Class/Module Index [+]

Quicksearch

Brakeman::GemProcessor

Processes Gemfile and Gemfile.lock

Public Class Methods

new(*args) click to toggle source
# File lib/brakeman/processors/gem_processor.rb, line 6
def initialize *args
  super

  @tracker.config[:gems] ||= {}
end

Public Instance Methods

get_rails_version(gem_lock) click to toggle source
# File lib/brakeman/processors/gem_processor.rb, line 43
def get_rails_version gem_lock
  if gem_lock =~ /\srails \((\d+.\d+.\d+.*)\)$/
    @tracker.config[:rails_version] = $1
  end
end
process_call(exp) click to toggle source
# File lib/brakeman/processors/gem_processor.rb, line 28
def process_call exp
  if exp.target == nil and exp.method == :gem
    gem_name = exp.first_arg
    gem_version = exp.second_arg

    if string? gem_version
      @tracker.config[:gems][gem_name.value.to_sym] = gem_version.value
    else
      @tracker.config[:gems][gem_name.value.to_sym] = ">=0.0.0"
    end
  end

  exp
end
process_gems(src, gem_lock = nil) click to toggle source
# File lib/brakeman/processors/gem_processor.rb, line 12
def process_gems src, gem_lock = nil
  process src

  if gem_lock
    get_rails_version gem_lock
  elsif @tracker.config[:gems][:rails] =~ /(\d+.\d+.\d+)/
    @tracker.config[:rails_version] = $1
  end

  if @tracker.config[:gems][:rails_xss]
    @tracker.config[:escape_html] = true

    Brakeman.notify "[Notice] Escaping HTML by default"
  end
end

[Validate]

Generated with the Darkfish Rdoc Generator 2.