RubyGems - neeto-compliance - Versions diffs - 1.0.58 - Mend

neeto-compliance 1.0.58

Files changed (76) hide show

checksums.yaml +7 -0
data/.editorconfig +10 -0
data/.husky/helpers/verify_neeto_audit.sh +18 -0
data/.husky/pre-push +7 -0
data/.neetoci/neetoci.yml +18 -0
data/.overcommit.yml +47 -0
data/.rubocop.yml +596 -0
data/.ruby-version +1 -0
data/.semaphore/semaphore.yml +33 -0
data/CHANGELOG.md +375 -0
data/Gemfile +36 -0
data/Gemfile.lock +435 -0
data/README.md +85 -0
data/Rakefile +12 -0
data/bin/console +15 -0
data/bin/neeto-audit +11 -0
data/bin/neeto_repos_verifier/client_config.json +7 -0
data/bin/neeto_repos_verifier/list_verifier.rb +93 -0
data/bin/setup +8 -0
data/bin/sync-neeto-repos +5 -0
data/bin/sync-with-neeto-commons +5 -0
data/config/brakeman.ignore +604 -0
data/data/neeto_repos.json +295 -0
data/lib/neeto-compliance.rb +21 -0
data/lib/neeto_compliance/github_access.rb +29 -0
data/lib/neeto_compliance/neeto_commons.rb +16 -0
data/lib/neeto_compliance/neeto_repos.rb +59 -0
data/lib/neeto_compliance/runner.rb +43 -0
data/lib/neeto_compliance/skippable.rb +19 -0
data/lib/neeto_compliance/sync_neeto_commons/sync_bin.rb +32 -0
data/lib/neeto_compliance/sync_neeto_commons/sync_formatters.rb +28 -0
data/lib/neeto_compliance/sync_neeto_commons/sync_husky.rb +33 -0
data/lib/neeto_compliance/sync_neeto_commons/sync_misc.rb +36 -0
data/lib/neeto_compliance/sync_neeto_commons/sync_test_support.rb +38 -0
data/lib/neeto_compliance/sync_neeto_commons.rb +36 -0
data/lib/neeto_compliance/verifiers/auto_update_prs_with_latest_master_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/base.rb +77 -0
data/lib/neeto_compliance/verifiers/bump_version_with_pr_label_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/bundler_version_verifier.rb +48 -0
data/lib/neeto_compliance/verifiers/circleci_config_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/common_gemfile_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/common_initializers_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/cypress_config_verifier.rb +46 -0
data/lib/neeto_compliance/verifiers/cypress_plugins_index_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/docker_file_dev_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/environment_config_verifier.rb +38 -0
data/lib/neeto_compliance/verifiers/gem_version_verifier.rb +33 -0
data/lib/neeto_compliance/verifiers/gems_verifier_base.rb +44 -0
data/lib/neeto_compliance/verifiers/gitignore_file_verifier.rb +37 -0
data/lib/neeto_compliance/verifiers/jsconfig_verifier.rb +187 -0
data/lib/neeto_compliance/verifiers/neeto_commons_sync_verifier.rb +42 -0
data/lib/neeto_compliance/verifiers/neeto_gems_version_verifier.rb +36 -0
data/lib/neeto_compliance/verifiers/newrelic_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/node_version_verifier.rb +84 -0
data/lib/neeto_compliance/verifiers/package_dependencies_version_verifier.rb +59 -0
data/lib/neeto_compliance/verifiers/package_json_verifier.rb +46 -0
data/lib/neeto_compliance/verifiers/roles_verifier.rb +22 -0
data/lib/neeto_compliance/verifiers/ruby_version_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/semaphoreci_config_verifier.rb +74 -0
data/lib/neeto_compliance/verifiers/sidekiq_queues_verifier.rb +36 -0
data/lib/neeto_compliance/verifiers/simplecov_config_verifier.rb +29 -0
data/lib/neeto_compliance/verifiers/sitemap_config_verifier.rb +29 -0
data/lib/neeto_compliance/verifiers/slugignore_file_verifier.rb +25 -0
data/lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/bin_files_verifier.rb +29 -0
data/lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/formatter_files_verifier.rb +29 -0
data/lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/husky_files_verifier.rb +29 -0
data/lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/misc_files_verifier.rb +29 -0
data/lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/test_support_files_verifier.rb +28 -0
data/lib/neeto_compliance/verifiers/sync_neeto_commons_verifier.rb +31 -0
data/lib/neeto_compliance/verifiers/webpacker_config_verifier.rb +32 -0
data/lib/neeto_compliance/verifiers_list.rb +55 -0
data/lib/neeto_compliance/version.rb +5 -0
data/neeto-compliance.gemspec +35 -0
data/package.json +9 -0
data/yarn.lock +8 -0
metadata +177 -0

data/config/brakeman.ignore ADDED Viewed

@@ -0,0 +1,604 @@
+{
+  "ignored_warnings": [
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "0a0e15f9dafcf95f8eb3f73cff6f4d101b1775476d4fbd16c512385cdace28b2",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/common_initializers_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::CommonInitializersVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "1544155a02dec97b194b2faeb6b73badf6c0b3f9fc2062d720b536a2da0df02c",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/circleci_config_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::CircleciConfigVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "179c9da0ad088b607b422758a414d8529b6e96ca8c8d6a60e41aee7d64cebde2",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/sitemap_config_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::SitemapConfigVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "1b24328b139588437cad24c263d3bfe4995f7613b56898fa99a65457b1010cda",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/sync_neeto_commons/sync_formatters.rb",
+      "line": 23,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`cp #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} #{file}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommons::SyncFormatters",
+        "method": "s(:self).process"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "3d5197ecbde2765e5614d2a71193ad38c63ab547b4eea083c0842e751b4159db",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/sync_neeto_commons/sync_husky.rb",
+      "line": 27,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`cp #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} #{file}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommons::SyncHusky",
+        "method": "s(:self).sync_with_husky_files_in_neeto_commons"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "42d21dd51ae4cb0fe2d24767b76122ee51e665ba304c14cf6de8e2db2730b538",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/webpacker_config_verifier.rb",
+      "line": 14,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`diff #{commons_copy} #{local_copy} | grep '<'`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::WebpackerConfigVerifier",
+        "method": "compare_files"
+      },
+      "user_input": "commons_copy",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "Both local_copy and commons_copy are defined in the backend."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "569c8874183a7e43dcb77f555b6574045b733e640d7950a45951f392f8a82955",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/cypress_plugins_index_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::CypressPluginsIndexVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "56d0797e3a02d51297989fdef6166d102244d8baeeeaf9603cf87674bce2fddb",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/neeto_commons_sync_verifier.rb",
+      "line": 39,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`diff #{local_file} #{common_file.to_s}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCommonsSyncVerifier",
+        "method": "same_file?"
+      },
+      "user_input": "local_file",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "Both local_file and common_file are defined in the backend."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "5a24cb0a1817fea1f9ffbe004f7b95e738727fede385d34d06023c4fbc219e93",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/cypress_config_verifier.rb",
+      "line": 43,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`diff #{local_file} #{common_file.to_s}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::CypressConfigVerifier",
+        "method": "same_file?"
+      },
+      "user_input": "local_file",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "local_file is defined in the backend"
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "5d7af3ca27abd6d522cc0375ffe4ebdc9234b5878c1d4e0555e97af849ef94e5",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/misc_files_verifier.rb",
+      "line": 24,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"cat #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} | diff #{file} - 1> /dev/null\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommonsVerifier::MiscFilesVerifier",
+        "method": "find_non_complied_misc_files"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "607f1ee1b1f5e61cefa7b30720c213ee4849d5e149720a6896894192a7d7ca00",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/sync_neeto_commons/sync_husky.rb",
+      "line": 28,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"chmod +x #{file}\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommons::SyncHusky",
+        "method": "s(:self).sync_with_husky_files_in_neeto_commons"
+      },
+      "user_input": "file",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "file mentioned here is the files from HUSKY_FILES, defined in backend."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "6b624991d4078d8793f2fcf605ae6c3747fd81d281388526fc24bc7b4fac55a7",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/slugignore_file_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::SlugignoreFileVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "71370e09dd25546b1273e3e6a3c8e65ab2e0bdd4ba0d1c107c0fcac6ec541399",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/newrelic_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NewrelicVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "7a6c37477ef89cb8863e4e5e142fb99d59ed9103c3215e6279049c919f0f0209",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/test_support_files_verifier.rb",
+      "line": 23,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"cat #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} | diff #{file} - 1> /dev/null\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommonsVerifier::TestSupportFilesVerifier",
+        "method": "non_complied_test_support_files"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "aba6ca1a7652fe8643697e3af4b4e43f834375f1101d84ce1e017dec5c4c3cf6",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/bin_files_verifier.rb",
+      "line": 24,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"cat #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} | diff #{file} - 1> /dev/null\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommonsVerifier::BinFilesVerifier",
+        "method": "find_non_complied_bin_files"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "abab3d09b40b36e3b9f387cbf7c344ba94acdee14986046cf64d752577d4af4a",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/bump_version_with_pr_label_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::BumpVersionWithPrLabelVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "add17d8f75504153921279b16facfec7c5ea6fa355d8c3cad83bac953281ad22",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/sync_neeto_commons/sync_test_support.rb",
+      "line": 33,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`cp #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} #{file}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommons::SyncTestSupport",
+        "method": "s(:self).sync_support_files"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "b096054fa4b1a017055a1d4eec3f7ac49e9c3b8eb80f089c897c9158fc6c3569",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/sync_neeto_commons/sync_bin.rb",
+      "line": 27,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`cp #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} #{file}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommons::SyncBin",
+        "method": "s(:self).sync_bin_files"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "bcaeb36f4a16f121785192f5b526fedb2e38f307d2623364dff71cfaea094696",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/formatter_files_verifier.rb",
+      "line": 24,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"cat #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} | diff #{file} - 1> /dev/null\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommonsVerifier::FormatterFilesVerifier",
+        "method": "find_non_complied_formatter_files"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "c96b160c649d9a8753933a7be5c8741b525bfb2e1844d8bbb4f40fb8412834c4",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/common_gemfile_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::CommonGemfileVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "cd1faeb9312eb4f92f8840a47943b1945b7d8ac02a7a556dfd977e7192cbd9a2",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/auto_update_prs_with_latest_master_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::AutoUpdatePrsWithLatestMasterVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "cd549bd21917fa5191058d64894de2e28e6c9657f1c3a77c7da9f58ef0994d55",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/ruby_version_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::RubyVersionVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "dae89b5d2512acd50f9590a5b86f48c319dd143036bdecbcc25e22163de5f8c1",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/docker_file_dev_verifier.rb",
+      "line": 18,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`#{verify_command}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::DockerFileDevVerifier",
+        "method": "valid?"
+      },
+      "user_input": "verify_command",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "verify_command is defined in the backend. It is safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "e53d551282bb5a249621de730bb03de7772a31f8b413c7f858e9d8cb1144222c",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/environment_config_verifier.rb",
+      "line": 31,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"cat #{file} | grep -q '#{command}'\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::EnvironmentConfigVerifier",
+        "method": "config_missing?"
+      },
+      "user_input": "file",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "file and command mentioned here are the key-value pairs of environment_configs method defined in the backend."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "e94a5761c8e782433a1dea9d381195406bb5506d23932513674e43a12d1a69a3",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/sync_neeto_commons/sync_misc.rb",
+      "line": 31,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "`cp #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} #{file}`",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommons::SyncMisc",
+        "method": "s(:self).sync_misc_files"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    },
+    {
+      "warning_type": "Command Injection",
+      "warning_code": 14,
+      "fingerprint": "f579f44c4e33e0dc59d7eac09fb2e40da3f6a15c342b03420ec741318ebf53cb",
+      "check_name": "Execute",
+      "message": "Possible command injection",
+      "file": "lib/neeto_compliance/verifiers/sync_neeto_commons_verifier/husky_files_verifier.rb",
+      "line": 24,
+      "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
+      "code": "system(\"cat #{NeetoCompliance::SyncNeetoCommons.neeto_commons_url}#{file} | diff #{file} - 1> /dev/null\")",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "NeetoCompliance::NeetoCompliance::SyncNeetoCommonsVerifier::HuskyFilesVerifier",
+        "method": "find_non_complied_husky_files"
+      },
+      "user_input": "NeetoCompliance::SyncNeetoCommons.neeto_commons_url",
+      "confidence": "Medium",
+      "cwe_id": [
+        77
+      ],
+      "note": "neeto_commons_url return the path of commons directory of the specific neeto_compliance gem specifiec in Gemfile. Hence, is it safe to assume the code is not vulnerable to Command Injection."
+    }
+  ],
+  "updated": "2023-03-24 17:47:08 +0530",
+  "brakeman_version": "5.4.1"
+}