Issues - marceloboeira/feedcast

    get do
      page, per_page = params[:page], params[:per_page]

      cache(key: "api:channels:list:#{page}:#{per_page}", expires_in: 10.minutes) do
        channels = paginate(::Channel.all.order(created_at: :desc))

Found in app/api/api/v1/channel.rb and 1 other location - About 50 mins to fix

Read up
Read up

app/api/api/v1/episode.rb on lines 6..12

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 42.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 42.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

marceloboeira/feedcast

Showing 401 of 401 total issues

Possible information leak / session hijack vulnerability
Open

Revert libxml2 behavior in Nokogiri gem that could cause XSS
Open

sinatra ruby gem path traversal via backslash characters on Windows
Open

XSS via the 400 Bad Request page
Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Open

Denial of Service Vulnerability in Rack Content-Disposition parsing
Open

Broken Access Control vulnerability in Active Job
Open

Moderate severity vulnerability that affects nokogiri
Open

Possible shell escape sequence injection vulnerability in Rack
Open

Denial of service via header parsing in Rack
Open

Possible XSS vulnerability in Rack
Open

Prototype pollution attack through jQuery $.extend
Open

Denial of service via multipart parsing in Rack
Open

Regular Expression Denial of Service in websocket-extensions (RubyGem)
Open

Nokogiri gem, via libxml2, is affected by multiple vulnerabilities
Open

Denial of Service Vulnerability in Rack Multipart Parsing
Open

Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Open

Similar blocks of code found in 2 locations. Consider refactoring.
Open

Duplicated Code

Tuning

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

Duplicated Code

Tuning

Refactorings

Further Reading

Severity

Category

Status

Source

Language

marceloboeira/feedcast

Showing 401 of 401 total issues

Possible information leak / session hijack vulnerability Open

Revert libxml2 behavior in Nokogiri gem that could cause XSS Open

sinatra ruby gem path traversal via backslash characters on Windows Open

XSS via the 400 Bad Request page Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files Open

Nokogiri gem, via libxml, is affected by DoS vulnerabilities Open

Denial of Service Vulnerability in Rack Content-Disposition parsing Open

Broken Access Control vulnerability in Active Job Open

Moderate severity vulnerability that affects nokogiri Open

Possible shell escape sequence injection vulnerability in Rack Open

Denial of service via header parsing in Rack Open

Possible XSS vulnerability in Rack Open

Prototype pollution attack through jQuery $.extend Open

Denial of service via multipart parsing in Rack Open

Regular Expression Denial of Service in websocket-extensions (RubyGem) Open

Nokogiri gem, via libxml2, is affected by multiple vulnerabilities Open

Denial of Service Vulnerability in Rack Multipart Parsing Open

Nokogiri gem, via libxml, is affected by DoS vulnerabilities Open

Similar blocks of code found in 2 locations. Consider refactoring. Open

Duplicated Code

Tuning

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring. Open

Duplicated Code

Tuning

Refactorings

Further Reading

Severity

Category

Status

Source

Language

Possible information leak / session hijack vulnerability
Open

Revert libxml2 behavior in Nokogiri gem that could cause XSS
Open

sinatra ruby gem path traversal via backslash characters on Windows
Open

XSS via the 400 Bad Request page
Open

TZInfo relative path traversal vulnerability allows loading of arbitrary files
Open

Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Open

Denial of Service Vulnerability in Rack Content-Disposition parsing
Open

Broken Access Control vulnerability in Active Job
Open

Moderate severity vulnerability that affects nokogiri
Open

Possible shell escape sequence injection vulnerability in Rack
Open

Denial of service via header parsing in Rack
Open

Possible XSS vulnerability in Rack
Open

Prototype pollution attack through jQuery $.extend
Open

Denial of service via multipart parsing in Rack
Open

Regular Expression Denial of Service in websocket-extensions (RubyGem)
Open

Nokogiri gem, via libxml2, is affected by multiple vulnerabilities
Open

Denial of Service Vulnerability in Rack Multipart Parsing
Open

Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Open

Similar blocks of code found in 2 locations. Consider refactoring.
Open

Similar blocks of code found in 2 locations. Consider refactoring.
Open