Sign upLogin

kete/kete

View on GitHub
Star
app/models/feed.rb

Summary

Maintainability
A
0 mins
Test Coverage

Mass assignment is not restricted using attr_accessible
Open

class Feed < ActiveRecord::Base
Severity: Critical
Found in app/models/feed.rb by brakeman

This warning comes up if a model does not limit what attributes can be set through mass assignment.

In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.

Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.

Note that disabling mass assignment globally will suppress these warnings.

Use each_key instead of keys.each.
Open

    I18n.available_locales_with_labels.keys.each do |locale|
Severity: Minor
Found in app/models/feed.rb by rubocop

This cop checks for uses of each_key and each_value Hash methods.

Note: If you have an array of two-element arrays, you can put parentheses around the block arguments to indicate that you're not working with a hash, and suppress RuboCop offenses.

Example:

# bad
hash.keys.each { |k| p k }
hash.values.each { |v| p v }
hash.each { |k, _v| p k }
hash.each { |_k, v| p v }

# good
hash.each_key { |k| p k }
hash.each_value { |v| p v }

Avoid rescuing without specifying an error class.
Open

  rescue
Severity: Minor
Found in app/models/feed.rb by rubocop

This cop checks for rescuing StandardError. There are two supported styles implicit and explicit. This cop will not register an offense if any error other than StandardError is specified.

Example: EnforcedStyle: implicit

# `implicit` will enforce using `rescue` instead of
# `rescue StandardError`.

# bad
begin
  foo
rescue StandardError
  bar
end

# good
begin
  foo
rescue
  bar
end

# good
begin
  foo
rescue OtherError
  bar
end

# good
begin
  foo
rescue StandardError, SecurityError
  bar
end

Example: EnforcedStyle: explicit (default)

# `explicit` will enforce using `rescue StandardError`
# instead of `rescue`.

# bad
begin
  foo
rescue
  bar
end

# good
begin
  foo
rescue StandardError
  bar
end

# good
begin
  foo
rescue OtherError
  bar
end

# good
begin
  foo
rescue StandardError, SecurityError
  bar
end

Do not suppress exceptions.
Open

  rescue
Severity: Minor
Found in app/models/feed.rb by rubocop

This cop checks for rescue blocks with no body.

Example:

# bad

def some_method
  do_something
rescue
  # do nothing
end

Example:

# bad

begin
  do_something
rescue
  # do nothing
end

Example:

# good

def some_method
  do_something
rescue
  handle_exception
end

Example:

# good

begin
  do_something
rescue
  handle_exception
end

Redundant curly braces around a hash parameter.
Open

      update_attributes({
                          serialized_feed: entries,
                          last_downloaded: Time.now.utc.to_s(:db)
                        })
Severity: Minor
Found in app/models/feed.rb by rubocop

This cop checks for braces around the last parameter in a method call if the last parameter is a hash. It supports braces, no_braces and context_dependent styles.

Example: EnforcedStyle: braces

# The `braces` style enforces braces around all method
# parameters that are hashes.

# bad
some_method(x, y, a: 1, b: 2)

# good
some_method(x, y, {a: 1, b: 2})

Example: EnforcedStyle: no_braces (default)

# The `no_braces` style checks that the last parameter doesn't
# have braces around it.

# bad
some_method(x, y, {a: 1, b: 2})

# good
some_method(x, y, a: 1, b: 2)

Example: EnforcedStyle: context_dependent

# The `context_dependent` style checks that the last parameter
# doesn't have braces around it, but requires braces if the
# second to last parameter is also a hash literal.

# bad
some_method(x, y, {a: 1, b: 2})
some_method(x, y, {a: 1, b: 2}, a: 1, b: 2)

# good
some_method(x, y, a: 1, b: 2)
some_method(x, y, {a: 1, b: 2}, {a: 1, b: 2})

URI.escape method is obsolete and should not be used. Instead, use CGI.escape, URI.encode_www_form or URI.encode_www_form_component depending on your specific use case.
Open

    url = escape ? URI.escape(url) : url
Severity: Minor
Found in app/models/feed.rb by rubocop

This cop identifies places where URI.escape can be replaced by CGI.escape, URI.encode_www_form or URI.encode_www_form_component depending on your specific use case. Also this cop identifies places where URI.unescape can be replaced by CGI.unescape, URI.decode_www_form or URI.decode_www_form_component depending on your specific use case.

Example:

# bad
URI.escape('http://example.com')
URI.encode('http://example.com')

# good
CGI.escape('http://example.com')
URI.encode_www_form([['example', 'param'], ['lang', 'en']])
URI.encode_www_form(page: 10, locale: 'en')
URI.encode_www_form_component('http://example.com')

# bad
URI.unescape(enc_uri)
URI.decode(enc_uri)

# good
CGI.unescape(enc_uri)
URI.decode_www_form(enc_uri)
URI.decode_www_form_component(enc_uri)

There are no issues that match your filters.

Category
Status