{ "ignored_warnings": [ { "warning_type": "Dynamic Render Path", "warning_code": 15, "fingerprint": "03a2010b605b8bdb7d4e1566720904d69ef2fbf8e7bc35735b84e161b475215e", "check_name": "Render", "message": "Render path contains parameter value", "file": "app/controllers/issues_controller.rb", "line": 5, "link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/", "code": "render(template => \"#{Current.family.issues.find(params[:id]).class.name.underscore.pluralize}/show\", { :layout => \"issues\" })", "render_path": null, "location": { "type": "method", "class": "IssuesController", "method": "show" }, "user_input": "params[:id]", "confidence": "Weak", "cwe_id": [ 22 ], "note": "" }, { "warning_type": "Cross-Site Scripting", "warning_code": 2, "fingerprint": "b1f821a5c03b8aa348fb21b9297081a3bf9e954244290e7e511c67213d35f3dc", "check_name": "CrossSiteScripting", "message": "Unescaped model attribute", "file": "app/views/pages/changelog.html.erb", "line": 22, "link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting", "code": "Provider::Github.new.fetch_latest_release_notes[:body]", "render_path": [ { "type": "controller", "class": "PagesController", "method": "changelog", "line": 35, "file": "app/controllers/pages_controller.rb", "rendered": { "name": "pages/changelog", "file": "app/views/pages/changelog.html.erb" } } ], "location": { "type": "template", "template": "pages/changelog" }, "user_input": null, "confidence": "High", "cwe_id": [ 79 ], "note": "" }, { "warning_type": "Dynamic Render Path", "warning_code": 15, "fingerprint": "b7a59d6dd91f4d30873b271659636c7975e25b47f436b4f03900a08809af2e92", "check_name": "Render", "message": "Render path contains parameter value", "file": "app/views/accounts/show.html.erb", "line": 105, "link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/", "code": "render(action => selected_account_tab(Current.family.accounts.find(params[:id]))[:partial_path], { :account => Current.family.accounts.find(params[:id]) })", "render_path": [ { "type": "controller", "class": "AccountsController", "method": "show", "line": 38, "file": "app/controllers/accounts_controller.rb", "rendered": { "name": "accounts/show", "file": "app/views/accounts/show.html.erb" } } ], "location": { "type": "template", "template": "accounts/show" }, "user_input": "params[:id]", "confidence": "Weak", "cwe_id": [ 22 ], "note": "" }, { "warning_type": "Dynamic Render Path", "warning_code": 15, "fingerprint": "fb6f7abeabc405d6882ffd41dbe8016403ef39307a5c6b4cd7b18adfaf0c24bf", "check_name": "Render", "message": "Render path contains parameter value", "file": "app/views/import/configurations/show.html.erb", "line": 13, "link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/", "code": "render(partial => permitted_import_configuration_path(Current.family.imports.find(params[:import_id])), { :locals => ({ :import => Current.family.imports.find(params[:import_id]) }) })", "render_path": [ { "type": "controller", "class": "Import::ConfigurationsController", "method": "show", "line": 7, "file": "app/controllers/import/configurations_controller.rb", "rendered": { "name": "import/configurations/show", "file": "app/views/import/configurations/show.html.erb" } } ], "location": { "type": "template", "template": "import/configurations/show" }, "user_input": "params[:import_id]", "confidence": "Weak", "cwe_id": [ 22 ], "note": "" } ], "updated": "2024-09-28 13:27:09 -0400", "brakeman_version": "6.2.1" }