veracode 1.0.0.alpha4 → 1.0.0.alpha5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/bin/veracode +15 -21
- data/lib/veracode.rb +118 -121
- data/lib/veracode/version.rb +1 -1
- metadata +18 -14
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: d91e291f1416313582f7940e2ea550556669a4dc
|
4
|
+
data.tar.gz: c2c9d0fe5c9671bbcedb2056f341ce3c267e4c13
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 4d6676d8f9202fa910494d4b9a25883363ff648af5640ff0205ee4b4bb531a94d776195c79d36ae05740676c5a1a0df048257904fe772da460b2657b01733810
|
7
|
+
data.tar.gz: 408f07407d266ed5b6f859c9d46b4a01944a3aa6797934ed4b42b7c25c9cff6f7c09103057d4f3b0bad3c03fa7d58d1210da1ce210ac535fbd9baa932fedc576
|
data/bin/veracode
CHANGED
@@ -16,10 +16,12 @@ require 'veracode'
|
|
16
16
|
require 'veracode/version'
|
17
17
|
|
18
18
|
$options = {
|
19
|
+
:phase1 => false,
|
20
|
+
:phase2 => false,
|
21
|
+
:phase3 => true,
|
19
22
|
:archive_source => true,
|
20
23
|
:include_inherited => false,
|
21
24
|
:jruby => false,
|
22
|
-
:environment => false,
|
23
25
|
}
|
24
26
|
|
25
27
|
subcommand = ARGV.shift
|
@@ -32,13 +34,22 @@ case subcommand
|
|
32
34
|
$options[:verbose] = true
|
33
35
|
end
|
34
36
|
|
37
|
+
opts.on("-a", "--all", "Archive objects at all stages") do
|
38
|
+
$options[:phase1] = true
|
39
|
+
$options[:phase2] = true
|
40
|
+
end
|
41
|
+
|
42
|
+
opts.on("-f", "--file", "Disassemble .rb files") do
|
43
|
+
$options[:disasm] = true
|
44
|
+
end
|
45
|
+
|
35
46
|
opts.on("-j", "--jruby", "Force JRuby mode") do
|
36
47
|
$options[:jruby] = true
|
37
48
|
end
|
38
49
|
|
39
|
-
|
40
|
-
|
41
|
-
|
50
|
+
opts.on("--[no-]source", "[Don't] Include source code in archive") do |s|
|
51
|
+
$options[:archive_source] = s
|
52
|
+
end
|
42
53
|
|
43
54
|
opts.on("-D", "--debug", "Enable debug output") do
|
44
55
|
$DEBUG = true
|
@@ -62,23 +73,6 @@ case subcommand
|
|
62
73
|
" #{opts.program_name} help"
|
63
74
|
end.parse!
|
64
75
|
|
65
|
-
when "environment", "env"
|
66
|
-
$options[:environment] = true
|
67
|
-
|
68
|
-
OptionParser.new do |opts|
|
69
|
-
opts.banner = "Usage: veracode environment [options]"
|
70
|
-
|
71
|
-
opts.on("-v", "--verbose", "Run verbosely") do
|
72
|
-
$options[:verbose] = true
|
73
|
-
end
|
74
|
-
|
75
|
-
opts.on("-D", "--debug", "Enable debug output") do
|
76
|
-
$DEBUG = true
|
77
|
-
end
|
78
|
-
|
79
|
-
end.parse!
|
80
|
-
Veracode.prepare
|
81
|
-
|
82
76
|
else
|
83
77
|
$stderr.puts "#{subcommand.dump} is not a valid subcommand"
|
84
78
|
|
data/lib/veracode.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'pathname'
|
2
2
|
require 'set'
|
3
3
|
require 'zlib'
|
4
|
-
require 'zip
|
4
|
+
require 'zip'
|
5
5
|
require 'veracode/version'
|
6
6
|
require 'veracode/schema'
|
7
7
|
require 'veracode/gems'
|
@@ -36,7 +36,6 @@ module Veracode
|
|
36
36
|
@archive_filename = nil
|
37
37
|
@archive_dirname = nil
|
38
38
|
|
39
|
-
|
40
39
|
def self.init
|
41
40
|
@run_id = Time.now.strftime("%Y%m%d%H%M%S")
|
42
41
|
@archive_dirname = File.join("tmp","veracode-#{@run_id}")
|
@@ -160,7 +159,7 @@ module Veracode
|
|
160
159
|
@errorlog.flush
|
161
160
|
|
162
161
|
begin
|
163
|
-
Zip::
|
162
|
+
Zip::File.open(@archive_filename, Zip::File::CREATE) { |zf|
|
164
163
|
@manifest.each {|file|
|
165
164
|
|
166
165
|
if file.start_with?(@archive_dirname)
|
@@ -234,24 +233,20 @@ module Veracode
|
|
234
233
|
|
235
234
|
def self.glob_require(files)
|
236
235
|
any_new = false
|
237
|
-
total, count = 0, 0
|
238
236
|
Dir.glob(files) do |f|
|
239
237
|
print "Requiring #{f.to_s} " if $options[:verbose]
|
240
238
|
|
241
239
|
begin
|
242
|
-
|
240
|
+
any_new |= cond_require File.expand_path(f)
|
243
241
|
rescue Exception => e
|
244
242
|
puts "(failed: #{e.message})" if $options[:verbose]
|
245
243
|
log_error "Unable to require #{File.expand_path(f).to_s.dump} (#{e.message})"
|
246
244
|
else
|
247
|
-
puts "(OK
|
245
|
+
puts "(OK)" if $options[:verbose]
|
248
246
|
end
|
249
|
-
|
250
|
-
total += 1
|
251
|
-
count += 1 if required
|
247
|
+
|
252
248
|
end
|
253
|
-
|
254
|
-
any_new
|
249
|
+
return any_new
|
255
250
|
end
|
256
251
|
|
257
252
|
def self.safe_name(o)
|
@@ -259,11 +254,7 @@ module Veracode
|
|
259
254
|
when o == ActiveSupport::TimeWithZone
|
260
255
|
"ActiveSupport::TimeWithZone"
|
261
256
|
when o.is_a?(Module)
|
262
|
-
|
263
|
-
( o.name.nil? ? o.to_s : o.name.to_s )
|
264
|
-
rescue
|
265
|
-
o.to_s
|
266
|
-
end
|
257
|
+
( o.name.nil? ? o.to_s : o.name )
|
267
258
|
when o.is_a?(Method), o.is_a?(UnboundMethod)
|
268
259
|
o.name.to_s
|
269
260
|
else
|
@@ -328,13 +319,7 @@ module Veracode
|
|
328
319
|
def self.prepare_archive
|
329
320
|
@disasmlog = Zlib::GzipWriter.new(File.open(@disasmlog_filename, "wb"), nil, nil)
|
330
321
|
@disasmlog.puts "#{RUBY_ENGINE}-#{RUBY_VERSION}-p#{RUBY_PATCHLEVEL}"
|
331
|
-
|
332
|
-
@disasmlog.puts "# EnvironmentDef %s-%s_rails-%s" % [RUBY_ENGINE, RUBY_VERSION, Rails.version]
|
333
|
-
else
|
334
|
-
@disasmlog.puts "# Environment %s-%s_rails-%s" % [RUBY_ENGINE, RUBY_VERSION, Rails.version]
|
335
|
-
end
|
336
|
-
@disasmlog.puts "# Ruby #{RUBY_ENGINE}-#{RUBY_VERSION}"
|
337
|
-
@disasmlog.puts "# Rails #{Rails.version}"
|
322
|
+
@disasmlog.puts "# " + `rails --version`.chomp
|
338
323
|
@disasmlog.puts
|
339
324
|
end
|
340
325
|
|
@@ -411,7 +396,7 @@ module Veracode
|
|
411
396
|
m.included_modules.map {|m| "include #{m.inspect.dump}\n" }.join :
|
412
397
|
""
|
413
398
|
) +
|
414
|
-
( m.
|
399
|
+
( m.singleton_class.included_modules.count > 0 ?
|
415
400
|
m.singleton_class.included_modules.map {|m| "extend #{m.inspect.dump}\n" }.join :
|
416
401
|
""
|
417
402
|
)
|
@@ -447,20 +432,17 @@ module Veracode
|
|
447
432
|
end
|
448
433
|
end
|
449
434
|
|
450
|
-
|
451
|
-
|
452
|
-
|
453
|
-
|
454
|
-
|
455
|
-
|
456
|
-
|
457
|
-
|
458
|
-
|
459
|
-
|
460
|
-
end
|
435
|
+
if m.respond_to?(:global_variables)
|
436
|
+
m.global_variables.each do |v_symbol|
|
437
|
+
begin
|
438
|
+
v = eval(v_symbol.to_s)
|
439
|
+
formatted_contents += format_variable(v_symbol, v, "global")
|
440
|
+
rescue Exception => e
|
441
|
+
log_error "Error archiving global variable #{v_symbol.to_s.dump}: #{e.message}"
|
442
|
+
formatted_contents += format_variable(v_symbol, :veracode_nil, "global")
|
443
|
+
end
|
444
|
+
|
461
445
|
end
|
462
|
-
rescue Exception => e
|
463
|
-
# m.respond_to?(:global_variables) was throwing exceptions
|
464
446
|
end
|
465
447
|
|
466
448
|
%w[ public protected private ].each {|p|
|
@@ -724,7 +706,7 @@ module Veracode
|
|
724
706
|
|
725
707
|
end
|
726
708
|
|
727
|
-
|
709
|
+
def self.require_libs(lib_paths)
|
728
710
|
for lib_path in lib_paths
|
729
711
|
dirsToProcess = [Pathname(lib_path)]
|
730
712
|
until dirsToProcess.count == 0 || !Dir.exists?(dirsToProcess[0])
|
@@ -732,52 +714,50 @@ module Veracode
|
|
732
714
|
for child in currentDir.children
|
733
715
|
if child.directory?
|
734
716
|
dirsToProcess[dirsToProcess.count] = child
|
735
|
-
|
717
|
+
base = child.to_s.partition("#{lib_path}/")[2]
|
736
718
|
lib = ""
|
737
719
|
for part in base.split('/').reverse
|
738
720
|
lib = "#{part}/#{lib}"
|
739
721
|
lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
|
740
|
-
|
741
|
-
|
742
|
-
|
722
|
+
begin
|
723
|
+
if cond_require lib
|
724
|
+
puts "requiring #{lib}" if $options[:verbose]
|
725
|
+
end
|
726
|
+
rescue Exception => e
|
743
727
|
end
|
744
|
-
|
745
|
-
end
|
728
|
+
end
|
746
729
|
end
|
747
730
|
end
|
748
731
|
end
|
749
732
|
end
|
750
733
|
end
|
751
|
-
|
752
|
-
|
753
|
-
|
754
|
-
|
755
|
-
|
756
|
-
|
757
|
-
|
758
|
-
|
759
|
-
|
760
|
-
|
761
|
-
|
762
|
-
|
763
|
-
|
764
|
-
|
765
|
-
|
766
|
-
|
767
|
-
|
768
|
-
|
769
|
-
|
770
|
-
|
771
|
-
|
772
|
-
|
773
|
-
|
734
|
+
|
735
|
+
def self.require_rails(gemdir)
|
736
|
+
dirsToProcess = [Pathname(gemdir)]
|
737
|
+
until dirsToProcess.count == 0
|
738
|
+
currentDir = dirsToProcess.delete_at(0)
|
739
|
+
for child in currentDir.children
|
740
|
+
if child.directory?
|
741
|
+
dirsToProcess[dirsToProcess.count] = child
|
742
|
+
end
|
743
|
+
base = child.to_s.partition("#{gemdir}/")[2]
|
744
|
+
if base.index("action_controller") != nil || base.index("action_view") != nil || base.index("active_record") != nil
|
745
|
+
lib = ""
|
746
|
+
for part in base.split('/').reverse
|
747
|
+
lib = "#{part}/#{lib}"
|
748
|
+
lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
|
749
|
+
lib.chomp!(File.extname(lib))
|
750
|
+
begin
|
751
|
+
if cond_require lib
|
752
|
+
puts "requiring #{lib}" if $options[:verbose]
|
753
|
+
end
|
754
|
+
rescue Exception => e
|
755
|
+
end
|
756
|
+
end
|
774
757
|
end
|
775
758
|
end
|
776
759
|
end
|
777
760
|
end
|
778
|
-
end
|
779
|
-
|
780
|
-
|
781
761
|
|
782
762
|
|
783
763
|
################################################################################
|
@@ -794,6 +774,16 @@ end
|
|
794
774
|
puts
|
795
775
|
end
|
796
776
|
|
777
|
+
if $options[:disasm]
|
778
|
+
rbfiles = File.join("**", "*.rb")
|
779
|
+
Dir[rbfiles].each do |f|
|
780
|
+
puts RubyVM::InstructionSequence.compile_file(f).disasm
|
781
|
+
puts
|
782
|
+
end
|
783
|
+
exit
|
784
|
+
end
|
785
|
+
|
786
|
+
prepare_archive
|
797
787
|
|
798
788
|
################################################################
|
799
789
|
## phase 1 - Create baseline
|
@@ -802,6 +792,10 @@ end
|
|
802
792
|
puts "Phase 1 - Initial State" if $options[:verbose]
|
803
793
|
self.stats if $options[:verbose]
|
804
794
|
|
795
|
+
if $options[:phase1]
|
796
|
+
puts "Processing and disassembling Ruby standard classes and modules"
|
797
|
+
archive(@modules)
|
798
|
+
end
|
805
799
|
## /phase 1 - Create baseline
|
806
800
|
################################################################
|
807
801
|
|
@@ -812,54 +806,59 @@ end
|
|
812
806
|
|
813
807
|
puts "Phase 2 - Load Rails" if $options[:verbose]
|
814
808
|
begin
|
815
|
-
|
809
|
+
cond_require "rails"
|
810
|
+
cond_require 'action_controller'
|
811
|
+
cond_require 'action_view'
|
812
|
+
cond_require 'active_record'
|
816
813
|
rescue Exception => e
|
817
814
|
puts "Unable to require rails: #{e.message}"
|
818
815
|
log_error "Unable to require rails: #{e.message}"
|
819
816
|
exit
|
820
817
|
else
|
821
|
-
puts "Required rails" if $options[:verbose]
|
822
|
-
end
|
823
|
-
|
824
|
-
## Imitate script/rails
|
825
|
-
# APP_PATH = File.expand_path('config/application')
|
826
|
-
# APP_PATH is already set in bin/veracode
|
827
|
-
#require File.expand_path('../../config/boot', __FILE__)
|
828
|
-
glob_require "config/boot.rb"
|
829
|
-
#require 'rails/commands'
|
830
|
-
# this will trigger the console to be launched
|
831
|
-
# ARGV.clear
|
832
|
-
# ARGV << 'console'
|
833
|
-
# ARGV << '--sandbox'
|
834
|
-
# require 'rails/commands'
|
835
|
-
|
836
|
-
## Imitate rails/commands when console
|
837
|
-
cond_require 'rails/commands/console.rb'
|
838
|
-
# require APP_PATH # => config/application.rb
|
839
|
-
|
840
|
-
glob_require "config/application.rb"
|
841
|
-
|
842
|
-
Rails.application.require_environment! unless $options[:jruby]
|
843
|
-
# Following line will actually kick off IRB
|
844
|
-
# Rails::Console.start(Rails.application)
|
845
|
-
|
846
|
-
# Imitate Rails::Console.initialize_console
|
847
|
-
# require "pp"
|
848
|
-
cond_require "rails/console/app.rb"
|
849
|
-
cond_require "rails/console/helpers.rb"
|
850
|
-
|
851
|
-
if $options[:environment]
|
852
818
|
@stdlib = $:
|
853
819
|
@gemdir = Gem.dir
|
854
820
|
|
821
|
+
## Imitate script/rails
|
822
|
+
# APP_PATH = File.expand_path('config/application')
|
823
|
+
# APP_PATH is already set in bin/veracode
|
824
|
+
#require File.expand_path('../../config/boot', __FILE__)
|
825
|
+
glob_require "config/boot.rb"
|
826
|
+
#require 'rails/commands'
|
827
|
+
# this will trigger the console to be launched
|
828
|
+
# ARGV.clear
|
829
|
+
# ARGV << 'console'
|
830
|
+
# ARGV << '--sandbox'
|
831
|
+
# require 'rails/commands'
|
832
|
+
|
833
|
+
## Imitate rails/commands when console
|
834
|
+
glob_require 'rails/commands/console'
|
835
|
+
# require APP_PATH # => config/application.rb
|
836
|
+
|
837
|
+
glob_require "config/application.rb"
|
838
|
+
|
839
|
+
Rails.application.require_environment! unless $options[:jruby]
|
840
|
+
begin
|
841
|
+
cond_require 'sass'
|
842
|
+
cond_require 'sass/rails/importer'
|
843
|
+
cond_require 'multi_json/adapters/json_gem'
|
844
|
+
rescue Exception => e
|
845
|
+
end
|
846
|
+
|
855
847
|
require_libs(@stdlib)
|
856
848
|
require_rails(@gemdir)
|
849
|
+
puts "Required rails" if $options[:verbose]
|
857
850
|
end
|
858
851
|
|
859
|
-
self.
|
852
|
+
self.update
|
860
853
|
|
861
854
|
self.stats if $options[:verbose]
|
862
855
|
|
856
|
+
if $options[:phase2]
|
857
|
+
puts "Processing and disassembling Rails classes and modules"
|
858
|
+
archive(@modules)
|
859
|
+
end
|
860
|
+
|
861
|
+
self.rebaseline
|
863
862
|
## /phase 2 - Require rails
|
864
863
|
################################################################
|
865
864
|
|
@@ -869,14 +868,19 @@ end
|
|
869
868
|
# phase 3 - require app
|
870
869
|
|
871
870
|
puts "Phase 3 - Imitate Rails" if $options[:verbose]
|
871
|
+
# Following line will actually kick off IRB
|
872
|
+
# Rails::Console.start(Rails.application)
|
873
|
+
|
874
|
+
# Imitate Rails::Console.initialize_console
|
875
|
+
# require "pp"
|
876
|
+
glob_require "rails/console/app"
|
877
|
+
glob_require "rails/console/helpers"
|
872
878
|
|
873
|
-
|
874
|
-
|
875
|
-
|
876
|
-
|
877
|
-
|
878
|
-
puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
|
879
|
-
end
|
879
|
+
glob_require "lib/**/*.rb"
|
880
|
+
glob_require "app/models/**/*.rb"
|
881
|
+
glob_require "app/helpers/**/*.rb"
|
882
|
+
glob_require "app/controllers/application_controller.rb"
|
883
|
+
glob_require "app/controllers/**/*.rb"
|
880
884
|
|
881
885
|
compile_templates
|
882
886
|
|
@@ -886,21 +890,14 @@ end
|
|
886
890
|
# Ensure compiled templates are fully disassembled in archive
|
887
891
|
@baseline_modules.delete(ActionView::CompiledTemplates)
|
888
892
|
|
889
|
-
if $options[:
|
890
|
-
puts "Processing and disassembling environment"
|
891
|
-
archive(@modules.reject {|o| safe_name(o) =~ /^#<(Class|Module):0x[0-9a-f]+>/i }
|
892
|
-
.reject {|o| safe_name(o) =~ /^Veracode/ }
|
893
|
-
.reject {|o| safe_name(o) =~ /^EmptyRails/ }
|
894
|
-
.reject {|o| safe_name(o) =~ /^ActionView::CompiledTemplates$/ }, false)
|
895
|
-
else
|
896
|
-
puts "Processing Ruby and Rails classes and modules"
|
897
|
-
archive(@baseline_modules, false)
|
898
|
-
add_to_archive "\n# Phase 3 - App disassembly\n"
|
893
|
+
if $options[:phase3]
|
899
894
|
puts "Processing and disassembling #{APP_NAME} classes and modules"
|
895
|
+
archive(@baseline_modules, false)
|
900
896
|
archive(@modules - @baseline_modules, true)
|
901
|
-
archive_schema
|
902
897
|
end
|
903
898
|
|
899
|
+
archive_schema
|
900
|
+
|
904
901
|
## /phase 3 - require app
|
905
902
|
################################################################
|
906
903
|
|
data/lib/veracode/version.rb
CHANGED
metadata
CHANGED
@@ -1,27 +1,29 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: veracode
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.0.
|
5
|
-
prerelease: 6
|
4
|
+
version: 1.0.0.alpha5
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Veracode
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date:
|
11
|
+
date: 2015-05-11 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: rubyzip
|
16
|
-
requirement:
|
17
|
-
none: false
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
18
16
|
requirements:
|
19
|
-
- -
|
17
|
+
- - '>='
|
20
18
|
- !ruby/object:Gem::Version
|
21
|
-
version: '0'
|
19
|
+
version: '1.0'
|
22
20
|
type: :runtime
|
23
21
|
prerelease: false
|
24
|
-
version_requirements:
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - '>='
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.0'
|
25
27
|
description: Prepares your Ruby on Rails app for submission to Veracode.
|
26
28
|
email: devcontact@veracode.com
|
27
29
|
executables:
|
@@ -36,27 +38,29 @@ files:
|
|
36
38
|
- lib/veracode/version.rb
|
37
39
|
homepage: http://veracode.com/
|
38
40
|
licenses: []
|
41
|
+
metadata: {}
|
39
42
|
post_install_message:
|
40
43
|
rdoc_options: []
|
41
44
|
require_paths:
|
42
45
|
- lib
|
43
46
|
required_ruby_version: !ruby/object:Gem::Requirement
|
44
|
-
none: false
|
45
47
|
requirements:
|
46
|
-
- -
|
48
|
+
- - '>='
|
47
49
|
- !ruby/object:Gem::Version
|
48
50
|
version: 1.9.3.0
|
51
|
+
- - <
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: 2.2.0
|
49
54
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
50
|
-
none: false
|
51
55
|
requirements:
|
52
|
-
- -
|
56
|
+
- - '>'
|
53
57
|
- !ruby/object:Gem::Version
|
54
58
|
version: 1.3.1
|
55
59
|
requirements: []
|
56
60
|
rubyforge_project:
|
57
|
-
rubygems_version:
|
61
|
+
rubygems_version: 2.4.3
|
58
62
|
signing_key:
|
59
|
-
specification_version:
|
63
|
+
specification_version: 4
|
60
64
|
summary: Command line tool for preparing your Ruby on Rails app for submission to
|
61
65
|
Veracode
|
62
66
|
test_files: []
|