Permalink
Switch branches/tags
Nothing to show
Commits on Oct 21, 2012
  1. Make more checks strict

    dmajda committed Oct 21, 2012
Commits on Aug 19, 2012
  1. Update version to 0.1.0

    dmajda committed Aug 19, 2012
  2. scanny.gemspec: Fix dependencies

    dmajda committed Aug 19, 2012
    Changes two things:
    
      * Require the newest version of Machete.
      * Require exact version of both dependencies. This is because there
        are no compatibility guarantees for them.
  3. Tweak README.md

    dmajda committed Aug 19, 2012
  4. Fix syntactically invalid Machete pattern in a check used in specs

    dmajda committed Aug 19, 2012
    The invalid pattern caused the following spec failure:
    
      1) Command line interface strict when given --strict argument
         Failure/Error: it { assert_partial_output "strict checked", all_stdout }
           expected "" to include "strict checked"
         # ./spec/scanny/cli_spec.rb:120:in `__script__'
         # kernel/common/eval19.rb:45:in `instance_eval'
         # kernel/bootstrap/array19.rb:18:in `map'
         # kernel/bootstrap/array19.rb:18:in `map'
         # kernel/bootstrap/array19.rb:18:in `map'
         # kernel/bootstrap/array19.rb:18:in `map'
         # kernel/loader.rb:708:in `run_at_exits'
         # kernel/loader.rb:728:in `epilogue'
         # kernel/loader.rb:866:in `main'
  5. Treat paths passed to --include as relative to the current directory

    dmajda committed Aug 19, 2012
    This allows to specify relative paths for --include and call bin/scanny
    from a different directory than "bin" at the same time.
  6. Add .rbx/ to .gitignore

    dmajda committed Aug 19, 2012
  7. Merge pull request #128 from LTe/clean_stdout_during_specs

    dmajda committed Aug 19, 2012
    SimpleReporter spec should not write to $stdout
  8. Merge pull request #127 from LTe/strict_mark

    dmajda committed Aug 19, 2012
    Mark checks as strict
  9. Merge pull request #126 from LTe/any_plus

    dmajda committed Aug 19, 2012
    Use any+ instead of any{1,}
  10. Merge pull request #125 from LTe/find_methods_on_objects

    dmajda committed Aug 19, 2012
    Find methods on objects
Commits on Aug 17, 2012
  1. Mark checks as strict

    LTe committed Aug 17, 2012
  2. Use any+ instead of any{1,}

    LTe committed Aug 17, 2012
    Because machete support any+ scanny should use cleaner notation
  3. Don't limit check to ConstantAccess

    LTe committed Aug 17, 2012
    Check should recognize method call on objects
Commits on Aug 16, 2012
  1. Merge pull request #124 from LTe/marshal

    dmajda committed Aug 16, 2012
    Check for deserialize string with Marshal module
  2. Update pattern to recognize load and restore

    LTe committed Aug 16, 2012
    All methods belongs to Marshal module
  3. Add spec for Marshal module

    LTe committed Aug 16, 2012
    Remove old spec
  4. Merge pull request #122 from LTe/gpg_usage_update

    dmajda committed Aug 16, 2012
    GPG usage update
Commits on Aug 14, 2012
  1. Merge pull request #123 from LTe/net_http_other_class_update

    dmajda committed Aug 14, 2012
    Net::HTTP other class update
  2. Merge pull request #121 from LTe/pattern_exec_command_update

    dmajda committed Aug 14, 2012
    Add spawn method to pattern
  3. Merge pull request #120 from LTe/remove_non_existed_method

    dmajda committed Aug 14, 2012
    Remove pattern_options_with_select_in_select
  4. Recognize another Net::HTTP methods

    LTe committed Aug 14, 2012
    Scanny should recognize Net::HTTP::Post, Net::HTTP::Get,
    Net::HTTP::Method etc.
  5. Use regexp for gpg method name and class name

    LTe committed Aug 14, 2012
    Scanny use in this place non-case sensitive option to match all kind of
    GPG class names (GPG, GpG, Gpg)
  6. Merge pull request #119 from LTe/string_interpolation_on_execute_sql

    dmajda committed Aug 14, 2012
    String interpolation on execute sql
  7. Add spawn method to pattern

    LTe committed Aug 14, 2012
    Method build_pattern_exec_command should build pattern that can
    recognize execute system command with spawn method.
  8. Remove pattern_options_with_select_in_select

    LTe committed Aug 14, 2012
    Method pattern_options_with_select_in_select does not exist in current
    implementation.
Commits on Aug 13, 2012
  1. Merge pull request #118 from LTe/string_interpolation_options

    dmajda committed Aug 13, 2012
    Remove SUSE specific code from check
  2. Merge pull request #117 from LTe/mark_methods_as_xss_safe_update

    dmajda committed Aug 13, 2012
    Method mark_methods_as_xss_safe can be called with arguments