Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
mire
- 0.1.2
- Rubygems
mire [ˈmɪʀɛ]
mire analyzes a Ruby project and helps you to find dependencies, call stacks and unused methods. It parses Ruby and Haml files and collects all method definitions and invocations.
Installation
Add this line to your application's Gemfile:
gem 'mire'
And then execute:
$ bundle
Or install it yourself as:
$ gem install mire
Usage
First you need to analyze the code and create a .mire_analysis.yml
file.
bundle exec mire -a
A Ruby code like
class Foo
def bar
buz
end
end
will lead to this .mire_analysis.yml file.
:bar:
:definitions:
- :class: Foo
:method: :bar
:file: foo.rb
:line: 2
:invocations: []
:buz:
:definition: []
:invocations:
- :class: Foo
:method: :bar
:file: foo.rb
:line: 3
After this the .mire_analysis.yml file can be used to find unused
methods for example.
bundle exec mire -u
Checking for unused methods
foo.rb:2 Foo.bar
This result can only be taken as a hint for unused methods. For example ERB files are not being analysed yet. Also dynamic method definitions or invocations are not considered. So mire can't find every usage of a method.
Configuration
mire can be configured with a .mire.yml file in your project folder.
With mire -i a initial configuration file is created.
You can configure which files or folders should be excluded while analyzing the code or when displaying the unused methods.
excluded_files:
- vendor/**/*
output:
unused:
excluded_files:
- db/migrate/**/*
- spec/**/*
- script/**/*
- lib/**/*
Dependencies
Why is HAML-Lint needed?
HAML-Lint did a great job to write a Ruby code extractor for Haml files. mire is using this extractor.
TODO
The current implementation of mire is really basic. It needs to become
more robust and the parsed file types (e.g. .erb) needs to be
extended.
Contributing
- Fork it ( https://github.com/xing/mire/fork )
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create a new Pull Request
Authors
Nils Gemeinhardt and Marcus Lankenau
Copyright (c) 2015 XING EVENTS GmbH
Released under the MIT license. For full details see LICENSE included in this distribution.
FAQs
Unknown package
We found that mire demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 10 Jun 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024