Refactor domains cli to remove model call from regex (#25878)

2023-10-17 09:58:42 -04:00
parent b34a2b1b33
commit 65cd0700e4
2 changed files with 5 additions and 25 deletions
--- a/config/brakeman.ignore
+++ b/config/brakeman.ignore
@@ -33,30 +33,6 @@
      ],
      "note": ""
    },
-    {
-      "warning_type": "Denial of Service",
-      "warning_code": 76,
-      "fingerprint": "7b6abba5699755348e7ee82a4694bfbf574b41c7cce2d0db0f7c11ae3f983c72",
-      "check_name": "RegexDoS",
-      "message": "Model attribute used in regular expression",
-      "file": "lib/mastodon/cli/domains.rb",
-      "line": 128,
-      "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
-      "code": "/\\.?(#{DomainBlock.where(:severity => 1).pluck(:domain).map do\n Regexp.escape(domain)\n end.join(\"|\")})$/",
-      "render_path": null,
-      "location": {
-        "type": "method",
-        "class": "Mastodon::CLI::Domains",
-        "method": "crawl"
-      },
-      "user_input": "DomainBlock.where(:severity => 1).pluck(:domain)",
-      "confidence": "Weak",
-      "cwe_id": [
-        20,
-        185
-      ],
-      "note": ""
-    },
    {
      "warning_type": "Cross-Site Scripting",
      "warning_code": 4,