Add interactive_ignore configuration option

prontolabs · Jan 26, 2023 · 1edcb2e · 1edcb2e
1 parent 3295ad0
commit 1edcb2e
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -31,4 +31,15 @@ brakeman:
   ignore_file: '.brakeman'
 ```
 
-(This is the equivalent of running `brakeman -i IGNOREFILE` on the command line.)
+(This is the equivalent of running `brakeman -i IGNOREFILE` on the command line.)
+
+## Interactive mode
+
+Use this mode to [record any false positives](https://brakemanscanner.org/docs/ignoring_false_positives/) you wish to ignore.
+
+```yaml
+brakeman:
+  interactive_ignore: true
+```
+
+(This is the equivalent of running `brakeman --interactive-ignore` on the command line.)
diff --git a/lib/pronto/brakeman.rb b/lib/pronto/brakeman.rb
@@ -15,7 +15,8 @@ def run
                               output_formats: [:to_s],
                               only_files: files,
                               run_all_checks: run_all_checks?,
-                              ignore_file: ignore_file)
+                              ignore_file: ignore_file,
+                              interactive_ignore: interactive_ignore?)
        messages_for(patches, output).compact
     rescue ::Brakeman::NoApplication
       []
@@ -66,6 +67,10 @@ def ignore_file
       pronto_brakeman_config['ignore_file']
     end
 
+    def interactive_ignore?
+      !!pronto_brakeman_config['interactive_ignore']
+    end
+
     def pronto_brakeman_config
       pronto_brakeman_config ||= Pronto::ConfigFile.new.to_h['brakeman'] || {}
     end

diff --git a/spec/pronto/brakeman_spec.rb b/spec/pronto/brakeman_spec.rb
@@ -25,6 +25,18 @@ module Pronto
         it { should == [] }
       end
 
+      context 'when interactive_ignore option is enabled' do
+        let(:repo) { Pronto::Git::Repository.new('.') }
+        let(:patches) { repo.diff('HEAD~1') }
+        let(:config_hash) { { 'brakeman' => { 'interactive_ignore' => true } } }
+
+        it "runs in interactive mode" do
+          expect(::Brakeman).to receive(:run).with(hash_including(interactive_ignore: true)).and_call_original
+
+          subject
+        end
+      end
+
       context 'not a rails app' do
         let(:repo) { Pronto::Git::Repository.new('.') }
         let(:patches) { repo.diff('HEAD~1') }