From 92a5b5ca61f40b133f98a75defa7105a0c7c5fc6 Mon Sep 17 00:00:00 2001 From: Vijay Raghavan Aravamudhan Date: Fri, 20 Oct 2017 22:28:43 +0530 Subject: [PATCH] Introduced code and security analysis checkers. --- .gitignore | 1 + .metrics | 3 + Gemfile | 8 ++ Gemfile.lock | 147 ++++++++++++++++++++++++++++++++++ README.md | 21 +++++ config/initializers/bullet.rb | 25 ++++++ lib/tasks/brakeman.rake | 22 +++++ lib/tasks/bundler_audit.rake | 11 +++ lib/tasks/rubocop.rake | 12 +++ 9 files changed, 250 insertions(+) create mode 100644 .metrics create mode 100644 config/initializers/bullet.rb create mode 100644 lib/tasks/brakeman.rake create mode 100644 lib/tasks/bundler_audit.rake create mode 100644 lib/tasks/rubocop.rake diff --git a/.gitignore b/.gitignore index 4960865..f4616a0 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ Passwords.txt /coverage/ +/brakeman-report.html diff --git a/.metrics b/.metrics new file mode 100644 index 0000000..c2e6c7b --- /dev/null +++ b/.metrics @@ -0,0 +1,3 @@ +MetricFu.configuration.configure_metrics.each do |metric| + metric.enabled = ![:flog, :reek].include?(metric.name) +end diff --git a/Gemfile b/Gemfile index 340d438..3241685 100644 --- a/Gemfile +++ b/Gemfile @@ -23,13 +23,21 @@ group :development do gem 'meta_request' gem 'web-console' gem "awesome_print", require:"ap" + gem 'rack-mini-profiler', '~> 0.10.1' end group :development, :test do gem 'rspec-rails', '~> 3.6' + gem 'bullet', '~> 5.6' + gem 'bundler-audit', '~> 0.6', require: false end group :test do + gem 'rubocop', '~> 0.49', require: false + gem 'rubocop-rspec', '~> 1.12', require: false + gem 'brakeman', '~> 3.5', require: false + gem 'metric_fu', '~> 4.12.0', require: false + gem 'fuubar', '~> 2.2.0' gem 'database_cleaner', '~> 1.6' gem 'factory_girl_rails', '~> 4.6' diff --git a/Gemfile.lock b/Gemfile.lock index 806f971..5bdd118 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,6 +1,7 @@ GEM remote: https://rubygems.org/ specs: + abstract_type (0.0.7) actioncable (5.0.1) actionpack (= 5.0.1) nio4r (~> 1.2) @@ -39,7 +40,14 @@ GEM minitest (~> 5.1) tzinfo (~> 1.1) acts_as_votable (0.10.0) + adamantium (0.2.0) + ice_nine (~> 0.11.0) + memoizable (~> 0.4.0) + addressable (2.5.2) + public_suffix (>= 2.0.2, < 4.0) arel (7.1.4) + arrayfields (4.9.2) + ast (2.3.0) autoprefixer-rails (6.7.0) execjs awesome_print (1.7.0) @@ -48,11 +56,33 @@ GEM bootstrap-sass (3.3.7) autoprefixer-rails (>= 5.2.1) sass (>= 3.3.4) + brakeman (3.7.2) builder (3.2.3) + bullet (5.6.1) + activesupport (>= 3.0.0) + uniform_notifier (~> 1.10.0) + bundler-audit (0.6.0) + bundler (~> 1.2) + thor (~> 0.18) callsite (0.0.11) + cane (2.6.2) + parallel + chronic (0.10.2) + churn (0.0.35) + chronic (>= 0.2.3) + hirb + json_pure + main + rest-client (>= 1.6.0) + ruby_parser (~> 3.0) + sexp_processor (~> 4.1) climate_control (0.1.0) cocaine (0.5.8) climate_control (>= 0.0.3, < 1.0) + code_analyzer (0.4.8) + sexp_processor + code_metrics (0.1.3) + coderay (1.1.2) coffee-rails (4.2.1) coffee-script (>= 2.2.0) railties (>= 4.0.0, < 5.2.x) @@ -60,6 +90,9 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) + concord (0.1.5) + adamantium (~> 0.2.0) + equalizer (~> 0.0.9) concurrent-ruby (1.0.4) connection_pool (2.2.1) database_cleaner (1.6.1) @@ -72,6 +105,9 @@ GEM warden (~> 1.2.3) diff-lcs (1.3) docile (1.1.5) + domain_name (0.5.20170404) + unf (>= 0.0.5, < 1.0.0) + equalizer (0.0.11) erubis (2.7.0) execjs (2.7.0) factory_girl (4.8.1) @@ -81,6 +117,17 @@ GEM railties (>= 3.0.0) faker (1.8.4) i18n (~> 0.5) + fattr (2.3.0) + ffi (1.9.18-x86-mingw32) + flay (2.10.0) + erubis (~> 2.7.0) + path_expander (~> 1.0) + ruby_parser (~> 3.0) + sexp_processor (~> 4.0) + flog (4.6.1) + path_expander (~> 1.0) + ruby_parser (~> 3.1, > 3.1.0) + sexp_processor (~> 4.8) font-awesome-rails (4.7.0.1) railties (>= 3.2, < 5.1) fuubar (2.2.0) @@ -90,7 +137,11 @@ GEM activesupport (>= 4.1.0) haml (4.0.7) tilt + hirb (0.7.3) + http-cookie (1.0.3) + domain_name (~> 0.5) i18n (0.7.0) + ice_nine (0.11.2) jbuilder (2.6.1) activesupport (>= 3.0.0, < 5.1) multi_json (~> 1.2) @@ -101,18 +152,44 @@ GEM jquery-ui-rails (5.0.5) railties (>= 3.2.16) json (2.1.0) + json_pure (2.1.0) kaminari (0.17.0) actionpack (>= 3.0.0) activesupport (>= 3.0.0) + launchy (2.4.3) + addressable (~> 2.3) loofah (2.0.3) nokogiri (>= 1.5.9) mail (2.6.4) mime-types (>= 1.16, < 4) + main (6.2.2) + arrayfields (~> 4.7, >= 4.7.4) + chronic (~> 0.6, >= 0.6.2) + fattr (~> 2.2, >= 2.2.0) + map (~> 6.1, >= 6.1.0) + map (6.6.0) + memoizable (0.4.2) + thread_safe (~> 0.3, >= 0.3.1) meta_request (0.4.0) callsite (~> 0.0, >= 0.0.11) rack-contrib (~> 1.1) railties (>= 3.0.0, < 5.1.0) method_source (0.8.2) + metric_fu (4.12.0) + cane (~> 2.5, >= 2.5.2) + churn (~> 0.0.35) + code_metrics (~> 0.1) + coderay + flay (~> 2.1, >= 2.0.1) + flog (~> 4.1, >= 4.1.1) + launchy (~> 2.0) + metric_fu-Saikuro (~> 1.1, >= 1.1.3) + multi_json + rails_best_practices (~> 1.14, >= 1.14.3) + redcard + reek (>= 1.3.4, < 3.0) + roodi (~> 3.1) + metric_fu-Saikuro (1.1.3) mime-types (3.1) mime-types-data (~> 3.2015) mime-types-data (3.2016.0521) @@ -123,6 +200,7 @@ GEM mysql2 (0.4.5) mysql2 (0.4.5-x86-mingw32) nested_form (0.3.2) + netrc (0.11.0) nio4r (1.2.1) nokogiri (1.7.0.1) mini_portile2 (~> 2.1.0) @@ -135,10 +213,19 @@ GEM cocaine (~> 0.5.5) mime-types mimemagic (~> 0.3.0) + parallel (1.12.0) + parser (2.4.0.0) + ast (~> 2.2) + path_expander (1.0.2) + powerpack (0.1.1) + procto (0.0.3) + public_suffix (3.0.0) puma (3.10.0) rack (2.0.1) rack-contrib (1.2.0) rack (>= 0.9.1) + rack-mini-profiler (0.10.5) + rack (>= 1.2.0) rack-pjax (1.0.0) nokogiri (~> 1.5) rack (>= 1.1) @@ -176,17 +263,44 @@ GEM rails (>= 4.0, < 6) remotipart (~> 1.3) sass-rails (>= 4.0, < 6) + rails_best_practices (1.19.0) + activesupport + code_analyzer (>= 0.4.8) + erubis + i18n + json + require_all + ruby-progressbar railties (5.0.1) actionpack (= 5.0.1) activesupport (= 5.0.1) method_source rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) + rainbow (2.2.2) + rake rake (12.0.0) + redcard (1.1.0) redis (3.3.3) + reek (2.2.1) + parser (~> 2.2) + rainbow (~> 2.0) + unparser (~> 0.2.2) remotipart (1.3.1) + require_all (1.4.0) responders (2.3.0) railties (>= 4.2.0, < 5.1) + rest-client (2.0.2) + http-cookie (>= 1.0.2, < 2.0) + mime-types (>= 1.16, < 4.0) + netrc (~> 0.8) + rest-client (2.0.2-x86-mingw32) + ffi (~> 1.9) + http-cookie (>= 1.0.2, < 2.0) + mime-types (>= 1.16, < 4.0) + netrc (~> 0.8) + roodi (3.3.1) + ruby_parser (~> 3.2, >= 3.2.2) rspec-core (3.7.0) rspec-support (~> 3.7.0) rspec-expectations (3.7.0) @@ -204,7 +318,18 @@ GEM rspec-mocks (~> 3.7.0) rspec-support (~> 3.7.0) rspec-support (3.7.0) + rubocop (0.51.0) + parallel (~> 1.10) + parser (>= 2.3.3.1, < 3.0) + powerpack (~> 0.1) + rainbow (>= 2.2.2, < 3.0) + ruby-progressbar (~> 1.7) + unicode-display_width (~> 1.0, >= 1.0.1) + rubocop-rspec (1.19.0) + rubocop (>= 0.51.0) ruby-progressbar (1.9.0) + ruby_parser (3.10.1) + sexp_processor (~> 4.9) sass (3.4.23) sass-rails (5.0.6) railties (>= 4.0.0, < 6) @@ -212,6 +337,7 @@ GEM sprockets (>= 2.8, < 4.0) sprockets-rails (>= 2.0, < 4.0) tilt (>= 1.1, < 3) + sexp_processor (4.10.0) shoulda (3.5.0) shoulda-context (~> 1.0, >= 1.0.1) shoulda-matchers (>= 1.4.1, < 3.0) @@ -249,6 +375,20 @@ GEM tzinfo (>= 1.0.0) uglifier (3.0.4) execjs (>= 0.3.0, < 3) + unf (0.1.4) + unf_ext + unf_ext (0.0.7.4) + unf_ext (0.0.7.4-x86-mingw32) + unicode-display_width (1.3.0) + uniform_notifier (1.10.0) + unparser (0.2.6) + abstract_type (~> 0.0.7) + adamantium (~> 0.2.0) + concord (~> 0.1.5) + diff-lcs (~> 1.3) + equalizer (~> 0.0.9) + parser (>= 2.3.1.2, < 2.5) + procto (~> 0.0.2) warden (1.2.6) rack (>= 1.0) web-console (3.4.0) @@ -268,6 +408,9 @@ DEPENDENCIES acts_as_votable awesome_print bootstrap-sass + brakeman (~> 3.5) + bullet (~> 5.6) + bundler-audit (~> 0.6) coffee-rails (~> 4.2) database_cleaner (~> 1.6) devise @@ -279,14 +422,18 @@ DEPENDENCIES jquery-rails kaminari meta_request + metric_fu (~> 4.12.0) mysql2 (~> 0.4.5) paperclip puma (~> 3.0) + rack-mini-profiler (~> 0.10.1) rails (~> 5.0.1) rails_admin redis (~> 3.0) remotipart (~> 1.2) rspec-rails (~> 3.6) + rubocop (~> 0.49) + rubocop-rspec (~> 1.12) sass-rails (~> 5.0) shoulda (~> 3.5.0) sidekiq diff --git a/README.md b/README.md index 5b82311..fbabb4b 100644 --- a/README.md +++ b/README.md @@ -85,6 +85,27 @@ password: chatounce@ ``` * Go to your lovely browser and start using this project +* To run tests: +```bash +#!bash +bin/rake +``` + +* To look at the coverage results: +```bash +#!bash +bin/bundle exec rake brakeman:run && open brakeman-report.html +bin/bundle exec metric_fu #--no-open +bin/bundle exec rake && open coverage/index.html +``` + +* Before committing code into the repository, please ensure that the tests all run successfully, and also that the following commands do not error out (the CI process will run these and cause build failures if you forget to do so) +```bash +#!bash +bin/bundle exec rake bundler:audit +``` + + ### Tips Use c9 (cloud 9) for testing so you can feel how much effort have been devoured in making it. diff --git a/config/initializers/bullet.rb b/config/initializers/bullet.rb new file mode 100644 index 0000000..e9871ec --- /dev/null +++ b/config/initializers/bullet.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +if Rails.env.test? || Rails.env.development? + Rails.application.configure do + config.after_initialize do + Bullet.enable = true + Bullet.alert = true + Bullet.bullet_logger = true + Bullet.console = true + # Bullet.growl = true + # Bullet.xmpp = { account: 'bullets_account@jabber.org', + # password: 'bullets_password_for_jabber', + # receiver: 'your_account@jabber.org', + # show_online_status: true } + Bullet.rails_logger = true + # Bullet.honeybadger = true + # Bullet.bugsnag = true + # Bullet.airbrake = true + # Bullet.rollbar = true + Bullet.add_footer = true + # Bullet.stacktrace_includes = [ 'your_gem', 'your_middleware' ] + # Bullet.slack = { webhook_url: 'http://some.slack.url', foo: 'bar' } + end + end +end diff --git a/lib/tasks/brakeman.rake b/lib/tasks/brakeman.rake new file mode 100644 index 0000000..dbcbd23 --- /dev/null +++ b/lib/tasks/brakeman.rake @@ -0,0 +1,22 @@ +# frozen_string_literal: true + +namespace :brakeman do + desc 'Run Brakeman' + task :run, :output_files do |_t, args| + require 'brakeman' + + files = args[:output_files].split(' ') if args[:output_files] + files = ['brakeman-report.html'] if files.nil? + Brakeman.run app_path: '.', output_files: files, print_report: true + end + + desc 'Check your code with Brakeman' + task :check do + require 'brakeman' + + result = Brakeman.run app_path: '.', print_report: true + exit Brakeman::Warnings_Found_Exit_Code unless result.filtered_warnings.empty? + end +end + +task spec: 'brakeman:run' diff --git a/lib/tasks/bundler_audit.rake b/lib/tasks/bundler_audit.rake new file mode 100644 index 0000000..fa064af --- /dev/null +++ b/lib/tasks/bundler_audit.rake @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +namespace :bundler do + desc 'Update CVEDb and run bundler-audit' + task :audit do + require 'bundler/audit/cli' + Bundler::Audit::CLI.start ['check', '--update'] + end +end + +task default: 'bundler:audit' diff --git a/lib/tasks/rubocop.rake b/lib/tasks/rubocop.rake new file mode 100644 index 0000000..fabba4a --- /dev/null +++ b/lib/tasks/rubocop.rake @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +begin + require 'rubocop/rake_task' + RuboCop::RakeTask.new do |task| + # don't abort rake on failure + task.fail_on_error = false + end + task default: ['rubocop:auto_correct'] +rescue LoadError + # rubocop unavailable +end