Sign upLogin

mmpollard/RMSIVendorRegApp

View on GitHub
Star

Showing 128 of 128 total issues

Rails 4.2.5.1 content_tag does not escape double quotes in attribute values (CVE-2016-6316). Upgrade to 4.2.7.1
Open

    rails (4.2.5.1)
Severity: Minor
Found in Gemfile.lock by brakeman

Read more: https://groups.google.com/d/msg/ruby-security-ann/8B2iV2tPRSE/JkjCJkSoCgAJ

rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4
Open

    rails-html-sanitizer (1.0.3)
Severity: Minor
Found in Gemfile.lock by brakeman

Read more: https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ

Loofah 2.0.3 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2
Open

    loofah (2.0.3)
Severity: Minor
Found in Gemfile.lock by brakeman

Read more: https://github.com/flavorjones/loofah/issues/144

Rails 4.2.5.1 contains a SQL injection vulnerability (CVE-2016-6317). Upgrade to 4.2.7.1
Open

    rails (4.2.5.1)
Severity: Critical
Found in Gemfile.lock by brakeman

Read more: https://groups.google.com/d/msg/ruby-security-ann/WccgKSKiPZA/9DrsDVSoCgAJ

Rule doesn't have all its properties in alphabetical order.
Open

.btn-file {
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Using width with border can sometimes make elements larger than you expect.
Open

    border: 1px solid #ddd;
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Rule doesn't have all its properties in alphabetical order.
Open

.file-caption-name {
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Background image '../img/loading.gif' was used multiple times, first declared at line 20, col 5.
Open

    background: transparent url('../img/loading.gif') no-repeat scroll center center content-box !important;
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Useless assignment to variable - message_params.
Open

        message_params = {
Severity: Minor
Found in app/controllers/forms_controller.rb by rubocop

This cop checks for every useless assignment to local variable in every scope. The basic idea for this cop was from the warning of ruby -cw:

assigned but unused variable - foo

Currently this cop has advanced logic that detects unreferenced reassignments and properly handles varied cases such as branch, loop, rescue, ensure, etc.

Example:

# bad

def some_method
  some_var = 1
  do_something
end

Example:

# good

def some_method
  some_var = 1
  do_something(some_var)
end

Rule doesn't have all its properties in alphabetical order.
Open

.file-loading {
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

end at 27, 2 is not aligned with create_table "forms", force: :cascade do |t| at 3, 4.
Open

  end
Severity: Minor
Found in db/migrate/20160411035621_create_forms.rb by rubocop

This cop checks whether the end keywords are aligned properly for do end blocks.

Three modes are supported through the EnforcedStyleAlignWith configuration parameter:

start_of_block : the end shall be aligned with the start of the line where the do appeared.

start_of_line : the end shall be aligned with the start of the line where the expression started.

either (which is the default) : the end is allowed to be in either location. The autofixer will default to start_of_line.

Example: EnforcedStyleAlignWith: either (default)

# bad

foo.bar
   .each do
     baz
       end

# good

variable = lambda do |i|
  i
end

Example: EnforcedStyleAlignWith: startofblock

# bad

foo.bar
   .each do
     baz
       end

# good

foo.bar
  .each do
     baz
   end

Example: EnforcedStyleAlignWith: startofline

# bad

foo.bar
   .each do
     baz
       end

# good

foo.bar
  .each do
     baz
end

Ambiguous regexp literal. Parenthesize the method arguments if it's surely a regexp literal, or add a whitespace to the right of the / if it should be a division.
Open

Then /^the ([^"]*) should receive a confirmation email containing the file "([^"]*)"$/ do |arg1, arg2|
Severity: Minor
Found in features/step_definitions/form_steps.rb by rubocop

This cop checks for ambiguous regexp literals in the first argument of a method invocation without parentheses.

Example:

# bad

# This is interpreted as a method invocation with a regexp literal,
# but it could possibly be `/` method invocations.
# (i.e. `do_something./(pattern)./(i)`)
do_something /pattern/i

Example:

# good

# With parentheses, there's no ambiguity.
do_something(/pattern/i)

Ambiguous regexp literal. Parenthesize the method arguments if it's surely a regexp literal, or add a whitespace to the right of the / if it should be a division.
Open

Then /as "([^"]*)", I should receive a confirmation at "([^"]*)"/ do |who, email|
Severity: Minor
Found in features/step_definitions/form_steps.rb by rubocop

This cop checks for ambiguous regexp literals in the first argument of a method invocation without parentheses.

Example:

# bad

# This is interpreted as a method invocation with a regexp literal,
# but it could possibly be `/` method invocations.
# (i.e. `do_something./(pattern)./(i)`)
do_something /pattern/i

Example:

# good

# With parentheses, there's no ambiguity.
do_something(/pattern/i)

Using height with border can sometimes make elements larger than you expect.
Open

    border: 1px dashed #aaa;
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Rule doesn't have all its properties in alphabetical order.
Open

.file-thumb-progress {
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Ambiguous regexp literal. Parenthesize the method arguments if it's surely a regexp literal, or add a whitespace to the right of the / if it should be a division.
Open

Then /^the "([^"]*)" field(?: within (.*))? for equipment rentals should contain "([^"]*)"$/ do |field, parent, value|
Severity: Minor
Found in features/step_definitions/form_steps.rb by rubocop

This cop checks for ambiguous regexp literals in the first argument of a method invocation without parentheses.

Example:

# bad

# This is interpreted as a method invocation with a regexp literal,
# but it could possibly be `/` method invocations.
# (i.e. `do_something./(pattern)./(i)`)
do_something /pattern/i

Example:

# good

# With parentheses, there's no ambiguity.
do_something(/pattern/i)

Rule doesn't have all its properties in alphabetical order.
Open

.file-footer-caption {
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Rule doesn't have all its properties in alphabetical order.
Open

.file-preview-error {
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Rule doesn't have all its properties in alphabetical order.
Open

.btn-file ::-ms-browse {
Severity: Minor
Found in app/assets/stylesheets/fileinput.css by csslint

Ambiguous regexp literal. Parenthesize the method arguments if it's surely a regexp literal, or add a whitespace to the right of the / if it should be a division.
Open

When /I should see the following (.*): (.*)/ do |inputtype, fieldlist|
Severity: Minor
Found in features/step_definitions/form_steps.rb by rubocop

This cop checks for ambiguous regexp literals in the first argument of a method invocation without parentheses.

Example:

# bad

# This is interpreted as a method invocation with a regexp literal,
# but it could possibly be `/` method invocations.
# (i.e. `do_something./(pattern)./(i)`)
do_something /pattern/i

Example:

# good

# With parentheses, there's no ambiguity.
do_something(/pattern/i)
Severity
Category
Status
Source
Language