americanexpress/xcode-result-bundle-processor

RDoc OS command injection vulnerability
Open

    rdoc (4.2.1)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2021-31799

Criticality: High

URL: https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/

Solution: upgrade to ~> 6.1.2.1, ~> 6.2.1.1, >= 6.3.1

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)
Open

    json (1.8.3)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-10663

Criticality: High

URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/

Solution: upgrade to >= 2.3.0

OS Command Injection in Rake
Open

    rake (10.4.2)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2020-8130

Criticality: High

URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8

Solution: upgrade to >= 12.3.3

Assignment Branch Condition size for _format_test is too high. [58.39/20]
Open

      def _format_test(test, mab, destination_dir)
        mab.a name: test.identifier do
          if test.passed?
            mab.h2 test.summary
          else

Found in lib/xcoderesultbundleprocessor/test_summaries/html_report.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Assignment Branch Condition size for save is too high. [44.23/20]
Open

      def save(destination_dir)
        info "Saving HTML report to #{destination_dir}"

        raise "Destination directory #{destination_dir} already exists" if Dir.exist?(destination_dir)

Found in lib/xcoderesultbundleprocessor/test_summaries/html_report.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Assignment Branch Condition size for _deserialize_dictionary is too high. [37.55/20]
Open

    def _deserialize_dictionary(cfdictionary)
      if cfdictionary.value.key?('NS.rectval')
        return self._deserialize_object(cfdictionary.value['NS.rectval'])
      end

Found in lib/xcoderesultbundleprocessor/element_snapshot.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Method `_format_test` has a Cognitive Complexity of 25 (exceeds 5 allowed). Consider refactoring.
Open

      def _format_test(test, mab, destination_dir)
        mab.a name: test.identifier do
          if test.passed?
            mab.h2 test.summary
          else

Found in lib/xcoderesultbundleprocessor/test_summaries/html_report.rb - About 3 hrs to fix

Read up
Read up
Create a ticket
Create a ticket

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
Code is considered more complex for each "break in the linear flow of the code"
Code is considered more complex when "flow breaking structures are nested"

Further reading

Assignment Branch Condition size for parse is too high. [31.13/20]
Open

    def self.parse(element_snapshot)
      element_class = nil
      if element_snapshot.key?(:additionalAttributes) and element_snapshot[:additionalAttributes].key?(5004.to_s.to_sym)
        element_class = element_snapshot[:additionalAttributes][5004.to_s.to_sym]
      end

Found in lib/xcoderesultbundleprocessor/snapshot_summary.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Assignment Branch Condition size for read_token_stream is too high. [27.53/20]
Open

      def self.read_token_stream(io)
        raise 'Not an SLF0 file' unless self.valid_slf0_io?(io)

        Enumerator.new do |enumerator|
          until io.eof?

Found in lib/xcoderesultbundleprocessor/slf0/tokenizer.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Method `_format_test` has 60 lines of code (exceeds 25 allowed). Consider refactoring.
Open

      def _format_test(test, mab, destination_dir)
        mab.a name: test.identifier do
          if test.passed?
            mab.h2 test.summary
          else

Found in lib/xcoderesultbundleprocessor/test_summaries/html_report.rb - About 2 hrs to fix

Create a ticket
Create a ticket

Assignment Branch Condition size for deserialize is too high. [21/20]
Open

        def self.deserialize(tokens)
          self.new(
              section_type:            tokens.shift,
              domain_type:             tokens.shift,
              title:                   tokens.shift,

Found in lib/xcoderesultbundleprocessor/slf0/model/ideactivitylogsection.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Method `save` has 43 lines of code (exceeds 25 allowed). Consider refactoring.
Open

      def save(destination_dir)
        info "Saving HTML report to #{destination_dir}"

        raise "Destination directory #{destination_dir} already exists" if Dir.exist?(destination_dir)

Found in lib/xcoderesultbundleprocessor/test_summaries/html_report.rb - About 1 hr to fix

Create a ticket
Create a ticket

Assignment Branch Condition size for _deserialize_object is too high. [20.62/20]
Open

    def _deserialize_object(object)
      if object.is_a?(CFPropertyList::CFUid)
        self._deserialize_object(@objects[object.value])
      elsif object.is_a?(CFPropertyList::CFString) && object.value == '$null'
        nil

Found in lib/xcoderesultbundleprocessor/element_snapshot.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Assignment Branch Condition size for parse is too high. [20.98/20]
Open

      def self.parse(activity_summary)
        screenshot      = Array(activity_summary['Attachments']).find { |attachment| attachment['Name'] == 'Screenshot' }
        screenshot_path = nil
        unless screenshot.nil?
          screenshot_path = screenshot['FileName']

Found in lib/xcoderesultbundleprocessor/test_summaries/test_summaries.rb by rubocop

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Method `_deserialize_uid` has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

    def _deserialize_uid(uid)
      object = @objects[uid.value]

      if object.is_a?(CFPropertyList::CFUid)
        _deserialize_uid(uid)

Found in lib/xcoderesultbundleprocessor/element_snapshot.rb - About 1 hr to fix

Read up
Read up
Create a ticket
Create a ticket

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
Code is considered more complex for each "break in the linear flow of the code"
Code is considered more complex when "flow breaking structures are nested"

Further reading

Method `summary` has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

    def summary
      summary_components = [
          self.element_class || 'UnknownElement',
          self.frame
      ]

Found in lib/xcoderesultbundleprocessor/snapshot_summary.rb - About 55 mins to fix

Read up
Read up
Create a ticket
Create a ticket

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
Code is considered more complex for each "break in the linear flow of the code"
Code is considered more complex when "flow breaking structures are nested"

Further reading

Method `resolve_class_names` has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

      def self.resolve_class_names(tokens)
        class_names = []

        Enumerator.new do |enumerator|
          tokens.each do |token|

Found in lib/xcoderesultbundleprocessor/slf0/class_name_resolver.rb - About 55 mins to fix

Read up
Read up
Create a ticket
Create a ticket

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
Code is considered more complex for each "break in the linear flow of the code"
Code is considered more complex when "flow breaking structures are nested"

Further reading

ruby-ffi DDL loading issue on Windows OS
Open

    ffi (1.9.10)

Found in Gemfile.lock by bundler-audit

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

Advisory: CVE-2018-1000201

Criticality: High

URL: https://github.com/ffi/ffi/releases/tag/1.9.24

Solution: upgrade to >= 1.9.24

Method `_deserialize_object` has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

    def _deserialize_object(object)
      if object.is_a?(CFPropertyList::CFUid)
        self._deserialize_object(@objects[object.value])
      elsif object.is_a?(CFPropertyList::CFString) && object.value == '$null'
        nil

Found in lib/xcoderesultbundleprocessor/element_snapshot.rb - About 45 mins to fix

Read up
Read up
Create a ticket
Create a ticket

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
Code is considered more complex for each "break in the linear flow of the code"
Code is considered more complex when "flow breaking structures are nested"

Further reading

Method `read_token_stream` has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

      def self.read_token_stream(io)
        raise 'Not an SLF0 file' unless self.valid_slf0_io?(io)

        Enumerator.new do |enumerator|
          until io.eof?

Found in lib/xcoderesultbundleprocessor/slf0/tokenizer.rb - About 35 mins to fix

Read up
Read up
Create a ticket
Create a ticket

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
Code is considered more complex for each "break in the linear flow of the code"
Code is considered more complex when "flow breaking structures are nested"

Further reading