Skip to content

Commit b0f46bb

Browse files
committed
Harden Seeds#flushdb
Because of foreign keys we have side effects issues on CI with unclean data. No need to check this kind of complexity in tests, just wipe everything
1 parent e39f8ae commit b0f46bb

File tree

2 files changed

+27
-4
lines changed

2 files changed

+27
-4
lines changed

app/lib/seeds.rb

+3-3
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,10 @@ def perform
2020
def flushdb
2121
raise 'Not in production!' if production?
2222

23-
load_all_models!
23+
ActiveRecord::Base.connection.tables.each do |table|
24+
next if table == 'schema_migrations'
2425

25-
ActiveRecord::Base.connection.transaction do
26-
ApplicationRecord.descendants.each(&:delete_all)
26+
ActiveRecord::Base.connection.execute("TRUNCATE TABLE #{table} CASCADE;")
2727
end
2828
end
2929

config/brakeman.ignore

+24-1
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,28 @@
11
{
22
"ignored_warnings": [
3+
{
4+
"warning_type": "SQL Injection",
5+
"warning_code": 0,
6+
"fingerprint": "356e6d0847ba9e4d4d88c2b5a9016a2b71f1cdd821248af8384b997249c4eec0",
7+
"check_name": "SQL",
8+
"message": "Possible SQL injection",
9+
"file": "app/lib/seeds.rb",
10+
"line": 26,
11+
"link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
12+
"code": "ActiveRecord::Base.connection.execute(\"TRUNCATE TABLE #{table} CASCADE;\")",
13+
"render_path": null,
14+
"location": {
15+
"type": "method",
16+
"class": "Seeds",
17+
"method": "flushdb"
18+
},
19+
"user_input": "table",
20+
"confidence": "Medium",
21+
"cwe_id": [
22+
89
23+
],
24+
"note": ""
25+
},
326
{
427
"warning_type": "Command Injection",
528
"warning_code": 14,
@@ -47,6 +70,6 @@
4770
"note": ""
4871
}
4972
],
50-
"updated": "2024-01-15 11:57:42 +0100",
73+
"updated": "2024-01-31 19:37:54 +0100",
5174
"brakeman_version": "6.1.1"
5275
}

0 commit comments

Comments
 (0)