2017-05-05 05:05:53 -04:00
|
|
|
" Author: Eddie Lebow https://github.com/elebow
|
|
|
|
" Description: Brakeman, a static analyzer for Rails security
|
|
|
|
|
|
|
|
let g:ale_ruby_brakeman_options =
|
|
|
|
\ get(g:, 'ale_ruby_brakeman_options', '')
|
|
|
|
|
|
|
|
function! ale_linters#ruby#brakeman#Handle(buffer, lines) abort
|
|
|
|
let l:output = []
|
2017-07-27 00:45:25 +01:00
|
|
|
let l:json = ale#util#FuzzyJSONDecode(a:lines, {})
|
2017-09-13 23:33:13 +01:00
|
|
|
let l:sep = has('win32') ? '\' : '/'
|
|
|
|
" Brakeman always outputs paths relative to the Rails app root
|
|
|
|
let l:rails_root = ale#ruby#FindRailsRoot(a:buffer)
|
2017-05-05 05:05:53 -04:00
|
|
|
|
2017-07-27 00:45:25 +01:00
|
|
|
for l:warning in get(l:json, 'warnings', [])
|
2017-05-05 05:05:53 -04:00
|
|
|
let l:text = l:warning.warning_type . ' ' . l:warning.message . ' (' . l:warning.confidence . ')'
|
|
|
|
let l:line = l:warning.line != v:null ? l:warning.line : 1
|
|
|
|
|
|
|
|
call add(l:output, {
|
2017-09-13 23:33:13 +01:00
|
|
|
\ 'filename': l:rails_root . l:sep . l:warning.file,
|
|
|
|
\ 'lnum': l:line,
|
|
|
|
\ 'type': 'W',
|
|
|
|
\ 'text': l:text,
|
2017-05-05 05:05:53 -04:00
|
|
|
\})
|
|
|
|
endfor
|
|
|
|
|
|
|
|
return l:output
|
|
|
|
endfunction
|
|
|
|
|
|
|
|
function! ale_linters#ruby#brakeman#GetCommand(buffer) abort
|
2017-07-12 05:43:47 -04:00
|
|
|
let l:rails_root = ale#ruby#FindRailsRoot(a:buffer)
|
2017-05-05 05:05:53 -04:00
|
|
|
|
2017-08-08 08:39:13 +01:00
|
|
|
if l:rails_root is? ''
|
2017-05-05 05:05:53 -04:00
|
|
|
return ''
|
|
|
|
endif
|
|
|
|
|
|
|
|
return 'brakeman -f json -q '
|
|
|
|
\ . ale#Var(a:buffer, 'ruby_brakeman_options')
|
2017-06-21 22:33:34 +01:00
|
|
|
\ . ' -p ' . ale#Escape(l:rails_root)
|
2017-05-05 05:05:53 -04:00
|
|
|
endfunction
|
|
|
|
|
|
|
|
call ale#linter#Define('ruby', {
|
|
|
|
\ 'name': 'brakeman',
|
|
|
|
\ 'executable': 'brakeman',
|
|
|
|
\ 'command_callback': 'ale_linters#ruby#brakeman#GetCommand',
|
|
|
|
\ 'callback': 'ale_linters#ruby#brakeman#Handle',
|
|
|
|
\ 'lint_file': 1,
|
|
|
|
\})
|