Class: Scanny::Checks::SetSecretCheck
- Defined in:
- lib/scanny/checks/insecure_config/set_secret_check.rb
Overview
Checks for places where :secret hash key is set.
Instance Method Summary collapse
Methods inherited from Check
#compiled_pattern, #issue, #visit
Instance Method Details
#check(node) ⇒ Object
14 15 16 17 18 |
# File 'lib/scanny/checks/insecure_config/set_secret_check.rb', line 14 def check(node) issue :info, "Setting :secret can indicate using hard-coded cryptographic key.", :cwe => 321 end |
#pattern ⇒ Object
:secret
6 7 8 9 10 11 12 |
# File 'lib/scanny/checks/insecure_config/set_secret_check.rb', line 6 def pattern <<-EOT HashLiteral< array = [any{even}, SymbolLiteral<value = :secret>, any{odd}] > EOT end |
#strict? ⇒ Boolean
20 21 22 |
# File 'lib/scanny/checks/insecure_config/set_secret_check.rb', line 20 def strict? true end |