mastodon/config/brakeman.ignore

{
  "ignored_warnings": [
    {
      "warning_type": "Cross-Site Scripting",
      "warning_code": 2,
      "fingerprint": "71cf98c8235b5cfa9946b5db8fdc1a2f3a862566abb34e4542be6f3acae78233",
      "check_name": "CrossSiteScripting",
      "message": "Unescaped model attribute",
      "file": "app/views/admin/disputes/appeals/_appeal.html.haml",
      "line": 7,
      "link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting",
      "code": "t((Unresolved Model).new.strike.action, :scope => \"admin.strikes.actions\", :name => content_tag(:span, (Unresolved Model).new.strike.account.username, :class => \"username\"), :target => content_tag(:span, (Unresolved Model).new.account.username, :class => \"target\"))",
      "render_path": [
        {
          "type": "template",
          "name": "admin/disputes/appeals/index",
          "line": 20,
          "file": "app/views/admin/disputes/appeals/index.html.haml",
          "rendered": {
            "name": "admin/disputes/appeals/_appeal",
            "file": "app/views/admin/disputes/appeals/_appeal.html.haml"
          }
        }
      ],
      "location": {
        "type": "template",
        "template": "admin/disputes/appeals/_appeal"
      },
      "user_input": "(Unresolved Model).new.strike",
      "confidence": "Weak",
      "cwe_id": [
        79
      ],
      "note": ""
    },
    {
      "warning_type": "Denial of Service",
      "warning_code": 76,
      "fingerprint": "7b6abba5699755348e7ee82a4694bfbf574b41c7cce2d0db0f7c11ae3f983c72",
      "check_name": "RegexDoS",
      "message": "Model attribute used in regular expression",
      "file": "lib/mastodon/cli/domains.rb",
      "line": 128,
      "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
      "code": "/\\.?(#{DomainBlock.where(:severity => 1).pluck(:domain).map do\n Regexp.escape(domain)\n end.join(\"|\")})$/",
      "render_path": null,
      "location": {
        "type": "method",
        "class": "Mastodon::CLI::Domains",
        "method": "crawl"
      },
      "user_input": "DomainBlock.where(:severity => 1).pluck(:domain)",
      "confidence": "Weak",
      "cwe_id": [
        20,
        185
      ],
      "note": ""
    },
    {
      "warning_type": "Cross-Site Scripting",
      "warning_code": 4,
      "fingerprint": "cd5cfd7f40037fbfa753e494d7129df16e358bfc43ef0da3febafbf4ee1ed3ac",
      "check_name": "LinkToHref",
      "message": "Potentially unsafe model attribute in `link_to` href",
      "file": "app/views/admin/trends/links/_preview_card.html.haml",
      "line": 7,
      "link": "https://brakemanscanner.org/docs/warning_types/link_to_href",
      "code": "link_to((Unresolved Model).new.title, (Unresolved Model).new.url)",
      "render_path": [
        {
          "type": "template",
          "name": "admin/trends/links/index",
          "line": 49,
          "file": "app/views/admin/trends/links/index.html.haml",
          "rendered": {
            "name": "admin/trends/links/_preview_card",
            "file": "app/views/admin/trends/links/_preview_card.html.haml"
          }
        }
      ],
      "location": {
        "type": "template",
        "template": "admin/trends/links/_preview_card"
      },
      "user_input": "(Unresolved Model).new.url",
      "confidence": "Weak",
      "cwe_id": [
        79
      ],
      "note": ""
    }
  ],
  "updated": "2023-07-12 11:20:51 -0400",
  "brakeman_version": "6.0.0"
}