From 7d318fea33d303f67b17096bf7f2b00ea21ffb30 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Heitor=20Gouv=C3=AAa?= <hi@heitorgouvea.me>
Date: Wed, 3 Jan 2024 16:51:11 -0300
Subject: [PATCH] Develop (#31)

* update year

* add the /x flag to the regular expression

* added tracker of versions

* fix regex warnings from linter

* added tracker of versions

* run more rules of linter

* remove new lines
---
 .github/workflows/security-gate.yml | 2 +-
 .perlcriticrc                       | 5 +++--
 .perltidyrc                         | 2 +-
 LICENSE.MD                          | 2 +-
 lib/Zarn/AST.pm                     | 6 ++++--
 lib/Zarn/Files.pm                   | 2 ++
 lib/Zarn/Rules.pm                   | 2 ++
 lib/Zarn/Sarif.pm                   | 2 ++
 zarn.pl                             | 2 ++
 9 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/security-gate.yml b/.github/workflows/security-gate.yml
index bfb5f12..f51e8da 100644
--- a/.github/workflows/security-gate.yml
+++ b/.github/workflows/security-gate.yml
@@ -30,4 +30,4 @@ jobs:
         --critical $MAX_CRITICAL \
         --high $MAX_HIGH \
         --medium $MAX_MEDIUM \
-        --low $MAX_LOW
+        --low $MAX_LOW
\ No newline at end of file
diff --git a/.perlcriticrc b/.perlcriticrc
index 930198b..8fe04ee 100644
--- a/.perlcriticrc
+++ b/.perlcriticrc
@@ -1,2 +1,3 @@
-only = 1
-include = ProhibitUnusedVariables ProhibitUnusedConstant ProhibitUnusedInclude ProhibitUnusedImport ProhibitUnreachableCode ProhibitComplexRegexes ProhibitDuplicatedSub ProhibitDuplicateHashKeys ProhibitUnusedPrivateSubroutines ProhibitUnlessBlocks ProhibitExcessiveColons ProhibitExplicitReturnUndef RequireCamelCase ProhibitMagicNumbers ProhibitTrailingWhitespace ProhibitHardTabs
\ No newline at end of file
+severity = 5
+
+[-TestingAndDebugging::RequireUseStrict]
\ No newline at end of file
diff --git a/.perltidyrc b/.perltidyrc
index b77f430..f8a793c 100644
--- a/.perltidyrc
+++ b/.perltidyrc
@@ -3,4 +3,4 @@
 --continuation-indentation=4
 --square-bracket-tightness=2
 --tight-secret-operators
---maximum-consecutive-blank-lines=1
+--maximum-consecutive-blank-lines=1
\ No newline at end of file
diff --git a/LICENSE.MD b/LICENSE.MD
index 43d93a5..3a66b64 100644
--- a/LICENSE.MD
+++ b/LICENSE.MD
@@ -2,7 +2,7 @@ License
 ==============
 The MIT License (MIT)
 
-Copyright (c) 2023 | Heitor Gouvêa.
+Copyright (c) 2023 - 2024 | Heitor Gouvêa.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
diff --git a/lib/Zarn/AST.pm b/lib/Zarn/AST.pm
index dba95d6..de22300 100644
--- a/lib/Zarn/AST.pm
+++ b/lib/Zarn/AST.pm
@@ -4,6 +4,8 @@ package Zarn::AST {
     use Getopt::Long;
     use PPI::Find;
     use PPI::Document;
+    
+    our $VERSION = '0.01';
 
     sub new {
         my ($self, $parameters) = @_;
@@ -27,11 +29,11 @@ package Zarn::AST {
                     my $category = $rule -> {category};
                     my $title    = $rule -> {name};
 
-                    if (grep {my $content = $_; scalar(grep {$content =~ m/$_/} @sample)} $token -> content()) {
+                    if (grep {my $content = $_; scalar(grep {$content =~ m/$_/xms} @sample)} $token -> content()) {
                         my $next_element = $token -> snext_sibling;
 
                         # this is a draft source-to-sink function
-                        if (defined $next_element && ref $next_element && $next_element -> content() =~ /[\$\@\%](\w+)/) {
+                        if (defined $next_element && ref $next_element && $next_element -> content() =~ /[\$\@\%](\w+)/xms) {
                             # perform taint analyis
                             my $var_token = $document -> find_first (
                                 sub { $_[1] -> isa("PPI::Token::Symbol") and $_[1] -> content eq "\$$1" }
diff --git a/lib/Zarn/Files.pm b/lib/Zarn/Files.pm
index 9ff5821..14e90f6 100644
--- a/lib/Zarn/Files.pm
+++ b/lib/Zarn/Files.pm
@@ -3,6 +3,8 @@ package Zarn::Files {
     use warnings;
     use File::Find::Rule;
 
+    our $VERSION = '0.01';
+
     sub new {
         my ($self, $source, $ignore) = @_;
 
diff --git a/lib/Zarn/Rules.pm b/lib/Zarn/Rules.pm
index fcd4007..d4afe25 100644
--- a/lib/Zarn/Rules.pm
+++ b/lib/Zarn/Rules.pm
@@ -3,6 +3,8 @@ package Zarn::Rules {
     use warnings;
     use YAML::Tiny;
 
+    our $VERSION = '0.01';
+
     sub new {
         my ($self, $rules) = @_;
 
diff --git a/lib/Zarn/Sarif.pm b/lib/Zarn/Sarif.pm
index 64c6f14..8e6ab96 100644
--- a/lib/Zarn/Sarif.pm
+++ b/lib/Zarn/Sarif.pm
@@ -2,6 +2,8 @@ package Zarn::Sarif {
     use strict;
     use warnings;
 
+    our $VERSION = '0.01';
+
      sub new {
         my ($self, @vulnerabilities) = @_;
 
diff --git a/zarn.pl b/zarn.pl
index a66265a..44cf2db 100755
--- a/zarn.pl
+++ b/zarn.pl
@@ -11,6 +11,8 @@
 use Zarn::Sarif;
 use JSON;
 
+our $VERSION = '0.01';
+
 sub main {
     my $rules = "rules/default.yml";
     my ($source, $ignore, $sarif, @results);