Sign upLogin

kompakt-solutions/currency-converter

View on GitHub
Star

Showing 128 of 128 total issues

Denial of Service Vulnerability in Rack Content-Disposition parsing
Open

    rack (2.0.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2022-44571

URL: https://github.com/rack/rack/releases/tag/v3.0.4.1

Solution: upgrade to >= 2.0.9.2, ~> 2.0.9, >= 2.1.4.2, ~> 2.1.4, >= 2.2.6.1, ~> 2.2.6, >= 3.0.4.1

Possible shell escape sequence injection vulnerability in Rack
Open

    rack (2.0.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2022-30123

Criticality: Critical

URL: https://groups.google.com/g/ruby-security-ann/c/LWB10kWzag8

Solution: upgrade to >= 2.0.9.1, ~> 2.0.9, >= 2.1.4.1, ~> 2.1.4, >= 2.2.3.1

Denial of Service Vulnerability in Rack Multipart Parsing
Open

    rack (2.0.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2022-30122

Criticality: High

URL: https://groups.google.com/g/ruby-security-ann/c/L2Axto442qk

Solution: upgrade to >= 2.0.9.1, ~> 2.0.9, >= 2.1.4.1, ~> 2.1.4, >= 2.2.3.1

Loofah 2.0.3 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2
Open

    loofah (2.0.3)
Severity: Minor
Found in Gemfile.lock by brakeman

Read more: https://github.com/flavorjones/loofah/issues/144

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4
Open

    rails-html-sanitizer (1.0.3)
Severity: Minor
Found in Gemfile.lock by brakeman

Read more: https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ

Line contains inconsistent indentation
Open

                currency: $("#currency").val(),
Severity: Minor
Found in app/assets/javascripts/_exchange_box.coffee by coffeelint

Missing top-level module documentation comment.
Open

module ExchangeHelper
Severity: Minor
Found in app/helpers/_exchange_helper.rb by rubocop

This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.

The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.

Example:

# bad
class Person
  # ...
end

# good
# Description/Explanation of Person class
class Person
  # ...
end

Missing top-level module documentation comment.
Open

module Currency
Severity: Minor
Found in lib/exchange.rb by rubocop

This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.

The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.

Example:

# bad
class Person
  # ...
end

# good
# Description/Explanation of Person class
class Person
  # ...
end

Gems should be sorted in an alphabetical order within their section of the Gemfile. Gem listen should appear before web-console.
Open

  gem 'listen', '>= 3.0.5', '< 3.2'
Severity: Minor
Found in Gemfile by rubocop

Gems should be alphabetically sorted within groups.

Example:

# bad
gem 'rubocop'
gem 'rspec'

# good
gem 'rspec'
gem 'rubocop'

# good
gem 'rubocop'

gem 'rspec'

# good only if TreatCommentsAsGroupSeparators is true
# For code quality
gem 'rubocop'
# For tests
gem 'rspec'

Gems should be sorted in an alphabetical order within their section of the Gemfile. Gem font-awesome-sass should appear before jquery-rails.
Open

gem 'font-awesome-sass', '~> 4.7.0'
Severity: Minor
Found in Gemfile by rubocop

Gems should be alphabetically sorted within groups.

Example:

# bad
gem 'rubocop'
gem 'rspec'

# good
gem 'rspec'
gem 'rubocop'

# good
gem 'rubocop'

gem 'rspec'

# good only if TreatCommentsAsGroupSeparators is true
# For code quality
gem 'rubocop'
# For tests
gem 'rspec'

Line is too long. [93/80]
Open

  # Access an IRB console on exception pages or by using <%= console %> anywhere in the code.
Severity: Minor
Found in Gemfile by rubocop

Prefer single-quoted strings when you don't need string interpolation or special symbols.
Open

  gem "codeclimate-test-reporter", "~> 1.0.0"
Severity: Minor
Found in Gemfile by rubocop

Checks if uses of quotes match the configured preference.

Example: EnforcedStyle: single_quotes (default)

# bad
"No special symbols"
"No string interpolation"
"Just text"

# good
'No special symbols'
'No string interpolation'
'Just text'
"Wait! What's #{this}!"

Example: EnforcedStyle: double_quotes

# bad
'Just some text'
'No special chars or interpolation'

# good
"Just some text"
"No special chars or interpolation"
"Every string in #{project} uses double_quotes"

Use %i or %I for an array of symbols.
Open

gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]
Severity: Minor
Found in Gemfile by rubocop

This cop can check for array literals made up of symbols that are not using the %i() syntax.

Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.

Configuration option: MinSize If set, arrays with fewer elements than this value will not trigger the cop. For example, a MinSize of3` will not enforce a style on an array of 2 or fewer elements.

Example: EnforcedStyle: percent (default)

# good
%i[foo bar baz]

# bad
[:foo, :bar, :baz]

Example: EnforcedStyle: brackets

# good
[:foo, :bar, :baz]

# bad
%i[foo bar baz]

Use warn instead of $stderr.puts to allow such output to be disabled.
Open

    $stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install"
Severity: Minor
Found in bin/yarn by rubocop

This cop identifies places where $stderr.puts can be replaced by warn. The latter has the advantage of easily being disabled by, e.g. the -W0 interpreter flag, or setting $VERBOSE to nil.

Example:

# bad
$stderr.puts('hello')

# good
warn('hello')

include is used at the top level. Use inside class or module.
Open

include FileUtils
Severity: Minor
Found in bin/setup by rubocop

This cop checks that include, extend and prepend exists at the top level. Using these at the top level affects the behavior of Object. There will not be using include, extend and prepend at the top level. Let's use it inside class or module.

Example:

# bad
include M

class C
end

# bad
extend M

class C
end

# bad
prepend M

class C
end

# good
class C
  include M
end

# good
class C
  extend M
end

# good
class C
  prepend M
end

Extra blank line detected.
Open


# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
Severity: Minor
Found in Gemfile by rubocop

This cops checks for two or more consecutive blank lines.

Example:

# bad - It has two empty lines.
some_method
# one empty line
# two empty lines
some_method

# good
some_method
# one empty line
some_method

Unnecessary fat arrow
Open

  $('#change').on 'click', (event) =>
Severity: Minor
Found in app/assets/javascripts/_exchange_box.coffee by coffeelint

Prefer single-quoted strings when you don't need string interpolation or special symbols.
Open

    $stderr.puts "Yarn executable was not detected in the system."
Severity: Minor
Found in bin/yarn by rubocop

Checks if uses of quotes match the configured preference.

Example: EnforcedStyle: single_quotes (default)

# bad
"No special symbols"
"No string interpolation"
"Just text"

# good
'No special symbols'
'No string interpolation'
'Just text'
"Wait! What's #{this}!"

Example: EnforcedStyle: double_quotes

# bad
'Just some text'
'No special chars or interpolation'

# good
"Just some text"
"No special chars or interpolation"
"Every string in #{project} uses double_quotes"

Prefer single-quoted strings when you don't need string interpolation or special symbols.
Open

    $stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install"
Severity: Minor
Found in bin/yarn by rubocop

Checks if uses of quotes match the configured preference.

Example: EnforcedStyle: single_quotes (default)

# bad
"No special symbols"
"No string interpolation"
"Just text"

# good
'No special symbols'
'No string interpolation'
'Just text'
"Wait! What's #{this}!"

Example: EnforcedStyle: double_quotes

# bad
'Just some text'
'No special chars or interpolation'

# good
"Just some text"
"No special chars or interpolation"
"Every string in #{project} uses double_quotes"

Extra empty line detected at module body beginning.
Open


  def self.exchange currency, currency_destination, quantity
Severity: Minor
Found in lib/exchange.rb by rubocop

This cops checks if empty lines around the bodies of modules match the configuration.

Example: EnforcedStyle: empty_lines

# good

module Foo

  def bar
    # ...
  end

end

Example: EnforcedStyle: emptylinesexcept_namespace

# good

module Foo
  module Bar

    # ...

  end
end

Example: EnforcedStyle: emptylinesspecial

# good
module Foo

  def bar; end

end

Example: EnforcedStyle: noemptylines (default)

# good

module Foo
  def bar
    # ...
  end
end
Severity
Category
Status
Source
Language