veracode_api_signing 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.brakeman.ignore +22 -0
- data/Gemfile.lock +1 -1
- data/Rakefile +1 -1
- data/lib/veracode_api_signing/version.rb +1 -1
- data/veracode_api_signing.gemspec +3 -0
- metadata +3 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fa139e4b995055cb38e595a143f8c517876f08ba5aeed47396aea6a66beeac2c
|
4
|
+
data.tar.gz: 2da1eecb8daffa37c29ac45056fa6fe2a3b56d1aa98dd5421b58d7e8c2717628
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 349a94f1a7e8c6f050f3396044ddb98e2bb55254025c802d36e71ffd639c3c7f6e044736f0da1b1e5773485024beb9f9a752a5491408847fe4626c0f0dfa66f4
|
7
|
+
data.tar.gz: 0eae70878568fb4a963cbdc7296adca269115213e6ea9fb5a1add586bbd34372b55a162b5fbd8765cb241794f067e3adb56710805dca50f99e25869b9775db1f
|
data/.brakeman.ignore
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
{
|
2
|
+
"ignored_warnings": [
|
3
|
+
{
|
4
|
+
"warning_type": "Authentication",
|
5
|
+
"warning_code": 101,
|
6
|
+
"fingerprint": "ed197e75289bf8a8e2150b832564f162bd93b971008455079f89032792a0e0f1",
|
7
|
+
"check_name": "Secrets",
|
8
|
+
"message": "Hardcoded value for `ENV_API_SECRET_KEY_NAME` in source code",
|
9
|
+
"file": "lib/veracode_api_signing/credentials.rb",
|
10
|
+
"line": 10,
|
11
|
+
"link": "https://brakemanscanner.org/docs/warning_types/authentication/",
|
12
|
+
"code": null,
|
13
|
+
"render_path": null,
|
14
|
+
"location": null,
|
15
|
+
"user_input": null,
|
16
|
+
"confidence": "Medium",
|
17
|
+
"note": "Not actually a hardcoded secret, this value represents the name of the environment variable used when looking for credentials."
|
18
|
+
}
|
19
|
+
],
|
20
|
+
"updated": "2021-12-24 09:06:49 -0700",
|
21
|
+
"brakeman_version": "5.2.0"
|
22
|
+
}
|
data/Gemfile.lock
CHANGED
data/Rakefile
CHANGED
@@ -19,7 +19,7 @@ namespace :brakeman do
|
|
19
19
|
require "brakeman"
|
20
20
|
|
21
21
|
files = args[:output_files].split if args[:output_files]
|
22
|
-
Brakeman.run app_path: ".", output_files: files, print_report: true, run_all_checks: true, force_scan: true
|
22
|
+
Brakeman.run app_path: ".", output_files: files, print_report: true, run_all_checks: true, force_scan: true, ignore_file: ".brakeman.ignore"
|
23
23
|
end
|
24
24
|
end
|
25
25
|
|
@@ -40,4 +40,7 @@ Gem::Specification.new do |spec|
|
|
40
40
|
spec.add_development_dependency "rubocop-rspec", "~> 2.5"
|
41
41
|
spec.add_development_dependency "simplecov", "~> 0.21.2"
|
42
42
|
spec.add_development_dependency "yard", "~> 0.9.26"
|
43
|
+
spec.metadata = {
|
44
|
+
"rubygems_mfa_required" => "true"
|
45
|
+
}
|
43
46
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: veracode_api_signing
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Corban Raun
|
@@ -157,6 +157,7 @@ executables: []
|
|
157
157
|
extensions: []
|
158
158
|
extra_rdoc_files: []
|
159
159
|
files:
|
160
|
+
- ".brakeman.ignore"
|
160
161
|
- ".github/workflows/codeql-analysis.yml"
|
161
162
|
- ".github/workflows/tests.yml"
|
162
163
|
- ".gitignore"
|
@@ -187,11 +188,7 @@ homepage: https://CorbanR.github.io/veracode_api_signing
|
|
187
188
|
licenses:
|
188
189
|
- MIT
|
189
190
|
metadata:
|
190
|
-
|
191
|
-
homepage_uri: https://CorbanR.github.io/veracode_api_signing
|
192
|
-
documentation_uri: https://www.raunco.co/veracode_api_signing/
|
193
|
-
source_code_uri: https://github.com/CorbanR/veracode_api_signing
|
194
|
-
changelog_uri: https://github.com/CorbanR/veracode_api_signing/blob/main/CHANGELOG.md
|
191
|
+
rubygems_mfa_required: 'true'
|
195
192
|
post_install_message:
|
196
193
|
rdoc_options: []
|
197
194
|
require_paths:
|