Sign upLogin

publiclab/mapknitter

View on GitHub
Star

Showing 127 of 127 total issues

Possible RCE escalation bug with Serialized Columns in Active Record
Open

    activerecord (5.2.8)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2022-32224

Criticality: Critical

URL: https://groups.google.com/g/rubyonrails-security/c/MmFO3LYQE8U

Solution: upgrade to >= 5.2.8.1, ~> 5.2.8, >= 6.0.5.1, ~> 6.0.5, >= 6.1.6.1, ~> 6.1.6, >= 7.0.3.1

TODO found
Open

    # TODO: these could use optimization but are better than prev:
Severity: Minor
Found in app/controllers/front_ui_controller.rb by fixme

TODO found
Open

           * TODO: toolbar may still appear outside of frame. Create a getter for toolbar corners in LDI and then include them in this calculation
Severity: Minor
Found in app/assets/javascripts/mapknitter/Map.js by fixme

TODO found
Open

     * TODO: the edit event is fire on handleDragEnd from LDI. This needs to be documented.
Severity: Minor
Found in app/assets/javascripts/mapknitter/Map.js by fixme

TODO found
Open

       * TODO: toolbar may still appear outside of frame. Create a getter for toolbar corners in LDI and then include them in this calculation
Severity: Minor
Found in app/assets/javascripts/mapknitter/Map.js by fixme

TODO found
Open

  /** ========== custom toolbar actions =========== */ /* TODO: find a better place for these */
Severity: Minor
Found in app/assets/javascripts/mapknitter/Map.js by fixme

TODO found
Open

  # TODO: simplify/reduce # of parameters needed here:
Severity: Minor
Found in app/models/warpable.rb by fixme
Severity
Category
Status
Source
Language