mozilla/ssh_scan

View on GitHub

Showing 80 of 80 total issues

Method scan_target has a Cognitive Complexity of 54 (exceeds 5 allowed). Consider refactoring.
Open

    def scan_target(socket, opts)
      target, port = socket.chomp.split(':')
      if port.nil?
        port = 22
      end
Severity: Minor
Found in lib/ssh_scan/scan_engine.rb - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Class Result has 54 methods (exceeds 20 allowed). Consider refactoring.
Open

  class Result
    def initialize()
      @version = SSHScan::VERSION
      @keys = nil
      @duplicate_host_key_ips = Set.new()
Severity: Major
Found in lib/ssh_scan/result.rb - About 7 hrs to fix

    Method scan has a Cognitive Complexity of 32 (exceeds 5 allowed). Consider refactoring.
    Open

        def scan(opts)
          sockets = opts["sockets"]
          threads = opts["threads"] || 5
          logger = opts["logger"] || Logger.new(STDOUT)
    
    
    Severity: Minor
    Found in lib/ssh_scan/scan_engine.rb - About 4 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method scan_target has 115 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

        def scan_target(socket, opts)
          target, port = socket.chomp.split(':')
          if port.nil?
            port = 22
          end
    Severity: Major
    Found in lib/ssh_scan/scan_engine.rb - About 4 hrs to fix

      Class KeyExchangeInit has 29 methods (exceeds 20 allowed). Consider refactoring.
      Open

        class KeyExchangeInit < BinData::Record
          endian :big
          uint32 :packet_length
          uint8 :padding_length, :initial_value => 4
          uint8 :message_code, :initial_value => 20
      Severity: Minor
      Found in lib/ssh_scan/protocol.rb - About 3 hrs to fix

        Method scan has 71 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

            def scan(opts)
              sockets = opts["sockets"]
              threads = opts["threads"] || 5
              logger = opts["logger"] || Logger.new(STDOUT)
        
        
        Severity: Major
        Found in lib/ssh_scan/scan_engine.rb - About 2 hrs to fix

          Function bundleInstall has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
          Open

          export async function bundleInstall(gemfile, lockFile, platform, engine, rubyVersion, bundlerVersion, cacheVersion) {
            if (gemfile === null) {
              console.log('Could not determine gemfile path, skipping "bundle install" and caching')
              return false
            }
          Severity: Minor
          Found in .github/actions/setup-ruby-1.71.0/bundler.js - About 2 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function bundleInstall has 55 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

          export async function bundleInstall(gemfile, lockFile, platform, engine, rubyVersion, bundlerVersion, cacheVersion) {
            if (gemfile === null) {
              console.log('Could not determine gemfile path, skipping "bundle install" and caching')
              return false
            }
          Severity: Major
          Found in .github/actions/setup-ruby-1.71.0/bundler.js - About 2 hrs to fix

            Function installBundler has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
            Open

            export async function installBundler(bundlerVersionInput, lockFile, platform, rubyPrefix, engine, rubyVersion) {
              let bundlerVersion = bundlerVersionInput
            
              if (bundlerVersion === 'default' || bundlerVersion === 'Gemfile.lock') {
                bundlerVersion = readBundledWithFromGemfileLock(lockFile)
            Severity: Minor
            Found in .github/actions/setup-ruby-1.71.0/bundler.js - About 2 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Method initialize has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
            Open

                def initialize(cmd, &block)
                  # see: http://stackoverflow.com/a/1162850/83386
                  Open3.popen3(cmd) do |stdin, stdout, stderr, thread|
                    # read each stream from a new thread
                    { :out => stdout, :err => stderr }.each do |key, stream|
            Severity: Minor
            Found in lib/ssh_scan/subprocess.rb - About 2 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Method query has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring.
            Open

                def query(fqdn)
                  sshfp_records = []
            
                  # try up to 5 times to resolve ssh_fp's
                  5.times do
            Severity: Minor
            Found in lib/ssh_scan/ssh_fp.rb - About 1 hr to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Method connect has 43 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                def connect()
                  @error = nil
            
                  begin
                    Timeout::timeout(@timeout) {
            Severity: Minor
            Found in lib/ssh_scan/client.rb - About 1 hr to fix

              Consider simplifying this complex logical expression.
              Open

                      if opts["policy"] &&
                         result.key_algorithms.any? &&
                         result.server_host_key_algorithms.any? &&
                         result.encryption_algorithms_client_to_server.any? &&
                         result.encryption_algorithms_server_to_client.any? &&
              Severity: Critical
              Found in lib/ssh_scan/scan_engine.rb - About 1 hr to fix

                Method enumerateIPRange has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
                Open

                    def enumerateIPRange(ip,port=nil)
                      if ip.fqdn?
                        if port.nil?
                          socket = ip
                        else
                Severity: Minor
                Found in lib/ssh_scan/target_parser.rb - About 1 hr to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method get_kex_result has 37 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                    def get_kex_result(kex_init_raw = @kex_init_raw)
                      if !@sock
                        @error = "Socket is no longer valid"
                        return nil
                      end
                Severity: Minor
                Found in lib/ssh_scan/client.rb - About 1 hr to fix

                  Function installBundler has 34 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                  export async function installBundler(bundlerVersionInput, lockFile, platform, rubyPrefix, engine, rubyVersion) {
                    let bundlerVersion = bundlerVersionInput
                  
                    if (bundlerVersion === 'default' || bundlerVersion === 'Gemfile.lock') {
                      bundlerVersion = readBundledWithFromGemfileLock(lockFile)
                  Severity: Minor
                  Found in .github/actions/setup-ruby-1.71.0/bundler.js - About 1 hr to fix

                    Function setupRuby has 33 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                    export async function setupRuby(options = {}) {
                      const inputs = { ...options }
                      for (const key in inputDefaults) {
                        if (!Object.prototype.hasOwnProperty.call(inputs, key)) {
                          inputs[key] = core.getInput(key) || inputDefaults[key]
                    Severity: Minor
                    Found in .github/actions/setup-ruby-1.71.0/index.js - About 1 hr to fix

                      Method to_hash has 33 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                          def to_hash
                            hashed_object = {
                                "ssh_scan_version" => self.version,
                                "ip" => self.ip,
                              "hostname" => self.hostname,
                      Severity: Minor
                      Found in lib/ssh_scan/result.rb - About 1 hr to fix

                        Method recommendations has 32 lines of code (exceeds 25 allowed). Consider refactoring.
                        Open

                            def recommendations
                              recommendations = []
                        
                              # Add these items to be compliant
                              if missing_policy_kex.any?
                        Severity: Minor
                        Found in lib/ssh_scan/policy_manager.rb - About 1 hr to fix

                          Method ssh_lib_guess has 32 lines of code (exceeds 25 allowed). Consider refactoring.
                          Open

                              def ssh_lib_guess()
                                case @string
                                when /OpenSSH/i
                                  return SSHScan::SSHLib::OpenSSH.new(@string)
                                when /LibSSH/i
                          Severity: Minor
                          Found in lib/ssh_scan/banner.rb - About 1 hr to fix
                            Severity
                            Category
                            Status
                            Source
                            Language