Class: Brakeman::RescanReport

Inherits:
Object
  • Object
show all
Includes:
Util
Defined in:
lib/brakeman/rescanner.rb

Overview

Class to make reporting of rescan results simpler to deal with

Constant Summary

Constants included from Util

Util::ALL_PARAMETERS, Util::COOKIES, Util::PARAMETERS, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Util

#array?, #call?, #camelize, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #node_type?, #number?, #params?, #pluralize, #regexp?, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #symbol?, #table_to_csv, #true?, #truncate_table, #underscore

Constructor Details

#initialize(old_results, tracker) ⇒ RescanReport

Returns a new instance of RescanReport.



367
368
369
370
371
372
373
# File 'lib/brakeman/rescanner.rb', line 367

def initialize old_results, tracker
  @tracker = tracker
  @old_results = old_results
  @new_results = tracker.checks
  @all_warnings = nil
  @diff = nil
end

Instance Attribute Details

#new_resultsObject (readonly)

Returns the value of attribute new_results.



365
366
367
# File 'lib/brakeman/rescanner.rb', line 365

def new_results
  @new_results
end

#old_resultsObject (readonly)

Returns the value of attribute old_results.



365
366
367
# File 'lib/brakeman/rescanner.rb', line 365

def old_results
  @old_results
end

Instance Method Details

#all_warningsObject

Returns an array of all warnings found



381
382
383
# File 'lib/brakeman/rescanner.rb', line 381

def all_warnings
  @all_warnings ||= new_results.all_warnings
end

#any_warnings?Boolean

Returns true if any warnings were found (new or old)

Returns:

  • (Boolean)


376
377
378
# File 'lib/brakeman/rescanner.rb', line 376

def any_warnings?
  not all_warnings.empty?
end

#diffObject

Returns a hash of arrays for :new and :fixed warnings



403
404
405
# File 'lib/brakeman/rescanner.rb', line 403

def diff
  @diff ||= @new_results.diff(@old_results)
end

#existing_warningsObject

Returns an array of warnings which were in the old report and the new report



408
409
410
411
412
# File 'lib/brakeman/rescanner.rb', line 408

def existing_warnings
  @old ||= all_warnings.select do |w|
    not new_warnings.include? w
  end
end

#fixed_warningsObject

Returns an array of warnings which were in the old report but are not in the new report after rescanning



387
388
389
# File 'lib/brakeman/rescanner.rb', line 387

def fixed_warnings
  diff[:fixed]
end

#new_warningsObject

Returns an array of warnings which were in the new report but were not in the old report



393
394
395
# File 'lib/brakeman/rescanner.rb', line 393

def new_warnings
  diff[:new]
end

#to_s(verbose = false) ⇒ Object

Output total, fixed, and new warnings



415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
# File 'lib/brakeman/rescanner.rb', line 415

def to_s(verbose = false)
  if !verbose
    <<-OUTPUT
Total warnings: #{all_warnings.length}
Fixed warnings: #{fixed_warnings.length}
New warnings: #{new_warnings.length}
    OUTPUT
  else
    #Eventually move this to different method, or make default to_s
    out = ""

    {:fixed => fixed_warnings, :new => new_warnings, :existing => existing_warnings}.each do |warning_type, warnings|
      if warnings.length > 0
        out << "#{warning_type.to_s.titleize} warnings: #{warnings.length}\n"

        table = Terminal::Table.new(:headings => ["Confidence", "Class", "Method", "Warning Type", "Message"]) do |t|
          warnings.sort_by { |w| w.confidence}.each do |warning|
            w = warning.to_row

            w["Confidence"] = Brakeman::Report::TEXT_CONFIDENCE[w["Confidence"]]

            t << [w["Confidence"], w["Class"], w["Method"], w["Warning Type"], w["Message"]]
          end
        end
        out << truncate_table(table.to_s)
      end
    end

    out
  end
end

#warnings_changed?Boolean

Returns true if there are any new or fixed warnings

Returns:

  • (Boolean)


398
399
400
# File 'lib/brakeman/rescanner.rb', line 398

def warnings_changed?
  not (diff[:new].empty? and diff[:fixed].empty?)
end