veracode 1.0.0.alpha18 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e42ef047b5e2b3f33eba714c33d5c13aa393679e704633ac93df478b6697c811
-  data.tar.gz: 5adf88dcca009894d9f1631061750d108e9ec3ab77de5ac6083c95aeda5db4e6
+  metadata.gz: ae78d2f7729f0e00a2215edc4cee0d007ff0d653fb3d7cea8962e25de1548a98
+  data.tar.gz: f951565e38308c4335b5de9517fc750090957f068dc8ab3baa3eb3f9e3ea21e6
 SHA512:
-  metadata.gz: afcf1ebbc31dfb94ade508fdf858f6815a088d66d40982f82e2f7c439929b3eb2c803b5d238cea1825f7ed5f60cb0d483caa4d85032542d60e91be970c9d2db2
-  data.tar.gz: 8dd0fa92c21625c40df171a9ee8d4f5a8dc4f37f53f8a1dd223f5fbd8e5aefc1d0279915ff368d24b228eef690b0cafb5407a85c1cbb743e17e5127b34830c15
+  metadata.gz: 915f08c9538670e0218bd7b4e7e9597593532ee36dc41942d61ce28f0a72d3c001d6aa7d67b27cd23932aed3a8b32c853f71266b01fd1d1392fd3f5f83f5c89e
+  data.tar.gz: f8322116797c6934403a56c48328451efd27128f7c4eff1d6272e37ed6e860e436cd8f90a557d1f8bac516dc153f91fa88dac70bd1448a28e64b21f3ba828535

data/bin/veracode

@@ -25,7 +25,7 @@ $options =  {
               :include_inherited => false,
               :environment => false,
               :verbose => false,
-              :jruby => false,
+              :skipenvironment => false,
               :skipactiverecord => false,
               :skipactionview => false,
               :skipsprockets => false,
@@ -42,8 +42,8 @@ case subcommand
         $options[:verbose] = true
       end
 
-      opts.on("-j", "--jruby", "Force JRuby mode") do
-        $options[:jruby] = true
+      opts.on("-E", "--skip-environment", "Skip environment") do
+        $options[:skipenvironment] = true
       end
 
       opts.on("-O", "--skip-active-record", "Skip ActiveRecord") do
@@ -70,6 +70,17 @@ case subcommand
         $options[:snapshot] = true
       end
 
+      # only print the options that match the documentation in the help center
+      opts.on("-h", "--help", "Print help") do
+        msg = <<-HELPMSG.strip
+Usage: veracode prepare [options]
+    -v, --verbose                    Run verbosely
+    -D, --debug                      Enable debug output
+        HELPMSG
+        puts msg
+        exit
+      end
+
     end.parse!
 
     Veracode.prepare

data/lib/veracode.rb

@@ -36,6 +36,7 @@ module Veracode
   @archive_filename = nil
   @archive_dirname = nil
 
+  @expanded_app_dir = Dir.getwd
 
   def self.init
     if Gem::Dependency.new('', '~> 2.2.0').match?('', RUBY_VERSION)
@@ -120,10 +121,11 @@ module Veracode
 
     @manifest += Dir.glob("*").keep_if {|f| File.file?(f)}
 
-#     {app config db doc lib log public script test tmp vendor}
-    %w{app config        lib log public script          vendor}.each {|dirname|
+    #{app config db doc lib log public script test tmp vendor}
+    %w{app config lib log public script}.each {|dirname|
       @manifest += Dir[File.join(dirname, "**", "*")].keep_if {|f| File.file?(f)}
     }
+    @manifest += Dir[File.join("vendor", "**", "*.rb")]
     @manifest += Dir[File.join("db", "**", "*.rb")]
 
     if $options[:archive_source]
@@ -288,24 +290,27 @@ module Veracode
   end
 
   def self.safe_name(o)
-    case 
-    when o == ActiveSupport::TimeWithZone
-      "ActiveSupport::TimeWithZone"
-    when o.is_a?(Module)
-      begin
-        ( o.name.nil? ? o.to_s : o.name.to_s )
-      rescue
+    begin
+      case 
+      when o == ActiveSupport::TimeWithZone
+        "ActiveSupport::TimeWithZone"
+      when o.is_a?(Module)
         begin
-          ( o.nil? ? "nil" : o.to_s )
+          ( o.name.nil? ? o.to_s : o.name.to_s )
         rescue
-          log_error "Error testing #{o} with nil?. Probable monkey patching. #{e.message}"
-          ( o == nil ? "nil" : o.to_s ) # in case of monkey patched nil?
+          begin
+            ( o.nil? ? "nil" : o.to_s )
+          rescue
+              ( o == nil ? "nil" : o.to_s ) # in case of monkey patched nil?
+          end
         end
+      when o.is_a?(Method), o.is_a?(UnboundMethod)
+        o.name.to_s
+      else
+        o.to_s
       end
-    when o.is_a?(Method), o.is_a?(UnboundMethod)
-      o.name.to_s
-    else
-      o.to_s
+    rescue
+      "Veracode" #should result in this being dropped from the archive since we can't get a safe name for it
     end
   end
   
@@ -397,8 +402,8 @@ module Veracode
 
     if with_disasm
       insns = RubyVM::InstructionSequence.disassemble(m)
-      formatted += ( (insns.nil? || insns.empty?) ? 
-                     "== disasm\n== end disasm\n" : 
+      formatted += ( (insns.nil? || insns.empty? || insns[/.*#{@expanded_app_dir}.*/].nil?) ? 
+                     "\n" :
                      "#{insns}== end disasm\n" 
                    )
     end
@@ -598,7 +603,22 @@ module Veracode
       safe_name(Veracode::ActiveRecord::Model),
       safe_name(Veracode::ActiveRecord::Schema)
     ]
-    objects = objects.reject { |o| veracode_artifacts.include?(safe_name(o)) }
+    rails_filters = [
+      "ActionCable::",
+      "ActionController::",
+      "ActionDispatch::",
+      "ActionMailer::",
+      "ActiveJob::",
+      "ActiveSupport::",
+      "ActiveStorage::",
+      "ActionView::(?!CompiledTemplates)", #Allows Compiled templates with the not group
+      "ActiveRecord::",
+    ]
+    objects = objects.reject do |o|
+      sn = safe_name(o).dup
+      while with_disasm && !sn.slice!(/^#<(Class|Module):/).nil? do sn = sn[0..-2] end #strip #<Class: and #<Module: prefix, strip corresponding > suffix
+      veracode_artifacts.include?(sn) || (with_disasm && sn[/^(#{rails_filters.join('|')}).*/])
+    end
 
     if $options[:verbose]
       puts "Archiving #{objects.count.to_s} objects" + (with_disasm ? " with disassembly" : "")
@@ -607,10 +627,12 @@ module Veracode
 
     objects.sort_by {|o| safe_name(o) }.each do |o|
 
-      puts "archiving #{o.class.to_s.downcase} #{quote(safe_name(o))}" if $options[:verbose]
+      sn = safe_name(o)
+      puts "archiving #{o.class.to_s.downcase} #{quote(sn)}" if $options[:verbose]
 
-      add_to_archive "#{o.class.to_s.downcase} #{quote(safe_name(o))}\n" + 
+      add_to_archive "#{o.class.to_s.downcase} #{quote(sn)}\n" + 
                    ( o.is_a?(Class)  ? class_header(o)  : "") + # superclass
+                   ( @rails6 && sn == "ActionView::Base" ? "include \"ActionView::CompiledTemplates\"\n" : "") + #hack for rails 6 compiled template output
                    ( o.is_a?(Module) ? module_header(o) : "") + # included modules
                    ( o.is_a?(Object) ? object_contents(o, with_disasm) : "") + 
                    ( o.is_a?(Module) ? module_contents(o, with_disasm) : "") + 
@@ -619,6 +641,33 @@ module Veracode
     end
   end
 
+  def self.archive_rails6_templates
+    puts "archiving views" if $options[:verbose]
+    o = @view.compiled_method_container
+    compiled_views = o.instance_methods - @view_methods
+    formatted_contents = ""
+    for m_symbol in compiled_views
+      begin
+        m = o.instance_method(m_symbol)
+        formatted_contents += format_method(m, "public_instance", true)
+      rescue Exception => e
+        log_error "Error archiving singleton method #{m_symbol.to_s.dump}: #{e.message}"
+      end
+    end
+    # fake the module outpput to match what SAF expects from Rails <= 5
+    add_to_archive "module \"ActionView::CompiledTemplates\"\n" + 
+                   "extend \"ActiveSupport::Dependencies::ModuleConstMissing\"\n" +
+                   "extend \"Module::Concerning\"\n" +
+                   "extend \"ActiveSupport::ToJsonWithActiveSupportEncoder\"\n" +
+                   "extend \"PP::ObjectMixin\"\n" +
+                   "extend \"ActiveSupport::Dependencies::Loadable\"\n" +
+                   "extend \"JSON::Ext::Generator::GeneratorMethods::Object\"\n" +
+                   "extend \"ActiveSupport::Tryable\"\n" +
+                   "extend \"Kernel\"\n" +
+                   formatted_contents +
+                   "endmodule\n"
+  end
+
 
   def self.compile_templates
 
@@ -681,9 +730,11 @@ module Veracode
       end
     }
 
-    puts "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates" if $options[:verbose]
-    log_error "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates"
-    log_error "Not all templates were compiled" if ActionView::CompiledTemplates.instance_methods.count < templates.count
+    unless @rails6
+      puts "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates" if $options[:verbose]
+      log_error "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates"
+      log_error "Not all templates were compiled" if ActionView::CompiledTemplates.instance_methods.count < templates.count
+    end
   end
 
   def self.compile_erb_templates
@@ -726,7 +777,9 @@ module Veracode
         )
 
         case t.method(:compile).arity
-        when 2  # Rails 3.1.0+
+        when 1 # Rails 6
+          t.send(:compile, @view)
+        when 2 # Rails 3.1.0+
           t.send(:compile, ActionView::Base.new, ActionView::CompiledTemplates)
         when 3
           t.send(:compile, {}, ActionView::Base.new, ActionView::CompiledTemplates)
@@ -739,7 +792,7 @@ module Veracode
 
     }
 
-    puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose]
+    puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose] && !@rails6
 
   end
 
@@ -782,7 +835,9 @@ module Veracode
         )
 
         case t.method(:compile).arity
-        when 2  # Rails 3.1.0+
+        when 1 # Rails 6
+          t.send(:compile, @view) 
+        when 2 # Rails 3.1.0+
           t.send(:compile, ActionView::Base.new, ActionView::CompiledTemplates)
         when 3
           t.send(:compile, {}, ActionView::Base.new, ActionView::CompiledTemplates)
@@ -795,7 +850,7 @@ module Veracode
 
     }
 
-    puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose]
+    puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose] && !@rails6
 
   end
 
@@ -813,6 +868,9 @@ module Veracode
               lib = "#{part}/#{lib}"
               lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
             begin
+              if @rails6 && (lib =~ /node_modules/ || lib == 'debug')
+                next
+              end
               if cond_require lib
                 puts "requiring #{lib}" if $options[:verbose]
               end
@@ -852,9 +910,6 @@ def self.require_rails(gemdir)
   end
 end
 
-
-
-
 ################################################################################
 # Subcommands
   def self.prepare
@@ -906,11 +961,12 @@ end
       puts "Required rails" if $options[:verbose]
     end
 
+    @rails6 = Gem::Version.new(Rails.version) >= Gem::Version.new("6.0.0")
     ## Imitate script/rails
     # APP_PATH = File.expand_path('config/application')
     # APP_PATH is already set in bin/veracode
     #require File.expand_path('../../config/boot',  __FILE__)
-     glob_require "config/boot.rb"
+    glob_require "config/boot.rb"
     #require 'rails/commands'
       # this will trigger the console to be launched
       # ARGV.clear
@@ -919,7 +975,7 @@ end
       # require 'rails/commands'
 
     ## Imitate rails/commands when console
-    if Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
+    if @rails6 || Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
       cond_require 'rails/command.rb'
       cond_require 'rails/command/actions.rb'
       cond_require 'rails/command/base.rb'
@@ -933,7 +989,11 @@ end
 
     glob_require "config/application.rb"
 
-    Rails.application.require_environment! unless $options[:jruby]
+    begin
+      Rails.application.require_environment! unless $options[:skipenvironment]
+    rescue Exception => e
+      log_error "Unable to require environment: #{e.message}"
+    end
     # Following line will actually kick off IRB
     # Rails::Console.start(Rails.application)
     
@@ -973,13 +1033,26 @@ end
         puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
       end
 
-      compile_templates
-
-      self.update
-      self.stats if $options[:verbose]
+      begin
+        if @rails6
+          self.update
+          @view = ActionView::Base.with_empty_template_cache
+          @view_methods = @view.compiled_method_container.instance_methods
+          compile_erb_templates
+          compile_haml_templates
+          self.stats if $options[:verbose]
+        else
+          compile_templates
+          self.update
+          self.stats if $options[:verbose]
+        end
 
-      # Ensure compiled templates are fully disassembled in archive
-      @baseline_modules.delete(ActionView::CompiledTemplates)
+        # Ensure compiled templates are fully disassembled in archive
+        @baseline_modules.delete(ActionView::CompiledTemplates) unless @rails6
+      rescue Exception => e
+        puts "Unable to compile templates: #{e.message}" if $options[:verbose]
+        log_error "Unable to compile templates: #{e.message}"
+      end
 
       if $options[:environment]
         puts "Processing and disassembling environment"
@@ -994,6 +1067,9 @@ end
         puts "Processing and disassembling #{APP_NAME} classes and modules"
         safe_baseline_modules = @baseline_modules.each_with_object(Set.new) { |o, s| s << safe_name(o) }
         archive(@modules.reject {|o| safe_baseline_modules.include?(safe_name(o))}, true)
+        if @rails6
+          archive_rails6_templates()
+        end
         archive_schema
 
       end
@@ -1003,6 +1079,7 @@ end
         log_error e.message
         log_error e.backtrace.join("\n")
       else
+        puts "Failed to prepare veracode archive. Please see #{@archive_dirname + '/' + @errorlog_filename}."
         raise
       end
     end

data/lib/veracode/version.rb

@@ -1,4 +1,4 @@
 module Veracode
-  VERSION = '1.0.0.alpha18'
-  ARCHIVE_VERSION = '2012-07-04'
+  VERSION = '1.1.0'
+  ARCHIVE_VERSION = '2020-06-29'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: veracode
 version: !ruby/object:Gem::Version
-  version: 1.0.0.alpha18
+  version: 1.1.0
 platform: ruby
 authors:
 - Veracode
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-10 00:00:00.000000000 Z
+date: 2021-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubyzip
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.3'
 description: Prepares your Ruby on Rails app for submission to Veracode.
 email: devcontact@veracode.com
 executables:
@@ -39,7 +39,7 @@ files:
 homepage: http://veracode.com/
 licenses: []
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -50,13 +50,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 1.9.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.8
-signing_key: 
+rubygems_version: 3.0.8
+signing_key:
 specification_version: 4
 summary: Command line tool for preparing your Ruby on Rails app for submission to
   Veracode