webcraftmedia/coverage-check-action
Archived
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
This repository has been archived on 2023-10-25. You can view files and clone it, but cannot push or open issues or pull requests.
coverage-check-action/spec/fixtures/report.json
Miguel Savignano 676c32372f refactor test annotations
2019-11-01 22:23:15 +01:00

171 lines
4.5 KiB
JSON
Raw Blame History

{
"scan_info": {
"app_path": "/home/masx/developer/dockerize-rails",
"rails_version": "5.2.2",
"security_warnings": 4,
"start_time": "2019-11-01 22:07:50 +0100",
"end_time": "2019-11-01 22:07:50 +0100",
"duration": 0.166390277,
"checks_performed": [
"BasicAuth",
"BasicAuthTimingAttack",
"ContentTag",
"CookieSerialization",
"CreateWith",
"CrossSiteScripting",
"DefaultRoutes",
"Deserialize",
"DetailedExceptions",
"DigestDoS",
"DynamicFinders",
"EscapeFunction",
"Evaluation",
"Execute",
"FileAccess",
"FileDisclosure",
"FilterSkipping",
"ForgerySetting",
"HeaderDoS",
"I18nXSS",
"JRubyXML",
"JSONEncoding",
"JSONParsing",
"LinkTo",
"LinkToHref",
"MailTo",
"MassAssignment",
"MimeTypeDoS",
"ModelAttrAccessible",
"ModelAttributes",
"ModelSerialize",
"NestedAttributes",
"NestedAttributesBypass",
"NumberToCurrency",
"PermitAttributes",
"QuoteTableName",
"Redirect",
"RegexDoS",
"Render",
"RenderDoS",
"RenderInline",
"ResponseSplitting",
"RouteDoS",
"SQL",
"SQLCVEs",
"SSLVerify",
"SafeBufferManipulation",
"SanitizeMethods",
"SelectTag",
"SelectVulnerability",
"Send",
"SendFile",
"SessionManipulation",
"SessionSettings",
"SimpleFormat",
"SingleQuotes",
"SkipBeforeFilter",
"SprocketsPathTraversal",
"StripTags",
"SymbolDoSCVE",
"TranslateBug",
"UnsafeReflection",
"ValidationRegex",
"WithoutProtection",
"XMLDoS",
"YAMLParsing"
],
"number_of_controllers": 2,
"number_of_models": 2,
"number_of_templates": 7,
"ruby_version": "2.6.3",
"brakeman_version": "4.7.1"
},
"warnings": [
{
"warning_type": "Dangerous Eval",
"warning_code": 13,
"fingerprint": "490f917262d1384df60e24097536f6c9039e5f5ba11fe11bf0981109cd286fc5",
"check_name": "Evaluation",
"message": "User input in eval",
"file": "app/controllers/posts_controller.rb",
"line": 29,
"link": "https://brakemanscanner.org/docs/warning_types/dangerous_eval/",
"code": "eval(params)",
"render_path": null,
"location": {
"type": "method",
"class": "PostsController",
"method": "create"
},
"user_input": "params",
"confidence": "High"
},
{
"warning_type": "Mass Assignment",
"warning_code": 70,
"fingerprint": "5b486a498b14e1a12361c50863e2770c966799c9d5c6b6b9ab9bd8797c28a986",
"check_name": "MassAssignment",
"message": "Parameters should be whitelisted for mass assignment",
"file": "app/controllers/posts_controller.rb",
"line": 18,
"link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/",
"code": "params.permit!",
"render_path": null,
"location": {
"type": "method",
"class": "PostsController",
"method": "new"
},
"user_input": null,
"confidence": "High"
},
{
"warning_type": "Mass Assignment",
"warning_code": 70,
"fingerprint": "5b486a498b14e1a12361c50863e2770c966799c9d5c6b6b9ab9bd8797c28a986",
"check_name": "MassAssignment",
"message": "Parameters should be whitelisted for mass assignment",
"file": "app/controllers/posts_controller.rb",
"line": 19,
"link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/",
"code": "params.permit!",
"render_path": null,
"location": {
"type": "method",
"class": "PostsController",
"method": "new"
},
"user_input": null,
"confidence": "High"
},
{
"warning_type": "SQL Injection",
"warning_code": 0,
"fingerprint": "6e457f0a360661641a71555352f13a7cb2d983916b936007fce4e3826b837402",
"check_name": "SQL",
"message": "Possible SQL injection",
"file": "app/controllers/posts_controller.rb",
"line": 13,
"link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
"code": "User.where(\"#{params[:query]}\")",
"render_path": null,
"location": {
"type": "method",
"class": "PostsController",
"method": "show"
},
"user_input": "params[:query]",
"confidence": "Medium"
}
],
"ignored_warnings": [
],
"errors": [
],
"obsolete": [
]
}
Reference in New Issue View Git Blame Copy Permalink