From 9757127c8b4ab9d85654ea59acb372f166904f18 Mon Sep 17 00:00:00 2001
From: Al Snow <sqctest02@gmail.com>
Date: Sun, 17 Mar 2013 17:19:41 -0400
Subject: [PATCH] fixed brakeman issues

---
 Gemfile               |  1 +
 Gemfile.lock          | 26 +++++++++++++++++++++++++-
 app/models/project.rb |  2 +-
 3 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/Gemfile b/Gemfile
index 9ba141e80..ccfc913e6 100644
--- a/Gemfile
+++ b/Gemfile
@@ -40,6 +40,7 @@ group :development, :test do
   gem 'rspec-rails'
   gem 'factory_girl_rails'
   gem 'faker'
+  gem 'brakeman'
 
   # Auto testing
   gem 'guard-rspec'
diff --git a/Gemfile.lock b/Gemfile.lock
index c1edf4121..80218d42d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -32,6 +32,17 @@ GEM
     arel (3.0.2)
     bourne (1.2.1)
       mocha (= 0.12.7)
+    brakeman (1.9.3)
+      erubis (~> 2.6)
+      fastercsv (~> 1.5)
+      haml (>= 3.0, < 5.0)
+      highline (~> 1.6)
+      multi_json (~> 1.2)
+      ruby2ruby (~> 2.0)
+      ruby_parser (~> 3.1.1)
+      sass (~> 3.0)
+      slim (~> 1.3.6)
+      terminal-table (~> 1.4)
     bugsnag (1.2.18)
       httparty (>= 0.6, < 1.0)
       multi_json (~> 1.0)
@@ -82,6 +93,7 @@ GEM
       multipart-post (~> 1.1)
     faraday_middleware (0.9.0)
       faraday (>= 0.7.4, < 0.9)
+    fastercsv (1.5.5)
     faye-websocket (0.4.7)
       eventmachine (>= 0.12.0)
     ffi (1.4.0)
@@ -108,6 +120,7 @@ GEM
       haml (>= 3.1, < 4.1)
       railties (>= 3.1, < 4.1)
     hashie (1.2.0)
+    highline (1.6.16)
     hike (1.2.1)
     http_parser.rb (0.5.3)
     httparty (0.10.2)
@@ -246,7 +259,12 @@ GEM
       rspec-core (~> 2.13.0)
       rspec-expectations (~> 2.13.0)
       rspec-mocks (~> 2.13.0)
+    ruby2ruby (2.0.3)
+      ruby_parser (~> 3.1)
+      sexp_processor (~> 4.0)
     ruby_gntp (0.3.4)
+    ruby_parser (3.1.1)
+      sexp_processor (~> 4.1)
     rubyzip (0.9.9)
     sass (3.2.7)
     sass-rails (3.2.6)
@@ -258,6 +276,7 @@ GEM
       multi_json (~> 1.0)
       rubyzip
       websocket (~> 1.0.4)
+    sexp_processor (4.1.5)
     shoulda-matchers (1.5.0)
       activesupport (>= 3.0.0)
       bourne (~> 1.2.0)
@@ -273,6 +292,9 @@ GEM
       railties (>= 3.1)
     sinon-rails (1.4.2.1)
       railties (>= 3.1)
+    slim (1.3.6)
+      temple (~> 0.5.5)
+      tilt (~> 1.3.3)
     slop (3.4.4)
     spork (0.9.2)
     sprockets (2.2.2)
@@ -280,6 +302,7 @@ GEM
       multi_json (~> 1.0)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
+    temple (0.5.5)
     terminal-table (1.4.5)
     therubyracer (0.11.4)
       libv8 (~> 3.11.8.12)
@@ -289,7 +312,7 @@ GEM
       eventmachine (>= 0.12.6)
       rack (>= 1.0.0)
     thor (0.17.0)
-    tilt (1.3.5)
+    tilt (1.3.6)
     timecop (0.6.1)
     treetop (1.4.12)
       polyglot
@@ -321,6 +344,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  brakeman
   bugsnag
   capybara
   capybara-webkit
diff --git a/app/models/project.rb b/app/models/project.rb
index 3835b4992..f23f6b29c 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -7,7 +7,7 @@ class Project < ActiveRecord::Base
                "Scala", "Scheme", "Shell", "VimL"]
 
   validates_presence_of :description, :github_url, :name, :main_language
-  validates_format_of :github_url, :with => /^https?:\/\/(www\.)?github.com\/[\w-]*\/[\w\.-]*(\/)?$/i, :message => 'Enter the full HTTP URL.'
+  validates_format_of :github_url, :with => /\Ahttps?:\/\/(www\.)?github.com\/[\w-]*\/[\w\.-]*(\/)?\Z/i, :message => 'Enter the full HTTP URL.'
   validates_uniqueness_of :github_url, :message => "Project has already been suggested."
   validates_length_of :description, :within => 20..200
   validates_inclusion_of :main_language, :in => LANGUAGES, :message => 'must be a programming language'