Re: [brakeman] syntax for marking method as safe
Justin, Thank’s for replying. That helps! In response to your email I told my team that open source maintainers are awesome! :) Thanks for doing what you do. I might dig into the repository to see if there is any place we can make documents / additions. But it helps to know about this. Gagan On Jun 26, 2014, at 9:22 AM, Justin wrote: > Hi Gagan, > > Apologies for the delay. Unfortunately, the format is not documented > currently. However, it is essentially the same as the warning list from > using the --json format option. > > The only differences are: > - The ignore file is a JSON hash table with three keys: > "ignored_warnings", "updated", and "brakeman_version" > - Each warning has an additional "note" field > > Hope that helps. > > -Justin > > On 2014-06-23 19:37, Gagan Awhad wrote: >> Justin >> >> Thank you so much for replying to my email! I really appreciate your >> work. >> >> I looked through the docs for syntax of the brakeman.ignore file… >> however, I could not find it. I hope I did not miss something. Can you >> point me to the docs ? >> >> Thanks! And have a good day/night. >> >> Gagan >> >> On Jun 23, 2014, at 6:44 PM, Justin wrote: >> >>> On 2014-06-23 14:46, Gagan Awhad wrote: Hello, Suppose I have two controllers `MyFirstController` and `MySecondController` each with a method `my_method`. I would like to mark `my_method` in `MyFirstController` as safe, but not the one in `MySecondController`. What syntax should I use to achieve it? Currently the documentation reads using the -s option as “`brakeman -s benign_method,totally_safe`”. I tried some conventions, but none of them seemed to work. Thanks for the help! Gagan >>> >>> Hi Gagan, >>> >>> Sorry, there is no way to differentiate between two methods like this. >>> >>> In general, I discourage use of `-s` because it is unclear what it >>> does >>> and it is not always implemented consistently in checks. Instead, >>> consider using `-I` to ignore specific warnings. >>> >>> -Justin
Re: [brakeman] syntax for marking method as safe
Hi Gagan, Apologies for the delay. Unfortunately, the format is not documented currently. However, it is essentially the same as the warning list from using the --json format option. The only differences are: - The ignore file is a JSON hash table with three keys: "ignored_warnings", "updated", and "brakeman_version" - Each warning has an additional "note" field Hope that helps. -Justin On 2014-06-23 19:37, Gagan Awhad wrote: > Justin > > Thank you so much for replying to my email! I really appreciate your > work. > > I looked through the docs for syntax of the brakeman.ignore file… > however, I could not find it. I hope I did not miss something. Can you > point me to the docs ? > > Thanks! And have a good day/night. > > Gagan > > On Jun 23, 2014, at 6:44 PM, Justin wrote: > >> On 2014-06-23 14:46, Gagan Awhad wrote: >>> Hello, >>> >>> Suppose I have two controllers `MyFirstController` and >>> `MySecondController` each with a method `my_method`. I would like to >>> mark `my_method` in `MyFirstController` as safe, but not the one in >>> `MySecondController`. What syntax should I use to achieve it? >>> Currently the documentation reads using the -s option as “`brakeman >>> -s >>> benign_method,totally_safe`”. >>> >>> I tried some conventions, but none of them seemed to work. >>> >>> Thanks for the help! >>> >>> Gagan >> >> Hi Gagan, >> >> Sorry, there is no way to differentiate between two methods like this. >> >> In general, I discourage use of `-s` because it is unclear what it >> does >> and it is not always implemented consistently in checks. Instead, >> consider using `-I` to ignore specific warnings. >> >> -Justin
Re: [brakeman] syntax for marking method as safe
Justin, Thank you so much for replying to my email! I really appreciate your work. I looked through the docs for syntax of the brakeman.ignore file… however, I could not find it. I hope I did not miss something. Can you point me to the docs ? Thanks! And have a good day/night. Gagan On Jun 23, 2014, at 6:44 PM, Justin wrote: > On 2014-06-23 14:46, Gagan Awhad wrote: >> Hello, >> >> Suppose I have two controllers `MyFirstController` and >> `MySecondController` each with a method `my_method`. I would like to >> mark `my_method` in `MyFirstController` as safe, but not the one in >> `MySecondController`. What syntax should I use to achieve it? >> Currently the documentation reads using the -s option as “`brakeman -s >> benign_method,totally_safe`”. >> >> I tried some conventions, but none of them seemed to work. >> >> Thanks for the help! >> >> Gagan > > Hi Gagan, > > Sorry, there is no way to differentiate between two methods like this. > > In general, I discourage use of `-s` because it is unclear what it does > and it is not always implemented consistently in checks. Instead, > consider using `-I` to ignore specific warnings. > > -Justin
Re: [brakeman] syntax for marking method as safe
On 2014-06-23 14:46, Gagan Awhad wrote: > Hello, > > Suppose I have two controllers `MyFirstController` and > `MySecondController` each with a method `my_method`. I would like to > mark `my_method` in `MyFirstController` as safe, but not the one in > `MySecondController`. What syntax should I use to achieve it? > Currently the documentation reads using the -s option as “`brakeman -s > benign_method,totally_safe`”. > > I tried some conventions, but none of them seemed to work. > > Thanks for the help! > > Gagan Hi Gagan, Sorry, there is no way to differentiate between two methods like this. In general, I discourage use of `-s` because it is unclear what it does and it is not always implemented consistently in checks. Instead, consider using `-I` to ignore specific warnings. -Justin
[brakeman] syntax for marking method as safe
Hello, Suppose I have two controllers `MyFirstController` and `MySecondController` each with a method `my_method`. I would like to mark `my_method` in `MyFirstController` as safe, but not the one in `MySecondController`. What syntax should I use to achieve it? Currently the documentation reads using the -s option as “`brakeman -s benign_method,totally_safe`”. I tried some conventions, but none of them seemed to work. Thanks for the help! Gagan
