CheckSQL: Add #to_f as safe method to interpolate

fbe67ebd · Justin Collins · 0052a787 · fbe67ebd
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

lib/brakeman/checks/check_sql.rb lib/brakeman/checks/check_sql.rb +1 -1

未找到文件。
--- a/lib/brakeman/checks/check_sql.rb
+++ b/lib/brakeman/checks/check_sql.rb
@@ -454,7 +454,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
    end
  end

-  IGNORE_METHODS_IN_SQL = Set[:id, :table_name, :to_i]
+  IGNORE_METHODS_IN_SQL = Set[:id, :table_name, :to_i, :to_f]

  def safe_value? exp
    return true unless sexp? exp