veracode 1.0.0.alpha2 → 1.0.0.alpha3
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/veracode/gems.rb +48 -0
- data/lib/veracode/schema.rb +83 -0
- data/lib/veracode/version.rb +2 -1
- data/lib/veracode.rb +28 -23
- metadata +6 -4
@@ -0,0 +1,48 @@
|
|
1
|
+
module Veracode
|
2
|
+
SupportedGems = %w{
|
3
|
+
actionmailer
|
4
|
+
actionpack
|
5
|
+
activemodel
|
6
|
+
activerecord
|
7
|
+
activeresource
|
8
|
+
activesupport
|
9
|
+
arel
|
10
|
+
builder
|
11
|
+
erubis
|
12
|
+
haml
|
13
|
+
haml-rails
|
14
|
+
rails
|
15
|
+
railties
|
16
|
+
veracode
|
17
|
+
}
|
18
|
+
|
19
|
+
def self.list_gems
|
20
|
+
|
21
|
+
gems = `bundle list`.each_line
|
22
|
+
.reject {|line| line !~ /^ \* /}
|
23
|
+
.map {|line| line[4..-1]}
|
24
|
+
.map {|line| line.split.first}
|
25
|
+
|
26
|
+
begin
|
27
|
+
File.open(@gems_filename, "wb") {|gems_file|
|
28
|
+
gems_file.puts '<supportissues>'
|
29
|
+
gems.each {|gem|
|
30
|
+
gems_file << <<GEMS_XML
|
31
|
+
<supportissue>
|
32
|
+
<platform>ruby</platform>
|
33
|
+
<name>#{gem}</name>
|
34
|
+
<token>#{gem}</token>
|
35
|
+
<package>rubygem.#{gem}</package>
|
36
|
+
<errorlevel>#{(SupportedGems.include?(gem) ? "info" : "warn" )}</errorlevel>
|
37
|
+
<type>framework_unsupported</type>
|
38
|
+
</supportissue>
|
39
|
+
GEMS_XML
|
40
|
+
}
|
41
|
+
gems_file.puts '</supportissues>'
|
42
|
+
}
|
43
|
+
rescue Exception => e
|
44
|
+
log_error "Unable to write to gem list to file #{@gems_filename}: #{e.message}"
|
45
|
+
end
|
46
|
+
|
47
|
+
end
|
48
|
+
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
module Veracode
|
2
|
+
module ActiveRecord
|
3
|
+
class Model
|
4
|
+
attr_reader :name, :attributes
|
5
|
+
def initialize(name)
|
6
|
+
@name = name
|
7
|
+
@attributes = Array.new
|
8
|
+
end
|
9
|
+
def binary(name, *rest)
|
10
|
+
@attributes << [name, :binary]
|
11
|
+
end
|
12
|
+
def boolean(name, *rest)
|
13
|
+
@attributes << [name, :boolean]
|
14
|
+
end
|
15
|
+
def date(name, *rest)
|
16
|
+
@attributes << [name, :date]
|
17
|
+
end
|
18
|
+
def datetime(name, *rest)
|
19
|
+
@attributes << [name, :datetime]
|
20
|
+
end
|
21
|
+
def decimal(name, *rest)
|
22
|
+
@attributes << [name, :decimal]
|
23
|
+
end
|
24
|
+
def float(name, *rest)
|
25
|
+
@attributes << [name, :float]
|
26
|
+
end
|
27
|
+
def integer(name, *rest)
|
28
|
+
@attributes << [name, :integer]
|
29
|
+
end
|
30
|
+
def primary_key(name, *rest)
|
31
|
+
@attributes << [name, :primary_key]
|
32
|
+
end
|
33
|
+
def string(name, *rest)
|
34
|
+
@attributes << [name, :string]
|
35
|
+
end
|
36
|
+
def text(name, *rest)
|
37
|
+
@attributes << [name, :text]
|
38
|
+
end
|
39
|
+
def time(name, *rest)
|
40
|
+
@attributes << [name, :time]
|
41
|
+
end
|
42
|
+
def timestamp(name, *rest)
|
43
|
+
@attributes << [name, :timestamp]
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
class Schema
|
48
|
+
def self.define(info={}, &block)
|
49
|
+
Schema.new.instance_eval(&block)
|
50
|
+
end
|
51
|
+
def create_table(name, options={})
|
52
|
+
td = Model.new(name)
|
53
|
+
td.integer('id')
|
54
|
+
yield td if block_given?
|
55
|
+
Veracode.add_to_archive Veracode.format_variable("@@#{td.name}", td.attributes, 'class')
|
56
|
+
end
|
57
|
+
def add_index(table_name, column_name, options = {})
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
def self.archive_schema
|
63
|
+
puts "Evaluating and archiving schema information"
|
64
|
+
schema_file = File.join("db", "schema.rb")
|
65
|
+
|
66
|
+
begin
|
67
|
+
schema = 'Veracode::' + File.read(schema_file).each_line.reject {|l| l =~ /^\s*#/}.join
|
68
|
+
rescue Exception => e
|
69
|
+
puts "Unable to retrieve schema information from 'db/schema.rb'. Are your migrations up to date?"
|
70
|
+
log_error "Unable to archive 'db/schema.rb' (#{e.message})"
|
71
|
+
end
|
72
|
+
|
73
|
+
begin
|
74
|
+
add_to_archive %Q|module "Veracode::Schema"\n|
|
75
|
+
eval(schema)
|
76
|
+
add_to_archive %Q|endmodule\n\n|
|
77
|
+
rescue Exception => e
|
78
|
+
puts "Unable to evaluate schema information from 'db/schema.rb'. (#{e.message})"
|
79
|
+
log_error "Unable to evaluate 'db/schema.rb' (#{e.message})"
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
end
|
data/lib/veracode/version.rb
CHANGED
data/lib/veracode.rb
CHANGED
@@ -1,24 +1,32 @@
|
|
1
1
|
require 'zlib'
|
2
2
|
require 'zip/zip'
|
3
|
-
require
|
3
|
+
require 'veracode/version'
|
4
|
+
require 'veracode/schema'
|
5
|
+
require 'veracode/gems'
|
4
6
|
|
5
7
|
module Veracode
|
6
8
|
@run_id = nil
|
7
9
|
|
8
10
|
# Metadata and method disassemblies for all Modules (.txt.gz)
|
9
11
|
@disasmlog = nil
|
10
|
-
@disasmlog_filename =
|
12
|
+
@disasmlog_filename = 'disasm.txt.gz'
|
11
13
|
|
12
14
|
# Error log including capture of STDERR and any errors generated by the gem (.log)
|
13
15
|
@errorlog = nil
|
14
|
-
@errorlog_filename =
|
16
|
+
@errorlog_filename = 'error.log'
|
15
17
|
|
16
18
|
# Index file containing the names of files present in the application directory (.txt)
|
17
|
-
@index_filename =
|
19
|
+
@index_filename = 'index.txt'
|
18
20
|
|
19
21
|
# Manifest file containing original names of all files in archive (.txt)
|
20
22
|
@manifest = []
|
21
|
-
@manifest_filename =
|
23
|
+
@manifest_filename = 'manifest.txt'
|
24
|
+
|
25
|
+
# XML file containing list of gems used by application
|
26
|
+
@gems_filename = 'gems.xml'
|
27
|
+
|
28
|
+
# Archive version file containing archive format version identifier
|
29
|
+
@version_filename = 'version.txt'
|
22
30
|
|
23
31
|
# The final archive that will be uploaded to Veracode for analysis (.zip)
|
24
32
|
@archive = nil
|
@@ -57,9 +65,11 @@ module Veracode
|
|
57
65
|
@disasmlog_filename = File.join(@archive_dirname, @disasmlog_filename)
|
58
66
|
@index_filename = File.join(@archive_dirname, @index_filename)
|
59
67
|
@manifest_filename = File.join(@archive_dirname, @manifest_filename)
|
68
|
+
@gems_filename = File.join(@archive_dirname, @gems_filename)
|
69
|
+
@version_filename = File.join(@archive_dirname, @version_filename)
|
60
70
|
|
61
71
|
# Try touching each of the files to be written
|
62
|
-
[@disasmlog_filename, @errorlog_filename, @index_filename, @manifest_filename].each {|f|
|
72
|
+
[@disasmlog_filename, @errorlog_filename, @index_filename, @manifest_filename, @gems_filename, @version_filename].each {|f|
|
63
73
|
begin
|
64
74
|
File.open(f, "wb") {}
|
65
75
|
rescue Exception => e
|
@@ -76,6 +86,7 @@ module Veracode
|
|
76
86
|
log_error "RUBY_DESCRIPTION: #{RUBY_DESCRIPTION}"
|
77
87
|
log_error "RAILS_VERSION: " + `rails --version`.chomp
|
78
88
|
log_error "GEM_VERSION: #{Veracode::VERSION}"
|
89
|
+
log_error "ARCHIVE_VERSION: #{Veracode::ARCHIVE_VERSION}"
|
79
90
|
log_error "PWD: #{Dir.pwd.to_s.dump}"
|
80
91
|
log_error "APP_NAME: #{APP_NAME.dump}"
|
81
92
|
log_error "RUNID: #{@run_id}"
|
@@ -86,6 +97,16 @@ module Veracode
|
|
86
97
|
STDERR.reopen(@errorlog)
|
87
98
|
end
|
88
99
|
|
100
|
+
begin
|
101
|
+
File.open(@version_filename, "wb") {|version_file|
|
102
|
+
version_file.puts Veracode::ARCHIVE_VERSION
|
103
|
+
}
|
104
|
+
rescue Exception => e
|
105
|
+
log_error "Unable to write to archive version file #{@version_filename}: #{e.message}"
|
106
|
+
end
|
107
|
+
|
108
|
+
list_gems
|
109
|
+
|
89
110
|
index_application
|
90
111
|
|
91
112
|
@manifest += Dir.glob("*").keep_if {|f| File.file?(f)}
|
@@ -157,7 +178,7 @@ module Veracode
|
|
157
178
|
end
|
158
179
|
|
159
180
|
def self.cleanup
|
160
|
-
[@disasmlog_filename, @errorlog_filename, @index_filename, @manifest_filename].each {|f|
|
181
|
+
[@disasmlog_filename, @errorlog_filename, @index_filename, @manifest_filename, @gems_filename, @version_filename].each {|f|
|
161
182
|
begin
|
162
183
|
File.delete(f)
|
163
184
|
rescue Exception => e
|
@@ -493,22 +514,6 @@ module Veracode
|
|
493
514
|
end
|
494
515
|
|
495
516
|
|
496
|
-
def self.archive_schema
|
497
|
-
puts "Archiving schema information" if $options[:verbose]
|
498
|
-
schema_file = File.join("db", "schema.rb")
|
499
|
-
begin
|
500
|
-
add_to_archive %Q|module "Veracode::Schema"\n| +
|
501
|
-
%Q|singleton_method "main" []\n| +
|
502
|
-
RubyVM::InstructionSequence.compile_file(schema_file).disasm +
|
503
|
-
%Q|== end disasm\n| +
|
504
|
-
%Q|endmodule\n\n|
|
505
|
-
rescue Exception => e
|
506
|
-
puts "Unable to retrieve schema information from 'db/schema.rb'. Are your migrations up to date?"
|
507
|
-
log_error "Unable to archive 'db/schema.rb' (#{e.message})"
|
508
|
-
end
|
509
|
-
end
|
510
|
-
|
511
|
-
|
512
517
|
def self.compile_templates
|
513
518
|
|
514
519
|
begin
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: veracode
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.0.
|
4
|
+
version: 1.0.0.alpha3
|
5
5
|
prerelease: 6
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,11 +9,11 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-
|
12
|
+
date: 2012-08-27 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rubyzip
|
16
|
-
requirement: &
|
16
|
+
requirement: &70156231653560 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ! '>='
|
@@ -21,7 +21,7 @@ dependencies:
|
|
21
21
|
version: '0'
|
22
22
|
type: :runtime
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *70156231653560
|
25
25
|
description: Prepares your Ruby on Rails app for submission to Veracode.
|
26
26
|
email: devcontact@veracode.com
|
27
27
|
executables:
|
@@ -31,6 +31,8 @@ extra_rdoc_files: []
|
|
31
31
|
files:
|
32
32
|
- bin/veracode
|
33
33
|
- lib/veracode.rb
|
34
|
+
- lib/veracode/gems.rb
|
35
|
+
- lib/veracode/schema.rb
|
34
36
|
- lib/veracode/version.rb
|
35
37
|
homepage: http://veracode.com/
|
36
38
|
licenses: []
|