{ "ignored_warnings": [ { "warning_type": "SQL Injection", "warning_code": 0, "fingerprint": "6f3216446dca0fa79e96267eb0323d50cc59e7bc1e1529fd160cd5beb185e2f2", "message": "Possible SQL injection", "file": "app/controllers/admin/candidate_controller.rb", "line": 9, "link": "http://brakemanscanner.org/docs/warning_types/sql_injection/", "code": "Candidate.order(\"#{sort_column} #{sort_direction}\")", "render_path": null, "location": { "type": "method", "class": "Admin::CandidateController", "method": "index" }, "user_input": "sort_column", "confidence": "Medium", "note": "" }, { "warning_type": "SQL Injection", "warning_code": 0, "fingerprint": "7b53c580318f2405b59e3332311533ed2d3b395020107634b5362462896dcc1a", "message": "Possible SQL injection", "file": "app/controllers/admin/result_controller.rb", "line": 16, "link": "http://brakemanscanner.org/docs/warning_types/sql_injection/", "code": "Candidate.where(:completed => true).includes(:recruiter).order(\"#{sort_column} #{sort_direction}\")", "render_path": null, "location": { "type": "method", "class": "Admin::ResultController", "method": "index" }, "user_input": "sort_column", "confidence": "Medium", "note": "" }, { "warning_type": "Dynamic Render Path", "warning_code": 15, "fingerprint": "da17225c940987e6239cc4ecfe27bcb1e5da2db1134435dc3e1025d97927e0ba", "message": "Render path contains parameter value", "file": "app/views/admin/question/options.html.erb", "line": 3, "link": "http://brakemanscanner.org/docs/warning_types/dynamic_render_path/", "code": "render(partial => \"admin/question/#{params[:input_type]}\", { :locals => ({ :question => ((Question.find(params[:question_id]) or Question.new)) }) })", "render_path": [{"type":"controller","class":"Admin::QuestionController","method":"options","line":58,"file":"app/controllers/admin/question_controller.rb"}], "location": { "type": "template", "template": "admin/question/options" }, "user_input": "params[:input_type]", "confidence": "Medium", "note": "false positive" } ], "updated": "2017-02-27 11:16:00 -0600", "brakeman_version": "3.4.1" }