Sign upLogin

openaustralia/planningalerts

View on GitHub
Star

Showing 12 of 12 total issues

Function barGraph has 154 lines of code (exceeds 25 allowed). Consider refactoring.
Open

function barGraph(selector, url, metric) {
  // Add the chart
  d3.json(url, function(data) {

    data = data.map(function(d, i) {
Severity: Major
Found in app/assets/javascripts/bar_graph.js - About 6 hrs to fix

    Class Tailwind has 21 methods (exceeds 20 allowed). Consider refactoring.
    Open

      class Tailwind < ActionView::Helpers::FormBuilder
    extend T::Sig

    sig { params(method: Symbol, text: T.any(T.nilable(String), T::Hash[Symbol, String]), options: T::Hash[Symbol, String]).returns(String) }
    def label(method, text = nil, options = {})
    Severity: Minor
    Found in app/lib/form_builders/tailwind.rb - About 2 hrs to fix

      Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def initialize(size:, alignment:)
    super

    # Doing it this way so that tailwind doesn't compile the classes out
    case size
      Severity: Major
      Found in app/components/speech_bubble_component.rb - About 2 hrs to fix

        Method initialize has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.
        Open

          def initialize(tag:, size: nil, color: nil, font: nil, weight: nil, extra_classes: "")
    super

    default_size = DEFAULT_SIZES[tag]
    raise "Unexpected tag #{tag}" if default_size.nil?
        Severity: Minor
        Found in app/components/heading_component.rb - About 1 hr to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

          class AlertPolicy < ApplicationPolicy
    extend T::Sig

    sig { returns(T::Boolean) }
    def index?
        Severity: Major
        Found in app/policies/admin/alert_policy.rb and 1 other location - About 1 hr to fix
        app/policies/admin/comment_policy.rb on lines 5..32

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 63.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

          class CommentPolicy < ApplicationPolicy
    extend T::Sig

    sig { returns(T::Boolean) }
    def index?
        Severity: Major
        Found in app/policies/admin/comment_policy.rb and 1 other location - About 1 hr to fix
        app/policies/admin/alert_policy.rb on lines 5..32

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 63.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Function initialiseGeocodingMap has 33 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

        async function initialiseGeocodingMap(map_div) {
  const { Map, InfoWindow } = await google.maps.importLibrary('maps');
  const { Marker } = await google.maps.importLibrary("marker");

  var g = JSON.parse(map_div.dataset.google);
        Severity: Minor
        Found in app/assets/javascripts/maps.js - About 1 hr to fix

          Method initialize has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
          Open

            def initialize(size:, alignment:)
    super

    # Doing it this way so that tailwind doesn't compile the classes out
    case size
          Severity: Minor
          Found in app/components/speech_bubble_component.rb - About 55 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function getAddress has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
          Open

          async function getAddress() {
  try {
    var pos = await getPositionByGeolocation({enableHighAccuracy: true, timeout: 10000});
  } catch(err) {
    if (err.code == 1) { // User said no
          Severity: Minor
          Found in app/assets/javascripts/geolocation.js - About 35 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Possible unprotected redirect
          Open

                  redirect_to after_sign_in_path_for(@user), notice: t(".success")
          Severity: Minor
          Found in app/controllers/users/activations_controller.rb by brakeman

          Unvalidated redirects and forwards are #10 on the OWASP Top Ten.

          Redirects which rely on user-supplied values can be used to "spoof" websites or hide malicious links in otherwise harmless-looking URLs. They can also allow access to restricted areas of a site if the destination is not validated.

          Brakeman will raise warnings whenever redirect_to appears to be used with a user-supplied value that may allow them to change the :host option.

          For example,

          redirect_to params.merge(:action => :home)

          will create a warning like

          Possible unprotected redirect near line 46: redirect_to(params)

          This is because params could contain :host => 'evilsite.com' which would redirect away from your site and to a malicious site.

          If the first argument to redirect_to is a hash, then adding :only_path => true will limit the redirect to the current host. Another option is to specify the host explicitly.

          redirect_to params.merge(:only_path => true)

redirect_to params.merge(:host => 'myhost.com')

          If the first argument is a string, then it is possible to parse the string and extract the path:

          redirect_to URI.parse(some_url).path

          If the URL does not contain a protocol (e.g., http://), then you will probably get unexpected results, as redirect_to will prepend the current host name and a protocol.

          Render path contains parameter value
          Open

            <%= render @application.versions %>
          Severity: Minor
          Found in app/views/application_versions/index.html.erb by brakeman

          When a call to render uses a dynamically generated path, template name, file name, or action, there is the possibility that a user can access templates that should be restricted. The issue may be worse if those templates execute code or modify the database.

          This warning is shown whenever the path to be rendered is not a static string or symbol.

          These warnings are often false positives, however, because it can be difficult to manipulate Rails' assumptions about paths to perform malicious behavior. Reports of dynamic render paths should be checked carefully to see if they can actually be manipulated maliciously by the user.

          Method changed_data_attributes has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
          Open

            def changed_data_attributes
    v = previous_version
    if v
      changed = {}
      data_attributes.each_key do |a|
          Severity: Minor
          Found in app/models/application_version.rb - About 25 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Severity
          Category
          Status
          Source
          Language