publiclab/plots2

View on GitHub

Showing 613 of 615 total issues

CSRF vulnerability in OmniAuth's request phase
Open

    omniauth (1.9.1)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2015-9284

Criticality: High

URL: https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284

Solution: upgrade to >= 2.0.0

activerecord-session_store Timing Attack
Open

    activerecord-session_store (1.1.3)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2019-25025

Criticality: Medium

URL: https://github.com/advisories/GHSA-cvw2-xj8r-mjf7

Solution: upgrade to >= 2.0.0

File node.rb has 985 lines of code (exceeds 250 allowed). Consider refactoring.
Open

class UniqueUrlValidator < ActiveModel::Validator
  def validate(record)
    if record.title.blank?
      record.errors[:base] << "You must provide a title."
      # otherwise the below title uniqueness check fails, as title presence validation doesn't run until after
Severity: Major
Found in app/models/node.rb - About 2 days to fix

Class Node has 110 methods (exceeds 20 allowed). Consider refactoring.
Open

class Node < ActiveRecord::Base
  extend RawStats
  include NodeShared # common methods for node-like models

  self.table_name = 'node'
Severity: Major
Found in app/models/node.rb - About 2 days to fix

Method handle_site_login_flow has a Cognitive Complexity of 77 (exceeds 5 allowed). Consider refactoring.
Open

  def handle_site_login_flow
    username = params[:user_session][:username] if params[:user_session]
    u = User.find_by(username: username) || User.find_by(email: username)
    if u && u.password_checker != 0
      n = u.password_checker
Severity: Minor
Found in app/controllers/user_sessions_controller.rb - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Class User has 70 methods (exceeds 20 allowed). Consider refactoring.
Open

class User < ActiveRecord::Base
  extend Utils
  include Statistics
  extend RawStats
  self.table_name = 'rusers'
Severity: Major
Found in app/models/user.rb - About 1 day to fix

Method multiple_add has a Cognitive Complexity of 52 (exceeds 5 allowed). Consider refactoring.
Open

  def multiple_add
    return_to = params[:return_to] || "/subscriptions?_=" + Time.now.to_i.to_s
    if params[:tagnames].blank?
      flash[:notice] = "Please enter tags for subscription in the url."
      redirect_to return_to
Severity: Minor
Found in app/controllers/subscription_controller.rb - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method add_tag has a Cognitive Complexity of 51 (exceeds 5 allowed). Consider refactoring.
Open

  def add_tag(tagname, user)
    if user.status == 1
      tagname = tagname.downcase
      unless has_tag_without_aliasing(tagname)
        saved = false
Severity: Minor
Found in app/models/node.rb - About 7 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

File tag_controller.rb has 478 lines of code (exceeds 250 allowed). Consider refactoring.
Open

class TagController < ApplicationController
  respond_to :html, :xml, :json, :ics
  before_action :require_user, only: %i(create delete)
  include Pagy::Backend

Severity: Minor
Found in app/controllers/tag_controller.rb - About 7 hrs to fix

Method index has a Cognitive Complexity of 46 (exceeds 5 allowed). Consider refactoring.
Open

  def index
    begin
      permitted_params = params.permit(
        'authenticity_token', 'back_to',
        'commit',
Severity: Minor
Found in app/controllers/openid_controller.rb - About 7 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method can_tag has a Cognitive Complexity of 44 (exceeds 5 allowed). Consider refactoring.
Open

  def can_tag(tagname, user, errors = false)
    one_split = tagname.split(':')[1]
    socials = { facebook: 'Facebook', github: 'Github', google_oauth2: 'Google', twitter: 'Twitter' }

    if tagname[0..4] == 'with:'
Severity: Minor
Found in app/models/node.rb - About 6 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Class Comment has 48 methods (exceeds 20 allowed). Consider refactoring.
Open

class Comment < ApplicationRecord
  include CommentsShared
  extend RawStats

  belongs_to :node, foreign_key: 'nid', touch: true, counter_cache: true
Severity: Minor
Found in app/models/comment.rb - About 6 hrs to fix

File wiki_controller.rb has 444 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'rss'

class WikiController < ApplicationController
  before_action :require_user, only: %i(new create edit update delete replace)

Severity: Minor
Found in app/controllers/wiki_controller.rb - About 6 hrs to fix

Method show has a Cognitive Complexity of 43 (exceeds 5 allowed). Consider refactoring.
Open

  def show
    if params[:id].is_a? Integer
      @wiki = Node.find(params[:id])&.first
    elsif params[:id].to_s.match?(":")
      @wiki = Node.where(slug: params[:id].match('[^:]*$').to_s).try(:first)
Severity: Minor
Found in app/controllers/tag_controller.rb - About 6 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

File comment.rb has 439 lines of code (exceeds 250 allowed). Consider refactoring.
Open

class Comment < ApplicationRecord
  include CommentsShared
  extend RawStats

  belongs_to :node, foreign_key: 'nid', touch: true, counter_cache: true
Severity: Minor
Found in app/models/comment.rb - About 6 hrs to fix

File user.rb has 434 lines of code (exceeds 250 allowed). Consider refactoring.
Open

class UniqueUsernameValidator < ActiveModel::Validator
  def validate(record)
    if User.find_by(username: record.username) && record.openid_identifier.nil?
      record.errors[:base] << 'That username is already taken. If this is your username, you can simply log in to this site.'
    end
Severity: Minor
Found in app/models/user.rb - About 6 hrs to fix

File users_controller.rb has 426 lines of code (exceeds 250 allowed). Consider refactoring.
Open

class UsersController < ApplicationController
  before_action :require_no_user, only: [:new]
  before_action :require_user, only: %i(edit update save_settings settings)
   before_action :set_user, only: %i(info followed following followers)

Severity: Minor
Found in app/controllers/users_controller.rb - About 6 hrs to fix

Method show has a Cognitive Complexity of 40 (exceeds 5 allowed). Consider refactoring.
Open

  def show
    @node = if params[:lang]
              Node.find_wiki(params[:lang] + '/' + params[:id])
            else
              Node.find_wiki(params[:id])
Severity: Minor
Found in app/controllers/wiki_controller.rb - About 6 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Block has too many lines. [325/257]
Open

    resource :srch do
      # Request URL should be /api/srch/all?query=QRY
      desc 'Perform a search of all available resources', hidden: false,
                                                          is_array: false,
                                                          nickname: 'search_all'
Severity: Minor
Found in app/api/srch/search.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

File notes_controller.rb has 413 lines of code (exceeds 250 allowed). Consider refactoring.
Open

class NotesController < ApplicationController
  respond_to :html
  before_action :require_user, only: %i(create edit update delete rsvp publish_draft)
  before_action :set_node, only: %i(show)

Severity: Minor
Found in app/controllers/notes_controller.rb - About 5 hrs to fix
Severity
Category
Status
Source
Language