Sha256: 928aa7c482435990164d5a400d4d596b31a46230574fda93618620e454ab5018
Contents?: true
Size: 1.74 KB
Versions: 34
Compression:
Stored size: 1.74 KB
Contents
# frozen_string_literal: true
require_relative "./make_pr/base"
module Neetob
class CLI
module Github
class Brakeman < MakePr::Base
DESCRIPTION = "Fix security vulnerabilities reported by brakeman"
attr_accessor :repos, :sandbox
def initialize(repos, sandbox = false)
super()
@repos = repos
@sandbox = sandbox
end
def run
matching_repos = find_all_matching_apps_or_repos(repos, :github, sandbox)
matching_repos.each do |repo|
begin
ui.info("\nWorking on repo #{repo}")
clone_repo_in_tmp_dir(repo)
bundle_install!(repo)
report = run_brakeman(repo)
ui.success("Successfully executed brakeman for #{repo}")
warnings = report.split("\n\n== Warnings ==\n\n").last&.split("\n\n")
if !report.include?("No warnings found") && !report.blank?
issue = client.create_issue(repo, DESCRIPTION, parse_description(warnings))
ui.success("Issue created at #{issue.html_url}")
end
rescue StandardError => e
ExceptionHandler.new(e).process
end
end
`rm -rf /tmp/neetob`
end
private
def run_brakeman(repo)
`#{cd_to_repo(repo)} && brakeman`
end
def parse_description(warnings)
warning_descriptions = warnings.map do |warning|
code_line = warning.scan(/Code: (.*)\n/).flatten.first
warning.gsub!(code_line, "`#{code_line}`") if !code_line.nil?
"```bash #{warning} \n```"
end
warning_descriptions.join("\n")
end
end
end
end
end
Version data entries
34 entries across 34 versions & 1 rubygems