From 9e7e9873f3e6d19a6c917bffe49deeb7e78bc5d6 Mon Sep 17 00:00:00 2001
From: Gaetan Craig-Riou <gaetan.riou@gmail.com>
Date: Mon, 24 Jul 2023 11:39:26 +1000
Subject: [PATCH] Add a comment around the use of safe_constantize

It triggers a Brakeman error that can be safely ignored
---
 app/controllers/admin/vouchers_controller.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/controllers/admin/vouchers_controller.rb b/app/controllers/admin/vouchers_controller.rb
index 38a4203fd56..01ca689b911 100644
--- a/app/controllers/admin/vouchers_controller.rb
+++ b/app/controllers/admin/vouchers_controller.rb
@@ -9,6 +9,8 @@ def new
     end
 
     def create
+      # The use of "safe_constantize" here will trigger a Brakeman error, it can safely be ignored
+      # as it's a false positive : https://github.com/openfoodfoundation/openfoodnetwork/pull/10821
       voucher_type = params[:vouchers_flat_rate][:voucher_type]
       if Voucher::TYPES.include?(voucher_type)
         @voucher = voucher_type.safe_constantize.create(