Sign upLogin

reactrb/reactive-record

View on GitHub
Star
lib/reactive_record/interval.rb

Summary

Maintainability
A
0 mins
Test Coverage

Possible command injection
Open

    `setTimeout(#{block.to_n}, time * 1000)`
Severity: Minor
Found in lib/reactive_record/interval.rb by brakeman

Injection is #1 on the 2010 OWASP Top Ten web security risks. Command injection occurs when shell commands unsafely include user-manipulatable values.

There are many ways to run commands in Ruby:

`ls #{params[:file]}`

system("ls #{params[:dir]}")

exec("md5sum #{params[:input]}")

Brakeman will warn on any method like these that uses user input or unsafely interpolates variables.

See the Ruby Security Guide for details.

Possible command injection
Open

    @id = `#@window.setTimeout(#{@block.to_n}, #@after * 1000)`
Severity: Minor
Found in lib/reactive_record/interval.rb by brakeman

Injection is #1 on the 2010 OWASP Top Ten web security risks. Command injection occurs when shell commands unsafely include user-manipulatable values.

There are many ways to run commands in Ruby:

`ls #{params[:file]}`

system("ls #{params[:dir]}")

exec("md5sum #{params[:input]}")

Brakeman will warn on any method like these that uses user input or unsafely interpolates variables.

See the Ruby Security Guide for details.

Possible command injection
Open

    `#@window.clearInterval(#@id)`
Severity: Minor
Found in lib/reactive_record/interval.rb by brakeman

Injection is #1 on the 2010 OWASP Top Ten web security risks. Command injection occurs when shell commands unsafely include user-manipulatable values.

There are many ways to run commands in Ruby:

`ls #{params[:file]}`

system("ls #{params[:dir]}")

exec("md5sum #{params[:input]}")

Brakeman will warn on any method like these that uses user input or unsafely interpolates variables.

See the Ruby Security Guide for details.

Possible command injection
Open

    `#@window.clearTimeout(#@id)`
Severity: Minor
Found in lib/reactive_record/interval.rb by brakeman

Injection is #1 on the 2010 OWASP Top Ten web security risks. Command injection occurs when shell commands unsafely include user-manipulatable values.

There are many ways to run commands in Ruby:

`ls #{params[:file]}`

system("ls #{params[:dir]}")

exec("md5sum #{params[:input]}")

Brakeman will warn on any method like these that uses user input or unsafely interpolates variables.

See the Ruby Security Guide for details.

Possible command injection
Open

    `setTimeout(#{block.to_n}, time * 1000)`
Severity: Minor
Found in lib/reactive_record/interval.rb by brakeman

Injection is #1 on the 2010 OWASP Top Ten web security risks. Command injection occurs when shell commands unsafely include user-manipulatable values.

There are many ways to run commands in Ruby:

`ls #{params[:file]}`

system("ls #{params[:dir]}")

exec("md5sum #{params[:input]}")

Brakeman will warn on any method like these that uses user input or unsafely interpolates variables.

See the Ruby Security Guide for details.

Possible command injection
Open

    `#@window.clearInterval(#@id)`
Severity: Minor
Found in lib/reactive_record/interval.rb by brakeman

Injection is #1 on the 2010 OWASP Top Ten web security risks. Command injection occurs when shell commands unsafely include user-manipulatable values.

There are many ways to run commands in Ruby:

`ls #{params[:file]}`

system("ls #{params[:dir]}")

exec("md5sum #{params[:input]}")

Brakeman will warn on any method like these that uses user input or unsafely interpolates variables.

See the Ruby Security Guide for details.

Possible command injection
Open

    @id = `#@window.setInterval(#@block, #@every * 1000)`
Severity: Minor
Found in lib/reactive_record/interval.rb by brakeman

Injection is #1 on the 2010 OWASP Top Ten web security risks. Command injection occurs when shell commands unsafely include user-manipulatable values.

There are many ways to run commands in Ruby:

`ls #{params[:file]}`

system("ls #{params[:dir]}")

exec("md5sum #{params[:input]}")

Brakeman will warn on any method like these that uses user input or unsafely interpolates variables.

See the Ruby Security Guide for details.

Unused method argument - time. If it's necessary, use _ or _time as an argument name to indicate that it won't be used.
Open

  def after!(time, &block)
Severity: Minor
Found in lib/reactive_record/interval.rb by rubocop

This cop checks for unused method arguments.

Example:

# bad

def some_method(used, unused, _unused_but_allowed)
  puts used
end

Example:

# good

def some_method(used, _unused, _unused_but_allowed)
  puts used
end

Unused method argument - time. If it's necessary, use _ or _time as an argument name to indicate that it won't be used.
Open

  def after(time, &block)
Severity: Minor
Found in lib/reactive_record/interval.rb by rubocop

This cop checks for unused method arguments.

Example:

# bad

def some_method(used, unused, _unused_but_allowed)
  puts used
end

Example:

# good

def some_method(used, _unused, _unused_but_allowed)
  puts used
end

There are no issues that match your filters.

Category
Status