OWASP/railsgoat

View on GitHub

Showing 171 of 171 total issues

File bootstrap.js has 1311 lines of code (exceeds 250 allowed). Consider refactoring.
Open

/* ===================================================
 * bootstrap-transition.js v2.2.2
 * http://twitter.github.com/bootstrap/javascript.html#transitions
 * ===================================================
 * Copyright 2012 Twitter, Inc.
Severity: Major
Found in app/assets/javascripts/bootstrap.js - About 3 days to fix

    Function onload has 497 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

    window.onload = function() {
        function addIcon(el, entity) {
            var html = el.innerHTML;
            el.innerHTML = '<span style="font-family: \'icomoon\'">' + entity + '</span>' + html;
        }
    Severity: Major
    Found in app/assets/images/fonts/lte-ie7.js - About 2 days to fix

      Function sh_highlightString has a Cognitive Complexity of 103 (exceeds 5 allowed). Consider refactoring.
      Open

      if(!this.sh_languages){this.sh_languages={}}var sh_requests={};function sh_isEmailAddress(a){if(/^mailto:/.test(a)){return false}return a.indexOf("@")!==-1}function sh_setHref(b,c,d){var a=d.substring(b[c-2].pos,b[c-1].pos);if(a.length>=2&&a.charAt(0)==="<"&&a.charAt(a.length-1)===">"){a=a.substr(1,a.length-2)}if(sh_isEmailAddress(a)){a="mailto:"+a}b[c-2].node.href=a}function sh_konquerorExec(b){var a=[""];a.index=b.length;a.input=b;return a}function sh_highlightString(B,o){if(/Konqueror/.test(navigator.userAgent)){if(!o.konquered){for(var F=0;F<o.length;F++){for(var H=0;H<o[F].length;H++){var G=o[F][H][0];if(G.source==="$"){G.exec=sh_konquerorExec}}}o.konquered=true}}var N=document.createElement("a");var q=document.createElement("span");var A=[];var j=0;var n=[];var C=0;var k=null;var x=function(i,a){var p=i.length;if(p===0){return}if(!a){var Q=n.length;if(Q!==0){var r=n[Q-1];if(!r[3]){a=r[1]}}}if(k!==a){if(k){A[j++]={pos:C};if(k==="sh_url"){sh_setHref(A,j,B)}}if(a){var P;if(a==="sh_url"){P=N.cloneNode(false)}else{P=q.cloneNode(false)}P.className=a;A[j++]={node:P,pos:C}}}C+=p;k=a};var t=/\r\n|\r|\n/g;t.lastIndex=0;var d=B.length;while(C<d){var v=C;var l;var w;var h=t.exec(B);if(h===null){l=d;w=d}else{l=h.index;w=t.lastIndex}var g=B.substring(v,l);var M=[];for(;;){var I=C-v;var D;var y=n.length;if(y===0){D=0}else{D=n[y-1][2]}var O=o[D];var z=O.length;var m=M[D];if(!m){m=M[D]=[]}var E=null;var u=-1;for(var K=0;K<z;K++){var f;if(K<m.length&&(m[K]===null||I<=m[K].index)){f=m[K]}else{var c=O[K][0];c.lastIndex=I;f=c.exec(g);m[K]=f}if(f!==null&&(E===null||f.index<E.index)){E=f;u=K;if(f.index===I){break}}}if(E===null){x(g.substring(I),null);break}else{if(E.index>I){x(g.substring(I,E.index),null)}var e=O[u];var J=e[1];var b;if(J instanceof Array){for(var L=0;L<J.length;L++){b=E[L+1];x(b,J[L])}}else{b=E[0];x(b,J)}switch(e[2]){case -1:break;case -2:n.pop();break;case -3:n.length=0;break;default:n.push(e);break}}}if(k){A[j++]={pos:C};if(k==="sh_url"){sh_setHref(A,j,B)}k=null}C=w}return A}function sh_getClasses(d){var a=[];var b=d.className;if(b&&b.length>0){var e=b.split(" ");for(var c=0;c<e.length;c++){if(e[c].length>0){a.push(e[c])}}}return a}function sh_addClass(c,a){var d=sh_getClasses(c);for(var b=0;b<d.length;b++){if(a.toLowerCase()===d[b].toLowerCase()){return}}d.push(a);c.className=d.join(" ")}function sh_extractTagsFromNodeList(c,a){var f=c.length;for(var d=0;d<f;d++){var e=c.item(d);switch(e.nodeType){case 1:if(e.nodeName.toLowerCase()==="br"){var b;if(/MSIE/.test(navigator.userAgent)){b="\r"}else{b="\n"}a.text.push(b);a.pos++}else{a.tags.push({node:e.cloneNode(false),pos:a.pos});sh_extractTagsFromNodeList(e.childNodes,a);a.tags.push({pos:a.pos})}break;case 3:case 4:a.text.push(e.data);a.pos+=e.length;break}}}function sh_extractTags(c,b){var a={};a.text=[];a.tags=b;a.pos=0;sh_extractTagsFromNodeList(c.childNodes,a);return a.text.join("")}function sh_mergeTags(d,f){var a=d.length;if(a===0){return f}var c=f.length;if(c===0){return d}var i=[];var e=0;var b=0;while(e<a&&b<c){var h=d[e];var g=f[b];if(h.pos<=g.pos){i.push(h);e++}else{i.push(g);if(f[b+1].pos<=h.pos){b++;i.push(f[b]);b++}else{i.push({pos:h.pos});f[b]={node:g.node.cloneNode(false),pos:h.pos}}}}while(e<a){i.push(d[e]);e++}while(b<c){i.push(f[b]);b++}return i}function sh_insertTags(k,h){var g=document;var l=document.createDocumentFragment();var e=0;var d=k.length;var b=0;var j=h.length;var c=l;while(b<j||e<d){var i;var a;if(e<d){i=k[e];a=i.pos}else{a=j}if(a<=b){if(i.node){var f=i.node;c.appendChild(f);c=f}else{c=c.parentNode}e++}else{c.appendChild(g.createTextNode(h.substring(b,a)));b=a}}return l}function sh_highlightElement(d,g){sh_addClass(d,"sh_sourceCode");var c=[];var e=sh_extractTags(d,c);var f=sh_highlightString(e,g);var b=sh_mergeTags(c,f);var a=sh_insertTags(b,e);while(d.hasChildNodes()){d.removeChild(d.firstChild)}d.appendChild(a)}function sh_getXMLHttpRequest(){if(window.ActiveXObject){return new ActiveXObject("Msxml2.XMLHTTP")}else{if(window.XMLHttpRequest){return new XMLHttpRequest()}}throw"No XMLHttpRequest implementation available"}function sh_load(language,element,prefix,suffix){if(language in sh_requests){sh_requests[language].push(element);return}sh_requests[language]=[element];var request=sh_getXMLHttpRequest();var url=prefix+"sh_"+language+suffix;request.open("GET",url,true);request.onreadystatechange=function(){if(request.readyState===4){try{if(!request.status||request.status===200){eval(request.responseText);var elements=sh_requests[language];for(var i=0;i<elements.length;i++){sh_highlightElement(elements[i],sh_languages[language])}}else{throw"HTTP error: status "+request.status}}finally{request=null}}};request.send(null)}
      Severity: Minor
      Found in app/assets/javascripts/jquery.snippet.js - About 2 days to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Identical blocks of code found in 2 locations. Consider refactoring.
      Open

                              for(var i=0;i<boxNums.length;i++){
                                  var boxNum = boxNums[i];
                                      if(boxNum.indexOf('-')==-1){
                                          boxNum = parseFloat(boxNum)-1;
                                          o.find("li").eq(boxNum).addClass('box').prepend(spacer);
      Severity: Major
      Found in app/assets/javascripts/jquery.snippet.js and 1 other location - About 1 day to fix
      app/assets/javascripts/jquery.snippet.js on lines 328..347

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 334.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Identical blocks of code found in 2 locations. Consider refactoring.
      Open

                              for(var i=0;i<boxNums.length;i++){
                                  var boxNum = boxNums[i];
                                      if(boxNum.indexOf('-')==-1){
                                          boxNum = parseFloat(boxNum)-1;
                                          o.find("li").eq(boxNum).addClass('box').prepend(spacer);
      Severity: Major
      Found in app/assets/javascripts/jquery.snippet.js and 1 other location - About 1 day to fix
      app/assets/javascripts/jquery.snippet.js on lines 238..257

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 334.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      File bootstrap-timepicker.js has 686 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      /* =========================================================
       * bootstrap-timepicker.js
       * http://www.github.com/jdewit/bootstrap-timepicker
       * =========================================================
       * Copyright 2012
      Severity: Major
      Found in app/assets/javascripts/bootstrap-timepicker.js - About 1 day to fix

        Function snippet has 272 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

            $.fn.snippet = function(language,settings) {
            
                if(typeof language == "object"){settings = language;}
                
                if(typeof language == "string"){
        Severity: Major
        Found in app/assets/javascripts/jquery.snippet.js - About 1 day to fix

          File daterangepicker.js has 553 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          /**
          * @version: 1.1
          * @author: Dan Grossman http://www.dangrossman.info/
          * @date: 2013-03-04
          * @copyright: Copyright (c) 2012 Dan Grossman. All rights reserved.
          Severity: Major
          Found in app/assets/javascripts/date-picker/daterangepicker.js - About 1 day to fix

            File jquery.snippet.js has 552 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            /*
             * Snippet :: jQuery Syntax Highlighter v2.0.0
             * http://steamdev.com/snippet
             *
             * Copyright 2011, SteamDev
            Severity: Major
            Found in app/assets/javascripts/jquery.snippet.js - About 1 day to fix

              File lte-ie7.js has 499 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              /* Use this script if you need to support IE 7 and IE 6. */
              
              window.onload = function() {
                  function addIcon(el, entity) {
                      var html = el.innerHTML;
              Severity: Minor
              Found in app/assets/images/fonts/lte-ie7.js - About 1 day to fix

                Function DateRangePicker has 197 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                    var DateRangePicker = function (element, options, cb) {
                        var hasOptions = typeof options == 'object';
                        var localeObject;
                
                        //state
                Severity: Major
                Found in app/assets/javascripts/date-picker/daterangepicker.js - About 7 hrs to fix

                  File bootstrap-colorpicker.js has 450 lines of code (exceeds 250 allowed). Consider refactoring.
                  Open

                  /* =========================================================
                   * bootstrap-colorpicker.js 
                   * http://www.eyecon.ro/bootstrap-colorpicker
                   * =========================================================
                   * Copyright 2012 Stefan Petre
                  Severity: Minor
                  Found in app/assets/javascripts/bootstrap-colorpicker.js - About 6 hrs to fix

                    Similar blocks of code found in 2 locations. Consider refactoring.
                    Open

                                this.picker.find('i')
                                    .eq(0).css({left: this.color.value.s*100, top: 100 - this.color.value.b*100}).end()
                                    .eq(1).css('top', 100 * (1 - this.color.value.h)).end()
                                    .eq(2).css('top', 100 * (1 - this.color.value.a));
                    Severity: Major
                    Found in app/assets/javascripts/bootstrap-colorpicker.js and 1 other location - About 6 hrs to fix
                    app/assets/javascripts/bootstrap-colorpicker.js on lines 199..202

                    Duplicated Code

                    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                    Tuning

                    This issue has a mass of 166.

                    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                    Refactorings

                    Further Reading

                    Similar blocks of code found in 2 locations. Consider refactoring.
                    Open

                                this.picker.find('i')
                                    .eq(0).css({left: this.color.value.s*100, top: 100 - this.color.value.b*100}).end()
                                    .eq(1).css('top', 100 * (1 - this.color.value.h)).end()
                                    .eq(2).css('top', 100 * (1 - this.color.value.a));
                    Severity: Major
                    Found in app/assets/javascripts/bootstrap-colorpicker.js and 1 other location - About 6 hrs to fix
                    app/assets/javascripts/bootstrap-colorpicker.js on lines 208..211

                    Duplicated Code

                    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                    Tuning

                    This issue has a mass of 166.

                    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                    Refactorings

                    Further Reading

                    Function bootstrapWizardCreate has 133 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                    var bootstrapWizardCreate = function(element, options) {
                        var element = $(element);
                        var obj = this;
                    
                        // Merge options with defaults
                    Severity: Major
                    Found in app/assets/javascripts/jquery.bootstrap.wizard.js - About 5 hrs to fix

                      Function easyPieChart has 120 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                          $.easyPieChart = function(el, options) {
                            var addScaleLine, animateLine, drawLine, easeInOutQuad, renderBackground, renderScale, renderTrack,
                              _this = this;
                            this.el = el;
                            this.$el = $(el);
                      Severity: Major
                      Found in app/assets/javascripts/jquery.easy-pie-chart.js - About 4 hrs to fix

                        File bootstrap-image-gallery.js has 362 lines of code (exceeds 250 allowed). Consider refactoring.
                        Open

                        /*
                         * Bootstrap Image Gallery 2.10
                         * https://github.com/blueimp/Bootstrap-Image-Gallery
                         *
                         * Copyright 2011, Sebastian Tschan
                        Severity: Minor
                        Found in app/assets/javascripts/bootstrap-image-gallery.js - About 4 hrs to fix

                          Function receiveEvent has a Cognitive Complexity of 31 (exceeds 5 allowed). Consider refactoring.
                          Open

                              receiveEvent: function(eventName, args) {
                                  // receive event from flash
                                  eventName = eventName.toString().toLowerCase().replace(/^on/, '');
                                          
                                  // special behavior for certain events
                          Severity: Minor
                          Found in app/assets/javascripts/jquery.snippet.js - About 4 hrs to fix

                          Cognitive Complexity

                          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                          A method's cognitive complexity is based on a few simple rules:

                          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                          • Code is considered more complex for each "break in the linear flow of the code"
                          • Code is considered more complex when "flow breaking structures are nested"

                          Further reading

                          Similar blocks of code found in 6 locations. Consider refactoring.
                          Open

                            $.fn.tooltip = function ( option ) {
                              return this.each(function () {
                                var $this = $(this)
                                  , data = $this.data('tooltip')
                                  , options = typeof option == 'object' && option
                          Severity: Major
                          Found in app/assets/javascripts/bootstrap.js and 5 other locations - About 4 hrs to fix
                          app/assets/javascripts/bootstrap.js on lines 593..601
                          app/assets/javascripts/bootstrap.js on lines 1151..1159
                          app/assets/javascripts/bootstrap.js on lines 1252..1260
                          app/assets/javascripts/bootstrap.js on lines 1628..1636
                          app/assets/javascripts/bootstrap.js on lines 2135..2143

                          Duplicated Code

                          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                          Tuning

                          This issue has a mass of 123.

                          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                          Refactorings

                          Further Reading

                          Similar blocks of code found in 6 locations. Consider refactoring.
                          Open

                            $.fn.typeahead = function (option) {
                              return this.each(function () {
                                var $this = $(this)
                                  , data = $this.data('typeahead')
                                  , options = typeof option == 'object' && option
                          Severity: Major
                          Found in app/assets/javascripts/bootstrap.js and 5 other locations - About 4 hrs to fix
                          app/assets/javascripts/bootstrap.js on lines 593..601
                          app/assets/javascripts/bootstrap.js on lines 1033..1041
                          app/assets/javascripts/bootstrap.js on lines 1151..1159
                          app/assets/javascripts/bootstrap.js on lines 1252..1260
                          app/assets/javascripts/bootstrap.js on lines 1628..1636

                          Duplicated Code

                          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                          Tuning

                          This issue has a mass of 123.

                          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                          Refactorings

                          Further Reading

                          Severity
                          Category
                          Status
                          Source
                          Language