Class: Brakeman::Differ

Inherits:
Object show all
Defined in:
lib/brakeman/differ.rb

Overview

extracting the diff logic to it’s own class for consistency. Currently handles an array of Brakeman::Warnings or plain hash representations.

Constant Summary collapse

DEFAULT_HASH =
{:new => [], :fixed => []}

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(new_warnings, old_warnings) ⇒ Differ

Returns a new instance of Differ.



7
8
9
10
# File 'lib/brakeman/differ.rb', line 7

def initialize new_warnings, old_warnings
  @new_warnings = new_warnings
  @old_warnings = old_warnings
end

Instance Attribute Details

#new_warningsObject (readonly)

Returns the value of attribute new_warnings.



5
6
7
# File 'lib/brakeman/differ.rb', line 5

def new_warnings
  @new_warnings
end

#old_warningsObject (readonly)

Returns the value of attribute old_warnings.



5
6
7
# File 'lib/brakeman/differ.rb', line 5

def old_warnings
  @old_warnings
end

Instance Method Details

#diffObject



12
13
14
15
16
17
18
19
20
21
# File 'lib/brakeman/differ.rb', line 12

def diff
  # get the type of elements
  return DEFAULT_HASH if @new_warnings.empty?

  warnings = {}
  warnings[:new] = @new_warnings - @old_warnings
  warnings[:fixed] = @old_warnings - @new_warnings

  second_pass(warnings)
end

#eql_except_line_number(new_warning, fixed_warning) ⇒ Object



48
49
50
51
52
53
54
55
56
57
58
59
60
# File 'lib/brakeman/differ.rb', line 48

def eql_except_line_number new_warning, fixed_warning
  # can't do this ahead of time, as callers may be expecting a Brakeman::Warning
  if new_warning.is_a? Brakeman::Warning 
    new_warning = new_warning.to_hash
    fixed_warning = fixed_warning.to_hash
  end

  new_warning.keys.reject{|k,v| k == :line}.each do |attr|
    return false if new_warning[attr] != fixed_warning[attr]
  end

  true
end

#second_pass(warnings) ⇒ Object

second pass to cleanup any vulns which have changed in line number only. Given a list of new warnings, delete pairs of new/fixed vulns that differ only by line number. Horrible O(n^2) performance. Keep n small :-/



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# File 'lib/brakeman/differ.rb', line 27

def second_pass(warnings)
  # keep track of the number of elements deleted because the index numbers
  # won't update as the list is modified
  elements_deleted_offset = 0

  # dup this list since we will be deleting from it and the iterator gets confused.
  # use _with_index for fast deletion as opposed to .reject!{|obj| obj == *_warning}
  warnings[:new].dup.each_with_index do |new_warning, new_warning_id|
    warnings[:fixed].each_with_index do |fixed_warning, fixed_warning_id|
      if eql_except_line_number new_warning, fixed_warning
        warnings[:new].delete_at(new_warning_id - elements_deleted_offset)
        elements_deleted_offset += 1
        warnings[:fixed].delete_at(fixed_warning_id)
        break
      end
    end
  end

  warnings
end