-
-
Notifications
You must be signed in to change notification settings - Fork 6.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor Trends::Query
to avoid brakeman sql injection warnings
#25881
Refactor Trends::Query
to avoid brakeman sql injection warnings
#25881
Conversation
This pull request has merge conflicts that must be resolved before it can be merged. |
077d0fa
to
2336468
Compare
This pull request has resolved merge conflicts and is ready for review. |
2336468
to
f9dbce3
Compare
app/models/trends/query.rb
Outdated
tmp_ids = ids | ||
|
||
if tmp_ids.empty? | ||
if ids.empty? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would still use tmp_ids
, as ids
come from Redis and are not memoized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated with memoized method wrapping the redis call.
f9dbce3
to
9517e30
Compare
Query stays the same, avoids direct string interpolation in the query.