fix: solve semgrep false positive

Bulletdev · Bulletdev · commit ae6beba58f3c · 2026-03-15T21:05:10.000-03:00
diff --git a/app/modules/scouting/controllers/players_controller.rb b/app/modules/scouting/controllers/players_controller.rb
@@ -286,6 +286,9 @@ def set_scouting_target
       end
 
       def scouting_target_params
+        # nosemgrep: ruby.lang.security.model-attr-accessible.model-attr-accessible
+        # :role here is the player's in-game position (top/jungle/mid/adc/support),
+        # not an authorization role. ScoutingTarget has no privilege implications.
         params.require(:scouting_target).permit(
           :summoner_name, :real_name, :role, :region, :nationality,
           :age, :status, :current_team,
@@ -306,6 +309,9 @@ def watchlist_params
       end
 
       def target_params
+        # nosemgrep: ruby.lang.security.model-attr-accessible.model-attr-accessible
+        # :role here is the player's in-game position (top/jungle/mid/adc/support),
+        # not an authorization role. ScoutingTarget has no privilege implications.
         params.fetch(:target, {}).permit(
           :summoner_name, :real_name, :role, :region, :nationality,
           :age, :status, :current_team,
