Add obsolete entries to comparison report (#1777)

Fixes #1758
presidentbeef · Apr 23, 2023 · 98885f3 · 98885f3
1 parent a301e6a
commit 98885f3
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 26 deletions.
diff --git a/lib/brakeman.rb b/lib/brakeman.rb
@@ -493,10 +493,14 @@ def self.compare options
     end
 
     tracker = run(options)
+    new_report = JSON.parse(tracker.report.to_json, symbolize_names: true)
 
-    new_results = JSON.parse(tracker.report.to_json, :symbolize_names => true)[:warnings]
+    new_results = new_report[:warnings]
+    obsolete_ignored = tracker.unused_fingerprints
 
-    Brakeman::Differ.new(new_results, previous_results).diff
+    Brakeman::Differ.new(new_results, previous_results).diff.tap do |diff|
+      diff[:obsolete] = obsolete_ignored
+    end
   end
 
   def self.load_brakeman_dependency name, allow_fail = false

diff --git a/test/test.rb b/test/test.rb
@@ -176,7 +176,7 @@ def before_rescan_of changed, app = "rails3.2", options = {}
     begin
       yield dir if block_given?
 
-      # Not reqally sure why we do this..?
+      # Not really sure why we do this..?
       t = Marshal.load(Marshal.dump(@original))
 
       @rescanner = Brakeman::Rescanner.new(t.options, t.processor, changed)

diff --git a/test/tests/json_compare.rb b/test/tests/json_compare.rb
@@ -1,36 +1,37 @@
 require_relative '../test'
+require 'brakeman/rescanner'
 require 'json'
 
 class JSONCompareTests < Minitest::Test
+  include BrakemanTester::RescanTestHelper
   include BrakemanTester::DiffHelper
 
-  def setup
-    @path = File.expand_path "#{TEST_PATH}/apps/rails3.2"
-    @json_path = File.join @path, "doesnt_exist", "report.json"
-    teardown # just to be sure
-    Brakeman.run :app_path => @path, :output_files => [@json_path]
-    @report = JSON.parse File.read(@json_path)
-  end
-
-  def teardown
-    File.delete @json_path if File.exist? @json_path
-    Dir.delete File.dirname(@json_path) if Dir.exist? File.dirname(@json_path)
-  end
+  def test_sanity
+    json_report = 'test-report.json'
+    ignored_warnings = [
+      'cd83ecf615b17f849ba28050e7faf1d54f218dfa9435c3f65f47cb378c18cf98',
+      'abcdef01234567890ba28050e7faf1d54f218dfa9435c3f65f47cb378c18cf98'
+    ]
 
-  def update_json
-    File.open @json_path, "w" do |f|
-      f.puts @report.to_json
-    end
-  end
+    # Here I go, abusing the rescan functionality again.
+    before_rescan_of ['app/models/account.rb', json_report], 'rails4' do |app_dir|
+      first = Brakeman.run(app_path: app_dir,
+                           parallel_checks: false,
+                           output_files: [json_report])
 
-  def diff
-    @diff = Brakeman.compare :app_path => @path, :previous_results_json => @json_path
-  end
+      write_file json_report, first.report.to_json
+      remove 'app/models/account.rb'
 
-  def test_sanity
-    diff
+      @diff = Brakeman.compare(app_path: app_dir,
+                               parallel_checks: false,
+                               previous_results_json: json_report)
+    end
 
-    assert_fixed 0
+    assert_fixed 7
     assert_new 0
+    assert_equal ignored_warnings, @diff[:obsolete]
+
+    # Man is obsolete!
+    # Our world, obsolete!
   end
 end