gitlabhq/gitlabhq

View on GitHub

Showing 3,933 of 3,933 total issues

CSRF vulnerability in OmniAuth's request phase
Open

    omniauth (1.9.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2015-9284

Criticality: High

URL: https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284

Solution: upgrade to >= 2.0.0

Class User has 238 methods (exceeds 20 allowed). Consider refactoring.
Open

class User < ApplicationRecord
  extend Gitlab::ConfigHelper

  include Gitlab::ConfigHelper
  include Gitlab::SQL::Pattern
Severity: Major
Found in app/models/user.rb - About 4 days to fix

    Class MergeRequest has 211 methods (exceeds 20 allowed). Consider refactoring.
    Open

    class MergeRequest < ApplicationRecord
      include AtomicInternalId
      include IidRoutes
      include Issuable
      include Noteable
    Severity: Major
    Found in app/models/merge_request.rb - About 4 days to fix

      File user.rb has 1525 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      require 'carrierwave/orm/activerecord'
      
      class User < ApplicationRecord
        extend Gitlab::ConfigHelper
      
      
      Severity: Major
      Found in app/models/user.rb - About 4 days to fix

        File merge_request.rb has 1406 lines of code (exceeds 250 allowed). Consider refactoring.
        Open

        class MergeRequest < ApplicationRecord
          include AtomicInternalId
          include IidRoutes
          include Issuable
          include Noteable
        Severity: Major
        Found in app/models/merge_request.rb - About 3 days to fix

          File deprecated_notes.js has 1228 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          /* eslint-disable no-restricted-properties, babel/camelcase,
          no-unused-expressions, default-case,
          consistent-return, no-alert, no-param-reassign,
          no-shadow, no-useless-escape,
          class-methods-use-this */
          Severity: Major
          Found in app/assets/javascripts/deprecated_notes.js - About 3 days to fix

            Method integrations has 610 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                  def self.integrations
                    {
                      'asana' => [
                        {
                          required: true,
            Severity: Major
            Found in lib/api/helpers/integrations_helpers.rb - About 3 days to fix

              Class Pipeline has 145 methods (exceeds 20 allowed). Consider refactoring.
              Open

                class Pipeline < Ci::ApplicationRecord
                  include Ci::HasStatus
                  include Importable
                  include AfterCommitQueue
                  include Presentable
              Severity: Major
              Found in app/models/ci/pipeline.rb - About 2 days to fix

                Class Build has 144 methods (exceeds 20 allowed). Consider refactoring.
                Open

                  class Build < Ci::Processable
                    include Ci::Metadatable
                    include Ci::Contextable
                    include TokenAuthenticatable
                    include AfterCommitQueue
                Severity: Major
                Found in app/models/ci/build.rb - About 2 days to fix

                  Class Repository has 143 methods (exceeds 20 allowed). Consider refactoring.
                  Open

                  class Repository
                    REF_MERGE_REQUEST = 'merge-requests'
                    REF_KEEP_AROUND = 'keep-around'
                    REF_ENVIRONMENTS = 'environments'
                    REF_PIPELINES = 'pipelines'
                  Severity: Major
                  Found in app/models/repository.rb - About 2 days to fix

                    File solarized_dark.js has 1083 lines of code (exceeds 250 allowed). Consider refactoring.
                    Open

                    /*
                    
                    https://github.com/brijeshb42/monaco-themes/blob/master/themes/Solarized-dark.json
                    
                    The MIT License (MIT)
                    Severity: Major
                    Found in app/assets/javascripts/ide/lib/themes/solarized_dark.js - About 2 days to fix

                      File solarized_light.js has 1074 lines of code (exceeds 250 allowed). Consider refactoring.
                      Open

                      /*
                      
                      https://github.com/brijeshb42/monaco-themes/blob/master/themes/Solarized-dark.json
                      
                      The MIT License (MIT)
                      Severity: Major
                      Found in app/assets/javascripts/ide/lib/themes/solarized_light.js - About 2 days to fix

                        File pipeline.rb has 975 lines of code (exceeds 250 allowed). Consider refactoring.
                        Open

                        module Ci
                          class Pipeline < Ci::ApplicationRecord
                            include Ci::HasStatus
                            include Importable
                            include AfterCommitQueue
                        Severity: Major
                        Found in app/models/ci/pipeline.rb - About 2 days to fix

                          Class Repository has 124 methods (exceeds 20 allowed). Consider refactoring.
                          Open

                              class Repository
                                include Gitlab::Git::RepositoryMirroring
                                include Gitlab::Git::WrapsGitalyErrors
                                include Gitlab::EncodingHelper
                                include Gitlab::Utils::StrongMemoize
                          Severity: Major
                          Found in lib/gitlab/git/repository.rb - About 2 days to fix

                            File users.rb has 938 lines of code (exceeds 250 allowed). Consider refactoring.
                            Open

                            module API
                              class Users < ::API::Base
                                include PaginationParams
                                include APIGuard
                                include Helpers::CustomAttributes
                            Severity: Major
                            Found in lib/api/users.rb - About 2 days to fix

                              File build.rb has 918 lines of code (exceeds 250 allowed). Consider refactoring.
                              Open

                              module Ci
                                class Build < Ci::Processable
                                  include Ci::Metadatable
                                  include Ci::Contextable
                                  include TokenAuthenticatable
                              Severity: Major
                              Found in app/models/ci/build.rb - About 2 days to fix

                                Class Group has 108 methods (exceeds 20 allowed). Consider refactoring.
                                Open

                                class Group < Namespace
                                  include Gitlab::ConfigHelper
                                  include AfterCommitQueue
                                  include AccessRequestable
                                  include Avatarable
                                Severity: Major
                                Found in app/models/group.rb - About 2 days to fix

                                  File repository.rb has 853 lines of code (exceeds 250 allowed). Consider refactoring.
                                  Open

                                  require 'securerandom'
                                  
                                  class Repository
                                    REF_MERGE_REQUEST = 'merge-requests'
                                    REF_KEEP_AROUND = 'keep-around'
                                  Severity: Major
                                  Found in app/models/repository.rb - About 2 days to fix

                                    File integrations_helpers.rb has 809 lines of code (exceeds 250 allowed). Consider refactoring.
                                    Open

                                    module API
                                      module Helpers
                                        # Helpers module for API::Services
                                        #
                                        # The data structures inside this model are returned using class methods,
                                    Severity: Major
                                    Found in lib/api/helpers/integrations_helpers.rb - About 1 day to fix

                                      File usage_data.rb has 772 lines of code (exceeds 250 allowed). Consider refactoring.
                                      Open

                                      module Gitlab
                                        class UsageData
                                          DEPRECATED_VALUE = -1000
                                          MAX_GENERATION_TIME_FOR_SAAS = 40.hours
                                      
                                      
                                      Severity: Major
                                      Found in lib/gitlab/usage_data.rb - About 1 day to fix
                                        Severity
                                        Category
                                        Status
                                        Source
                                        Language