Showing 437 of 437 total issues
Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35) Open
nokogiri (1.6.6.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-30560
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2
Solution: upgrade to >= 1.13.2
RuboCop gem Insecure use of /tmp Open
rubocop (0.34.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2017-8418
Criticality: Low
URL: https://github.com/bbatsov/rubocop/issues/4336
Solution: upgrade to >= 0.49.0
Nokogiri gem, via libxml2, is affected by multiple vulnerabilities Open
nokogiri (1.6.6.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-14404
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/issues/1785
Solution: upgrade to >= 1.8.5
Revert libxml2 behavior in Nokogiri gem that could cause XSS Open
nokogiri (1.6.6.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-8048
URL: https://github.com/sparklemotion/nokogiri/pull/1746
Solution: upgrade to >= 1.8.3
Path Traversal in Sprockets Open
sprockets (3.4.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-3760
Criticality: High
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/2S9Pwz2i16k
Solution: upgrade to < 3.0.0, >= 2.12.5, < 4.0.0, >= 3.7.2, >= 4.0.0.beta8
Prototype pollution attack through jQuery $.extend Open
jquery-rails (4.0.5)
- Read upRead up
- Exclude checks
Advisory: CVE-2019-11358
Criticality: Medium
URL: https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
Solution: upgrade to >= 4.3.4
Improper Restriction of XML External Entity Reference (XXE) in Nokogiri on JRuby Open
nokogiri (1.6.6.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-41098
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-2rr5-8q37-2w7h
Solution: upgrade to >= 1.12.5
Out-of-bounds Write in zlib affects Nokogiri Open
nokogiri (1.6.6.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-25032
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
Solution: upgrade to >= 1.13.4
Function prototype
has 160 lines of code (exceeds 25 allowed). Consider refactoring. Open
Searcher.prototype = new function() {
// search is performed in chunks of 1000 for non-blocking user input
var CHUNK_SIZE = 1000;
// do not try to find more than 100 results
var MAX_RESULTS = 100;
Function prototype
has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring. Open
Search.prototype = $.extend({}, Navigation, new function() {
var suid = 1;
this.init = function() {
var _this = this;
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function prototype
has 82 lines of code (exceeds 25 allowed). Consider refactoring. Open
Search.prototype = $.extend({}, Navigation, new function() {
var suid = 1;
this.init = function() {
var _this = this;
Similar blocks of code found in 2 locations. Consider refactoring. Open
for (var i=1, l = regexps.length; i < l; i++) {
result.title = result.title.replace(regexps[i], highlighters[i]);
result.namespace = result.namespace.replace(regexps[i], highlighters[i]);
};
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 96.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 2 locations. Consider refactoring. Open
for (var i=0, l = regexps.length; i < l; i++) {
result.title = result.title.replace(regexps[i], highlighters[i]);
result.namespace = result.namespace.replace(regexps[i], highlighters[i]);
};
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 96.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Function has a complexity of 17. Open
this.onkeydown = function(e) {
- Read upRead up
- Exclude checks
Limit Cyclomatic Complexity (complexity)
Cyclomatic complexity measures the number of linearly independent paths through a program's source code. This rule allows setting a cyclomatic complexity threshold.
function a(x) {
if (true) {
return x; // 1st path
} else if (false) {
return x+1; // 2nd path
} else {
return 4; // 3rd path
}
}
Rule Details
This rule is aimed at reducing code complexity by capping the amount of cyclomatic complexity allowed in a program. As such, it will warn when the cyclomatic complexity crosses the configured threshold (default is 20
).
Examples of incorrect code for a maximum of 2:
/*eslint complexity: ["error", 2]*/
function a(x) {
if (true) {
return x;
} else if (false) {
return x+1;
} else {
return 4; // 3rd path
}
}
Examples of correct code for a maximum of 2:
/*eslint complexity: ["error", 2]*/
function a(x) {
if (true) {
return x;
} else {
return 4;
}
}
Options
Optionally, you may specify a max
object property:
"complexity": ["error", 2]
is equivalent to
"complexity": ["error", { "max": 2 }]
Deprecated: the object property maximum
is deprecated. Please use the property max
instead.
When Not To Use It
If you can't determine an appropriate complexity limit for your code, then it's best to disable this rule.
Further Reading
Related Rules
- [max-depth](max-depth.md)
- [max-len](max-len.md)
- [max-nested-callbacks](max-nested-callbacks.md)
- [max-params](max-params.md)
- [max-statements](max-statements.md) Source: http://eslint.org/docs/rules/
Identical blocks of code found in 3 locations. Consider refactoring. Open
for (var i=1, l = regexps.length; i < l; i++) {
if (!index.match(regexps[i]) && !longIndex.match(regexps[i]))
return false;
};
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 71.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Identical blocks of code found in 3 locations. Consider refactoring. Open
for (var i=1, l = regexps.length; i < l; i++) {
if (!index.match(regexps[i]) && !longIndex.match(regexps[i]))
return false;
};
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 71.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Identical blocks of code found in 3 locations. Consider refactoring. Open
for (var i=1, l = regexps.length; i < l; i++) {
if (!index.match(regexps[i]) && !longIndex.match(regexps[i]))
return false;
};
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 71.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Function performSearch
has 38 lines of code (exceeds 25 allowed). Consider refactoring. Open
function performSearch(data, regexps, queries, highlighters, state) {
var searchIndex = data.searchIndex;
var longSearchIndex = data.longSearchIndex;
var info = data.info;
var result = [];
Similar blocks of code found in 2 locations. Consider refactoring. Open
case 40: //Event.KEY_DOWN:
if (e.keyCode == 40 || e.ctrlKey) {
if (this.moveDown()) e.preventDefault();
this.startMoveTimeout(true);
}
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 62.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 2 locations. Consider refactoring. Open
case 38: //Event.KEY_UP:
if (e.keyCode == 38 || e.ctrlKey) {
if (this.moveUp()) e.preventDefault();
this.startMoveTimeout(false);
}
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 62.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76