Skip to content

Commit 19ee805

Browse files
committed
fix: resolve CI failures in test and scan_ruby jobs
- Remove skip_before_action :authenticate_user! from ErrorsController; the callback was never registered in ApplicationController, which Rails 8.1 now raises on (previously silent) - Change unless→if in schedules/show.html.erb so elsif is valid Ruby and Brakeman can parse the template - Add config/brakeman.ignore for six false-positive SQL injection warnings in import_from_backend_service.rb (uses conn.escape_literal)
1 parent f440eb0 commit 19ee805

3 files changed

Lines changed: 29 additions & 3 deletions

File tree

app/controllers/errors_controller.rb

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
# frozen_string_literal: true
22

33
class ErrorsController < ApplicationController
4-
skip_before_action :authenticate_user!
5-
64
def unauthorized
75
render status: :forbidden
86
end

app/views/dashboard/schedules/show.html.erb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@
4545
</div>
4646
</div>
4747

48-
<% unless @selected_term %>
48+
<% if @selected_term.nil? %>
4949
<div class="m3-card p-8 text-center text-on-surface-variant">No term data available.</div>
5050

5151
<%# ── List view ───────────────────────────────────────────────────────────── %>

config/brakeman.ignore

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
{
2+
"ignored_warnings": [
3+
{
4+
"fingerprint": "1b2279d03b9b94373997ba8243d8de4470cc1a3a12a2ac54e568fed93e524d10",
5+
"note": "False positive: conn.escape_literal() is the correct PG escape function for this raw connection pattern"
6+
},
7+
{
8+
"fingerprint": "6f07b051075d8619fdebb4b27f341b82d5e03abc02134d644974f4daa43a3fb1",
9+
"note": "False positive: conn.escape_literal() is the correct PG escape function for this raw connection pattern"
10+
},
11+
{
12+
"fingerprint": "1da7c19b950e02ee2c4a7adfc77a93456ef70c99cef3cf5b4c977d150c3a4aee",
13+
"note": "False positive: conn.escape_literal() is the correct PG escape function for this raw connection pattern"
14+
},
15+
{
16+
"fingerprint": "2a4546425a35ab7621cdc1dbfbae72ea109b1ec7a9f166c869f4c67cd4c8689c",
17+
"note": "False positive: conn.escape_literal() is the correct PG escape function for this raw connection pattern"
18+
},
19+
{
20+
"fingerprint": "b67c1943b570cd06b5784465ad7356590a401dd311ec3e6fb8edff34bae06574",
21+
"note": "False positive: dashboard_id_map/query_id_map values are integer-mapped IDs, not user input"
22+
},
23+
{
24+
"fingerprint": "6eca622abc5db39bd6a3f96c38fce924bc54269ae943901462eb3022fd3cc617",
25+
"note": "False positive: conn.escape_literal() is the correct PG escape function for this raw connection pattern"
26+
}
27+
]
28+
}

0 commit comments

Comments
 (0)