Sha256: d63be601244a9d66fd3fedc09829e693cfe56ace172b3e75cd24f8756a60a7dc

Contents?: true

Size: 1.34 KB

Versions: 1

Compression:

Stored size: 1.34 KB

Contents

require 'pronto'
require 'brakeman'

module Pronto
  class Brakeman < Runner
    def run(patches)
      return [] unless patches

      ruby_patches = patches.select { |patch| patch.additions > 0 }
                            .select { |patch| ruby_file?(patch.new_file_full_path) }

      files = ruby_patches.map { |patch| patch.new_file_full_path.to_s }

      if files.any?
        output = ::Brakeman.run(app_path: '.',
                                output_formats: [:to_s],
                                only_files: files)
        messages_for(ruby_patches, output)
      else
        []
      end
    end

    def messages_for(ruby_patches, output)
      result = []

      output.checks.all_warnings.each do |warning|
        patch = patch_for_warning(ruby_patches, warning)

        line = patch.added_lines.select do |added_line|
          added_line.new_lineno == warning.line
        end.first

        result << new_warning_message(line, warning) if line
      end

      result
    end

    def new_warning_message(line, warning)
      Message.new(line.patch.delta.new_file[:path], line, :warning,
                  "Possible security vulnerability: #{warning.message}")
    end

    def patch_for_warning(ruby_patches, warning)
      ruby_patches.select do |patch|
        patch.new_file_full_path.to_s == warning.file
      end.first
    end
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version Path
pronto-brakeman-0.1.0 lib/pronto/brakeman.rb