CheckSQL: Add merge_conditions as safe SQL method

9ae37c1e · Justin Collins · d74b7f3c · 9ae37c1e
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

lib/brakeman/checks/check_sql.rb lib/brakeman/checks/check_sql.rb +1 -1

未找到文件。
--- a/lib/brakeman/checks/check_sql.rb
+++ b/lib/brakeman/checks/check_sql.rb
@@ -456,7 +456,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
    end
  end

-  IGNORE_METHODS_IN_SQL = Set[:id, :table_name, :to_i, :to_f,
+  IGNORE_METHODS_IN_SQL = Set[:id, :merge_conditions, :table_name, :to_i, :to_f,
    :sanitize_sql, :sanitize_sql_array, :sanitize_sql_for_assignment,
    :sanitize_sql_for_conditions, :sanitize_sql_hash,
    :sanitize_sql_hash_for_assignment, :sanitize_sql_hash_for_conditions]