Update sobelow to run in each umbrella app

Co-authored-by: jimmay5469 <jimmay5469@gmail.com>
7 years ago · 636b81239a
parent b7d22128b3
commit 636b81239a
5 changed files with 28 additions and 9 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -295,7 +295,15 @@ jobs:

      - run: mix local.hex --force

-      - run: mix sobelow --root apps/explorer_web --config
+      - run:
+          name: Scan explorer for vulnerabilities
+          command: mix sobelow --config
+          working_directory: "apps/explorer"
+
+      - run:
+          name: Scan explorer_web for vulnerabilities
+          command: mix sobelow --config
+          working_directory: "apps/explorer_web"
  test:
    docker:
      # Ensure .tool-versions matches
--- a/README.md
+++ b/README.md
@ -27,7 +27,7 @@ To get POA Explorer up and running locally:
  * Set up some default configuration with: `cp apps/explorer_web/config/dev.secret.exs.example apps/explorer_web/config/dev.secret.exs`
  * Install dependencies with `mix do deps.get, local.rebar, deps.compile, compile`
  * Create and migrate your database with `mix ecto.create && mix ecto.migrate`
-  * Install Node.js dependencies with `cd apps/explorer_web/assets && npm install && cd -`
+  * Install Node.js dependencies with `cd apps/explorer_web/assets && npm install; cd -`
  * Start Phoenix with `mix phx.server`

 Now you can visit [`localhost:4000`](http://localhost:4000) from your browser.
@ -46,13 +46,15 @@ Configure your local CCMenu with the following url: [`https://circleci.com/gh/po

 #### Running the tests

-  * Build the assets: `cd apps/explorer_web/assets && npm run build && cd -`
+  * Build the assets: `cd apps/explorer_web/assets && npm run build; cd -`
  * Format the Elixir code: `mix format`
  * Run the test suite with coverage for whole umbrella project: `mix coveralls.html --umbrella`
  * Lint the Elixir code: `mix credo --strict`
  * Run the dialyzer: `mix dialyzer --halt-exit-status`
-  * Check the Elixir code for vulnerabilities: `mix sobelow --root apps/explorer_web --config`
-  * Lint the JavaScript code: `cd apps/explorer_web/assets && npm run eslint && cd -`
+  * Check the Elixir code for vulnerabilities:
+    * `cd apps/explorer && mix sobelow --config; cd -`
+    * `cd apps/explorer_web && mix sobelow --config; cd -`
+  * Lint the JavaScript code: `cd apps/explorer_web/assets && npm run eslint; cd -`


 ## Internationalization
--- a/apps/explorer/.sobelow-conf
+++ b/apps/explorer/.sobelow-conf
@ -0,0 +1,10 @@
+[
+  verbose: false,
+  private: true,
+  skip: false,
+  router: "",
+  exit: "low",
+  format: "compact",
+  ignore: ["Config.HTTPS"],
+  ignore_files: ["lib/giant_address_migrator.ex", "lib/backfill_transaction_receipt_ids.ex"]
+]
--- a/apps/explorer_web/.sobelow-conf
+++ b/apps/explorer_web/.sobelow-conf
@ -2,9 +2,8 @@
  verbose: false,
  private: true,
  skip: false,
-  router: "",
+  router: "lib/explorer_web/router.ex",
  exit: "low",
  format: "compact",
-  ignore: ["Config.CSRF", "Vuln.Coherence"],
-  ignore_files: ["lib/giant_address_migrator.ex", "lib/backfill_transaction_receipt_ids.ex"]
+  ignore: ["Config.CSRF"]
 ]
--- a/mix.lock
+++ b/mix.lock
@ -59,7 +59,7 @@
  "scrivener_ecto": {:hex, :scrivener_ecto, "1.3.0", "69698428e22810ac8a47abc12d1df5b2f5d8f6b36dc5d5bfe6dd93fde857c576", [:mix], [{:ecto, "~> 2.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:postgrex, "~> 0.11.0 or ~> 0.12.0 or ~> 0.13.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:scrivener, "~> 2.4", [hex: :scrivener, repo: "hexpm", optional: false]}], "hexpm"},
  "scrivener_html": {:hex, :scrivener_html, "1.7.1", "afa35128fb36184bc469e4531bb1ef61b2d91bb29e373157068c62332291485f", [:mix], [{:phoenix, "~> 1.0-pre and < 1.4.0", [hex: :phoenix, repo: "hexpm", optional: true]}, {:phoenix_html, "~> 2.2", [hex: :phoenix_html, repo: "hexpm", optional: false]}, {:plug, "~> 1.1", [hex: :plug, repo: "hexpm", optional: false]}, {:scrivener, "~> 1.2 or ~> 2.0", [hex: :scrivener, repo: "hexpm", optional: false]}], "hexpm"},
  "set_locale": {:git, "https://github.com/minifast/set_locale.git", "da9ae029642bc0fbd9212c2aaf86c0adca70c084", [branch: "master"]},
-  "sobelow": {:hex, :sobelow, "0.6.6", "04a2850fe31d241ef8c53b83ab9216f7659c19eb94bfb271d2b664e6953b4965", [:mix], [], "hexpm"},
+  "sobelow": {:hex, :sobelow, "0.6.9", "da695ec58398a424841f0e5042f9e7bcf5dcb1e5d54bfe82637ed00dcbe75cef", [:mix], [], "hexpm"},
  "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.1", "28a4d65b7f59893bc2c7de786dec1e1555bd742d336043fe644ae956c3497fbe", [:make, :rebar], [], "hexpm"},
  "timex": {:hex, :timex, "3.1.24", "d198ae9783ac807721cca0c5535384ebdf99da4976be8cefb9665a9262a1e9e3", [:mix], [{:combine, "~> 0.7", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"},
  "timex_ecto": {:hex, :timex_ecto, "3.2.1", "461140751026e1ca03298fab628f78ab189e78784175f5e301eefa034ee530aa", [:mix], [{:ecto, "~> 2.2", [hex: :ecto, repo: "hexpm", optional: false]}, {:timex, "~> 3.1", [hex: :timex, repo: "hexpm", optional: false]}], "hexpm"},