veracode 1.0.0.alpha8 → 1.0.0.alpha15
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/bin/veracode +21 -4
- data/lib/veracode.rb +76 -45
- data/lib/veracode/version.rb +1 -1
- metadata +3 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 5ad985e497f862247d92d07c550cf5e71f30e91d4a4a599937ae3af3c2a56bb0
|
|
4
|
+
data.tar.gz: fbe71f39a1628e58765bba17d847812d6f3250b27f4937f4bc1b492be6ecd64b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 377bdd9c7c20e5811aa04b42bed81d94ce8e97a8f33e832cee012b10dac39aadba0b239a757b8b5d03f2ce46b2efb420871ff949f7273e83a9cc6916faa68333
|
|
7
|
+
data.tar.gz: c42fd23e7d02f02d0e3565866aef8e21f0dc0271172f7ad95c35f9754f6897b6ad89666a44f89a6be405b95d16f0a9e95ba681027bdb0f82eda88b83657d012e
|
data/bin/veracode
CHANGED
|
@@ -4,10 +4,15 @@ require 'optparse'
|
|
|
4
4
|
$:.unshift File.expand_path(File.dirname(__FILE__) + "/../lib")
|
|
5
5
|
$:.unshift Dir.pwd
|
|
6
6
|
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
#
|
|
7
|
+
if File.exists?('Gemfile.lock')
|
|
8
|
+
rails_version = File.open('Gemfile.lock').grep(/^\s*rails\s*\(=\s*[34]/)
|
|
9
|
+
else
|
|
10
|
+
rails_version = File.exists?("script/rails") #fallback for rails 3.0
|
|
11
|
+
end
|
|
12
|
+
unless rails_version
|
|
13
|
+
$stderr.puts "Current directory #{File.basename(Dir.pwd).dump} does not appear to be a Rails 3/4 application."
|
|
14
|
+
exit
|
|
15
|
+
end
|
|
11
16
|
APP_PATH = File.expand_path('config/application')
|
|
12
17
|
APP_NAME = File.basename(Dir.pwd)
|
|
13
18
|
COMMAND = "#{$0} #{ARGV.join(' ')}"
|
|
@@ -36,6 +41,18 @@ case subcommand
|
|
|
36
41
|
$options[:jruby] = true
|
|
37
42
|
end
|
|
38
43
|
|
|
44
|
+
opts.on("-O", "--skip-active-record", "Skip ActiveRecord") do
|
|
45
|
+
$options[:skipactiverecord] = true
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
opts.on("-V", "--skip-action-view", "Skip ActionView") do
|
|
49
|
+
$options[:skipactionview] = true
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
opts.on("-S", "--skip-sprockets", "Skip Sprockets") do
|
|
53
|
+
$options[:skipsprockets] = true
|
|
54
|
+
end
|
|
55
|
+
|
|
39
56
|
# opts.on("--[no-]source", "[Don't] Include source code in archive") do |s|
|
|
40
57
|
# $options[:archive_source] = s
|
|
41
58
|
# end
|
data/lib/veracode.rb
CHANGED
|
@@ -291,7 +291,11 @@ module Veracode
|
|
|
291
291
|
begin
|
|
292
292
|
( o.name.nil? ? o.to_s : o.name.to_s )
|
|
293
293
|
rescue
|
|
294
|
-
|
|
294
|
+
begin
|
|
295
|
+
( o.nil? ? "nil" : o.to_s )
|
|
296
|
+
rescue
|
|
297
|
+
"nil"
|
|
298
|
+
end
|
|
295
299
|
end
|
|
296
300
|
when o.is_a?(Method), o.is_a?(UnboundMethod)
|
|
297
301
|
o.name.to_s
|
|
@@ -436,14 +440,27 @@ module Veracode
|
|
|
436
440
|
|
|
437
441
|
puts " module header" if $options[:verbose]
|
|
438
442
|
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
|
|
443
|
-
|
|
444
|
-
|
|
445
|
-
|
|
446
|
-
|
|
443
|
+
formatted_contents = ""
|
|
444
|
+
|
|
445
|
+
begin
|
|
446
|
+
formatted_contents += ( m.included_modules.count > 0 ?
|
|
447
|
+
m.included_modules.map {|m| "include #{m.inspect.dump}\n" }.join :
|
|
448
|
+
""
|
|
449
|
+
)
|
|
450
|
+
rescue Exception => e
|
|
451
|
+
log_error "Error archiving module header #{m.inspect.dump}: #{e.message}"
|
|
452
|
+
end
|
|
453
|
+
|
|
454
|
+
begin
|
|
455
|
+
formatted_contents += ( m.respond_to?(:singleton_class) && m.singleton_class.included_modules.count > 0 ?
|
|
456
|
+
m.singleton_class.included_modules.map {|m| "extend #{m.inspect.dump}\n" }.join :
|
|
457
|
+
""
|
|
458
|
+
)
|
|
459
|
+
rescue Exception => e
|
|
460
|
+
log_error "Error archiving module header #{m.inspect.dump}: #{e.message}"
|
|
461
|
+
end
|
|
462
|
+
|
|
463
|
+
return formatted_contents
|
|
447
464
|
end
|
|
448
465
|
|
|
449
466
|
|
|
@@ -510,33 +527,41 @@ module Veracode
|
|
|
510
527
|
end
|
|
511
528
|
|
|
512
529
|
def self.object_contents(o, with_disasm=true)
|
|
513
|
-
return "" unless o.is_a?
|
|
530
|
+
return "" unless !o.nil? && o.is_a?(Object)
|
|
514
531
|
|
|
515
532
|
puts " object contents" if $options[:verbose]
|
|
516
533
|
|
|
517
534
|
formatted_contents = ""
|
|
518
|
-
|
|
519
|
-
|
|
520
|
-
o.instance_variables.
|
|
521
|
-
|
|
522
|
-
|
|
523
|
-
|
|
524
|
-
|
|
525
|
-
|
|
526
|
-
|
|
535
|
+
|
|
536
|
+
begin
|
|
537
|
+
if o.respond_to?(:instance_variables) && o.instance_variables.count > 0
|
|
538
|
+
o.instance_variables.each do |v_symbol|
|
|
539
|
+
begin
|
|
540
|
+
v = o.instance_variable_get(v_symbol)
|
|
541
|
+
formatted_contents += format_variable(v_symbol, v, "instance")
|
|
542
|
+
rescue Exception => e
|
|
543
|
+
log_error "Error archiving instance variable #{v_symbol.to_s.dump}: #{e.message}"
|
|
544
|
+
formatted_contents += format_variable(v_symbol, :veracode_nil, "instance")
|
|
545
|
+
end
|
|
527
546
|
end
|
|
528
547
|
end
|
|
548
|
+
rescue Exception => e
|
|
549
|
+
log_error "Error getting :instance_variables for object #{o}: #{e.message}"
|
|
529
550
|
end
|
|
530
551
|
|
|
531
|
-
|
|
532
|
-
o.singleton_methods($options[:include_inherited]).
|
|
533
|
-
|
|
534
|
-
|
|
535
|
-
|
|
536
|
-
|
|
537
|
-
|
|
552
|
+
begin
|
|
553
|
+
if o.respond_to?(:singleton_methods) && o.singleton_methods($options[:include_inherited]).count > 0
|
|
554
|
+
o.singleton_methods($options[:include_inherited]).each do |m_symbol|
|
|
555
|
+
begin
|
|
556
|
+
m = o.method(m_symbol)
|
|
557
|
+
formatted_contents += format_method(m, "singleton", with_disasm)
|
|
558
|
+
rescue Exception => e
|
|
559
|
+
log_error "Error archiving singleton method #{m_symbol.to_s.dump}: #{e.message}"
|
|
560
|
+
end
|
|
538
561
|
end
|
|
539
562
|
end
|
|
563
|
+
rescue Exception => e
|
|
564
|
+
log_error "Error getting :singleton_methods for object #{o}: #{e.message}"
|
|
540
565
|
end
|
|
541
566
|
|
|
542
567
|
formatted_contents
|
|
@@ -546,13 +571,12 @@ module Veracode
|
|
|
546
571
|
##############################################################################
|
|
547
572
|
# Archiving Objects
|
|
548
573
|
def self.archive(objects, with_disasm=true)
|
|
549
|
-
|
|
550
574
|
objects = objects - [
|
|
551
|
-
|
|
552
|
-
|
|
553
|
-
|
|
554
|
-
|
|
555
|
-
|
|
575
|
+
Veracode,
|
|
576
|
+
Veracode::ActiveRecord,
|
|
577
|
+
Veracode::ActiveRecord::Model,
|
|
578
|
+
Veracode::ActiveRecord::Schema,
|
|
579
|
+
]
|
|
556
580
|
|
|
557
581
|
if $options[:verbose]
|
|
558
582
|
puts "Archiving #{objects.count.to_s} objects" + (with_disasm ? " with disassembly" : "")
|
|
@@ -561,20 +585,16 @@ module Veracode
|
|
|
561
585
|
|
|
562
586
|
objects.sort_by {|o| safe_name(o) }.each do |o|
|
|
563
587
|
|
|
564
|
-
|
|
565
|
-
|
|
566
|
-
add_to_archive "#{o.class.to_s.downcase} #{quote(safe_name(o))}\n" +
|
|
567
|
-
|
|
568
|
-
( o.is_a?(Class) ? class_header(o) : "") + # superclass
|
|
569
|
-
( o.is_a?(Module) ? module_header(o) : "") + # included modules
|
|
588
|
+
puts "archiving #{o.class.to_s.downcase} #{quote(safe_name(o))}" if $options[:verbose]
|
|
570
589
|
|
|
571
|
-
|
|
572
|
-
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
590
|
+
add_to_archive "#{o.class.to_s.downcase} #{quote(safe_name(o))}\n" +
|
|
591
|
+
( o.is_a?(Class) ? class_header(o) : "") + # superclass
|
|
592
|
+
( o.is_a?(Module) ? module_header(o) : "") + # included modules
|
|
593
|
+
( (o.is_a?(Object) && !o.nil?) ? object_contents(o, with_disasm) : "") +
|
|
594
|
+
( o.is_a?(Module) ? module_contents(o, with_disasm) : "") +
|
|
595
|
+
"end#{o.class.to_s.downcase}\n" +
|
|
596
|
+
"\n"
|
|
576
597
|
end
|
|
577
|
-
|
|
578
598
|
end
|
|
579
599
|
|
|
580
600
|
|
|
@@ -841,7 +861,17 @@ end
|
|
|
841
861
|
|
|
842
862
|
puts "Phase 2 - Load Rails" if $options[:verbose]
|
|
843
863
|
begin
|
|
844
|
-
|
|
864
|
+
if $options[:skipactiverecord] || $options[:skipactionview] || $options[:skipsprockets]
|
|
865
|
+
require "active_model/railtie"
|
|
866
|
+
require "active_record/railtie" unless $options[:skipactiverecord]
|
|
867
|
+
require "action_controller/railtie"
|
|
868
|
+
require "action_mailer/railtie"
|
|
869
|
+
require "action_view/railtie" unless $options[:skipactionview]
|
|
870
|
+
require "sprockets/railtie" unless $options[:skipsprockets]
|
|
871
|
+
require "rails/test_unit/railtie"
|
|
872
|
+
else
|
|
873
|
+
require "rails/all"
|
|
874
|
+
end
|
|
845
875
|
rescue Exception => e
|
|
846
876
|
puts "Unable to require rails: #{e.message}"
|
|
847
877
|
log_error "Unable to require rails: #{e.message}"
|
|
@@ -928,6 +958,7 @@ end
|
|
|
928
958
|
puts "Processing and disassembling #{APP_NAME} classes and modules"
|
|
929
959
|
archive(@modules - @baseline_modules, true)
|
|
930
960
|
archive_schema
|
|
961
|
+
|
|
931
962
|
end
|
|
932
963
|
|
|
933
964
|
## /phase 3 - require app
|
data/lib/veracode/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: veracode
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.0.
|
|
4
|
+
version: 1.0.0.alpha15
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Veracode
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-04-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rubyzip
|
|
@@ -55,10 +55,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
55
55
|
version: 1.3.1
|
|
56
56
|
requirements: []
|
|
57
57
|
rubyforge_project:
|
|
58
|
-
rubygems_version: 2.
|
|
58
|
+
rubygems_version: 2.7.8
|
|
59
59
|
signing_key:
|
|
60
60
|
specification_version: 4
|
|
61
61
|
summary: Command line tool for preparing your Ruby on Rails app for submission to
|
|
62
62
|
Veracode
|
|
63
63
|
test_files: []
|
|
64
|
-
has_rdoc:
|