Sign upLogin

FuiOrganization/ruby_backend

View on GitHub
Star

Showing 10 of 12 total issues

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4
Open

    rails-html-sanitizer (1.0.3)
Severity: Minor
Found in Gemfile.lock by brakeman

Read more: https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ

Loofah 2.1.1 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2
Open

    loofah (2.1.1)
Severity: Minor
Found in Gemfile.lock by brakeman

Read more: https://github.com/flavorjones/loofah/issues/144

Use %i or %I for an array of symbols.
Open

    added_attrs = [:facebook_identifier, :email, :password, :password_confirmation, :remember_me]
Severity: Minor
Found in app/controllers/secure_controller.rb by rubocop

This cop can check for array literals made up of symbols that are not using the %i() syntax.

Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.

Configuration option: MinSize If set, arrays with fewer elements than this value will not trigger the cop. For example, a MinSize of3` will not enforce a style on an array of 2 or fewer elements.

Example: EnforcedStyle: percent (default)

# good
%i[foo bar baz]

# bad
[:foo, :bar, :baz]

Example: EnforcedStyle: brackets

# good
[:foo, :bar, :baz]

# bad
%i[foo bar baz]

include is used at the top level. Use inside class or module.
Open

include FileUtils
Severity: Minor
Found in bin/update by rubocop

This cop checks that include, extend and prepend exists at the top level. Using these at the top level affects the behavior of Object. There will not be using include, extend and prepend at the top level. Let's use it inside class or module.

Example:

# bad
include M

class C
end

# bad
extend M

class C
end

# bad
prepend M

class C
end

# good
class C
  include M
end

# good
class C
  extend M
end

# good
class C
  prepend M
end

Use warn instead of $stderr.puts to allow such output to be disabled.
Open

    $stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install"
Severity: Minor
Found in bin/yarn by rubocop

This cop identifies places where $stderr.puts can be replaced by warn. The latter has the advantage of easily being disabled by, e.g. the -W0 interpreter flag, or setting $VERBOSE to nil.

Example:

# bad
$stderr.puts('hello')

# good
warn('hello')

Do not place comments on the same line as the end keyword.
Open

  end # content
Severity: Minor
Found in app/admin/dashboard.rb by rubocop

This cop checks for comments put on the same line as some keywords. These keywords are: begin, class, def, end, module.

Note that some comments (such as :nodoc: and rubocop:disable) are allowed.

Example:

# bad
if condition
  statement
end # end if

# bad
class X # comment
  statement
end

# bad
def x; end # comment

# good
if condition
  statement
end

# good
class X # :nodoc:
  y
end

Use %i or %I for an array of symbols.
Open

    added_attrs = [:facebook_identifier, :email, :password, :password_confirmation, :remember_me]
Severity: Minor
Found in app/controllers/application_controller.rb by rubocop

This cop can check for array literals made up of symbols that are not using the %i() syntax.

Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.

Configuration option: MinSize If set, arrays with fewer elements than this value will not trigger the cop. For example, a MinSize of3` will not enforce a style on an array of 2 or fewer elements.

Example: EnforcedStyle: percent (default)

# good
%i[foo bar baz]

# bad
[:foo, :bar, :baz]

Example: EnforcedStyle: brackets

# good
[:foo, :bar, :baz]

# bad
%i[foo bar baz]

%w-literals should be delimited by [ and ].
Open

%w(
  .ruby-version
  .rbenv-vars
  tmp/restart.txt
  tmp/caching-dev.txt
Severity: Minor
Found in config/spring.rb by rubocop

This cop enforces the consistent usage of %-literal delimiters.

Specify the 'default' key to set all preferred delimiters at once. You can continue to specify individual preferred delimiters to override the default.

Example:

# Style/PercentLiteralDelimiters:
#   PreferredDelimiters:
#     default: '[]'
#     '%i':    '()'

# good
%w[alpha beta] + %i(gamma delta)

# bad
%W(alpha #{beta})

# bad
%I(alpha beta)

Use warn instead of $stderr.puts to allow such output to be disabled.
Open

    $stderr.puts "Yarn executable was not detected in the system."
Severity: Minor
Found in bin/yarn by rubocop

This cop identifies places where $stderr.puts can be replaced by warn. The latter has the advantage of easily being disabled by, e.g. the -W0 interpreter flag, or setting $VERBOSE to nil.

Example:

# bad
$stderr.puts('hello')

# good
warn('hello')

include is used at the top level. Use inside class or module.
Open

include FileUtils
Severity: Minor
Found in bin/setup by rubocop

This cop checks that include, extend and prepend exists at the top level. Using these at the top level affects the behavior of Object. There will not be using include, extend and prepend at the top level. Let's use it inside class or module.

Example:

# bad
include M

class C
end

# bad
extend M

class C
end

# bad
prepend M

class C
end

# good
class C
  include M
end

# good
class C
  extend M
end

# good
class C
  prepend M
end
Severity
Category
Status
Source
Language