Refactor domains cli to remove model call from regex (#25878)
parent
b34a2b1b33
commit
65cd0700e4
|
@ -33,30 +33,6 @@
|
||||||
],
|
],
|
||||||
"note": ""
|
"note": ""
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"warning_type": "Denial of Service",
|
|
||||||
"warning_code": 76,
|
|
||||||
"fingerprint": "7b6abba5699755348e7ee82a4694bfbf574b41c7cce2d0db0f7c11ae3f983c72",
|
|
||||||
"check_name": "RegexDoS",
|
|
||||||
"message": "Model attribute used in regular expression",
|
|
||||||
"file": "lib/mastodon/cli/domains.rb",
|
|
||||||
"line": 128,
|
|
||||||
"link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
|
|
||||||
"code": "/\\.?(#{DomainBlock.where(:severity => 1).pluck(:domain).map do\n Regexp.escape(domain)\n end.join(\"|\")})$/",
|
|
||||||
"render_path": null,
|
|
||||||
"location": {
|
|
||||||
"type": "method",
|
|
||||||
"class": "Mastodon::CLI::Domains",
|
|
||||||
"method": "crawl"
|
|
||||||
},
|
|
||||||
"user_input": "DomainBlock.where(:severity => 1).pluck(:domain)",
|
|
||||||
"confidence": "Weak",
|
|
||||||
"cwe_id": [
|
|
||||||
20,
|
|
||||||
185
|
|
||||||
],
|
|
||||||
"note": ""
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"warning_type": "Cross-Site Scripting",
|
"warning_type": "Cross-Site Scripting",
|
||||||
"warning_code": 4,
|
"warning_code": 4,
|
||||||
|
|
|
@ -125,7 +125,7 @@ module Mastodon::CLI
|
||||||
failed = Concurrent::AtomicFixnum.new(0)
|
failed = Concurrent::AtomicFixnum.new(0)
|
||||||
start_at = Time.now.to_f
|
start_at = Time.now.to_f
|
||||||
seed = start ? [start] : Instance.pluck(:domain)
|
seed = start ? [start] : Instance.pluck(:domain)
|
||||||
blocked_domains = /\.?(#{DomainBlock.where(severity: 1).pluck(:domain).map { |domain| Regexp.escape(domain) }.join('|')})$/
|
blocked_domains = /\.?(#{Regexp.union(domain_block_suspended_domains).source})$/
|
||||||
progress = create_progress_bar
|
progress = create_progress_bar
|
||||||
|
|
||||||
pool = Concurrent::ThreadPoolExecutor.new(min_threads: 0, max_threads: options[:concurrency], idletime: 10, auto_terminate: true, max_queue: 0)
|
pool = Concurrent::ThreadPoolExecutor.new(min_threads: 0, max_threads: options[:concurrency], idletime: 10, auto_terminate: true, max_queue: 0)
|
||||||
|
@ -189,6 +189,10 @@ module Mastodon::CLI
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
def domain_block_suspended_domains
|
||||||
|
DomainBlock.suspend.pluck(:domain)
|
||||||
|
end
|
||||||
|
|
||||||
def stats_to_summary(stats, processed, failed, start_at)
|
def stats_to_summary(stats, processed, failed, start_at)
|
||||||
stats.compact!
|
stats.compact!
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue