gitlabhq/gitlabhq

View on GitHub

Showing 2,500 of 2,500 total issues

CSRF vulnerability in OmniAuth's request phase
Open

    omniauth (1.9.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2015-9284

Criticality: High

URL: https://github.com/omniauth/omniauth/pull/809

Solution: remove or disable this gem until a patch is available!

Class Project has 281 methods (exceeds 20 allowed). Consider refactoring.
Open

class Project < ApplicationRecord
  include Gitlab::ConfigHelper
  include Gitlab::ShellAdapter
  include Gitlab::VisibilityLevel
  include AccessRequestable
Severity: Major
Found in app/models/project.rb - About 5 days to fix

    File project.rb has 1856 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    require 'carrierwave/orm/activerecord'
    
    class Project < ApplicationRecord
      include Gitlab::ConfigHelper
      include Gitlab::ShellAdapter
    Severity: Major
    Found in app/models/project.rb - About 5 days to fix

      Class User has 207 methods (exceeds 20 allowed). Consider refactoring.
      Open

      class User < ApplicationRecord
        extend Gitlab::ConfigHelper
      
        include Gitlab::ConfigHelper
        include Gitlab::SQL::Pattern
      Severity: Major
      Found in app/models/user.rb - About 4 days to fix

        File notes.js has 1310 lines of code (exceeds 250 allowed). Consider refactoring.
        Open

        /* eslint-disable no-restricted-properties, babel/camelcase,
        no-unused-expressions, default-case,
        consistent-return, no-alert, no-param-reassign, no-else-return,
        no-shadow, no-useless-escape,
        class-methods-use-this */
        Severity: Major
        Found in app/assets/javascripts/notes.js - About 3 days to fix

          File user.rb has 1287 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          require 'carrierwave/orm/activerecord'
          
          class User < ApplicationRecord
            extend Gitlab::ConfigHelper
          
          
          Severity: Major
          Found in app/models/user.rb - About 3 days to fix

            Class MergeRequest has 167 methods (exceeds 20 allowed). Consider refactoring.
            Open

            class MergeRequest < ApplicationRecord
              include AtomicInternalId
              include IidRoutes
              include Issuable
              include Noteable
            Severity: Major
            Found in app/models/merge_request.rb - About 3 days to fix

              Method services has 566 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                    def self.services
                      {
                        'alerts' => [],
                        'asana' => [
                          {
              Severity: Major
              Found in lib/api/helpers/services_helpers.rb - About 2 days to fix

                File merge_request.rb has 1108 lines of code (exceeds 250 allowed). Consider refactoring.
                Open

                class MergeRequest < ApplicationRecord
                  include AtomicInternalId
                  include IidRoutes
                  include Issuable
                  include Noteable
                Severity: Major
                Found in app/models/merge_request.rb - About 2 days to fix

                  Class Repository has 142 methods (exceeds 20 allowed). Consider refactoring.
                  Open

                  class Repository
                    REF_MERGE_REQUEST = 'merge-requests'
                    REF_KEEP_AROUND = 'keep-around'
                    REF_ENVIRONMENTS = 'environments'
                    REF_PIPELINES = 'pipelines'
                  Severity: Major
                  Found in app/models/repository.rb - About 2 days to fix

                    Class Repository has 123 methods (exceeds 20 allowed). Consider refactoring.
                    Open

                        class Repository
                          include Gitlab::Git::RepositoryMirroring
                          include Gitlab::Git::WrapsGitalyErrors
                          include Gitlab::EncodingHelper
                          include Gitlab::Utils::StrongMemoize
                    Severity: Major
                    Found in lib/gitlab/git/repository.rb - About 2 days to fix

                      Class Build has 114 methods (exceeds 20 allowed). Consider refactoring.
                      Open

                        class Build < Ci::Processable
                          include Ci::Metadatable
                          include Ci::Contextable
                          include Ci::PipelineDelegator
                          include TokenAuthenticatable
                      Severity: Major
                      Found in app/models/ci/build.rb - About 2 days to fix

                        File repository.rb has 854 lines of code (exceeds 250 allowed). Consider refactoring.
                        Open

                        require 'securerandom'
                        
                        class Repository
                          REF_MERGE_REQUEST = 'merge-requests'
                          REF_KEEP_AROUND = 'keep-around'
                        Severity: Major
                        Found in app/models/repository.rb - About 2 days to fix

                          Class Pipeline has 101 methods (exceeds 20 allowed). Consider refactoring.
                          Open

                            class Pipeline < ApplicationRecord
                              extend Gitlab::Ci::Model
                              include HasStatus
                              include Importable
                              include AfterCommitQueue
                          Severity: Major
                          Found in app/models/ci/pipeline.rb - About 1 day to fix

                            Function constructor has 379 lines of code (exceeds 25 allowed). Consider refactoring.
                            Open

                              constructor(els, options = {}) {
                                const _this = this;
                            
                                let $els = $(els);
                            
                            
                            Severity: Major
                            Found in app/assets/javascripts/labels_select.js - About 1 day to fix

                              File services_helpers.rb has 764 lines of code (exceeds 250 allowed). Consider refactoring.
                              Open

                              module API
                                module Helpers
                                  # Helpers module for API::Services
                                  #
                                  # The data structures inside this model are returned using class methods,
                              Severity: Major
                              Found in lib/api/helpers/services_helpers.rb - About 1 day to fix

                                File build.rb has 755 lines of code (exceeds 250 allowed). Consider refactoring.
                                Open

                                module Ci
                                  class Build < Ci::Processable
                                    include Ci::Metadatable
                                    include Ci::Contextable
                                    include Ci::PipelineDelegator
                                Severity: Major
                                Found in app/models/ci/build.rb - About 1 day to fix

                                  File repository.rb has 741 lines of code (exceeds 250 allowed). Consider refactoring.
                                  Open

                                  require 'tempfile'
                                  require 'forwardable'
                                  require "rubygems/package"
                                  
                                  module Gitlab
                                  Severity: Major
                                  Found in lib/gitlab/git/repository.rb - About 1 day to fix

                                    File gl_dropdown.js has 740 lines of code (exceeds 250 allowed). Consider refactoring.
                                    Open

                                    /* eslint-disable max-classes-per-file, one-var, consistent-return */
                                    
                                    import $ from 'jquery';
                                    import _ from 'underscore';
                                    import fuzzaldrinPlus from 'fuzzaldrin-plus';
                                    Severity: Major
                                    Found in app/assets/javascripts/gl_dropdown.js - About 1 day to fix

                                      File users.rb has 718 lines of code (exceeds 250 allowed). Consider refactoring.
                                      Open

                                      module API
                                        class Users < Grape::API
                                          include PaginationParams
                                          include APIGuard
                                          include Helpers::CustomAttributes
                                      Severity: Major
                                      Found in lib/api/users.rb - About 1 day to fix
                                        Severity
                                        Category
                                        Status
                                        Source
                                        Language