Sha256: b8a28ba0be123219166bf0384a573e83b955e84cdfcf1cf5fd9ad9fe655f4c42
Contents?: true
Size: 1.31 KB
Versions: 6
Compression:
Stored size: 1.31 KB
Contents
require 'pronto'
require 'brakeman'
module Pronto
class Brakeman < Runner
def run(patches, _)
return [] unless patches
ruby_patches = patches.select { |patch| patch.additions > 0 }
.select { |patch| ruby_file?(patch.new_file_full_path) }
files = ruby_patches.map { |patch| patch.new_file_full_path.to_s }
if files.any?
output = ::Brakeman.run(app_path: '.',
output_formats: [:to_s],
only_files: files)
messages_for(ruby_patches, output).compact
else
[]
end
end
def messages_for(ruby_patches, output)
output.checks.all_warnings.map do |warning|
patch = patch_for_warning(ruby_patches, warning)
if patch
line = patch.added_lines.find do |added_line|
added_line.new_lineno == warning.line
end
new_message(line, warning) if line
end
end
end
def new_message(line, warning)
Message.new(line.patch.delta.new_file[:path], line, :warning,
"Possible security vulnerability: #{warning.message}")
end
def patch_for_warning(ruby_patches, warning)
ruby_patches.find do |patch|
patch.new_file_full_path.to_s == warning.file
end
end
end
end
Version data entries
6 entries across 6 versions & 1 rubygems