Skip to content

Code Scans

Paraxial.io uses RuboCop for static analysis. If a finding is a false positive, put a comment above the function to mark it as so:

# rubocop:disable Paraxial/SQL
def show
  User.find_by_sql("select * from users WHERE id = #{params[:id]} ")
end 

If the function has multiple findings, separate the cop name with a comma:

# rubocop:disable Paraxial/SQL, Paraxial/System
def show
  system(params[:id])
  User.find_by_sql("select * from users WHERE id = #{params[:id]} ")
end 

Some cops are built into RuboCop, and others and written by Paraxial.io. The full list:

  • Paraxial/Constantize
  • Paraxial/CSRF
  • Paraxial/HTMLSafe
  • Paraxial/Raw
  • Paraxial/Send
  • Paraxial/SQL
  • Paraxial/System
  • Security/Eval
  • Security/IoMethods
  • Security/JSONLoad
  • Security/MarshalLoad
  • Security/Open
  • Security/YAMLLoad