
+
compile_haml_templates
|
|
1039
|
+
self.stats if $options[:verbose]
|
|
1040
|
+
else
|
|
1041
|
+
compile_templates
|
|
1042
|
+
self.update
|
|
1043
|
+
self.stats if $options[:verbose]
|
|
1044
|
+
end
|
|
971
1045
|
|
|
972
|
-
|
|
973
|
-
|
|
1046
|
+
# Ensure compiled templates are fully disassembled in archive
|
|
1047
|
+
@baseline_modules.delete(ActionView::CompiledTemplates) unless @rails6
|
|
1048
|
+
rescue Exception => e
|
|
1049
|
+
puts "Unable to compile templates: #{e.message}" if $options[:verbose]
|
|
1050
|
+
log_error "Unable to compile templates: #{e.message}"
|
|
1051
|
+
end
|
|
974
1052
|
|
|
975
1053
|
if $options[:environment]
|
|
976
1054
|
puts "Processing and disassembling environment"
|
|
@@ -983,7 +1061,11 @@ end
|
|
|
983
1061
|
archive(@baseline_modules, false)
|
|
984
1062
|
add_to_archive "\n# Phase 3 - App disassembly\n"
|
|
985
1063
|
puts "Processing and disassembling #{APP_NAME} classes and modules"
|
|
986
|
-
|
|
1064
|
+
safe_baseline_modules = @baseline_modules.each_with_object(Set.new) { |o, s| s << safe_name(o) }
|
|
1065
|
+
archive(@modules.reject {|o| safe_baseline_modules.include?(safe_name(o))}, true)
|
|
1066
|
+
if @rails6
|
|
1067
|
+
archive_rails6_templates()
|
|
1068
|
+
end
|
|
987
1069
|
archive_schema
|
|
988
1070
|
|
|
989
1071
|
end
|
data/lib/veracode/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,29 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: veracode
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Veracode
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-02-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rubyzip
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '1.
|
|
19
|
+
version: '1.3'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
|
-
- - "
|
|
24
|
+
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '1.
|
|
26
|
+
version: '1.3'
|
|
27
27
|
description: Prepares your Ruby on Rails app for submission to Veracode.
|
|
28
28
|
email: devcontact@veracode.com
|
|
29
29
|
executables:
|
|
@@ -39,7 +39,7 @@ files:
|
|
|
39
39
|
homepage: http://veracode.com/
|
|
40
40
|
licenses: []
|
|
41
41
|
metadata: {}
|
|
42
|
-
post_install_message:
|
|
42
|
+
post_install_message:
|
|
43
43
|
rdoc_options: []
|
|
44
44
|
require_paths:
|
|
45
45
|
- lib
|
|
@@ -50,13 +50,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
50
50
|
version: 1.9.3.0
|
|
51
51
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
52
|
requirements:
|
|
53
|
-
- - "
|
|
53
|
+
- - ">="
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
|
-
version:
|
|
55
|
+
version: '0'
|
|
56
56
|
requirements: []
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
signing_key:
|
|
57
|
+
rubygems_version: 3.1.4
|
|
58
|
+
signing_key:
|
|
60
59
|
specification_version: 4
|
|
61
60
|
summary: Command line tool for preparing your Ruby on Rails app for submission to
|
|
62
61
|
Veracode
|