veracode 1.0.0.alpha19 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/veracode.rb +88 -24
- data/lib/veracode/version.rb +2 -2
- metadata +8 -9
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 32f374241e790d16dcc804e4dd3dbbb754417e0b99afa9a3c2ab9fe80ef6466d
|
4
|
+
data.tar.gz: a10a06a8bb5b5d573808c3f2855e3b7ba9eecf2535f975f13966e755771b9dc0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 66f1e39a03ef77a76bc33febbbe7e7778f3d653f2d76f5eba02c0e93a26e0eacf2e3fecfd14a3281281c6ebcf27330d219ffded199ad56db7c5791658bcb66ff
|
7
|
+
data.tar.gz: b9498b2e70b3b3c3b509937d5001067c9fe710388e7b86ab1a98c607810c41862f932b91d4112530473e412653bd861b687561af8339c662622f69e50efb4017
|
data/lib/veracode.rb
CHANGED
@@ -36,6 +36,7 @@ module Veracode
|
|
36
36
|
@archive_filename = nil
|
37
37
|
@archive_dirname = nil
|
38
38
|
|
39
|
+
@expanded_app_dir = Dir.getwd
|
39
40
|
|
40
41
|
def self.init
|
41
42
|
if Gem::Dependency.new('', '~> 2.2.0').match?('', RUBY_VERSION)
|
@@ -120,10 +121,11 @@ module Veracode
|
|
120
121
|
|
121
122
|
@manifest += Dir.glob("*").keep_if {|f| File.file?(f)}
|
122
123
|
|
123
|
-
#
|
124
|
-
%w{app config
|
124
|
+
#{app config db doc lib log public script test tmp vendor}
|
125
|
+
%w{app config lib log public script}.each {|dirname|
|
125
126
|
@manifest += Dir[File.join(dirname, "**", "*")].keep_if {|f| File.file?(f)}
|
126
127
|
}
|
128
|
+
@manifest += Dir[File.join("vendor", "**", "*.rb")]
|
127
129
|
@manifest += Dir[File.join("db", "**", "*.rb")]
|
128
130
|
|
129
131
|
if $options[:archive_source]
|
@@ -400,8 +402,8 @@ module Veracode
|
|
400
402
|
|
401
403
|
if with_disasm
|
402
404
|
insns = RubyVM::InstructionSequence.disassemble(m)
|
403
|
-
formatted += ( (insns.nil? || insns.empty?) ?
|
404
|
-
"
|
405
|
+
formatted += ( (insns.nil? || insns.empty? || insns[/.*#{@expanded_app_dir}.*/].nil?) ?
|
406
|
+
"\n" :
|
405
407
|
"#{insns}== end disasm\n"
|
406
408
|
)
|
407
409
|
end
|
@@ -601,7 +603,22 @@ module Veracode
|
|
601
603
|
safe_name(Veracode::ActiveRecord::Model),
|
602
604
|
safe_name(Veracode::ActiveRecord::Schema)
|
603
605
|
]
|
604
|
-
|
606
|
+
rails_filters = [
|
607
|
+
"ActionCable::",
|
608
|
+
"ActionController::",
|
609
|
+
"ActionDispatch::",
|
610
|
+
"ActionMailer::",
|
611
|
+
"ActiveJob::",
|
612
|
+
"ActiveSupport::",
|
613
|
+
"ActiveStorage::",
|
614
|
+
"ActionView::(?!CompiledTemplates)", #Allows Compiled templates with the not group
|
615
|
+
"ActiveRecord::",
|
616
|
+
]
|
617
|
+
objects = objects.reject do |o|
|
618
|
+
sn = safe_name(o).dup
|
619
|
+
while with_disasm && !sn.slice!(/^#<(Class|Module):/).nil? do sn = sn[0..-2] end #strip #<Class: and #<Module: prefix, strip corresponding > suffix
|
620
|
+
veracode_artifacts.include?(sn) || (with_disasm && sn[/^(#{rails_filters.join('|')}).*/])
|
621
|
+
end
|
605
622
|
|
606
623
|
if $options[:verbose]
|
607
624
|
puts "Archiving #{objects.count.to_s} objects" + (with_disasm ? " with disassembly" : "")
|
@@ -610,10 +627,12 @@ module Veracode
|
|
610
627
|
|
611
628
|
objects.sort_by {|o| safe_name(o) }.each do |o|
|
612
629
|
|
613
|
-
|
630
|
+
sn = safe_name(o)
|
631
|
+
puts "archiving #{o.class.to_s.downcase} #{quote(sn)}" if $options[:verbose]
|
614
632
|
|
615
|
-
add_to_archive "#{o.class.to_s.downcase} #{quote(
|
633
|
+
add_to_archive "#{o.class.to_s.downcase} #{quote(sn)}\n" +
|
616
634
|
( o.is_a?(Class) ? class_header(o) : "") + # superclass
|
635
|
+
( @rails6 && sn == "ActionView::Base" ? "include \"ActionView::CompiledTemplates\"\n" : "") + #hack for rails 6 compiled template output
|
617
636
|
( o.is_a?(Module) ? module_header(o) : "") + # included modules
|
618
637
|
( o.is_a?(Object) ? object_contents(o, with_disasm) : "") +
|
619
638
|
( o.is_a?(Module) ? module_contents(o, with_disasm) : "") +
|
@@ -622,6 +641,33 @@ module Veracode
|
|
622
641
|
end
|
623
642
|
end
|
624
643
|
|
644
|
+
def self.archive_rails6_templates
|
645
|
+
puts "archiving views" if $options[:verbose]
|
646
|
+
o = @view.compiled_method_container
|
647
|
+
compiled_views = o.instance_methods - @view_methods
|
648
|
+
formatted_contents = ""
|
649
|
+
for m_symbol in compiled_views
|
650
|
+
begin
|
651
|
+
m = o.instance_method(m_symbol)
|
652
|
+
formatted_contents += format_method(m, "public_instance", true)
|
653
|
+
rescue Exception => e
|
654
|
+
log_error "Error archiving singleton method #{m_symbol.to_s.dump}: #{e.message}"
|
655
|
+
end
|
656
|
+
end
|
657
|
+
# fake the module outpput to match what SAF expects from Rails <= 5
|
658
|
+
add_to_archive "module \"ActionView::CompiledTemplates\"\n" +
|
659
|
+
"extend \"ActiveSupport::Dependencies::ModuleConstMissing\"\n" +
|
660
|
+
"extend \"Module::Concerning\"\n" +
|
661
|
+
"extend \"ActiveSupport::ToJsonWithActiveSupportEncoder\"\n" +
|
662
|
+
"extend \"PP::ObjectMixin\"\n" +
|
663
|
+
"extend \"ActiveSupport::Dependencies::Loadable\"\n" +
|
664
|
+
"extend \"JSON::Ext::Generator::GeneratorMethods::Object\"\n" +
|
665
|
+
"extend \"ActiveSupport::Tryable\"\n" +
|
666
|
+
"extend \"Kernel\"\n" +
|
667
|
+
formatted_contents +
|
668
|
+
"endmodule\n"
|
669
|
+
end
|
670
|
+
|
625
671
|
|
626
672
|
def self.compile_templates
|
627
673
|
|
@@ -684,9 +730,11 @@ module Veracode
|
|
684
730
|
end
|
685
731
|
}
|
686
732
|
|
687
|
-
|
688
|
-
|
689
|
-
|
733
|
+
unless @rails6
|
734
|
+
puts "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates" if $options[:verbose]
|
735
|
+
log_error "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates"
|
736
|
+
log_error "Not all templates were compiled" if ActionView::CompiledTemplates.instance_methods.count < templates.count
|
737
|
+
end
|
690
738
|
end
|
691
739
|
|
692
740
|
def self.compile_erb_templates
|
@@ -729,7 +777,9 @@ module Veracode
|
|
729
777
|
)
|
730
778
|
|
731
779
|
case t.method(:compile).arity
|
732
|
-
when
|
780
|
+
when 1 # Rails 6
|
781
|
+
t.send(:compile, @view)
|
782
|
+
when 2 # Rails 3.1.0+
|
733
783
|
t.send(:compile, ActionView::Base.new, ActionView::CompiledTemplates)
|
734
784
|
when 3
|
735
785
|
t.send(:compile, {}, ActionView::Base.new, ActionView::CompiledTemplates)
|
@@ -742,7 +792,7 @@ module Veracode
|
|
742
792
|
|
743
793
|
}
|
744
794
|
|
745
|
-
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose]
|
795
|
+
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose] && !@rails6
|
746
796
|
|
747
797
|
end
|
748
798
|
|
@@ -785,7 +835,9 @@ module Veracode
|
|
785
835
|
)
|
786
836
|
|
787
837
|
case t.method(:compile).arity
|
788
|
-
when
|
838
|
+
when 1 # Rails 6
|
839
|
+
t.send(:compile, @view)
|
840
|
+
when 2 # Rails 3.1.0+
|
789
841
|
t.send(:compile, ActionView::Base.new, ActionView::CompiledTemplates)
|
790
842
|
when 3
|
791
843
|
t.send(:compile, {}, ActionView::Base.new, ActionView::CompiledTemplates)
|
@@ -798,7 +850,7 @@ module Veracode
|
|
798
850
|
|
799
851
|
}
|
800
852
|
|
801
|
-
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose]
|
853
|
+
puts "Compiled templates: " + ActionView::CompiledTemplates.instance_methods.count.to_s if $options[:verbose] && !@rails6
|
802
854
|
|
803
855
|
end
|
804
856
|
|
@@ -816,6 +868,9 @@ module Veracode
|
|
816
868
|
lib = "#{part}/#{lib}"
|
817
869
|
lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
|
818
870
|
begin
|
871
|
+
if @rails6 && (lib =~ /node_modules/ || lib == 'debug')
|
872
|
+
next
|
873
|
+
end
|
819
874
|
if cond_require lib
|
820
875
|
puts "requiring #{lib}" if $options[:verbose]
|
821
876
|
end
|
@@ -855,9 +910,6 @@ def self.require_rails(gemdir)
|
|
855
910
|
end
|
856
911
|
end
|
857
912
|
|
858
|
-
|
859
|
-
|
860
|
-
|
861
913
|
################################################################################
|
862
914
|
# Subcommands
|
863
915
|
def self.prepare
|
@@ -909,11 +961,12 @@ end
|
|
909
961
|
puts "Required rails" if $options[:verbose]
|
910
962
|
end
|
911
963
|
|
964
|
+
@rails6 = Gem::Version.new(Rails.version) >= Gem::Version.new("6.0.0")
|
912
965
|
## Imitate script/rails
|
913
966
|
# APP_PATH = File.expand_path('config/application')
|
914
967
|
# APP_PATH is already set in bin/veracode
|
915
968
|
#require File.expand_path('../../config/boot', __FILE__)
|
916
|
-
|
969
|
+
glob_require "config/boot.rb"
|
917
970
|
#require 'rails/commands'
|
918
971
|
# this will trigger the console to be launched
|
919
972
|
# ARGV.clear
|
@@ -922,7 +975,7 @@ end
|
|
922
975
|
# require 'rails/commands'
|
923
976
|
|
924
977
|
## Imitate rails/commands when console
|
925
|
-
if Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
|
978
|
+
if @rails6 || Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
|
926
979
|
cond_require 'rails/command.rb'
|
927
980
|
cond_require 'rails/command/actions.rb'
|
928
981
|
cond_require 'rails/command/base.rb'
|
@@ -976,13 +1029,21 @@ end
|
|
976
1029
|
puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
|
977
1030
|
end
|
978
1031
|
|
979
|
-
|
980
|
-
|
981
|
-
|
982
|
-
|
1032
|
+
if @rails6
|
1033
|
+
self.update
|
1034
|
+
@view = ActionView::Base.with_empty_template_cache
|
1035
|
+
@view_methods = @view.compiled_method_container.instance_methods
|
1036
|
+
compile_erb_templates
|
1037
|
+
compile_haml_templates
|
1038
|
+
self.stats if $options[:verbose]
|
1039
|
+
else
|
1040
|
+
compile_templates
|
1041
|
+
self.update
|
1042
|
+
self.stats if $options[:verbose]
|
1043
|
+
end
|
983
1044
|
|
984
1045
|
# Ensure compiled templates are fully disassembled in archive
|
985
|
-
@baseline_modules.delete(ActionView::CompiledTemplates)
|
1046
|
+
@baseline_modules.delete(ActionView::CompiledTemplates) unless @rails6
|
986
1047
|
|
987
1048
|
if $options[:environment]
|
988
1049
|
puts "Processing and disassembling environment"
|
@@ -997,6 +1058,9 @@ end
|
|
997
1058
|
puts "Processing and disassembling #{APP_NAME} classes and modules"
|
998
1059
|
safe_baseline_modules = @baseline_modules.each_with_object(Set.new) { |o, s| s << safe_name(o) }
|
999
1060
|
archive(@modules.reject {|o| safe_baseline_modules.include?(safe_name(o))}, true)
|
1061
|
+
if @rails6
|
1062
|
+
archive_rails6_templates()
|
1063
|
+
end
|
1000
1064
|
archive_schema
|
1001
1065
|
|
1002
1066
|
end
|
data/lib/veracode/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: veracode
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.0
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Veracode
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-08-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rubyzip
|
@@ -39,7 +39,7 @@ files:
|
|
39
39
|
homepage: http://veracode.com/
|
40
40
|
licenses: []
|
41
41
|
metadata: {}
|
42
|
-
post_install_message:
|
42
|
+
post_install_message:
|
43
43
|
rdoc_options: []
|
44
44
|
require_paths:
|
45
45
|
- lib
|
@@ -50,13 +50,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
50
50
|
version: 1.9.3.0
|
51
51
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
52
52
|
requirements:
|
53
|
-
- - "
|
53
|
+
- - ">="
|
54
54
|
- !ruby/object:Gem::Version
|
55
|
-
version:
|
55
|
+
version: '0'
|
56
56
|
requirements: []
|
57
|
-
|
58
|
-
|
59
|
-
signing_key:
|
57
|
+
rubygems_version: 3.1.2
|
58
|
+
signing_key:
|
60
59
|
specification_version: 4
|
61
60
|
summary: Command line tool for preparing your Ruby on Rails app for submission to
|
62
61
|
Veracode
|