We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Description of the false positive
Rails execute sanitize_sql_for_assignment when update_all called with an array as the argument: https://github.com/rails/rails/blob/v7.0.8/activerecord/lib/active_record/relation.rb#L476
sanitize_sql_for_assignment
update_all
Code samples or links to source code
https://github.com/amnis-invictus/ikt.edu.vn.ua/blob/e404674b8efd9c4ed668866787a8a2ef1b91514f/app/channels/api_channel.rb#L82 https://github.com/amnis-invictus/ikt.edu.vn.ua/blob/e404674b8efd9c4ed668866787a8a2ef1b91514f/app/channels/api_channel.rb#L85
URL to the alert on GitHub code scanning (optional)
https://github.com/amnis-invictus/ikt.edu.vn.ua/security/code-scanning/307 https://github.com/amnis-invictus/ikt.edu.vn.ua/security/code-scanning/308
The text was updated successfully, but these errors were encountered:
Hi @kostyanf14,
Thanks for your report. I've asked the Ruby engineering team to take a look.
Sorry, something went wrong.
The engineering team agrees this is false positive, and they've opened an internal issue to track this. Thanks for the report!
No branches or pull requests
Description of the false positive
Rails execute
sanitize_sql_for_assignmentwhenupdate_allcalled with an array as the argument:https://github.com/rails/rails/blob/v7.0.8/activerecord/lib/active_record/relation.rb#L476
Code samples or links to source code
https://github.com/amnis-invictus/ikt.edu.vn.ua/blob/e404674b8efd9c4ed668866787a8a2ef1b91514f/app/channels/api_channel.rb#L82
https://github.com/amnis-invictus/ikt.edu.vn.ua/blob/e404674b8efd9c4ed668866787a8a2ef1b91514f/app/channels/api_channel.rb#L85
URL to the alert on GitHub code scanning (optional)
https://github.com/amnis-invictus/ikt.edu.vn.ua/security/code-scanning/307
https://github.com/amnis-invictus/ikt.edu.vn.ua/security/code-scanning/308
The text was updated successfully, but these errors were encountered: