gitlabhq/gitlabhq

View on GitHub

Showing 3,758 of 3,758 total issues

CSRF vulnerability in OmniAuth's request phase
Open

    omniauth (1.9.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2015-9284

Criticality: High

URL: https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284

Solution: upgrade to >= 2.0.0

Class Project has 307 methods (exceeds 20 allowed). Consider refactoring.
Open

class Project < ApplicationRecord
  include Gitlab::ConfigHelper
  include Gitlab::VisibilityLevel
  include AccessRequestable
  include Avatarable
Severity: Major
Found in app/models/project.rb - About 6 days to fix

    File project.rb has 2068 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    require 'carrierwave/orm/activerecord'
    
    class Project < ApplicationRecord
      include Gitlab::ConfigHelper
      include Gitlab::VisibilityLevel
    Severity: Major
    Found in app/models/project.rb - About 5 days to fix

      Class User has 228 methods (exceeds 20 allowed). Consider refactoring.
      Open

      class User < ApplicationRecord
        extend Gitlab::ConfigHelper
      
        include Gitlab::ConfigHelper
        include Gitlab::SQL::Pattern
      Severity: Major
      Found in app/models/user.rb - About 4 days to fix

        Class MergeRequest has 212 methods (exceeds 20 allowed). Consider refactoring.
        Open

        class MergeRequest < ApplicationRecord
          include AtomicInternalId
          include IidRoutes
          include Issuable
          include Noteable
        Severity: Major
        Found in app/models/merge_request.rb - About 4 days to fix

          File user.rb has 1495 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          require 'carrierwave/orm/activerecord'
          
          class User < ApplicationRecord
            extend Gitlab::ConfigHelper
          
          
          Severity: Major
          Found in app/models/user.rb - About 3 days to fix

            File merge_request.rb has 1401 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            class MergeRequest < ApplicationRecord
              include AtomicInternalId
              include IidRoutes
              include Issuable
              include Noteable
            Severity: Major
            Found in app/models/merge_request.rb - About 3 days to fix

              File notes.js has 1230 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              /* eslint-disable no-restricted-properties, babel/camelcase,
              no-unused-expressions, default-case,
              consistent-return, no-alert, no-param-reassign,
              no-shadow, no-useless-escape,
              class-methods-use-this */
              Severity: Major
              Found in app/assets/javascripts/notes.js - About 3 days to fix

                Method services has 610 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                      def self.services
                        {
                          'asana' => [
                            {
                              required: true,
                Severity: Major
                Found in lib/api/helpers/services_helpers.rb - About 3 days to fix

                  Class Repository has 143 methods (exceeds 20 allowed). Consider refactoring.
                  Open

                  class Repository
                    REF_MERGE_REQUEST = 'merge-requests'
                    REF_KEEP_AROUND = 'keep-around'
                    REF_ENVIRONMENTS = 'environments'
                    REF_PIPELINES = 'pipelines'
                  Severity: Major
                  Found in app/models/repository.rb - About 2 days to fix

                    Class Pipeline has 141 methods (exceeds 20 allowed). Consider refactoring.
                    Open

                      class Pipeline < ApplicationRecord
                        extend Gitlab::Ci::Model
                        include Ci::HasStatus
                        include Importable
                        include AfterCommitQueue
                    Severity: Major
                    Found in app/models/ci/pipeline.rb - About 2 days to fix

                      File solarized_dark.js has 1083 lines of code (exceeds 250 allowed). Consider refactoring.
                      Open

                      /*
                      
                      https://github.com/brijeshb42/monaco-themes/blob/master/themes/Solarized-dark.json
                      
                      The MIT License (MIT)
                      Severity: Major
                      Found in app/assets/javascripts/ide/lib/themes/solarized_dark.js - About 2 days to fix

                        File solarized_light.js has 1074 lines of code (exceeds 250 allowed). Consider refactoring.
                        Open

                        /*
                        
                        https://github.com/brijeshb42/monaco-themes/blob/master/themes/Solarized-dark.json
                        
                        The MIT License (MIT)
                        Severity: Major
                        Found in app/assets/javascripts/ide/lib/themes/solarized_light.js - About 2 days to fix

                          Class Build has 138 methods (exceeds 20 allowed). Consider refactoring.
                          Open

                            class Build < Ci::Processable
                              include Ci::Metadatable
                              include Ci::Contextable
                              include TokenAuthenticatable
                              include AfterCommitQueue
                          Severity: Major
                          Found in app/models/ci/build.rb - About 2 days to fix

                            Class Repository has 130 methods (exceeds 20 allowed). Consider refactoring.
                            Open

                                class Repository
                                  include Gitlab::Git::RepositoryMirroring
                                  include Gitlab::Git::WrapsGitalyErrors
                                  include Gitlab::EncodingHelper
                                  include Gitlab::Utils::StrongMemoize
                            Severity: Major
                            Found in lib/gitlab/git/repository.rb - About 2 days to fix

                              File pipeline.rb has 977 lines of code (exceeds 250 allowed). Consider refactoring.
                              Open

                              module Ci
                                class Pipeline < ApplicationRecord
                                  extend Gitlab::Ci::Model
                                  include Ci::HasStatus
                                  include Importable
                              Severity: Major
                              Found in app/models/ci/pipeline.rb - About 2 days to fix

                                File users.rb has 903 lines of code (exceeds 250 allowed). Consider refactoring.
                                Open

                                module API
                                  class Users < ::API::Base
                                    include PaginationParams
                                    include APIGuard
                                    include Helpers::CustomAttributes
                                Severity: Major
                                Found in lib/api/users.rb - About 2 days to fix

                                  File build.rb has 897 lines of code (exceeds 250 allowed). Consider refactoring.
                                  Open

                                  module Ci
                                    class Build < Ci::Processable
                                      include Ci::Metadatable
                                      include Ci::Contextable
                                      include TokenAuthenticatable
                                  Severity: Major
                                  Found in app/models/ci/build.rb - About 2 days to fix

                                    File repository.rb has 858 lines of code (exceeds 250 allowed). Consider refactoring.
                                    Open

                                    require 'securerandom'
                                    
                                    class Repository
                                      REF_MERGE_REQUEST = 'merge-requests'
                                      REF_KEEP_AROUND = 'keep-around'
                                    Severity: Major
                                    Found in app/models/repository.rb - About 2 days to fix

                                      Class Group has 104 methods (exceeds 20 allowed). Consider refactoring.
                                      Open

                                      class Group < Namespace
                                        include Gitlab::ConfigHelper
                                        include AfterCommitQueue
                                        include AccessRequestable
                                        include Avatarable
                                      Severity: Major
                                      Found in app/models/group.rb - About 2 days to fix
                                        Severity
                                        Category
                                        Status
                                        Source
                                        Language