Sha256: 8d9d8c681ee7842ec9cfa6210742ff02d259b418bf5ae550c1e45f6bbcd351eb
Contents?: true
Size: 1.36 KB
Versions: 3
Compression:
Stored size: 1.36 KB
Contents
require 'pronto'
require 'brakeman'
module Pronto
class Brakeman < Runner
def run(patches, _)
return [] unless patches
ruby_patches = patches.select { |patch| patch.additions > 0 }
.select { |patch| ruby_file?(patch.new_file_full_path) }
files = ruby_patches.map { |patch| patch.new_file_full_path.to_s }
if files.any?
output = ::Brakeman.run(app_path: ruby_patches.first.repo.path,
output_formats: [:to_s],
only_files: files)
messages_for(ruby_patches, output).compact
else
[]
end
rescue ::Brakeman::NoApplication
[]
end
def messages_for(ruby_patches, output)
output.filtered_warnings.map do |warning|
patch = patch_for_warning(ruby_patches, warning)
if patch
line = patch.added_lines.find do |added_line|
added_line.new_lineno == warning.line
end
new_message(line, warning) if line
end
end
end
def new_message(line, warning)
Message.new(line.patch.delta.new_file[:path], line, :warning,
"Possible security vulnerability: #{warning.message}")
end
def patch_for_warning(ruby_patches, warning)
ruby_patches.find do |patch|
patch.new_file_full_path.to_s == warning.file
end
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| pronto-brakeman-0.5.0 | lib/pronto/brakeman.rb |
| pronto-brakeman-0.4.3 | lib/pronto/brakeman.rb |
| pronto-brakeman-0.4.2 | lib/pronto/brakeman.rb |