Report problems in other files for brakeman, and get the tests to pass on Windows

This commit is contained in:
w0rp 2017-09-13 23:33:13 +01:00
parent 3d2bddf4af
commit 52c933cd72
2 changed files with 12 additions and 15 deletions

View File

@ -7,20 +7,16 @@ let g:ale_ruby_brakeman_options =
function! ale_linters#ruby#brakeman#Handle(buffer, lines) abort function! ale_linters#ruby#brakeman#Handle(buffer, lines) abort
let l:output = [] let l:output = []
let l:json = ale#util#FuzzyJSONDecode(a:lines, {}) let l:json = ale#util#FuzzyJSONDecode(a:lines, {})
let l:sep = has('win32') ? '\' : '/'
for l:warning in get(l:json, 'warnings', [])
" Brakeman always outputs paths relative to the Rails app root " Brakeman always outputs paths relative to the Rails app root
let l:rails_root = ale#ruby#FindRailsRoot(a:buffer) let l:rails_root = ale#ruby#FindRailsRoot(a:buffer)
let l:warning_file = l:rails_root . '/' . l:warning.file
if !ale#path#IsBufferPath(a:buffer, l:warning_file)
continue
endif
for l:warning in get(l:json, 'warnings', [])
let l:text = l:warning.warning_type . ' ' . l:warning.message . ' (' . l:warning.confidence . ')' let l:text = l:warning.warning_type . ' ' . l:warning.message . ' (' . l:warning.confidence . ')'
let l:line = l:warning.line != v:null ? l:warning.line : 1 let l:line = l:warning.line != v:null ? l:warning.line : 1
call add(l:output, { call add(l:output, {
\ 'filename': l:rails_root . l:sep . l:warning.file,
\ 'lnum': l:line, \ 'lnum': l:line,
\ 'type': 'W', \ 'type': 'W',
\ 'text': l:text, \ 'text': l:text,

View File

@ -1,6 +1,5 @@
Before: Before:
call ale#test#SetDirectory('/testplugin/test/handler') call ale#test#SetDirectory('/testplugin/test/handler')
cd ..
runtime ale_linters/ruby/brakeman.vim runtime ale_linters/ruby/brakeman.vim
@ -9,16 +8,18 @@ After:
call ale#linter#Reset() call ale#linter#Reset()
Execute(The brakeman handler should parse JSON correctly): Execute(The brakeman handler should parse JSON correctly):
call ale#test#SetFilename('ruby_fixtures/valid_rails_app/app/models/thing.rb') call ale#test#SetFilename('../ruby_fixtures/valid_rails_app/app/models/thing.rb')
AssertEqual AssertEqual
\ [ \ [
\ { \ {
\ 'filename': expand('%:p'),
\ 'lnum': 84, \ 'lnum': 84,
\ 'text': 'SQL Injection Possible SQL injection (Medium)', \ 'text': 'SQL Injection Possible SQL injection (Medium)',
\ 'type': 'W', \ 'type': 'W',
\ }, \ },
\ { \ {
\ 'filename': expand('%:p'),
\ 'lnum': 1, \ 'lnum': 1,
\ 'text': 'Mass Assignment Potentially dangerous attribute available for mass assignment (Weak)', \ 'text': 'Mass Assignment Potentially dangerous attribute available for mass assignment (Weak)',
\ 'type': 'W', \ 'type': 'W',
@ -33,7 +34,7 @@ Execute(The brakeman handler should parse JSON correctly):
\ '"fingerprint": "1234",', \ '"fingerprint": "1234",',
\ '"check_name": "SQL",', \ '"check_name": "SQL",',
\ '"message": "Possible SQL injection",', \ '"message": "Possible SQL injection",',
\ '"file": "app/models/thing.rb",', \ '"file": "' . substitute(ale#path#Winify('app/models/thing.rb'), '\\', '\\\\', 'g') . '",',
\ '"line": 84,', \ '"line": 84,',
\ '"link": "http://brakemanscanner.org/docs/warning_types/sql_injection/",', \ '"link": "http://brakemanscanner.org/docs/warning_types/sql_injection/",',
\ '"code": "Thing.connection.execute(params[:data])",', \ '"code": "Thing.connection.execute(params[:data])",',
@ -52,7 +53,7 @@ Execute(The brakeman handler should parse JSON correctly):
\ '"fingerprint": "1235",', \ '"fingerprint": "1235",',
\ '"check_name": "ModelAttrAccessible",', \ '"check_name": "ModelAttrAccessible",',
\ '"message": "Potentially dangerous attribute available for mass assignment",', \ '"message": "Potentially dangerous attribute available for mass assignment",',
\ '"file": "app/models/thing.rb",', \ '"file": "' . substitute(ale#path#Winify('app/models/thing.rb'), '\\', '\\\\', 'g') . '",',
\ '"line": null,', \ '"line": null,',
\ '"link": "http://brakemanscanner.org/docs/warning_types/mass_assignment/",', \ '"link": "http://brakemanscanner.org/docs/warning_types/mass_assignment/",',
\ '"code": ":name",', \ '"code": ":name",',