Ignore the PermitAttributes for the assignment to community_membershi…

…p.role.
openbrian · Apr 14, 2023 · 6949ca2 · 6949ca2
1 parent 9b3b829
commit 6949ca2
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/config/brakeman.ignore b/config/brakeman.ignore
@@ -0,0 +1,29 @@
+{
+  "ignored_warnings": [
+    {
+      "warning_type": "Mass Assignment",
+      "warning_code": 105,
+      "fingerprint": "011f7d421c6b9e3e1176c3e150ab448c9ef29fbeb7ebeb0e4e14ff10682780d1",
+      "check_name": "PermitAttributes",
+      "message": "Potentially dangerous key allowed for mass assignment",
+      "file": "app/controllers/community_members_controller.rb",
+      "line": 63,
+      "link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/",
+      "code": "params.require(:community_member).permit(:role)",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "CommunityMembersController",
+        "method": "update_params"
+      },
+      "user_input": ":role",
+      "confidence": "Medium",
+      "cwe_id": [
+        915
+      ],
+      "note": "Role is an attribute of the membership."
+    }
+  ],
+  "updated": "2022-10-16 19:49:32 +0000",
+  "brakeman_version": "5.3.1"
+}