Project

nasl-pedant

0.01
No release in over 3 years
Low commit activity in last 3 years
nasl-pedanttenable/pedantHomepageDocumentationSource CodeBug TrackerWiki
A static analysis framework for the Nessus Attack Scripting Language.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
36,669
Stars
14
Forks
5
Watchers
16
 Releases
Current version
0.1.6
Total releases
15
First release
2011-12-28
Latest release
2017-09-11
 Issues
Open Issues
2
Closed Issues
11
Total Issues
13
Issue Closure Rate
84%
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
1
Merged Pull Requests
14
Pull Request Acceptance Rate
93%
 Development
Primary Language
Ruby
Licenses
BSD
Average date of last 50 commits
2016-09-23
Reverse Dependencies
0

 Dependencies

Development

pry
~> 0
rake
~> 0

Runtime

nasl
>= 0.2.0, ~> 0.2
rainbow
= 2.0.0
test-unit-minitest
>= 0
 Project Readme

Pedant, a static analysis tool for NASL

Gem Version

Installing

If you have Ruby 1.9.3+ and Rubygems installed, you can simply do: gem install nasl-pedant

Using

To check a script, run this: pedant check scriptname.nasl. You can check .inc files the same way. Multiple files can be checked at the same time.

See a [WARN] but there's no explanation of the problem? Try adding -v.

Development

This project uses Bundler.

If you have a brand-new Debian machine, do this as root:

apt-get install ruby-dev rubygems git
gem install bundler

As your regular user:

git clone https://github.com/tenable/pedant
cd pedant
bundle install --path vendor/bundle
bundle exec rake test

All the tests should pass!

To run the Pedant command line, do bundle exec ./bin/pedant, which should give a help message.

If you get an error like this, try prefixing your command with bundle exec:

/usr/lib/ruby/2.x.x/rubygems/core_ext/kernel_require.rb:NN:in `require': cannot load such file -- libname (LoadError)

Bugs

  1. Only works for up to 5.2 code (will not fix, the nasl interpreter can now export an AST)
  2. Some of the checks have inconsistent titles in terms of "truthiness"

Todo

  1. Iron out some of the semantics:
    • Currently files are all checked independently: what should be done when we're given .inc and .nasl files in one invocation?
  2. Add a control-flow graph?
  3. Add some kind of taint tracking?