diff --git a/ale_linters/ruby/brakeman.vim b/ale_linters/ruby/brakeman.vim index 790eb563..85cfc184 100644 --- a/ale_linters/ruby/brakeman.vim +++ b/ale_linters/ruby/brakeman.vim @@ -7,23 +7,19 @@ let g:ale_ruby_brakeman_options = function! ale_linters#ruby#brakeman#Handle(buffer, lines) abort let l:output = [] let l:json = ale#util#FuzzyJSONDecode(a:lines, {}) + let l:sep = has('win32') ? '\' : '/' + " Brakeman always outputs paths relative to the Rails app root + let l:rails_root = ale#ruby#FindRailsRoot(a:buffer) for l:warning in get(l:json, 'warnings', []) - " Brakeman always outputs paths relative to the Rails app root - let l:rails_root = ale#ruby#FindRailsRoot(a:buffer) - let l:warning_file = l:rails_root . '/' . l:warning.file - - if !ale#path#IsBufferPath(a:buffer, l:warning_file) - continue - endif - let l:text = l:warning.warning_type . ' ' . l:warning.message . ' (' . l:warning.confidence . ')' let l:line = l:warning.line != v:null ? l:warning.line : 1 call add(l:output, { - \ 'lnum': l:line, - \ 'type': 'W', - \ 'text': l:text, + \ 'filename': l:rails_root . l:sep . l:warning.file, + \ 'lnum': l:line, + \ 'type': 'W', + \ 'text': l:text, \}) endfor diff --git a/test/handler/test_brakeman_handler.vader b/test/handler/test_brakeman_handler.vader index 02d70234..5a398799 100644 --- a/test/handler/test_brakeman_handler.vader +++ b/test/handler/test_brakeman_handler.vader @@ -1,6 +1,5 @@ Before: call ale#test#SetDirectory('/testplugin/test/handler') - cd .. runtime ale_linters/ruby/brakeman.vim @@ -9,16 +8,18 @@ After: call ale#linter#Reset() Execute(The brakeman handler should parse JSON correctly): - call ale#test#SetFilename('ruby_fixtures/valid_rails_app/app/models/thing.rb') + call ale#test#SetFilename('../ruby_fixtures/valid_rails_app/app/models/thing.rb') AssertEqual \ [ \ { + \ 'filename': expand('%:p'), \ 'lnum': 84, \ 'text': 'SQL Injection Possible SQL injection (Medium)', \ 'type': 'W', \ }, \ { + \ 'filename': expand('%:p'), \ 'lnum': 1, \ 'text': 'Mass Assignment Potentially dangerous attribute available for mass assignment (Weak)', \ 'type': 'W', @@ -33,7 +34,7 @@ Execute(The brakeman handler should parse JSON correctly): \ '"fingerprint": "1234",', \ '"check_name": "SQL",', \ '"message": "Possible SQL injection",', - \ '"file": "app/models/thing.rb",', + \ '"file": "' . substitute(ale#path#Winify('app/models/thing.rb'), '\\', '\\\\', 'g') . '",', \ '"line": 84,', \ '"link": "http://brakemanscanner.org/docs/warning_types/sql_injection/",', \ '"code": "Thing.connection.execute(params[:data])",', @@ -52,7 +53,7 @@ Execute(The brakeman handler should parse JSON correctly): \ '"fingerprint": "1235",', \ '"check_name": "ModelAttrAccessible",', \ '"message": "Potentially dangerous attribute available for mass assignment",', - \ '"file": "app/models/thing.rb",', + \ '"file": "' . substitute(ale#path#Winify('app/models/thing.rb'), '\\', '\\\\', 'g') . '",', \ '"line": null,', \ '"link": "http://brakemanscanner.org/docs/warning_types/mass_assignment/",', \ '"code": ":name",',