Sign upLogin

ministryofjustice/Claim-for-Crown-Court-Defence

View on GitHub
Star
config/brakeman.ignore

Summary

Maintainability
Test Coverage
{
  "ignored_warnings": [
    {
      "warning_type": "Mass Assignment",
      "warning_code": 70,
      "fingerprint": "068f21e75ff2347f986c43eed66f00d0be08ce368dc2b5a2927f198e4f519547",
      "check_name": "MassAssignment",
      "message": "Specify exact keys allowed for mass assignment instead of using `permit!` which allows any keys",
      "file": "app/helpers/application_helper.rb",
      "line": 78,
      "link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/",
      "code": "params.except(:page).merge(:sort => column, :direction => ((\"desc\" or \"asc\")), :anchor => column).permit!",
      "render_path": null,
      "location": {
        "type": "method",
        "class": "ApplicationHelper",
        "method": "sortable"
      },
      "user_input": null,
      "confidence": "Medium",
      "cwe_id": [
        915
      ],
      "note": ""
    },
    {
      "warning_type": "Redirect",
      "warning_code": 18,
      "fingerprint": "463781a59c65a58aad10746c6698db3f169b58a20435304888eff3fe9449b2ec",
      "check_name": "Redirect",
      "message": "Possible unprotected redirect",
      "file": "app/controllers/case_workers/admin/management_information_controller.rb",
      "line": 25,
      "link": "https://brakemanscanner.org/docs/warning_types/redirect/",
      "code": "redirect_to(Stats::StatsReport.most_recent_by_type(params[:report_type]).document.blob.url(:disposition => \"attachment\"), :allow_other_host => true)",
      "render_path": null,
      "location": {
        "type": "method",
        "class": "CaseWorkers::Admin::ManagementInformationController",
        "method": "download"
      },
      "user_input": "Stats::StatsReport.most_recent_by_type(params[:report_type]).document.blob.url(:disposition => \"attachment\")",
      "confidence": "Weak",
      "cwe_id": [
        601
      ],
      "note": ""
    },
    {
      "warning_type": "File Access",
      "warning_code": 16,
      "fingerprint": "8738e8b7994af508882a105d873642c98a284c6139f8c6bcf53ae7e25bf14bfa",
      "check_name": "SendFile",
      "message": "Model attribute used in file name",
      "file": "app/controllers/case_workers/claims_controller.rb",
      "line": 34,
      "link": "https://brakemanscanner.org/docs/warning_types/file_access/",
      "code": "send_file(S3ZipDownloader.new(Claim::BaseClaim.active.find(params[:id])).generate!, :filename => (\"#{Claim::BaseClaim.active.find(params[:id]).case_number}-documents.zip\"), :type => \"application/zip\", :disposition => \"attachment\")",
      "render_path": null,
      "location": {
        "type": "method",
        "class": "CaseWorkers::ClaimsController",
        "method": "download_zip"
      },
      "user_input": "Claim::BaseClaim.active.find(params[:id])",
      "confidence": "Weak",
      "cwe_id": [
        22
      ],
      "note": "Caseworkers need to identify the downloads correspond to the cases they are processing"
    }
  ],
  "updated": "2024-04-11 12:12:25 +0100",
  "brakeman_version": "6.1.2"
}