Sign upLogin

toshimaru/RailsTwitterClone

View on GitHub
Star

Showing 4 of 4 total issues

Function exports has 66 lines of code (exceeds 25 allowed). Consider refactoring.
Open

module.exports = function(api) {
  var validEnv = ['development', 'test', 'production']
  var currentEnv = api.env()
  var isDevelopmentEnv = api.env('development')
  var isProductionEnv = api.env('production')
Severity: Major
Found in babel.config.js - About 2 hrs to fix

    Render path contains parameter value
    Open

            <%= render @tweets %>
    Severity: Minor
    Found in app/views/users/show.html.erb by brakeman

    When a call to render uses a dynamically generated path, template name, file name, or action, there is the possibility that a user can access templates that should be restricted. The issue may be worse if those templates execute code or modify the database.

    This warning is shown whenever the path to be rendered is not a static string or symbol.

    These warnings are often false positives, however, because it can be difficult to manipulate Rails' assumptions about paths to perform malicious behavior. Reports of dynamic render paths should be checked carefully to see if they can actually be manipulated maliciously by the user.

    Render path contains parameter value
    Confirmed

          <%= render @users %>
    Severity: Minor
    Found in app/views/users/show_follow.html.erb by brakeman

    When a call to render uses a dynamically generated path, template name, file name, or action, there is the possibility that a user can access templates that should be restricted. The issue may be worse if those templates execute code or modify the database.

    This warning is shown whenever the path to be rendered is not a static string or symbol.

    These warnings are often false positives, however, because it can be difficult to manipulate Rails' assumptions about paths to perform malicious behavior. Reports of dynamic render paths should be checked carefully to see if they can actually be manipulated maliciously by the user.

    Render path contains parameter value
    Open

            <%= render @tweets %>
    Severity: Minor
    Found in app/views/home/index.html.erb by brakeman

    When a call to render uses a dynamically generated path, template name, file name, or action, there is the possibility that a user can access templates that should be restricted. The issue may be worse if those templates execute code or modify the database.

    This warning is shown whenever the path to be rendered is not a static string or symbol.

    These warnings are often false positives, however, because it can be difficult to manipulate Rails' assumptions about paths to perform malicious behavior. Reports of dynamic render paths should be checked carefully to see if they can actually be manipulated maliciously by the user.

    Severity
    Category
    Status
    Source
    Language