Class: Scanny::Checks::SetSecretCheck

Inherits:

Check

Object
Check
Scanny::Checks::SetSecretCheck

show all

Defined in:: lib/scanny/checks/insecure_config/set_secret_check.rb

Overview

Checks for places where :secret hash key is set.

Instance Method Summary collapse

#check(node) ⇒ Object
#pattern ⇒ Object

:secret.
#strict? ⇒ Boolean

Methods inherited from Check

#compiled_pattern, #issue, #visit

Instance Method Details

#check(node) ⇒ `Object`

# File 'lib/scanny/checks/insecure_config/set_secret_check.rb', line 14

def check(node)
  issue :info,
    "Setting :secret can indicate using hard-coded cryptographic key.",
    :cwe => 321
end

#pattern ⇒ `Object`

:secret

# File 'lib/scanny/checks/insecure_config/set_secret_check.rb', line 6

def pattern
  <<-EOT
    HashLiteral<
      array = [any{even}, SymbolLiteral<value = :secret>, any{odd}]
    >
  EOT
end

#strict? ⇒ `Boolean`

Returns:

(Boolean)



20
21
22

# File 'lib/scanny/checks/insecure_config/set_secret_check.rb', line 20

def strict?
  true
end

Class: Scanny::Checks::SetSecretCheck

Overview

Instance Method Summary collapse

Methods inherited from Check

Instance Method Details

#check(node) ⇒ Object

#pattern ⇒ Object

#strict? ⇒ Boolean

#check(node) ⇒ `Object`

#pattern ⇒ `Object`

#strict? ⇒ `Boolean`