Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: security vulnerabilities RCE on 8.x.x #638

Merged
merged 5 commits into from
Dec 5, 2023
Merged

fix: security vulnerabilities RCE on 8.x.x #638

merged 5 commits into from
Dec 5, 2023

Conversation

nicolasalexandre9
Copy link
Member

Definition of Done

General

  • Write an explicit title for the Pull Request, following Conventional Commits specification
  • Test manually the implemented changes
  • Validate the code quality (indentation, syntax, style, simplicity, readability)

Security

  • Consider the security impact of the changes made

codeclimate[bot]
codeclimate bot reviewed Dec 4, 2023
View reviewed changes
app/services/forest_liana/value_stat_getter.rb
})
end

private

def count(value)
uniq = @params[:aggregator].downcase == 'count'
def aggregate(value)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Method aggregate has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.

@nicolasalexandre9
Copy link
Member Author

Task linked: CU-860t2tddx Rails v1 - Security vulnerabilities

codeclimate[bot]
codeclimate bot reviewed Dec 4, 2023
View reviewed changes
app/services/forest_liana/value_stat_getter.rb
})
end

private

def count(value)
uniq = @params[:aggregator].downcase == 'count'
def aggregate(value)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Method aggregate has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

matthv
matthv previously approved these changes Dec 4, 2023
View reviewed changes
@codeclimate CodeClimate
Copy link

codeclimate bot commented Dec 5, 2023

Code Climate has analyzed commit 061a8dc and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 90.0% (55% is the threshold).

This pull request will bring the total coverage in the repository to 48.8%.

View more on Code Climate.

@nicolasalexandre9 nicolasalexandre9 merged commit 02679b5 into main Dec 5, 2023
6 checks passed
@nicolasalexandre9 nicolasalexandre9 deleted the fix/rce-stats-main branch December 5, 2023 09:27
forest-bot added a commit that referenced this pull request Dec 5, 2023
@forest-bot
chore(release): 8.0.17 [skip ci]
e7832d4 
## [8.0.17](v8.0.16...v8.0.17) (2023-12-05)

### Bug Fixes

* security vulnerabilities RCE on 8.x.x ([#638](#638)) ([02679b5](02679b5))
@forest-bot
Copy link
Member

🎉 This PR is included in version 8.0.17 🎉

The release is available on:

Your semantic-release bot 📦🚀

Watanabe1011 added a commit to Watanabe1011/Forest-Rails that referenced this pull request Jun 3, 2024
@Watanabe1011
chore(release): 8.0.17 [skip ci]
f02bf72 
## [8.0.17](ForestAdmin/forest-rails@v8.0.16...v8.0.17) (2023-12-05)

### Bug Fixes

* security vulnerabilities RCE on 8.x.x ([#638](ForestAdmin/forest-rails#638)) ([02679b5](ForestAdmin/forest-rails@02679b5))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codeclimate codeclimate[bot] codeclimate[bot] left review comments

@matthv matthv matthv approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nicolasalexandre9 @forest-bot @matthv