attr_accessible is recommended over attr_protected Open
attr_protected :account_id, :tenant_id, :audit_ids- Read upRead up
- Exclude checks
This warning comes up if a model does not limit what attributes can be set through mass assignment.
In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.
Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.
Note that disabling mass assignment globally will suppress these warnings.
Profile has 6 constants Wontfix
class Profile < ApplicationRecord- Read upRead up
- Exclude checks
Too Many Constants is a special case of LargeClass.
Example
Given this configuration
TooManyConstants:
max_constants: 3and this code:
class TooManyConstants
CONST_1 = :dummy
CONST_2 = :dummy
CONST_3 = :dummy
CONST_4 = :dummy
endReek would emit the following warning:
test.rb -- 1 warnings:
[1]:TooManyConstants has 4 constants (TooManyConstants)Profile#validate_presence_of_account performs a nil-check Open
throw :abort if self.account.nil?- Read upRead up
- Exclude checks
A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.
Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.
Example
Given
class Klass
def nil_checker(argument)
if argument.nil?
puts "argument isn't nil!"
end
end
endReek would emit the following warning:
test.rb -- 1 warning:
[3]:Klass#nil_checker performs a nil-check. (NilCheck)