Showing 48 of 48 total issues
Use the return of the conditional for variable assignment and comparison. Open
if rescheduled
appointment = Appointment.waiting.not_scheduled
else
appointment = Appointment.available_doses
end
- Exclude checks
Use the return of the conditional for variable assignment and comparison. Open
if reschedule
appointments = Appointment.waiting.not_scheduled
else
appointments = Appointment.available_doses
end
- Exclude checks
Possible Open Redirect in Host Authorization Middleware Open
actionpack (6.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-44528
Criticality: Medium
URL: https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ
Solution: upgrade to >= 6.0.4.2, ~> 6.0.4, >= 6.1.4.2, ~> 6.1.4, >= 7.0.0.rc2
Possible exposure of information vulnerability in Action Pack Open
actionpack (6.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-23633
Criticality: High
URL: https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ
Solution: upgrade to >= 5.2.6.2, ~> 5.2.6, >= 6.0.4.6, ~> 6.0.4, >= 6.1.4.6, ~> 6.1.4, >= 7.0.2.2
Possible code injection vulnerability in Rails / Active Storage Open
activestorage (6.1.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-21831
Criticality: Critical
URL: https://groups.google.com/g/rubyonrails-security/c/n-p-W1yxatI
Solution: upgrade to >= 5.2.6.3, ~> 5.2.6, >= 6.0.4.7, ~> 6.0.4, >= 6.1.4.7, ~> 6.1.4, >= 7.0.2.3
Possible shell escape sequence injection vulnerability in Rack Open
rack (2.2.3)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-30123
Criticality: Critical
URL: https://groups.google.com/g/ruby-security-ann/c/LWB10kWzag8
Solution: upgrade to >= 2.0.9.1, ~> 2.0.9, >= 2.1.4.1, ~> 2.1.4, >= 2.2.3.1
Trailing whitespace detected. Open
.update_all(patient_id: patient_id,
- Read upRead up
- Exclude checks
This cop looks for trailing whitespace in the source code.
Example:
# The line in this example contains spaces after the 0.
# bad
x = 0
# The line in this example ends directly after the 0.
# good
x = 0
Example: AllowInHeredoc: false (default)
# The line in this example contains spaces after the 0.
# bad
code = <<~RUBY
x = 0
RUBY
# ok
code = <<~RUBY
x = 0 #{}
RUBY
# good
trailing_whitespace = ' '
code = <<~RUBY
x = 0#{trailing_whitespace}
RUBY
Example: AllowInHeredoc: true
# The line in this example contains spaces after the 0.
# good
code = <<~RUBY
x = 0
RUBY
Align .where
with .waiting
on line 25. Open
.where(start: from..to, ubs_id: allowed_ubs_ids)
- Read upRead up
- Exclude checks
This cop checks the indentation of the method name part in method calls that span more than one line.
Example: EnforcedStyle: aligned (default)
# bad
while myvariable
.b
# do something
end
# good
while myvariable
.b
# do something
end
# good
Thing.a
.b
.c
Example: EnforcedStyle: indented
# good
while myvariable
.b
# do something
end
Example: EnforcedStyle: indentedrelativeto_receiver
# good
while myvariable
.a
.b
# do something
end
# good
myvariable = Thing
.a
.b
.c