Class: Pronto::Brakeman
- Inherits:
-
Runner
- Object
- Runner
- Pronto::Brakeman
- Defined in:
- lib/pronto/brakeman.rb
Instance Method Summary collapse
- #messages_for(ruby_patches, output) ⇒ Object
- #new_message(line, warning) ⇒ Object
- #patch_for_warning(ruby_patches, warning) ⇒ Object
- #run ⇒ Object
- #severity_for_confidence(confidence_level) ⇒ Object
Instance Method Details
#messages_for(ruby_patches, output) ⇒ Object
21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/pronto/brakeman.rb', line 21 def (ruby_patches, output) output.filtered_warnings.map do |warning| patch = patch_for_warning(ruby_patches, warning) next unless patch line = patch.added_lines.find do |added_line| added_line.new_lineno == warning.line end (line, warning) if line end end |
#new_message(line, warning) ⇒ Object
34 35 36 37 38 39 |
# File 'lib/pronto/brakeman.rb', line 34 def (line, warning) Message.new(line.patch.delta.new_file[:path], line, severity_for_confidence(warning.confidence), "Possible security vulnerability: #{warning.}", nil, self.class) end |
#patch_for_warning(ruby_patches, warning) ⇒ Object
52 53 54 55 56 |
# File 'lib/pronto/brakeman.rb', line 52 def patch_for_warning(ruby_patches, warning) ruby_patches.find do |patch| patch.new_file_full_path.to_s == warning.file end end |
#run ⇒ Object
6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
# File 'lib/pronto/brakeman.rb', line 6 def run files = ruby_patches.map do |patch| patch.new_file_full_path.relative_path_from(repo_path).to_s end return [] unless files.any? output = ::Brakeman.run(app_path: repo_path, output_formats: [:to_s], only_files: files) (ruby_patches, output).compact rescue ::Brakeman::NoApplication [] end |
#severity_for_confidence(confidence_level) ⇒ Object
41 42 43 44 45 46 47 48 49 50 |
# File 'lib/pronto/brakeman.rb', line 41 def severity_for_confidence(confidence_level) case confidence_level when 0 # Brakeman High confidence :fatal when 1 # Brakeman Medium confidence :warning else # Brakeman Low confidence (and other possibilities) :info end end |