Class: Pronto::Brakeman

Inherits:
Runner
  • Object
show all
Defined in:
lib/pronto/brakeman.rb

Instance Method Summary collapse

Instance Method Details

#messages_for(ruby_patches, output) ⇒ Object 



21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'lib/pronto/brakeman.rb', line 21

def messages_for(ruby_patches, output)
  output.filtered_warnings.map do |warning|
    patch = patch_for_warning(ruby_patches, warning)

    next unless patch
    line = patch.added_lines.find do |added_line|
      added_line.new_lineno == warning.line
    end

    new_message(line, warning) if line
  end
end

#new_message(line, warning) ⇒ Object 



34
35
36
37
38
39
 
# File 'lib/pronto/brakeman.rb', line 34

def new_message(line, warning)
  Message.new(line.patch.delta.new_file[:path], line,
              severity_for_confidence(warning.confidence),
              "Possible security vulnerability: #{warning.message}",
              nil, self.class)
end

#patch_for_warning(ruby_patches, warning) ⇒ Object 



52
53
54
55
56
 
# File 'lib/pronto/brakeman.rb', line 52

def patch_for_warning(ruby_patches, warning)
  ruby_patches.find do |patch|
    patch.new_file_full_path.to_s == warning.file
  end
end

#runObject 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
# File 'lib/pronto/brakeman.rb', line 6

def run
  files = ruby_patches.map do |patch|
    patch.new_file_full_path.relative_path_from(repo_path).to_s
  end

  return [] unless files.any?

  output = ::Brakeman.run(app_path: repo_path,
                          output_formats: [:to_s],
                          only_files: files)
  messages_for(ruby_patches, output).compact
rescue ::Brakeman::NoApplication
  []
end

#severity_for_confidence(confidence_level) ⇒ Object 



41
42
43
44
45
46
47
48
49
50
 
# File 'lib/pronto/brakeman.rb', line 41

def severity_for_confidence(confidence_level)
  case confidence_level
  when 0 # Brakeman High confidence
    :fatal
  when 1 # Brakeman Medium confidence
    :warning
  else # Brakeman Low confidence (and other possibilities)
    :info
  end
end