Warn people that Haml 5 is not fully supported #1379
Conversation
|
The fact that the implementation is messy doesn't bother me too much, because we can delete it all when we add support for Haml 5. (Of course, if it bothers you, please say so) My only real concern so far is that I couldn't figure out how to test it. |
There was a problem hiding this comment.
How should I write a test for this? Which test file should it go in?
In my test, how do I assert that a Brakeman.notify occurred?
You can add it to test/tests/brakeman.rb. A bit of a catchall but it has similar tests. I'm not too picky.
You should be able to use assert_output and test that the message went to stderr. There are other examples in the test file.
For this case, you can either test a Brakeman.run on the test app, or you could add tests specifically for Tracker::Config#check_haml_version and Tracker::Config#supported_haml_versionl?.
| # known Haml 5 versions and test whether the `Requirement` is satisfied. I | ||
| # included '5.99.99' in the list so that this method might stand a chance of | ||
| # working in the future. | ||
| def supported_haml_version? |
There was a problem hiding this comment.
In many cases, there will be an exact gem version from Gemfile.lock.
I am okay with just using version_between? which will handle most cases.
There was a problem hiding this comment.
version_between? expects a single version number, but all we have is a "requirement", right? Consider the requirement > 4.99. This requirement will install Haml 5. It would be incorrect to ignore the operator and only consider the number, 4.99. version_between? would think it is Haml 4.
There was a problem hiding this comment.
That is an edge case, yes, but again most applications are going to have a lock file with the exact version, not just the requirement.
CHANGES.md
Outdated
| @@ -6,6 +6,7 @@ | |||
| * Avoid assigning `nil` line numbers to `Sexp`s | |||
| * Add special warning code for custom checks | |||
| * Add call matching by regular expression | |||
| # Warn people that Haml 5 is not fully supported | |||
| @@ -111,6 +111,8 @@ def set_rails_version | |||
| @escape_html = true | |||
| Brakeman.notify "[Notice] Escaping HTML by default" | |||
| end | |||
|
|
|||
| check_haml_version | |||
There was a problem hiding this comment.
Kind of a weird place for this...but I don't know if there is a less weird place.
jaredbeck
force-pushed
the
fix_issue_1370
branch
from
810795d
to
66e0c0a
Compare
Test added, thanks for the guidance! |
| :app_path => "#{TEST_PATH}/apps/rails5.2", | ||
| :run_checks => [] | ||
| } | ||
| _out, err = capture_io { Brakeman.run options } |
There was a problem hiding this comment.
No need to generate a config file here.
[Fixes #1370]
I don't have great confidence this is the best implementation, and I'd appreciate feedback.
Brakeman.notifyoccurred?Thanks.