Showing 208 of 208 total issues
Nokogiri gem, via libxml2, is affected by multiple vulnerabilities Open
nokogiri (1.6.7.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-14404
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/issues/1785
Solution: upgrade to >= 1.8.5
Nokogiri gem, via libxml, is affected by DoS vulnerabilities Open
nokogiri (1.6.7.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2017-15412
URL: https://github.com/sparklemotion/nokogiri/issues/1714
Solution: upgrade to >= 1.8.2
Possible XSS vulnerability with certain configurations of rails-html-sanitizer Open
rails-html-sanitizer (1.0.3)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-23519
Criticality: Medium
URL: https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-9h9g-93gc-623h
Solution: upgrade to >= 1.4.4
Integer Overflow or Wraparound in libxml2 affects Nokogiri Open
nokogiri (1.6.7.2)
- Read upRead up
- Exclude checks
Advisory:
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-cgx6-hpwq-fhv5
Solution: upgrade to >= 1.13.5
XML Injection in Xerces Java affects Nokogiri Open
nokogiri (1.6.7.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2022-23437
Criticality: Medium
URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xxx9-3xcr-gjj3
Solution: upgrade to >= 1.13.4
Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29 Open
nokogiri (1.6.7.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2017-5029
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/issues/1634
Solution: upgrade to >= 1.7.2
File boardCtrl.js
has 328 lines of code (exceeds 250 allowed). Consider refactoring. Open
myApp.controller("BoardCtrl", function ($scope) {
$scope.events = events;
$scope.brags = brags;
$scope.posts = posts;
$scope.newEvent = {};
Function has too many statements (46). Maximum allowed is 30. Open
myApp.controller("BoardCtrl", function ($scope) {
- Read upRead up
- Exclude checks
enforce a maximum number of statements allowed in function blocks (max-statements)
The max-statements
rule allows you to specify the maximum number of statements allowed in a function.
function foo() {
var bar = 1; // one statement
var baz = 2; // two statements
var qux = 3; // three statements
}
Rule Details
This rule enforces a maximum number of statements allowed in function blocks.
Options
This rule has a number or object option:
-
"max"
(default10
) enforces a maximum number of statements allows in function blocks
Deprecated: The object property maximum
is deprecated; please use the object property max
instead.
This rule has an object option:
-
"ignoreTopLevelFunctions": true
ignores top-level functions
max
Examples of incorrect code for this rule with the default { "max": 10 }
option:
/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/
function foo() {
var foo1 = 1;
var foo2 = 2;
var foo3 = 3;
var foo4 = 4;
var foo5 = 5;
var foo6 = 6;
var foo7 = 7;
var foo8 = 8;
var foo9 = 9;
var foo10 = 10;
var foo11 = 11; // Too many.
}
let foo = () => {
var foo1 = 1;
var foo2 = 2;
var foo3 = 3;
var foo4 = 4;
var foo5 = 5;
var foo6 = 6;
var foo7 = 7;
var foo8 = 8;
var foo9 = 9;
var foo10 = 10;
var foo11 = 11; // Too many.
};
Examples of correct code for this rule with the default { "max": 10 }
option:
/*eslint max-statements: ["error", 10]*/
/*eslint-env es6*/
function foo() {
var foo1 = 1;
var foo2 = 2;
var foo3 = 3;
var foo4 = 4;
var foo5 = 5;
var foo6 = 6;
var foo7 = 7;
var foo8 = 8;
var foo9 = 9;
var foo10 = 10;
return function () {
// The number of statements in the inner function does not count toward the
// statement maximum.
return 42;
};
}
let foo = () => {
var foo1 = 1;
var foo2 = 2;
var foo3 = 3;
var foo4 = 4;
var foo5 = 5;
var foo6 = 6;
var foo7 = 7;
var foo8 = 8;
var foo9 = 9;
var foo10 = 10;
return function () {
// The number of statements in the inner function does not count toward the
// statement maximum.
return 42;
};
}
ignoreTopLevelFunctions
Examples of additional correct code for this rule with the { "max": 10 }, { "ignoreTopLevelFunctions": true }
options:
/*eslint max-statements: ["error", 10, { "ignoreTopLevelFunctions": true }]*/
function foo() {
var foo1 = 1;
var foo2 = 2;
var foo3 = 3;
var foo4 = 4;
var foo5 = 5;
var foo6 = 6;
var foo7 = 7;
var foo8 = 8;
var foo9 = 9;
var foo10 = 10;
var foo11 = 11;
}
Related Rules
- [complexity](complexity.md)
- [max-depth](max-depth.md)
- [max-len](max-len.md)
- [max-nested-callbacks](max-nested-callbacks.md)
- [max-params](max-params.md) Source: http://eslint.org/docs/rules/
Similar blocks of code found in 2 locations. Consider refactoring. Open
$scope.deleteBrag = function(brag){
$.ajax({
url:'/brags/delete/'+brag.id,
type:'post',
success:function(data){
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 105.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 2 locations. Consider refactoring. Open
$scope.deleteEvent = function(event){
$.ajax({
url:'/events/delete/'+event.id,
type:'post',
success:function(data){
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 105.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 2 locations. Consider refactoring. Open
$scope.showBragModal = function(brag){
$scope.selectedBrag = brag;
$scope.isEditingBrag = false;
$('#brag-modal').modal('show');
$.ajax({
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 95.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 2 locations. Consider refactoring. Open
$scope.showEventModal = function(event){
$scope.selectedEvent = event;
$scope.isEditingEvent = false;
$('#event-modal').modal('show');
$.ajax({
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 95.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 2 locations. Consider refactoring. Open
$.ajax({
url:'/events/modal_show/'+$(this).attr('data-id'),
type:'get',
success:function(data){
console.log(data);
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 75.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 2 locations. Consider refactoring. Open
$.ajax({
url:'/brags/modal_show/'+$(this).attr('data-id'),
type:'get',
success:function(data){
console.log(data);
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 75.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Denial of service or RCE from libxml2 and libxslt Open
nokogiri (1.6.7.2)
- Read upRead up
- Exclude checks
Advisory: CVE-2015-8806
Criticality: High
URL: https://github.com/sparklemotion/nokogiri/issues/1473
Solution: upgrade to >= 1.6.8
Possible XSS Vulnerability in Action View Open
actionview (4.2.5.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2016-6316
Criticality: Medium
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/I-VWr034ouk
Solution: upgrade to ~> 4.2.7.1, ~> 4.2.8, >= 5.0.0.1
Possible XSS vulnerability in Rack Open
rack (1.6.4)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-16471
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o
Solution: upgrade to ~> 1.6.11, >= 2.0.6
File Content Disclosure in Action View Open
actionview (4.2.5.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2019-5418
Criticality: High
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q
Solution: upgrade to >= 4.2.11.1, ~> 4.2.11, >= 5.0.7.2, ~> 5.0.7, >= 5.1.6.2, ~> 5.1.6, >= 5.2.2.1, ~> 5.2.2, >= 6.0.0.beta3
Denial of Service Vulnerability in Action View Open
actionview (4.2.5.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2019-5419
Criticality: High
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/GN7w9fFAQeI
Solution: upgrade to >= 6.0.0.beta3, >= 5.2.2.1, ~> 5.2.2, >= 5.1.6.2, ~> 5.1.6, >= 5.0.7.2, ~> 5.0.7, >= 4.2.11.1, ~> 4.2.11
Broken Access Control vulnerability in Active Job Open
activejob (4.2.5.1)
- Read upRead up
- Exclude checks
Advisory: CVE-2018-16476
Criticality: High
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/FL4dSdzr2zw
Solution: upgrade to ~> 4.2.11, ~> 5.0.7.1, ~> 5.1.6.1, ~> 5.1.7, >= 5.2.1.1