veracode 1.0.0.alpha17 → 1.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/veracode.rb +128 -46
- data/lib/veracode/version.rb +2 -2
- metadata +12 -13
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 76b474d0295eea0d4627632242cae9e9af1e897af7ac846776b035cb58a0c89b
|
|
4
|
+
data.tar.gz: 65b8f267cbbba773839d7b6980f6de4c85dfdd2e559d793bcb63edc0c8140a99
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a29acbc7213e4f7dd56cbbdeb8fb15bdeb35162955b4ad2fa6c3aaabc557cc7ed2523f562e5c97731fe7ebc44224c772342bcf939001ec3a3ef83a0b3a51ddd9
|
|
7
|
+
data.tar.gz: 86d3da0ae6a302e1df67008f40203b0d2f1fc8c003c7ac109e808f78a8b17ef1df01f8bb2e9aeebafd4df1628822a09bb33fc077f203278ce39f6619135bddf8
|
data/lib/veracode.rb
CHANGED
|
@@ -36,6 +36,7 @@ module Veracode
|
|
|
36
36
|
@archive_filename = nil
|
|
37
37
|
@archive_dirname = nil
|
|
38
38
|
|
|
39
|
+
@expanded_app_dir = Dir.getwd
|
|
39
40
|
|
|
40
41
|
def self.init
|
|
41
42
|
if Gem::Dependency.new('', '~> 2.2.0').match?('', RUBY_VERSION)
|
|
@@ -120,10 +121,11 @@ module Veracode
|
|
|
120
121
|
|
|
121
122
|
@manifest += Dir.glob("*").keep_if {|f| File.file?(f)}
|
|
122
123
|
|
|
123
|
-
#
|
|
124
|
-
%w{app config
|
|
124
|
+
#{app config db doc lib log public script test tmp vendor}
|
|
125
|
+
%w{app config lib log public script}.each {|dirname|
|
|
125
126
|
@manifest += Dir[File.join(dirname, "**", "*")].keep_if {|f| File.file?(f)}
|
|
126
127
|
}
|
|
128
|
+
@manifest += Dir[File.join("vendor", "**", "*.rb")]
|
|
127
129
|
@manifest += Dir[File.join("db", "**", "*.rb")]
|
|
128
130
|
|
|
129
131
|
if $options[:archive_source]
|
|
@@ -288,23 +290,27 @@ module Veracode
|
|
|
288
290
|
end
|
|
289
291
|
|
|
290
292
|
def self.safe_name(o)
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
( o.name.nil? ? o.to_s : o.name.to_s )
|
|
297
|
-
rescue
|
|
293
|
+
begin
|
|
294
|
+
case
|
|
295
|
+
when o == ActiveSupport::TimeWithZone
|
|
296
|
+
"ActiveSupport::TimeWithZone"
|
|
297
|
+
when o.is_a?(Module)
|
|
298
298
|
begin
|
|
299
|
-
( o.nil? ?
|
|
299
|
+
( o.name.nil? ? o.to_s : o.name.to_s )
|
|
300
300
|
rescue
|
|
301
|
-
|
|
301
|
+
begin
|
|
302
|
+
( o.nil? ? "nil" : o.to_s )
|
|
303
|
+
rescue
|
|
304
|
+
( o == nil ? "nil" : o.to_s ) # in case of monkey patched nil?
|
|
305
|
+
end
|
|
302
306
|
end
|
|
307
|
+
when o.is_a?(Method), o.is_a?(UnboundMethod)
|
|
308
|
+
o.name.to_s
|
|
309
|
+
else
|
|
310
|
+
o.to_s
|
|
303
311
|
end
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
else
|
|
307
|
-
o.to_s
|
|
312
|
+
rescue
|
|
313
|
+
"Veracode" #should result in this being dropped from the archive since we can't get a safe name for it
|
|
308
314
|
end
|
|
309
315
|
end
|
|
310
316
|
|
|
@@ -396,8 +402,8 @@ module Veracode
|
|
|
396
402
|
|
|
397
403
|
if with_disasm
|
|
398
404
|
insns = RubyVM::InstructionSequence.disassemble(m)
|
|
399
|
-
formatted += ( (insns.nil? || insns.empty?) ?
|
|
400
|
-
"
|
|
405
|
+
formatted += ( (insns.nil? || insns.empty? || insns[/.*#{@expanded_app_dir}.*/].nil?) ?
|
|
406
|
+
"\n" :
|
|
401
407
|
"#{insns}== end disasm\n"
|
|
402
408
|
)
|
|
403
409
|
end
|
|
@@ -540,7 +546,14 @@ module Veracode
|
|
|
540
546
|
end
|
|
541
547
|
|
|
542
548
|
def self.object_contents(o, with_disasm=true)
|
|
543
|
-
|
|
549
|
+
begin
|
|
550
|
+
return "" unless !o.nil?
|
|
551
|
+
rescue Exception => e
|
|
552
|
+
log_error "Error testing #{o} with nil?. Probable monkey patching. #{e.message}"
|
|
553
|
+
return "" if o == nil
|
|
554
|
+
end
|
|
555
|
+
|
|
556
|
+
return "" unless o.is_a?(Object)
|
|
544
557
|
|
|
545
558
|
puts " object contents" if $options[:verbose]
|
|
546
559
|
|
|
@@ -584,12 +597,28 @@ module Veracode
|
|
|
584
597
|
##############################################################################
|
|
585
598
|
# Archiving Objects
|
|
586
599
|
def self.archive(objects, with_disasm=true)
|
|
587
|
-
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
600
|
+
veracode_artifacts = Set[
|
|
601
|
+
safe_name(Veracode),
|
|
602
|
+
safe_name(Veracode::ActiveRecord),
|
|
603
|
+
safe_name(Veracode::ActiveRecord::Model),
|
|
604
|
+
safe_name(Veracode::ActiveRecord::Schema)
|
|
605
|
+
]
|
|
606
|
+
rails_filters = [
|
|
607
|
+
"ActionCable::",
|
|
608
|
+
"ActionController::",
|
|
609
|
+
"ActionDispatch::",
|
|
610
|
+
"ActionMailer::",
|
|
611
|
+
"ActiveJob::",
|
|
612
|
+
"ActiveSupport::",
|
|
613
|
+
"ActiveStorage::",
|
|
614
|
+
"ActionView::(?!CompiledTemplates)", #Allows Compiled templates with the not group
|
|
615
|
+
"ActiveRecord::",
|
|
616
|
+
]
|
|
617
|
+
objects = objects.reject do |o|
|
|
618
|
+
sn = safe_name(o).dup
|
|
619
|
+
while with_disasm && !sn.slice!(/^#<(Class|Module):/).nil? do sn = sn[0..-2] end #strip #<Class: and #<Module: prefix, strip corresponding > suffix
|
|
620
|
+
veracode_artifacts.include?(sn) || (with_disasm && sn[/^(#{rails_filters.join('|')}).*/])
|
|
621
|
+
end
|
|
593
622
|
|
|
594
623
|
if $options[:verbose]
|
|
595
624
|
puts "Archiving #{objects.count.to_s} objects" + (with_disasm ? " with disassembly" : "")
|
|
@@ -598,18 +627,47 @@ module Veracode
|
|
|
598
627
|
|
|
599
628
|
objects.sort_by {|o| safe_name(o) }.each do |o|
|
|
600
629
|
|
|
601
|
-
|
|
630
|
+
sn = safe_name(o)
|
|
631
|
+
puts "archiving #{o.class.to_s.downcase} #{quote(sn)}" if $options[:verbose]
|
|
602
632
|
|
|
603
|
-
|
|
633
|
+
add_to_archive "#{o.class.to_s.downcase} #{quote(sn)}\n" +
|
|
604
634
|
( o.is_a?(Class) ? class_header(o) : "") + # superclass
|
|
635
|
+
( @rails6 && sn == "ActionView::Base" ? "include \"ActionView::CompiledTemplates\"\n" : "") + #hack for rails 6 compiled template output
|
|
605
636
|
( o.is_a?(Module) ? module_header(o) : "") + # included modules
|
|
606
|
-
(
|
|
637
|
+
( o.is_a?(Object) ? object_contents(o, with_disasm) : "") +
|
|
607
638
|
( o.is_a?(Module) ? module_contents(o, with_disasm) : "") +
|
|
608
639
|
"end#{o.class.to_s.downcase}\n" +
|
|
609
640
|
"\n"
|
|
610
641
|
end
|
|
611
642
|
end
|
|
612
643
|
|
|
644
|
+
def self.archive_rails6_templates
|
|
645
|
+
puts "archiving views" if $options[:verbose]
|
|
646
|
+
o = @view.compiled_method_container
|
|
647
|
+
compiled_views = o.instance_methods - @view_methods
|
|
648
|
+
formatted_contents = ""
|
|
649
|
+
for m_symbol in compiled_views
|
|
650
|
+
begin
|
|
651
|
+
m = o.instance_method(m_symbol)
|
|
652
|
+
formatted_contents += format_method(m, "public_instance", true)
|
|
653
|
+
rescue Exception => e
|
|
654
|
+
log_error "Error archiving singleton method #{m_symbol.to_s.dump}: #{e.message}"
|
|
655
|
+
end
|
|
656
|
+
end
|
|
657
|
+
# fake the module outpput to match what SAF expects from Rails <= 5
|
|
658
|
+
add_to_archive "module \"ActionView::CompiledTemplates\"\n" +
|
|
659
|
+
"extend \"ActiveSupport::Dependencies::ModuleConstMissing\"\n" +
|
|
660
|
+
"extend \"Module::Concerning\"\n" +
|
|
661
|
+
"extend \"ActiveSupport::ToJsonWithActiveSupportEncoder\"\n" +
|
|
662
|
+
"extend \"PP::ObjectMixin\"\n" +
|
|
663
|
+
"extend \"ActiveSupport::Dependencies::Loadable\"\n" +
|
|
664
|
+
"extend \"JSON::Ext::Generator::GeneratorMethods::Object\"\n" +
|
|
665
|
+
"extend \"ActiveSupport::Tryable\"\n" +
|
|
666
|
+
"extend \"Kernel\"\n" +
|
|
667
|
+
formatted_contents +
|
|
668
|
+
"endmodule\n"
|
|
669
|
+
end
|
|
670
|
+
|
|
613
671
|
|
|
614
672
|
def self.compile_templates
|
|
615
673
|
|
|
@@ -672,9 +730,11 @@ module Veracode
|
|
|
672
730
|
end
|
|
673
731
|
}
|
|
674
732
|
|
|
675
|
-
|
|
676
|
-
|
|
677
|
-
|
|
733
|
+
unless @rails6
|
|
734
|
+
puts "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates" if $options[:verbose]
|
|
735
|
+
log_error "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates"
|
|
736
|
+
log_error "Not all templates were compiled" if ActionView::CompiledTemplates.instance_methods.count < templates.count
|
|
737
|
+
end
|
|
678
738
|
end
|
|
679
739
|
|
|
680
740
|
def self.compile_erb_templates
|
|
@@ -717,7 +777,9 @@ module Veracode
|
|
|
717
777
|
)
|
|
718
778
|
|
|
719
779
|
case t.method(:compile).arity
|
|
720
|
-
when
|
|
780
|
+
when 1 # Rails 6
|
|
781
|
+
t.send(:compile, @view)
|
|
782
|
+
when 2 # Rails 3.1.0+
|
|
721
783
|
t.send(:compile, ActionView::Base.new, ActionView::CompiledTemplates)
|
|
722
784
|
when 3
|
|
723
785
|
t.send(:compile, {}, ActionView::Base.new, ActionView::CompiledTemplates)
|
|
@@ -730,7 +792,7 @@ module Veracode
|
|
|
730
792
|
|
|
731
793
|
}
|
|
732
794
|
|
|
733
|
-
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose]
|
|
795
|
+
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose] && !@rails6
|
|
734
796
|
|
|
735
797
|
end
|
|
736
798
|
|
|
@@ -773,7 +835,9 @@ module Veracode
|
|
|
773
835
|
)
|
|
774
836
|
|
|
775
837
|
case t.method(:compile).arity
|
|
776
|
-
when
|
|
838
|
+
when 1 # Rails 6
|
|
839
|
+
t.send(:compile, @view)
|
|
840
|
+
when 2 # Rails 3.1.0+
|
|
777
841
|
t.send(:compile, ActionView::Base.new, ActionView::CompiledTemplates)
|
|
778
842
|
when 3
|
|
779
843
|
t.send(:compile, {}, ActionView::Base.new, ActionView::CompiledTemplates)
|
|
@@ -786,7 +850,7 @@ module Veracode
|
|
|
786
850
|
|
|
787
851
|
}
|
|
788
852
|
|
|
789
|
-
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose]
|
|
853
|
+
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose] && !@rails6
|
|
790
854
|
|
|
791
855
|
end
|
|
792
856
|
|
|
@@ -804,6 +868,9 @@ module Veracode
|
|
|
804
868
|
lib = "#{part}/#{lib}"
|
|
805
869
|
lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
|
|
806
870
|
begin
|
|
871
|
+
if @rails6 && (lib =~ /node_modules/ || lib == 'debug')
|
|
872
|
+
next
|
|
873
|
+
end
|
|
807
874
|
if cond_require lib
|
|
808
875
|
puts "requiring #{lib}" if $options[:verbose]
|
|
809
876
|
end
|
|
@@ -843,9 +910,6 @@ def self.require_rails(gemdir)
|
|
|
843
910
|
end
|
|
844
911
|
end
|
|
845
912
|
|
|
846
|
-
|
|
847
|
-
|
|
848
|
-
|
|
849
913
|
################################################################################
|
|
850
914
|
# Subcommands
|
|
851
915
|
def self.prepare
|
|
@@ -897,11 +961,12 @@ end
|
|
|
897
961
|
puts "Required rails" if $options[:verbose]
|
|
898
962
|
end
|
|
899
963
|
|
|
964
|
+
@rails6 = Gem::Version.new(Rails.version) >= Gem::Version.new("6.0.0")
|
|
900
965
|
## Imitate script/rails
|
|
901
966
|
# APP_PATH = File.expand_path('config/application')
|
|
902
967
|
# APP_PATH is already set in bin/veracode
|
|
903
968
|
#require File.expand_path('../../config/boot', __FILE__)
|
|
904
|
-
|
|
969
|
+
glob_require "config/boot.rb"
|
|
905
970
|
#require 'rails/commands'
|
|
906
971
|
# this will trigger the console to be launched
|
|
907
972
|
# ARGV.clear
|
|
@@ -910,7 +975,7 @@ end
|
|
|
910
975
|
# require 'rails/commands'
|
|
911
976
|
|
|
912
977
|
## Imitate rails/commands when console
|
|
913
|
-
if Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
|
|
978
|
+
if @rails6 || Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
|
|
914
979
|
cond_require 'rails/command.rb'
|
|
915
980
|
cond_require 'rails/command/actions.rb'
|
|
916
981
|
cond_require 'rails/command/base.rb'
|
|
@@ -964,13 +1029,26 @@ end
|
|
|
964
1029
|
puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
|
|
965
1030
|
end
|
|
966
1031
|
|
|
967
|
-
|
|
968
|
-
|
|
969
|
-
|
|
970
|
-
|
|
1032
|
+
begin
|
|
1033
|
+
if @rails6
|
|
1034
|
+
self.update
|
|
1035
|
+
@view = ActionView::Base.with_empty_template_cache
|
|
1036
|
+
@view_methods = @view.compiled_method_container.instance_methods
|
|
1037
|
+
compile_erb_templates
|
|
1038
|
+
compile_haml_templates
|
|
1039
|
+
self.stats if $options[:verbose]
|
|
1040
|
+
else
|
|
1041
|
+
compile_templates
|
|
1042
|
+
self.update
|
|
1043
|
+
self.stats if $options[:verbose]
|
|
1044
|
+
end
|
|
971
1045
|
|
|
972
|
-
|
|
973
|
-
|
|
1046
|
+
# Ensure compiled templates are fully disassembled in archive
|
|
1047
|
+
@baseline_modules.delete(ActionView::CompiledTemplates) unless @rails6
|
|
1048
|
+
rescue Exception => e
|
|
1049
|
+
puts "Unable to compile templates: #{e.message}" if $options[:verbose]
|
|
1050
|
+
log_error "Unable to compile templates: #{e.message}"
|
|
1051
|
+
end
|
|
974
1052
|
|
|
975
1053
|
if $options[:environment]
|
|
976
1054
|
puts "Processing and disassembling environment"
|
|
@@ -983,7 +1061,11 @@ end
|
|
|
983
1061
|
archive(@baseline_modules, false)
|
|
984
1062
|
add_to_archive "\n# Phase 3 - App disassembly\n"
|
|
985
1063
|
puts "Processing and disassembling #{APP_NAME} classes and modules"
|
|
986
|
-
|
|
1064
|
+
safe_baseline_modules = @baseline_modules.each_with_object(Set.new) { |o, s| s << safe_name(o) }
|
|
1065
|
+
archive(@modules.reject {|o| safe_baseline_modules.include?(safe_name(o))}, true)
|
|
1066
|
+
if @rails6
|
|
1067
|
+
archive_rails6_templates()
|
|
1068
|
+
end
|
|
987
1069
|
archive_schema
|
|
988
1070
|
|
|
989
1071
|
end
|
data/lib/veracode/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,29 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: veracode
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Veracode
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-02-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rubyzip
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '1.
|
|
19
|
+
version: '1.3'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
|
-
- - "
|
|
24
|
+
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '1.
|
|
26
|
+
version: '1.3'
|
|
27
27
|
description: Prepares your Ruby on Rails app for submission to Veracode.
|
|
28
28
|
email: devcontact@veracode.com
|
|
29
29
|
executables:
|
|
@@ -39,7 +39,7 @@ files:
|
|
|
39
39
|
homepage: http://veracode.com/
|
|
40
40
|
licenses: []
|
|
41
41
|
metadata: {}
|
|
42
|
-
post_install_message:
|
|
42
|
+
post_install_message:
|
|
43
43
|
rdoc_options: []
|
|
44
44
|
require_paths:
|
|
45
45
|
- lib
|
|
@@ -50,13 +50,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
50
50
|
version: 1.9.3.0
|
|
51
51
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
52
|
requirements:
|
|
53
|
-
- - "
|
|
53
|
+
- - ">="
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
|
-
version:
|
|
55
|
+
version: '0'
|
|
56
56
|
requirements: []
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
signing_key:
|
|
57
|
+
rubygems_version: 3.1.4
|
|
58
|
+
signing_key:
|
|
60
59
|
specification_version: 4
|
|
61
60
|
summary: Command line tool for preparing your Ruby on Rails app for submission to
|
|
62
61
|
Veracode
|