Merge pull request #18 from tw-ngreen/add_option_to_exit_with_nonzero_exit_code_when_warnings_found

Add option to exit with nonzero exit code when warnings found

Merge pull request #18 from tw-ngreen/add_option_to_exit_with_nonzero_exit_code_when_warnings_found
Add option to exit with nonzero exit code when warnings found
b82c65cc · Justin · fc7ec7cb · 9458b9c0 · b82c65cc · b82c65cc
隐藏空白更改
内联并排

Showing with 21 addition and 1 deletion

bin/brakeman bin/brakeman +12 -1

lib/brakeman.rb lib/brakeman.rb +9 -0

未找到文件。
--- a/bin/brakeman
+++ b/bin/brakeman
@@ -12,6 +12,8 @@ trap("INT") do
  exit!
 end

+Brakeman::Warnings_Found_Exit_Code = 3
+
 #Parse command line options
 options = {}

@@ -147,6 +149,10 @@ OptionParser.new do |opts|
    end
  end

+  opts.on( "-z", "--exit-on-warn", "Exit code is non-zero if warnings found.") do |s|
+    options[:exit_on_warn] = s
+  end
+
  opts.separator ""

  opts.on "-k", "--checks", "List all available vulnerability checks" do
@@ -164,4 +170,9 @@ OptionParser.new do |opts|
  end
 end.parse!(ARGV)

-Brakeman.run options
+clean = Brakeman.run options
+
+if options[:exit_on_warn] && !clean
+  exit Brakeman::Warnings_Found_Exit_Code
+end
+
--- a/lib/brakeman.rb
+++ b/lib/brakeman.rb
@@ -184,5 +184,14 @@ module Brakeman
    else
      puts tracker.report.send(options[:output_format])
    end
+
+    if options[:exit_on_warn]
+      tracker.checks.all_warnings.each do |warning|
+        next if warning.confidence > options[:min_confidence]
+        return false
+      end
+    end
+    return true
+
  end
 end