Sign upLogin

18F/micropurchase

View on GitHub
Star
app/models/admins.rb

Summary

Maintainability
A
0 mins
Test Coverage

Prefer using YAML.safe_load over YAML.load.
Open

    @github_ids ||= YAML.load(File.read(File.expand_path("../../../config/admins.yml", __FILE__)))['github_ids']
Severity: Minor
Found in app/models/admins.rb by rubocop

This cop checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.

Example:

# bad
YAML.load("--- foo")

# good
YAML.safe_load("--- foo")
YAML.dump("foo")

There are no issues that match your filters.

Category
Status