2018-11-22 14:58:12 -05:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2018-11-22 14:33:08 -05:00
|
|
|
require_relative 'config/application'
|
|
|
|
|
|
|
|
|
|
Rails.application.load_tasks
|
2018-11-22 14:57:13 -05:00
|
|
|
|
2018-12-12 21:28:32 -05:00
|
|
|
desc 'Run all checks'
|
|
|
|
|
task all: %i[default extra]
|
2018-11-22 14:57:13 -05:00
|
|
|
|
2018-12-12 21:28:32 -05:00
|
|
|
desc 'Run common checks (test, lint...)'
|
|
|
|
|
task default: :rubocop
|
|
|
|
|
|
|
|
|
|
desc 'Run additional checks'
|
2019-07-15 17:31:00 -04:00
|
|
|
task extra: %i[bundler:audit brakeman]
|
2018-11-22 14:57:13 -05:00
|
|
|
|
|
|
|
|
desc 'Fix code style (rubocop --auto-correct)'
|
|
|
|
|
task fix: 'rubocop:auto_correct'
|
|
|
|
|
|
2018-12-08 19:08:51 -05:00
|
|
|
begin
|
|
|
|
|
require 'coveralls/rake/task'
|
|
|
|
|
Coveralls::RakeTask.new
|
|
|
|
|
rescue LoadError
|
|
|
|
|
nil
|
|
|
|
|
end
|
|
|
|
|
|
2018-11-22 14:57:13 -05:00
|
|
|
begin
|
|
|
|
|
require 'rubocop/rake_task'
|
|
|
|
|
RuboCop::RakeTask.new
|
|
|
|
|
rescue LoadError
|
|
|
|
|
nil
|
|
|
|
|
end
|
2018-12-03 07:51:04 -05:00
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
require 'yard'
|
|
|
|
|
YARD::Rake::YardocTask.new
|
|
|
|
|
rescue LoadError
|
|
|
|
|
nil
|
|
|
|
|
end
|
2018-12-04 18:19:35 -05:00
|
|
|
|
|
|
|
|
namespace :bundler do
|
|
|
|
|
require 'bundler/audit/cli'
|
|
|
|
|
|
|
|
|
|
desc 'Updates the ruby-advisory-db and ' \
|
|
|
|
|
'checks the Gemfile.lock for insecure dependencies'
|
|
|
|
|
task audit: %i[audit:update audit:check]
|
|
|
|
|
|
|
|
|
|
namespace :audit do
|
|
|
|
|
desc 'Updates the ruby-advisory-db'
|
|
|
|
|
task :update do
|
|
|
|
|
Bundler::Audit::CLI.start ['update']
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
desc 'Checks the Gemfile.lock for insecure dependencies'
|
|
|
|
|
task :check do
|
2019-07-15 17:31:00 -04:00
|
|
|
# Ignore CVE-2015-9284 because it is already solved
|
|
|
|
|
# by using gem `omniauth-rails_csrf_protection`
|
|
|
|
|
Bundler::Audit::CLI.start ['check', '--ignore', 'CVE-2015-9284']
|
2018-12-04 18:19:35 -05:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
rescue LoadError
|
|
|
|
|
nil
|
|
|
|
|
end
|
2018-12-04 18:42:05 -05:00
|
|
|
|
|
|
|
|
desc 'Detects security vulnerabilities via static analysis'
|
|
|
|
|
task :brakeman do
|
|
|
|
|
sh(
|
|
|
|
|
'bundle',
|
|
|
|
|
'exec',
|
|
|
|
|
'brakeman',
|
|
|
|
|
Rails.root.to_s,
|
|
|
|
|
'--confidence-level',
|
|
|
|
|
'1',
|
|
|
|
|
'--run-all-checks',
|
2019-07-21 22:50:27 -04:00
|
|
|
# Ignore UnscopedFind because we use Pundit
|
|
|
|
|
'--except',
|
|
|
|
|
'UnscopedFind',
|
2018-12-04 18:42:05 -05:00
|
|
|
)
|
|
|
|
|
end
|
