Class: Brakeman::Commandline

Inherits:
Object
  • Object
show all
Defined in:
lib/brakeman/commandline.rb

Overview

Implements handling of running Brakeman from the command line.

Class Method Summary collapse

Class Method Details

.check_latestObject

Check for the latest version.

If the latest version is newer, quit with a message.



41
42
43
44
45
 
# File 'lib/brakeman/commandline.rb', line 41

def check_latest
  if error = Brakeman.ensure_latest
    quit Brakeman::Not_Latest_Version_Exit_Code, error
  end
end

.compare_results(options) ⇒ Object

Runs a comparison report based on the options provided.



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/brakeman/commandline.rb', line 48

def compare_results options
  require 'json'
  vulns = Brakeman.compare options.merge(:quiet => options[:quiet])

  if options[:comparison_output_file]
    File.open options[:comparison_output_file], "w" do |f|
      f.puts JSON.pretty_generate(vulns)
    end

    Brakeman.notify "Comparison saved in '#{options[:comparison_output_file]}'"
  else
    puts JSON.pretty_generate(vulns)
  end

  if options[:exit_on_warn] && vulns[:new].count > 0
    quit Brakeman::Warnings_Found_Exit_Code
  end
end

.early_exit_options(options) ⇒ Object

Handle options that exit without generating a report.



68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/brakeman/commandline.rb', line 68

def early_exit_options options
  if options[:list_checks] or options[:list_optional_checks]
    Brakeman.list_checks options
    quit
  elsif options[:create_config]
    Brakeman.dump_config options
    quit
  elsif options[:show_help]
    puts Brakeman::Options.create_option_parser({})
    quit
  elsif options[:show_version]
    require 'brakeman/version'
    puts "brakeman #{Brakeman::Version}"
    quit
  end
end

.parse_options(argv) ⇒ Object

Parse ARGV-style array of options.

Exits if options are invalid.

Returns an option hash and the app_path.



90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
 
# File 'lib/brakeman/commandline.rb', line 90

def parse_options argv
  begin
    options, _ = Brakeman::Options.parse! argv
  rescue OptionParser::ParseError => e
    $stderr.puts e.message
    $stderr.puts "Please see `brakeman --help` for valid options"
    quit(-1)
  end

  if argv[-1]
    app_path = argv[-1]
  else
    app_path = "."
  end

  return options, app_path
end

.quit(exit_code = 0, message = nil) ⇒ Object

Exits with the given exit code and prints out the message, if given.

Override this method for different behavior.



111
112
113
114
 
# File 'lib/brakeman/commandline.rb', line 111

def quit exit_code = 0, message = nil
  warn message if message
  exit exit_code
end

.regular_report(options) ⇒ Object

Runs a regular report based on the options provided.



117
118
119
120
121
122
123
124
125
126
127
 
# File 'lib/brakeman/commandline.rb', line 117

def regular_report options
  tracker = run_brakeman options 

  if tracker.options[:exit_on_warn] and not tracker.filtered_warnings.empty?
    quit Brakeman::Warnings_Found_Exit_Code
  end

  if tracker.options[:exit_on_error] and tracker.errors.any?
    quit Brakeman::Errors_Found_Exit_Code
  end
end

.run(options, default_app_path = ".") ⇒ Object

Runs everything:

  • ‘set_interrupt_handler`

  • ‘early_exit_options`

  • ‘set_options`

  • ‘check_latest`

  • ‘run_report`



30
31
32
33
34
35
36
 
# File 'lib/brakeman/commandline.rb', line 30

def run options, default_app_path = "."
  set_interrupt_handler options
  early_exit_options options
  set_options options, default_app_path
  check_latest if options[:ensure_latest]
  run_report options
end

.run_brakeman(options) ⇒ Object

Actually run Brakeman.

Returns a Tracker object.



132
133
134
 
# File 'lib/brakeman/commandline.rb', line 132

def run_brakeman options
  Brakeman.run options.merge(:print_report => true, :quiet => options[:quiet])
end

.run_report(options) ⇒ Object

Run either a comparison or regular report based on options provided.



137
138
139
140
141
142
143
144
145
146
147
148
149
 
# File 'lib/brakeman/commandline.rb', line 137

def run_report options
  begin
    if options[:previous_results_json]
      compare_results options
    else
      regular_report options
    end
  rescue Brakeman::NoApplication => e
    quit Brakeman::No_App_Found_Exit_Code, e.message
  rescue Brakeman::MissingChecksError => e
    quit Brakeman::Missing_Checks_Exit_Code, e.message
  end
end

.set_interrupt_handler(options) ⇒ Object

Sets interrupt handler to gracefully handle Ctrl+C



152
153
154
155
156
157
158
159
160
161
162
 
# File 'lib/brakeman/commandline.rb', line 152

def set_interrupt_handler options
  trap("INT") do
    warn "\nInterrupted - exiting."

    if options[:debug]
      warn caller
    end

    exit!
  end
end

.set_options(options, default_app_path = ".") ⇒ Object

Modifies options, including setting the app_path if none is given in the options hash.



166
167
168
169
170
171
172
173
174
175
176
 
# File 'lib/brakeman/commandline.rb', line 166

def set_options options, default_app_path = "."
  unless options[:app_path]
    options[:app_path] = default_app_path
  end

  if options[:quiet].nil?
    options[:quiet] = :command_line
  end

  options
end

.start(options = nil, app_path = ".") ⇒ Object

Main method to run Brakeman from the command line.

If no options are provided, ARGV will be parsed and used instead. Otherwise, the options are expected to be a Hash like the one returned after ARGV is parsed.



14
15
16
17
18
19
20
21
 
# File 'lib/brakeman/commandline.rb', line 14

def start options = nil, app_path = "."

  unless options
    options, app_path = parse_options ARGV
  end

  run options, app_path
end