We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Brakeman version: 5.4.0 Rails version: 6.0.6 Ruby version: 2.7.7 faraday (0.17.6)
Full warning from Brakeman:
Confidence: Medium Category: SQL Injection Check: SQL Message: Possible SQL injection Code: connection.delete("api/sessions/#{session_id}/stream/#{stream_id}")
Relevant code:
def connection @connection ||= Faraday.new(connection_options) end def unpublish_stream(session_id:, stream_id:) connection.delete("api/sessions/#{session_id}/stream/#{stream_id}") end
Why might this be a false positive? it's not SQL query at all. Looks like brakeman think delete method is active record one
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Background
Brakeman version: 5.4.0
Rails version: 6.0.6
Ruby version: 2.7.7
faraday (0.17.6)
False Positive
Full warning from Brakeman:
Relevant code:
Why might this be a false positive?
it's not SQL query at all. Looks like brakeman think delete method is active record one
The text was updated successfully, but these errors were encountered: