Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
社会瑞弟呀
brakeman
提交
7a0e1cda
B
brakeman
项目概览
社会瑞弟呀
/
brakeman
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
B
brakeman
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
7a0e1cda
编写于
12月 20, 2011
作者:
J
Justin Collins
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add simple progress reporting
--no-progress turns it off
上级
58a9d0f3
变更
3
显示空白变更内容
内联
并排
Showing
3 changed file
with
73 addition
and
10 deletion
+73
-10
bin/brakeman
bin/brakeman
+4
-0
lib/brakeman.rb
lib/brakeman.rb
+2
-0
lib/brakeman/scanner.rb
lib/brakeman/scanner.rb
+67
-10
未找到文件。
bin/brakeman
浏览文件 @
7a0e1cda
...
...
@@ -24,6 +24,10 @@ OptionParser.new do |opts|
options
[
:parallel_checks
]
=
false
end
opts
.
on
"--no-progress"
,
"Do not show progress reports"
do
options
[
:report_progress
]
=
false
end
opts
.
on
"-p"
,
"--path PATH"
,
"Specify path to Rails application"
do
|
path
|
options
[
:app_path
]
=
File
.
expand_path
path
end
...
...
lib/brakeman.rb
浏览文件 @
7a0e1cda
...
...
@@ -48,6 +48,7 @@ module Brakeman
options
=
set_options
options
if
options
[
:quiet
]
options
[
:report_progress
]
=
false
$VERBOSE
=
nil
end
...
...
@@ -120,6 +121,7 @@ module Brakeman
:message_limit
=>
100
,
:parallel_checks
=>
true
,
:quiet
=>
true
,
:report_progress
=>
true
,
:html_style
=>
"
#{
File
.
expand_path
(
File
.
dirname
(
__FILE__
))
}
/brakeman/format/style.css"
}
end
...
...
lib/brakeman/scanner.rb
浏览文件 @
7a0e1cda
...
...
@@ -32,6 +32,7 @@ class Brakeman::Scanner
#Pass in path to the root of the Rails application
def
initialize
options
@options
=
options
@report_progress
=
options
[
:report_progress
]
@path
=
options
[
:app_path
]
@app_path
=
File
.
join
(
@path
,
"app"
)
@processor
=
Brakeman
::
Processor
.
new
options
...
...
@@ -58,15 +59,15 @@ class Brakeman::Scanner
process_initializers
warn
"Processing libs..."
process_libs
warn
"Processing routes..."
warn
"Processing routes...
"
process_routes
warn
"Processing templates..."
warn
"Processing templates...
"
process_templates
warn
"Processing models..."
warn
"Processing models...
"
process_models
warn
"Processing controllers..."
warn
"Processing controllers...
"
process_controllers
warn
"Indexing call sites..."
warn
"Indexing call sites...
"
index_call_sites
tracker
end
...
...
@@ -142,7 +143,16 @@ class Brakeman::Scanner
return
end
Dir
.
glob
(
@path
+
"/lib/**/*.rb"
).
sort
.
each
do
|
f
|
lib_files
=
Dir
.
glob
(
@path
+
"/lib/**/*.rb"
).
sort
total
=
lib_files
.
length
current
=
0
lib_files
.
each
do
|
f
|
if
@report_progress
print
"
#{
current
}
/
#{
total
}
files processed
\r
"
current
+=
1
end
begin
@processor
.
process_lib
parse_ruby
(
File
.
read
(
f
)),
f
rescue
Racc
::
ParseError
=>
e
...
...
@@ -174,7 +184,17 @@ class Brakeman::Scanner
#
#Adds processed controllers to tracker.controllers
def
process_controllers
Dir
.
glob
(
@app_path
+
"/controllers/**/*.rb"
).
sort
.
each
do
|
f
|
controller_files
=
Dir
.
glob
(
@app_path
+
"/controllers/**/*.rb"
).
sort
total
=
controller_files
.
length
*
2
current
=
0
controller_files
.
each
do
|
f
|
warn
"Processing
#{
f
}
"
if
options
[
:debug
]
if
@report_progress
print
"
#{
current
}
/
#{
total
}
files processed
\r
"
current
+=
1
end
begin
@processor
.
process_controller
(
parse_ruby
(
File
.
read
(
f
)),
f
)
rescue
Racc
::
ParseError
=>
e
...
...
@@ -184,7 +204,17 @@ class Brakeman::Scanner
end
end
current
=
0
total
=
tracker
.
controllers
.
length
warn
"Processing data flow in controllers..."
tracker
.
controllers
.
each
do
|
name
,
controller
|
if
@report_progress
print
"
#{
current
}
/
#{
total
}
controllers processed
\r
"
current
+=
1
end
@processor
.
process_controller_alias
controller
[
:src
]
end
end
...
...
@@ -198,8 +228,15 @@ class Brakeman::Scanner
$stdout
.
sync
=
true
count
=
0
Dir
.
glob
(
views_path
).
sort
.
each
do
|
f
|
template_files
=
Dir
.
glob
(
views_path
).
sort
total
=
template_files
.
length
template_files
.
each
do
|
f
|
if
@report_progress
count
+=
1
print
"
#{
count
}
/
#{
total
}
files processed
\r
"
end
type
=
f
.
match
(
/.*\.(erb|haml|rhtml)$/
)[
1
].
to_sym
type
=
:erb
if
type
==
:rhtml
name
=
template_path_to_name
f
...
...
@@ -242,7 +279,17 @@ class Brakeman::Scanner
end
end
total
=
tracker
.
templates
.
length
count
=
0
warn
"Processing data flow in templates..."
tracker
.
templates
.
keys
.
dup
.
each
do
|
name
|
if
@report_progress
count
+=
1
print
"
#{
count
}
/
#{
total
}
templates processed
\r
"
end
@processor
.
process_template_alias
tracker
.
templates
[
name
]
end
...
...
@@ -261,7 +308,17 @@ class Brakeman::Scanner
#
#Adds the processed models to tracker.models
def
process_models
Dir
.
glob
(
@app_path
+
"/models/*.rb"
).
sort
.
each
do
|
f
|
model_files
=
Dir
.
glob
(
@app_path
+
"/models/*.rb"
).
sort
total
=
model_files
.
length
current
=
0
model_files
.
each
do
|
f
|
if
@report_progress
print
"
#{
current
}
/
#{
total
}
files processed
\r
"
current
+=
1
end
begin
@processor
.
process_model
(
parse_ruby
(
File
.
read
(
f
)),
f
)
rescue
Racc
::
ParseError
=>
e
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录