app/models/widget_import_validator.rb from ManageIQ/manageiq

app/models/widget_import_validator.rb

Summary

Maintainability

0 mins

Test Coverage

100%

Issues
Source
Stats

Prefer using `YAML.safe_load` over `YAML.load`.
Open

    widgets = YAML.load(import_file_upload.uploaded_content)

Found in app/models/widget_import_validator.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.

Example:

# bad
YAML.load("--- foo")

# good
YAML.safe_load("--- foo")
YAML.dump("foo")

ManageIQ/manageiq

Summary

Maintainability

Test Coverage

Prefer using `YAML.safe_load` over `YAML.load`.
Open

Example:

There are no issues that match your filters.

Category

Status

ManageIQ/manageiq

Summary

Maintainability

Test Coverage

Prefer using YAML.safe_load over YAML.load. Open

Example:

There are no issues that match your filters.

Category

Status

Prefer using `YAML.safe_load` over `YAML.load`.
Open