Background
Brakeman version: 7.0.0
Rails version: 7.1
Ruby version: 3.3?
Issue
["good", "fine"].each do |suffix|
class_eval <<-METHODS
def method_that_is_#{suffix}
puts suffix
end
METHODS
end
yields
Confidence: Weak
Category: Dangerous Eval
Check: Evaluation
Message: Dynamic string evaluated as code
Code: class_eval(" def method_that_is_#{:BRAKEMAN_SAFE_LITERAL}\n puts suffix\n end\n")
File: app/models/myfile.rb
Line: 95
It looks like that's meant to be known safe. Used to list as safe.
Background
Brakeman version: 7.0.0
Rails version: 7.1
Ruby version: 3.3?
Issue
yields
It looks like that's meant to be known safe. Used to list as safe.