Showing 36 of 36 total issues
OS Command Injection in Rake Open
rake (11.3.0)- Read upRead up
- Exclude checks
Advisory: CVE-2020-8130
Criticality: High
URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8
Solution: upgrade to >= 12.3.3
json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix) Open
json (1.8.6)- Read upRead up
- Exclude checks
Advisory: CVE-2020-10663
Criticality: High
URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
Solution: upgrade to >= 2.3.0
Potential arbitrary file read vulnerability in yard server Open
yard (0.8.7.6)- Read upRead up
- Exclude checks
Advisory: CVE-2017-17042
Criticality: High
URL: https://nvd.nist.gov/vuln/detail/CVE-2017-17042
Solution: upgrade to >= 0.9.11
Possible arbitrary path traversal and file access via yard server Open
yard (0.8.7.6)- Read upRead up
- Exclude checks
Advisory:
URL: https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr
Solution: upgrade to >= 0.9.20
Regular Expression Denial of Service in Addressable templates Open
addressable (2.5.1)- Read upRead up
- Exclude checks
Advisory: CVE-2021-32740
Criticality: High
URL: https://github.com/advisories/GHSA-jxhc-q857-3j6g
Solution: upgrade to >= 2.8.0
Arbitrary path traversal and file access via yard server Open
yard (0.8.7.6)- Read upRead up
- Exclude checks
Advisory: CVE-2019-1020001
Criticality: High
URL: https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr
Solution: upgrade to >= 0.9.20
Class Session has 51 methods (exceeds 20 allowed). Consider refactoring. Open
class Session
OPTIONS_KEYS = %i(protocol server_host server_port api_version username
password base_url logger cookies verify_ssl)
attr_accessor :cookies, :username, :password, :verify_sslCyclomatic complexity for method_missing is too high. [21/6] Open
def method_missing(m, *args, &block)
super unless respond_to_missing?(m)
# Many of the calls to restapi.py are uniform enough for DRY code, but the
# ones that aren't are mapped here.- Read upRead up
- Exclude checks
This cop checks that the cyclomatic complexity of methods is not higher than the configured maximum. The cyclomatic complexity is the number of linearly independent paths through a method. The algorithm counts decision points and adds one.
An if statement (or unless or ?:) increases the complexity by one. An else branch does not, since it doesn't add a decision point. The && operator (or keyword and) can be converted to a nested if statement, and ||/or is shorthand for a sequence of ifs, so they also add one. Loops can be said to have an exit condition, so they add one.
Function generateTOC has 57 lines of code (exceeds 25 allowed). Consider refactoring. Open
function generateTOC() {
if ($('#filecontents').length === 0) return;
var _toc = $('<ol class="top"></ol>');
var show = false;
var toc = _toc;Function searchItem has a Cognitive Complexity of 17 (exceeds 5 allowed). Consider refactoring. Open
function searchItem() {
for (var i = 0; i < searchCache.length / 50; i++) {
var item = searchCache[searchIndex];
var searchName = (searchString.indexOf('::') != -1 ? item.fullName : item.name);
var matchString = regexSearchString;- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method query_listings has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring. Open
def query_listings(options = {})
pattern = options.delete(:pattern)
all_listings = JSON[Api::get_listings(options, self)]
listings = all_listings['listings']
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method has too many lines. [32/30] Open
def method_missing(m, *args, &block)
super unless respond_to_missing?(m)
# Many of the calls to restapi.py are uniform enough for DRY code, but the
# ones that aren't are mapped here.- Read upRead up
- Exclude checks
This cop checks if the length of a method exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.
Function fullListSearch has 46 lines of code (exceeds 25 allowed). Consider refactoring. Open
function fullListSearch() {
// generate cache
searchCache = [];
$('#full_list li').each(function() {
var link = $(this).find('.object_link a');Cyclomatic complexity for query_listings is too high. [7/6] Open
def query_listings(options = {})
pattern = options.delete(:pattern)
all_listings = JSON[Api::get_listings(options, self)]
listings = all_listings['listings']
- Read upRead up
- Exclude checks
This cop checks that the cyclomatic complexity of methods is not higher than the configured maximum. The cyclomatic complexity is the number of linearly independent paths through a method. The algorithm counts decision points and adds one.
An if statement (or unless or ?:) increases the complexity by one. An else branch does not, since it doesn't add a decision point. The && operator (or keyword and) can be converted to a nested if statement, and ||/or is shorthand for a sequence of ifs, so they also add one. Loops can be said to have an exit condition, so they add one.
Method has too many lines. [31/30] Open
def query_listings(options = {})
pattern = options.delete(:pattern)
all_listings = JSON[Api::get_listings(options, self)]
listings = all_listings['listings']
- Read upRead up
- Exclude checks
This cop checks if the length of a method exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.
Method method_missing has a Cognitive Complexity of 12 (exceeds 5 allowed). Consider refactoring. Open
def method_missing(m, *args, &block)
super unless respond_to_missing?(m)
# Many of the calls to restapi.py are uniform enough for DRY code, but the
# ones that aren't are mapped here.- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method method_missing has 32 lines of code (exceeds 25 allowed). Consider refactoring. Open
def method_missing(m, *args, &block)
super unless respond_to_missing?(m)
# Many of the calls to restapi.py are uniform enough for DRY code, but the
# ones that aren't are mapped here.Method execute has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring. Open
def execute(options = {})
if options[:method] == :post
options[:headers][:content_type] = 'application/x-www-form-urlencoded'
end
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method query_listings has 31 lines of code (exceeds 25 allowed). Consider refactoring. Open
def query_listings(options = {})
pattern = options.delete(:pattern)
all_listings = JSON[Api::get_listings(options, self)]
listings = all_listings['listings']
Function summaryToggle has 31 lines of code (exceeds 25 allowed). Consider refactoring. Open
function summaryToggle() {
$('.summary_toggle').click(function() {
if (localStorage) {
localStorage.summaryCollapsed = $(this).text();
}