Class: Brakeman::Report::Markdown
- Defined in:
- lib/brakeman/report/report_markdown.rb
Defined Under Namespace
Classes: MarkdownTable
Constant Summary
Constants inherited from Base
Constants included from Util
Util::ALL_PARAMETERS, Util::COOKIES, Util::COOKIES_SEXP, Util::PARAMETERS, Util::PARAMS_SEXP, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION, Util::SESSION_SEXP
Instance Attribute Summary
Attributes inherited from Base
Instance Method Summary collapse
- #convert_warning(warning, original) ⇒ Object
- #generate_checks ⇒ Object
- #generate_metadata ⇒ Object
- #generate_overview ⇒ Object
- #generate_report ⇒ Object
-
#generate_templates ⇒ Object
Generate listings of templates and their output.
-
#markdown_message(warning, message) ⇒ Object
Escape and code format warning message.
- #render_array(template, headings, value_array, locals) ⇒ Object
Methods inherited from Base
#all_warnings, #controller_warnings, #convert_controller_warning, #convert_ignored_warning, #convert_model_warning, #convert_template_warning, #convert_to_rows, #filter_warnings, #generate_controller_warnings, #generate_controllers, #generate_errors, #generate_ignored_warnings, #generate_model_warnings, #generate_template_warnings, #generate_warning_overview, #generate_warnings, #generic_warnings, #ignored_warnings, #initialize, #model_warnings, #number_of_templates, #rails_version, #render_warnings, #sort, #template_warnings, #text_message, #warning_file, #warnings_summary
Methods included from Util
#array?, #block?, #call?, #camelize, #class_name, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #github_url, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #make_call, #node_type?, #number?, #params?, #pluralize, #rails_version, #regexp?, #relative_path, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #string_interp?, #symbol?, #table_to_csv, #template_path_to_name, #true?, #truncate_table, #underscore
Constructor Details
This class inherits a constructor from Brakeman::Report::Base
Instance Method Details
#convert_warning(warning, original) ⇒ Object
135 136 137 138 139 140 |
# File 'lib/brakeman/report/report_markdown.rb', line 135 def convert_warning warning, original warning["Confidence"] = TEXT_CONFIDENCE[warning["Confidence"]] warning["Message"] = original, warning["Message"] warning["Warning Type"] = "[#{warning['Warning Type']}](#{original.link})" if original.link warning end |
#generate_checks ⇒ Object
78 79 80 81 82 |
# File 'lib/brakeman/report/report_markdown.rb', line 78 def generate_checks MarkdownTable.new(:headings => ['Checks performed']) do |t| t.add_row([checks.checks_run.sort.join(", ")]) end end |
#generate_metadata ⇒ Object
63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/brakeman/report/report_markdown.rb', line 63 def MarkdownTable.new( :headings => ['Application path', 'Rails version', 'Brakeman version', 'Started at', 'Duration'] ) do |t| t.add_row([ tracker.app_path, rails_version, Brakeman::Version, tracker.start_time, "#{tracker.duration} seconds", ]) end end |
#generate_overview ⇒ Object
84 85 86 87 88 89 90 91 92 93 94 95 |
# File 'lib/brakeman/report/report_markdown.rb', line 84 def generate_overview num_warnings = all_warnings.length MarkdownTable.new(:headings => ['Scanned/Reported', 'Total']) do |t| t.add_row ['Controllers', tracker.controllers.length] t.add_row ['Models', tracker.models.length - 1] t.add_row ['Templates', number_of_templates(@tracker)] t.add_row ['Errors', tracker.errors.length] t.add_row ['Security Warnings', "#{num_warnings} (#{warnings_summary[:high_confidence]})"] t.add_row ['Ignored Warnings', ignored_warnings.length] unless ignored_warnings.empty? end end |
#generate_report ⇒ Object
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'lib/brakeman/report/report_markdown.rb', line 24 def generate_report out = "# BRAKEMAN REPORT\n\n" << .to_s << "\n\n" << generate_checks.to_s << "\n\n" << "### SUMMARY\n\n" << generate_overview.to_s << "\n\n" << generate_warning_overview.to_s << "\n\n" #Return output early if only summarizing return out if tracker.[:summary_only] if tracker.[:report_routes] or tracker.[:debug] out << "### CONTROLLERS" << "\n\n" << generate_controllers.to_s << "\n\n" end if tracker.[:debug] out << "### TEMPLATES\n\n" << generate_templates.to_s << "\n\n" end res = generate_errors out << "### Errors\n\n" << res.to_s << "\n\n" if res res = generate_warnings out << "### SECURITY WARNINGS\n\n" << res.to_s << "\n\n" if res res = generate_controller_warnings out << "### Controller Warnings:\n\n" << res.to_s << "\n\n" if res res = generate_model_warnings out << "### Model Warnings:\n\n" << res.to_s << "\n\n" if res res = generate_template_warnings out << "### View Warnings:\n\n" << res.to_s << "\n\n" if res out end |
#generate_templates ⇒ Object
Generate listings of templates and their output
98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 |
# File 'lib/brakeman/report/report_markdown.rb', line 98 def generate_templates out_processor = Brakeman::OutputProcessor.new template_rows = {} tracker.templates.each do |name, template| template.each_output do |out| out = out_processor.format out template_rows[name] ||= [] template_rows[name] << out.gsub("\n", ";").gsub(/\s+/, " ") end end template_rows = template_rows.sort_by{|name, value| name.to_s} output = '' template_rows.each do |template| output << template.first.to_s << "\n\n" table = MarkdownTable.new(:headings => ['Output']) do |t| # template[1] is an array of calls template[1].each do |v| t.add_row [v] end end output << table.to_s << "\n\n" end output end |
#markdown_message(warning, message) ⇒ Object
Escape and code format warning message
143 144 145 146 147 148 149 150 151 152 153 154 |
# File 'lib/brakeman/report/report_markdown.rb', line 143 def warning, if warning.file github_url = github_url warning.file, warning.line .gsub!(/(near line \d+)/, "[\\1](#{github_url})") if github_url end if warning.code code = warning.format_code .gsub(code, "`#{code.gsub('`','``').gsub(/\A``|``\z/, '` `')}`") else end end |
#render_array(template, headings, value_array, locals) ⇒ Object
127 128 129 130 131 132 133 |
# File 'lib/brakeman/report/report_markdown.rb', line 127 def render_array template, headings, value_array, locals return if value_array.empty? MarkdownTable.new(:headings => headings) do |t| value_array.each { |value_row| t.add_row value_row } end end |