brake the man

2026-04-19 19:45:07 +00:00 · 2026-01-30 13:42:05 -05:00 · 2026-01-30 13:42:05 -05:00 · 89179edb14
commit 89179edb14
parent 0ceb3728a0
2 changed files with 29 additions and 1 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -87,7 +87,7 @@ GEM
      argon2-kdf (>= 0.2)
    bootsnap (1.21.1)
      msgpack (~> 1.2)
-    brakeman (7.1.2)
+    brakeman (8.0.1)
      racc
    builder (3.3.0)
    capybara (3.40.0)
--- a/config/brakeman.ignore
+++ b/config/brakeman.ignore
@ -0,0 +1,28 @@
+{
+  "ignored_warnings": [
+    {
+      "warning_type": "Redirect",
+      "warning_code": 18,
+      "fingerprint": "264fe1309b8371f2f0f88576487cb17179e0dfdf33ccd499ae74e707ea91bc1c",
+      "check_name": "Redirect",
+      "message": "Possible unprotected redirect",
+      "file": "app/controllers/external_uploads_controller.rb",
+      "line": 24,
+      "link": "https://brakemanscanner.org/docs/warning_types/redirect/",
+      "code": "redirect_to(Upload.includes(:blob).find_by(:original_url => params[:url]).cdn_url, :allow_other_host => true)",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "ExternalUploadsController",
+        "method": "rescue"
+      },
+      "user_input": "Upload.includes(:blob).find_by(:original_url => params[:url]).cdn_url",
+      "confidence": "Weak",
+      "cwe_id": [
+        601
+      ],
+      "note": ""
+    }
+  ],
+  "brakeman_version": "8.0.1"
+}