Sign upLogin

expertiza/expertiza

View on GitHub
Star

Showing 4,497 of 4,497 total issues

open-uri-cached Gem for Ruby Unsafe Temporary File Creation Local Privilege Escalation
Open

    open-uri-cached (1.0.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2015-3649

URL: http://seclists.org/oss-sec/2015/q2/373

Solution: remove or disable this gem until a patch is available!

ReDoS based DoS vulnerability in GlobalID
Open

    globalid (0.4.2)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2023-22799

URL: https://github.com/rails/globalid/releases/tag/v1.0.1

Solution: upgrade to >= 1.0.1

Unintended read access in kramdown gem
Open

    kramdown (1.17.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-14001

Criticality: Critical

URL: https://github.com/advisories/GHSA-mqm2-cgpr-p4m6

Solution: upgrade to >= 2.3.0

activerecord-session_store Timing Attack
Open

    activerecord-session_store (1.1.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2019-25025

Criticality: Medium

URL: https://github.com/advisories/GHSA-cvw2-xj8r-mjf7

Solution: upgrade to >= 2.0.0

XSS Vulnerability on closeText option of Dialog jQuery UI
Open

    jquery-ui-rails (4.0.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2016-7103

Criticality: Medium

URL: https://github.com/jquery/api.jqueryui.com/issues/281

Solution: upgrade to >= 6.0.0

Remote code execution in Kramdown
Open

    kramdown (1.17.0)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2021-28834

Criticality: Critical

URL: https://github.com/advisories/GHSA-52p9-v744-mwjj

Solution: upgrade to >= 2.3.1

Block has too many lines. [794/25]
Open

describe ReviewMappingHelper, type: :helper do
  let(:team) { build(:assignment_team, id: 1) }
  let(:test_item) { build(:answer, id: 1, comments: 'https://wiki.archlinux.org/') }
  let(:test_response) { build(:response, id: 1) }
  describe 'get_team_color' do
Severity: Minor
Found in spec/helpers/review_mapping_helper_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [738/25]
Open

describe AssignmentForm do
  let(:assignment) { build(:assignment, id: 1) }
  let(:due_date) { build(:assignment_due_date) }
  let(:assignment_form) { AssignmentForm.new }
  let(:user) { double('Instructor', timezonepref: 'Eastern Time (US & Canada)') }
Severity: Minor
Found in spec/models/assignment_form_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [721/25]
Open

describe SignUpSheetController do
  let(:assignment) { build(:assignment, id: 1, instructor_id: 6, due_dates: [due_date], microtask: true, staggered_deadline: true, directory_path: 'assignment') }
  let(:assignment2) { create(:assignment, id: 2, microtask: false, staggered_deadline: false, private: true, directory_path: 'assignment2') }
  let(:assignment3) { create(:assignment, id: 3, microtask: true, staggered_deadline: true, private: false, directory_path: 'assignment3') }
  let(:assignment30) { create(:assignment, id: 30, microtask: true, staggered_deadline: false, private: true, directory_path: 'assignment30') }
Severity: Minor
Found in spec/controllers/sign_up_sheet_controller_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [676/25]
Open

FactoryBot.define do
  factory :institution, class: Institution do
    name 'North Carolina State University'
  end
Severity: Minor
Found in spec/factories/factories.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [657/25]
Open

describe Assignment do
  let(:assignment) { build(:assignment, id: 1, name: 'no assignment', participants: [participant], teams: [team], max_team_size: 2) }
  let(:instructor) { build(:instructor, id: 6) }
  let(:student) { build(:student, id: 3, name: 'no one') }
  let(:review_response_map) { build(:review_response_map, response: [response], reviewer: build(:participant), reviewee: build(:assignment_team)) }
Severity: Minor
Found in spec/models/assignment_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [622/25]
Open

describe ReviewMappingController do
  let(:assignment) { double('Assignment', id: 1) }
  let(:reviewer) { double('Participant', id: 1, name: 'reviewer') }
  let(:review_response_map) do
    double('ReviewResponseMap', id: 1, map_id: 1, assignment: assignment,
Severity: Minor
Found in spec/controllers/review_mapping_controller_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [600/25]
Open

describe 'assignment function' do
  before(:each) do
    create(:deadline_type, name: 'submission')
    create(:deadline_type, name: 'review')
    create(:deadline_type, name: 'metareview')
Severity: Minor
Found in spec/features/assignment_creation_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [518/25]
Open

describe AuthorizationHelper do
  # Set up some dummy users
  # Inspired by spec/controllers/users_controller_spec.rb
  # Makes use of spec/factories/factories.rb
  # Use create instead of build so that these users get IDs
Severity: Minor
Found in spec/helpers/authorization_helper_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [417/25]
Open

describe AssignmentsController do
  let(:assignment) do
    build(:assignment, id: 1, name: 'test assignment', instructor_id: 6, staggered_deadline: true, directory_path: 'test_assignment',
                       participants: [build(:participant)], teams: [build(:assignment_team)], course_id: 1)
  end
Severity: Minor
Found in spec/controllers/assignments_controller_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [411/25]
Open

describe User do
  let(:user) do
    User.new name: 'abc', fullname: 'abc xyz', email: 'abcxyz@gmail.com', password: '12345678', password_confirmation: '12345678',
             email_on_submission: 1, email_on_review: 1, email_on_review_of_review: 0, copy_of_emails: 1, handle: 'handle'
  end
Severity: Minor
Found in spec/models/user_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [410/25]
Open

  describe '#update_assignment_questionnaires' do
    context 'when attributes are nil or empty' do
      it 'returns nil' do
        expect(assignment_form.update_assignment_questionnaires(nil)).to eq(nil)
        expect(assignment_form.update_assignment_questionnaires([])).to eq(nil)
Severity: Minor
Found in spec/models/assignment_form_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [401/25]
Open

describe QuestionnairesController do
  let(:questionnaire) do
    build(id: 1, name: 'questionnaire', ta_id: 8, course_id: 1, private: false, min_question_score: 0, max_question_score: 5, type: 'ReviewQuestionnaire')
  end
  let(:questionnaire) { build(:questionnaire) }
Severity: Minor
Found in spec/controllers/questionnaires_controller_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Class has too many lines. [489/100]
Open

class Assignment < ApplicationRecord
  require 'analytic/assignment_analytic'
  include Scoring
  include AssignmentAnalytic
  include ReviewAssignment
Severity: Minor
Found in app/models/assignment.rb by rubocop

This cop checks if the length a class exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.

Block has too many lines. [391/25]
Open

describe ResponseController do
  let(:assignment) { build(:assignment, instructor_id: 6, id: 1) }
  let(:instructor) { build(:instructor, id: 6) }
  let(:participant) { build(:participant, id: 1, user_id: 6, assignment: assignment) }
  let(:review_response) { build(:response, id: 1, map_id: 1) }
Severity: Minor
Found in spec/controllers/response_controller_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Severity
Category
Status
Source
Language