Showing 128 of 128 total issues
Rails 4.2.5.1 content_tag does not escape double quotes in attribute values (CVE-2016-6316). Upgrade to 4.2.7.1 Open
rails (4.2.5.1)
- Read upRead up
- Exclude checks
rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4 Open
rails-html-sanitizer (1.0.3)
- Read upRead up
- Exclude checks
Loofah 2.0.3 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2 Open
loofah (2.0.3)
- Read upRead up
- Exclude checks
Rails 4.2.5.1 contains a SQL injection vulnerability (CVE-2016-6317). Upgrade to 4.2.7.1 Open
rails (4.2.5.1)
- Read upRead up
- Exclude checks
Rule doesn't have all its properties in alphabetical order. Open
.btn-file {
- Exclude checks
Using width with border can sometimes make elements larger than you expect. Open
border: 1px solid #ddd;
- Exclude checks
Rule doesn't have all its properties in alphabetical order. Open
.file-caption-name {
- Exclude checks
Background image '../img/loading.gif' was used multiple times, first declared at line 20, col 5. Open
background: transparent url('../img/loading.gif') no-repeat scroll center center content-box !important;
- Exclude checks
Useless assignment to variable - message_params
. Open
message_params = {
- Read upRead up
- Exclude checks
This cop checks for every useless assignment to local variable in every
scope.
The basic idea for this cop was from the warning of ruby -cw
:
assigned but unused variable - foo
Currently this cop has advanced logic that detects unreferenced reassignments and properly handles varied cases such as branch, loop, rescue, ensure, etc.
Example:
# bad
def some_method
some_var = 1
do_something
end
Example:
# good
def some_method
some_var = 1
do_something(some_var)
end
Rule doesn't have all its properties in alphabetical order. Open
.file-loading {
- Exclude checks
end
at 27, 2 is not aligned with create_table "forms", force: :cascade do |t|
at 3, 4. Open
end
- Read upRead up
- Exclude checks
This cop checks whether the end keywords are aligned properly for do end blocks.
Three modes are supported through the EnforcedStyleAlignWith
configuration parameter:
start_of_block
: the end
shall be aligned with the
start of the line where the do
appeared.
start_of_line
: the end
shall be aligned with the
start of the line where the expression started.
either
(which is the default) : the end
is allowed to be in either
location. The autofixer will default to start_of_line
.
Example: EnforcedStyleAlignWith: either (default)
# bad
foo.bar
.each do
baz
end
# good
variable = lambda do |i|
i
end
Example: EnforcedStyleAlignWith: startofblock
# bad
foo.bar
.each do
baz
end
# good
foo.bar
.each do
baz
end
Example: EnforcedStyleAlignWith: startofline
# bad
foo.bar
.each do
baz
end
# good
foo.bar
.each do
baz
end
Ambiguous regexp literal. Parenthesize the method arguments if it's surely a regexp literal, or add a whitespace to the right of the /
if it should be a division. Open
Then /^the ([^"]*) should receive a confirmation email containing the file "([^"]*)"$/ do |arg1, arg2|
- Read upRead up
- Exclude checks
This cop checks for ambiguous regexp literals in the first argument of a method invocation without parentheses.
Example:
# bad
# This is interpreted as a method invocation with a regexp literal,
# but it could possibly be `/` method invocations.
# (i.e. `do_something./(pattern)./(i)`)
do_something /pattern/i
Example:
# good
# With parentheses, there's no ambiguity.
do_something(/pattern/i)
Ambiguous regexp literal. Parenthesize the method arguments if it's surely a regexp literal, or add a whitespace to the right of the /
if it should be a division. Open
Then /as "([^"]*)", I should receive a confirmation at "([^"]*)"/ do |who, email|
- Read upRead up
- Exclude checks
This cop checks for ambiguous regexp literals in the first argument of a method invocation without parentheses.
Example:
# bad
# This is interpreted as a method invocation with a regexp literal,
# but it could possibly be `/` method invocations.
# (i.e. `do_something./(pattern)./(i)`)
do_something /pattern/i
Example:
# good
# With parentheses, there's no ambiguity.
do_something(/pattern/i)
Using height with border can sometimes make elements larger than you expect. Open
border: 1px dashed #aaa;
- Exclude checks
Rule doesn't have all its properties in alphabetical order. Open
.file-thumb-progress {
- Exclude checks
Ambiguous regexp literal. Parenthesize the method arguments if it's surely a regexp literal, or add a whitespace to the right of the /
if it should be a division. Open
Then /^the "([^"]*)" field(?: within (.*))? for equipment rentals should contain "([^"]*)"$/ do |field, parent, value|
- Read upRead up
- Exclude checks
This cop checks for ambiguous regexp literals in the first argument of a method invocation without parentheses.
Example:
# bad
# This is interpreted as a method invocation with a regexp literal,
# but it could possibly be `/` method invocations.
# (i.e. `do_something./(pattern)./(i)`)
do_something /pattern/i
Example:
# good
# With parentheses, there's no ambiguity.
do_something(/pattern/i)
Rule doesn't have all its properties in alphabetical order. Open
.file-footer-caption {
- Exclude checks
Rule doesn't have all its properties in alphabetical order. Open
.file-preview-error {
- Exclude checks
Rule doesn't have all its properties in alphabetical order. Open
.btn-file ::-ms-browse {
- Exclude checks
Ambiguous regexp literal. Parenthesize the method arguments if it's surely a regexp literal, or add a whitespace to the right of the /
if it should be a division. Open
When /I should see the following (.*): (.*)/ do |inputtype, fieldlist|
- Read upRead up
- Exclude checks
This cop checks for ambiguous regexp literals in the first argument of a method invocation without parentheses.
Example:
# bad
# This is interpreted as a method invocation with a regexp literal,
# but it could possibly be `/` method invocations.
# (i.e. `do_something./(pattern)./(i)`)
do_something /pattern/i
Example:
# good
# With parentheses, there's no ambiguity.
do_something(/pattern/i)