-
Notifications
You must be signed in to change notification settings - Fork 6
/
brakeman.ignore
109 lines (109 loc) · 3.46 KB
/
brakeman.ignore
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
{
"ignored_warnings": [
{
"warning_type": "Command Injection",
"warning_code": 14,
"fingerprint": "06d6c136d77c612ede6c621952772bad1910e700020da0302d7987b8cdfe2bd2",
"check_name": "Execute",
"message": "Possible command injection",
"file": "app/services/malware_scanner.rb",
"line": 34,
"link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
"code": "Open3.capture3(*\"#{COMMAND} #{file_path.to_s}\")",
"render_path": null,
"location": {
"type": "method",
"class": "MalwareScanner",
"method": "scan_result"
},
"user_input": "COMMAND",
"confidence": "Medium",
"cwe_id": [
77
],
"note": "This is required for streaming file virus scanning"
},
{
"warning_type": "Mass Assignment",
"warning_code": 70,
"fingerprint": "ba68e127b85a916b749bd1f7fec20219b1cb3e27b40904106d2dce53193bb5dd",
"check_name": "MassAssignment",
"message": "Specify exact keys allowed for mass assignment instead of using `permit!` which allows any keys",
"file": "app/controllers/pages_controller.rb",
"line": 91,
"link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/",
"code": "params.require(:page).permit!",
"render_path": null,
"location": {
"type": "method",
"class": "PagesController",
"method": "page_attributes"
},
"user_input": null,
"confidence": "Medium",
"cwe_id": [
915
],
"note": ""
},
{
"warning_type": "Mass Assignment",
"warning_code": 70,
"fingerprint": "bf948bcefe8517f5a2128b39139499917369d009f47138f85b3d3dcca29624b9",
"check_name": "MassAssignment",
"message": "Specify exact keys allowed for mass assignment instead of using `permit!` which allows any keys",
"file": "app/controllers/branches_controller.rb",
"line": 94,
"link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/",
"code": "params.require(:branch).permit!",
"render_path": null,
"location": {
"type": "method",
"class": "BranchesController",
"method": "branch_params"
},
"user_input": null,
"confidence": "Medium",
"cwe_id": [
915
],
"note": ""
},
{
"warning_type": "Dynamic Render Path",
"warning_code": 15,
"fingerprint": "e7a712bc09393b5494d0566c761eebfff983b805e29c590f886babe58a5370f9",
"check_name": "Render",
"message": "Render path contains parameter value",
"file": "app/views/pages/edit.html.erb",
"line": 9,
"link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
"code": "render(template => service.find_page_by_uuid(params[:page_uuid]).template, {})",
"render_path": [
{
"type": "controller",
"class": "PagesController",
"method": "edit",
"line": 12,
"file": "app/controllers/pages_controller.rb",
"rendered": {
"name": "pages/edit",
"file": "app/views/pages/edit.html.erb"
}
}
],
"location": {
"type": "template",
"template": "pages/edit"
},
"user_input": "params[:page_uuid]",
"confidence": "Weak",
"cwe_id": [
22
],
"note": ""
}
],
"updated": "2023-03-14 10:51:46 +0000",
"brakeman_version": "5.4.0"
}