sempervictus
diff --git a/‎.travis.yml
Lines changed: 6 additions & 2 deletions b/‎.travis.yml
Lines changed: 6 additions & 2 deletions
diff --git a/‎CONTRIBUTING.md
Lines changed: 83 additions & 42 deletions b/‎CONTRIBUTING.md
Lines changed: 83 additions & 42 deletions
diff --git a/‎COPYING
Lines changed: 1 addition & 1 deletion b/‎COPYING
Lines changed: 1 addition & 1 deletion
diff --git a/‎Gemfile
Lines changed: 6 additions & 4 deletions b/‎Gemfile
Lines changed: 6 additions & 4 deletions
diff --git a/‎Gemfile.lock
Lines changed: 8 additions & 6 deletions b/‎Gemfile.lock
Lines changed: 8 additions & 6 deletions
@@ -1,11 +1,15 @@
 language: ruby
-env: MSF_SPOTCHECK_RECENT=1
 before_install:
   - rake --version
   - sudo apt-get update -qq
   - sudo apt-get install -qq libpcap-dev
+  # Uncomment when we have fewer shipping msftidy warnings.
+  # Merge committers will still be checking, just not autofailing.
+  # See https://dev.metasploit.com/redmine/issues/8498
+  # - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
+  # - ls -la ./.git/hooks
+  # - ./.git/hooks/post-merge
 before_script:
-  - ./tools/msftidy.rb
   - cp config/database.yml.travis config/database.yml
   - bundle exec rake --version
   - bundle exec rake db:create
 
@@ -1,44 +1,85 @@
+# Hello, World!
+
+Thanks for your interest in making Metasploit -- and therefore, the
+world -- a better place!
+
+Are you about to report a bug? If so, please use our [Redmine Bug
+Tracker](https://dev.metasploit.com/redmine/projects/framework). An
+account is required but it only takes a minute or two.
+
+Are you about to report a security vulnerability in Metasploit?
+If so, please take a look at Rapid's [Vulnerability
+Disclosure Policy](https://www.rapid7.com/disclosure.jsp) policy.
+
+Are you about to contribute some new functionality, a bug fix, or a new
+Metasploit module? If so, read on...
+
 # Contributing to Metasploit
 
-## Reporting Bugs
-
-If you would like to report a bug, please take a look at [our Redmine
-issue
-tracker](https://dev.metasploit.com/redmine/projects/framework/issues?query_id=420)
--- your bug may already have been reported there! Simply [searching](https://dev.metasploit.com/redmine/projects/framework/search) for some appropriate keywords may save everyone a lot of hassle.
-
-If your bug is new and you'd like to report it you will need to
-[register
-first](https://dev.metasploit.com/redmine/account/register). Don't
-worry, it's easy and fun and takes about 30 seconds.
-
-When you file a bug report, please include your **steps to reproduce**,
-full copy-pastes of Ruby stack traces, and any relevant details about
-your environment. Without repro steps, your bug will likely be closed.
-With repro steps, your bugs will likely be fixed.
-
-## Contributing Metasploit Modules
-
-If you have an exploit that you'd like to contribute to the Metasploit
-Framework, please familiarize yourself with the
-**[HACKING](https://github.com/rapid7/metasploit-framework/blob/master/HACKING)**
-document in the
-Metasploit-Framework repository. There are many mysteries revealed in
-HACKING concerning code style and content.
-
-[Pull requests](https://github.com/rapid7/metasploit-framework/pulls)
-should corellate with modules at a 1:1 ratio
--- there is rarely a good reason to have two, three, or ten modules on
-one pull request, as this dramatically increases the review time
-required to land (commit) any of those modules.
-
-Pull requests tend to be very collaborative for Metasploit -- do not be
-surprised if your pull request to rapid7/metasploit-framework triggers a
-pull request back to your own fork. In this way, we can isolate working
-changes before landing your PR to the Metasploit master branch.
-
-To save yourself the embarrassment of committing common errors, you will
-want to symlink the `msftidy.rb` utility to your pre-commit hooks by
-running `ln -s ../../tools/dev/pre-commit-hook.rb .git/hooks/pre-commit`
-from the top-level directory of your metasploit-framework clone. This
-will prevent you from committing modules that raise WARNINGS or ERRORS.
+What you see here in CONTRIBUTING.md is a bullet-point list of the do's
+and don'ts of how to make sure *your* valuable contributions actually
+make it into Metasploit's master branch.
+
+If you care not to follow these rules, your contribution **will** be
+closed (*Road House* style). Sorry!
+
+This is intended to be a **short** list. The
+[wiki](https://github.com/rapid7/metasploit-framework/wiki) is much more
+exhaustive and reveals many mysteries. If you read nothing else, take a
+look at the standard [development environment setup
+guide](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment)
+and Metasploit's [Common Coding Mistakes](https://github.com/rapid7/metasploit-framework/wiki/Common-Metasploit-Module-Coding-Mistakes).
+
+## Code Contributions
+
+* **Do** stick to the [Ruby style guide](https://github.com/bbatsov/ruby-style-guide).
+* **Do** follow the [50/72 rule](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) for Git commit messages.
+* **Do** create a [topic branch](http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches) to work on instead of working directly on `master`.
+
+### Pull Requests
+
+* **Do** target your pull request to the **master branch**. Not staging, not develop, not release.
+* **Do** specify a descriptive title to make searching for your pull request easier.
+* **Do** include [console output](https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks), especially for witnessable effects in `msfconsole`.
+* **Do** list [verification steps](https://help.github.com/articles/writing-on-github#task-lists) so your code is testable.
+* **Don't** leave your pull request description blank.
+* **Don't** abandon your pull request. Being responsive helps us land your code faster.
+
+Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940) and [#3043](https://github.com/rapid7/metasploit-framework/pull/3043) are a couple good examples to follow.
+
+#### New Modules
+
+* **Do** run `tools/msftidy.rb` against your module and fix any errors or warnings that come up. Even better would be to set up `msftidy.rb` as a [pre-commit hook](https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb).
+* **Do** use the [many module mixin APIs](https://dev.metasploit.com/documents/api/). Wheel improvements are welcome; wheel reinventions, not so much.
+* **Don't** include more than one module per pull request.
+
+#### Library Code
+
+* **Do** write [RSpec](http://rspec.info/) tests - even the smallest change in library land can thoroughly screw things up.
+* **Do** follow [Better Specs](http://betterspecs.org/) - it's like the style guide for specs.
+* **Do** write [YARD](http://yardoc.org/) documentation - this makes it easier for people to use your code.
+* **Don't** fix a lot of things in one pull request. Small fixes are easier to validate.
+
+#### Bug Fixes
+
+* **Do** include reproduction steps in the form of verification steps.
+* **Do** include a link to the corresponding [Redmine](https://dev.metasploit.com/redmine/projects/framework) issue in the format of `SeeRM #1234` in your commit description.
+
+## Bug Reports
+
+* **Do** report vulnerabilities in Rapid7 software directly to [email protected].
+* **Do** create a Redmine account and report your non-vulnerability bugs there.
+* **Do** write a detailed description of your bug and use a descriptive title.
+* **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
+* **Don't** file duplicate reports - search for your bug before filing a new report.
+* **Don't** report a bug on GitHub. Use [Redmine](https://dev.metasploit.com/redmine/projects/framework) instead.
+
+Redmine issues [#8762](https://dev.metasploit.com/redmine/issues/8762) and [#8764](https://dev.metasploit.com/redmine/issues/8764) are a couple good examples to follow.
+
+If you need some more guidance, talk to the main body of open
+source contributors over on the [Freenode IRC channel](http://webchat.freenode.net/?channels=%23metasploit&uio=d4)
+or e-mail us at [metasploit-hackers](https://lists.sourceforge.net/lists/listinfo/metasploit-hackers)
+mailing list.
+
+Also, **thank you** for taking the few moments to read this far! You're
+already way ahead of the curve, so keep it up!
@@ -1,4 +1,4 @@
-Copyright (C) 2006-2013, Rapid7 Inc.
+Copyright (C) 2006-2013, Rapid7, Inc.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
 
@@ -1,25 +1,27 @@
 source 'https://rubygems.org'
 
 # Need 3+ for ActiveSupport::Concern
-gem 'activesupport', '>= 3.0.0'
+gem 'activesupport', '>= 3.0.0', '< 4.0.0'
 # Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
-gem 'bcrypt-ruby'
+gem 'bcrypt'
 # Needed for some admin modules (scrutinizer_add_user.rb)
 gem 'json'
 # Needed by msfgui and other rpc components
 gem 'msgpack'
 # Needed by anemone crawler
 gem 'nokogiri'
+# Needed by JSObfu
+gem 'rkelly-remix', '0.0.6'
 # Needed by anemone crawler
 gem 'robots'
 # Needed by db.rb and Msf::Exploit::Capture
 gem 'packetfu', '1.1.9'
 
 group :db do
   # Needed for Msf::DbManager
-  gem 'activerecord'
+  gem 'activerecord', '>= 3.0.0', '< 4.0.0'
   # Database models shared between framework and Pro.
-  gem 'metasploit_data_models', '~> 0.16.9'
+  gem 'metasploit_data_models', '~> 0.17.0'
   # Needed for module caching in Mdm::ModuleDetails
   gem 'pg', '>= 0.11'
 end
 
@@ -13,7 +13,7 @@ GEM
       i18n (~> 0.6, >= 0.6.4)
       multi_json (~> 1.0)
     arel (3.0.2)
-    bcrypt-ruby (3.1.2)
+    bcrypt (3.1.7)
     builder (3.0.4)
     database_cleaner (1.1.1)
     diff-lcs (1.2.4)
@@ -22,7 +22,7 @@ GEM
     fivemat (1.2.1)
     i18n (0.6.5)
     json (1.8.0)
-    metasploit_data_models (0.16.9)
+    metasploit_data_models (0.17.0)
       activerecord (>= 3.2.13)
       activesupport
       pg
@@ -37,6 +37,7 @@ GEM
     pg (0.16.0)
     rake (10.1.0)
     redcarpet (3.0.0)
+    rkelly-remix (0.0.6)
     robots (0.10.1)
     rspec (2.14.1)
       rspec-core (~> 2.14.0)
@@ -60,14 +61,14 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  activerecord
-  activesupport (>= 3.0.0)
-  bcrypt-ruby
+  activerecord (>= 3.0.0, < 4.0.0)
+  activesupport (>= 3.0.0, < 4.0.0)
+  bcrypt
   database_cleaner
   factory_girl (>= 4.1.0)
   fivemat (= 1.2.1)
   json
-  metasploit_data_models (~> 0.16.9)
+  metasploit_data_models (~> 0.17.0)
   msgpack
   network_interface (~> 0.0.1)
   nokogiri
@@ -76,6 +77,7 @@ DEPENDENCIES
   pg (>= 0.11)
   rake (>= 10.0.0)
   redcarpet
+  rkelly-remix (= 0.0.6)
   robots
   rspec (>= 2.12)
   shoulda-matchers
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-Copyright (C) 2006-2013, Rapid7 Inc.`
	`1`	`+Copyright (C) 2006-2013, Rapid7, Inc.`
`2`	`2`	`All rights reserved.`
`3`	`3`
`4`	`4`	`Redistribution and use in source and binary forms, with or without modification,`