-
Notifications
You must be signed in to change notification settings - Fork 438
Brakeman
We use brakeman to check the Open Build Service Frontend codebase for security vulnerabilities.
From time to time it can happen that brakeman detects vulnerabilities in our CI, which turn out to be False Positives. In order to ignore those warnings, they need to be listed in the brakeman config file located in...
src/api/config/brakeman.ignoreDoing this manually is a lot of work, so brakeman offers an interactive way to get it done. Just run brakeman with...
docker compose run --rm frontend brakeman -IChoose the default config file as suggested (Input file: |/obs/src/api/config/brakeman.ignore|) and continue with option number two (Hide previously ignored warnings), to only display new warnings. Double check if it is really a 'false positive', and ignore it by choosing 'i' when brakeman asks you to select an action.
For more details checkout https://brakemanscanner.org/docs/ignoring_false_positives/
- Development Environment Overview
- Development Environment Tips & Tricks
- Spec-Tips
- Code Style
- Rubocop
- Testing with VCR
- Authentication
- Authorization
- Autocomplete
- BS Requests
- Events
- ProjectLog
- Notifications
- Feature Toggles
- Build Results
- Attrib classes
- Flags
- The BackendPackage Cache
- Maintenance classes
- Cloud uploader
- Delayed Jobs
- Staging Workflow
- StatusHistory
- OBS API
- Owner Search
- Search
- Links
- Distributions
- Repository
- Data Migrations
- next_rails
- Ruby Update
- Rails Profiling
- Installing a local LDAP-server
- Remote Pairing Setup Guide
- Factory Dashboard
- osc
- Setup an OBS Development Environment on macOS
- Run OpenQA smoketest locally
- Responsive Guidelines
- Importing database dumps
- Problem Statement & Solution
- Kickoff New Stuff
- New Swagger API doc
- Documentation and Communication
- GitHub Actions
- How to Introduce Software Design Patterns
- Query Objects
- Services
- View Components
- RFC: Core Components
- RFC: Decorator Pattern
- RFC: Backend models