class Brakeman::Report::CodeClimate

Constants

DOCUMENTATION_PATH
REMEDIATION_POINTS_CONFIG_PATH
REMEDIATION_POINTS_DEFAULT

Public Instance Methods

generate_report() click to toggle source
# File lib/brakeman/report/report_codeclimate.rb, line 10
def generate_report
  all_warnings.map { |warning| issue_json(warning) }.join("\0")
end

Private Instance Methods

content_for(warning_code, link) click to toggle source
# File lib/brakeman/report/report_codeclimate.rb, line 58
def content_for(warning_code, link)
  @contents ||= {}
  unless link.nil?
    @contents[warning_code] ||= local_content_for(link) || "Read more: #{link}"
  end
end
file_path(warning) click to toggle source
# File lib/brakeman/report/report_codeclimate.rb, line 72
def file_path(warning)
  if tracker.options[:path_prefix]
    (Pathname.new(tracker.options[:path_prefix]) + Pathname.new(warning.file.relative)).to_s
  else
    warning.relative_path
  end
end
issue_json(warning) click to toggle source
# File lib/brakeman/report/report_codeclimate.rb, line 16
def issue_json(warning)
  warning_code_name = name_for(warning.warning_code)

  {
    type: "Issue",
    check_name: warning_code_name,
    description: warning.message,
    fingerprint: warning.fingerprint,
    categories: ["Security"],
    severity: severity_level_for(warning.confidence),
    remediation_points: remediation_points_for(warning_code_name),
    location: {
      path: file_path(warning),
      lines: {
        begin: warning.line || 1,
        end: warning.line || 1,
      }
    },
    content: {
      body: content_for(warning.warning_code, warning.link)
    }
  }.to_json
end
local_content_for(link) click to toggle source
# File lib/brakeman/report/report_codeclimate.rb, line 65
def local_content_for(link)
  directory = link.split("/").last
  filename = File.join(DOCUMENTATION_PATH, directory, "index.markdown")

  File.read(filename) if File.exist?(filename)
end
name_for(warning_code) click to toggle source
# File lib/brakeman/report/report_codeclimate.rb, line 53
def name_for(warning_code)
  @warning_codes ||= Brakeman::WarningCodes::Codes.invert
  @warning_codes[warning_code].to_s
end
remediation_points_for(warning_code) click to toggle source
# File lib/brakeman/report/report_codeclimate.rb, line 48
def remediation_points_for(warning_code)
  @remediation_points ||= YAML.load_file(REMEDIATION_POINTS_CONFIG_PATH)
  @remediation_points.fetch(name_for(warning_code), REMEDIATION_POINTS_DEFAULT)
end
severity_level_for(confidence) click to toggle source
# File lib/brakeman/report/report_codeclimate.rb, line 40
def severity_level_for(confidence)
  if confidence == 0
    "critical"
  else
    "normal"
  end
end