-
Notifications
You must be signed in to change notification settings - Fork 234
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ruby3.2-faraday/2.12.0 package update #28665
Conversation
octo-sts
bot
commented
Sep 18, 2024
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Package ruby3.2-faraday: Click to expand/collapsePackage ruby3.2-faraday:
(
"""
# Generated by melange
pkgname = ruby3.2-faraday
- pkgver = 2.11.0-r0
+ pkgver = 2.12.0-r0
arch = x86_64
- size = 461360
+ size = 462104
origin = ruby3.2-faraday
pkgdesc = HTTP/REST API client library.
url =
- commit = 9f45e8746e9950fd797c891919fc6a421504fe77
- builddate = 1724691665
+ commit = 2b5a8f18081f3277e6e0867d143a7b863392b1ea
license = MIT
depend = ruby-3.2
depend = ruby3.2-faraday-net_http
depend = ruby3.2-ruby2_keywords
- datahash = f92007c49909412f51d895f6bbb042059b6bfff997729bc3ddeccaa906354674
+ datahash = 5d646acaaa1642587a8db3ed16542930a687a10910ef2758363d3a5fa5a4eb48
"""
)
Added: /usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/CHANGELOG.md bincapz found differences: Click to expand/collapseDeleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/adapter/test_spec.rb [
|
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/words/agent | references an 'agent' | with_user_agent |
-LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
-LOW | net/http/request | makes HTTP requests | User-Agent |
-LOW | ref/site/url | contains embedded HTTP URLs | http://domain.test/bait http://domain.test/hello http://foo.com/foo?a=1 http://wrong.test/bait http://wrong.test/hello |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/response/json_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/options/ssl_options.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | builtin/openssl | This binary includes OpenSSL source code | OpenSSL/ |
-LOW | ref/site/url | contains embedded HTTPS URLs | ruby/openssl#60 https://ruby-doc.org/stdlib-2.5.1/libdoc/openssl/rdoc/OpenSSL/SSL.html https://ruby-doc.org/stdlib-2.5.1/libdoc/openssl/rdoc/OpenSSL/SSL/SSLCont |
-LOW | secrets/private_key | References private keys | private_key |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/examples/client_test.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/request.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/site/url | contains embedded HTTP URLs | http://localhost?a=1 |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/support/shared_examples/request_method.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/words/agent | references an 'agent' | user_agent |
-LOW | compression/gzip | works with gzip files | gzip |
-LOW | net/http/accept/encoding | set HTTP response encoding format (example: gzip) | Accept-Encoding |
-LOW | net/http/request | makes HTTP requests | User-Agent |
-LOW | net/socket/send | send a message to a socket | send socket |
-LOW | ref/site/url | contains embedded HTTPS URLs | lostisland/faraday#718 |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/request/url_encoded.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | net/url/encode | encodes URL, likely to pass GET variables | urlencode |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/examples/client_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/request/authorization.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/words/password | references a 'password' | be a login and password pair |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/utils/headers.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/words/agent | references an 'agent' | user_agent |
-LOW | net/http/request | makes HTTP requests | User-Agent |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/options/proxy_options_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/site/url | contains embedded HTTP URLs | http://example.org |
-LOW | ref/words/password | references a 'password' | password |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/response_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/site/url | contains embedded HTTPS URLs | https://lostisland.github.io/faraday |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/response.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/words/exclamation | gets very excited | !! |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/options/env.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/words/exclamation | gets very excited | !! |
-LOW | ref/words/password | references a 'password' | - Proxy server password |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/options/proxy_options.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/words/password | references a 'password' | password |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/rack_builder.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/site/url | contains embedded HTTPS URLs | https://lostisland.github.io/faraday/usage/. |
-LOW | ref/words/password | references a 'password' | - Proxy server password |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/spec_helper.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/path/relative | references and possibly executes relative path | ./lib ./spec |
-LOW | random/insecure | generate random numbers insecurely | srand |
-LOW | ref/site/url | contains embedded HTTP URLs | http://rspec.info/blog/2012/06/rspecs-new-expectation-syntax/ http://rspec.info/blog/2014/05/notable-changes-in-rspec-3/ http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration http://www.teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation- |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/site/url | contains embedded HTTPS URLs | https://faraday.com |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/request/url_encoded_spec.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | net/url/encode | encodes URL, likely to pass GET variables | urlencode |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/utils/headers_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | net/http/request | makes HTTP requests | HTTP/1. |
-LOW | ref/site/url | contains embedded HTTP URLs | http://httpbingo.org/ |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/request_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/site/url | contains embedded HTTP URLs | http://httpbingo.org/api/foo.json?a=1 http://proxy.com |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/response/logger_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-LOW | ref/words/password | references a 'password' | password |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/utils_spec.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/words/agent | references an 'agent' | user_agent |
-LOW | net/http/request | makes HTTP requests | HTTP/1. |
-LOW | ref/site/url | contains embedded HTTP URLs | http://example.com/abc |
-LOW | secrets/private_key | References private keys | private_key |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/adapter/test.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/words/agent | references an 'agent' | with_user_agent |
-MEDIUM | ref/words/exclamation | gets very excited | !! |
-LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
-LOW | net/http/request | makes HTTP requests | User-Agent |
-LOW | ref/site/url | contains embedded HTTPS URLs | lostisland/faraday#1444 |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/lib/faraday/connection.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | net/http/post | submit content to websites | HTTP POST http |
-MEDIUM | ref/words/agent | references an 'agent' | user_agent |
-MEDIUM | ref/words/exclamation | gets very excited | !! |
-LOW | ref/site/url | contains embedded HTTPS URLs | https://api.github.com/gists/GIST_ID/star https://httpbingo.org/api/nigiri?token=abc https://httpbingo.org/api?token=abc |
-LOW | ref/words/password | references a 'password' | any password from URI username and password yieldparam password |
Deleted: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.11.0/spec/faraday/connection_spec.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
-MEDIUM | ref/words/agent | references an 'agent' | user_agent |
-LOW | net/http/request | makes HTTP requests | User-Agent |
-LOW | net/http_proxy | discover proxy address via environment | HTTP_PROXY |
-LOW | ref/site/url | contains embedded HTTPS URLs | https://ahttpbingo.org/sake.html https://google.co.uk https://httpbingo.org/foo https://httpbingo.org/get/sake.html https://proxy.com |
-LOW | ref/words/password | references a 'password' | password |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/response_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/site/url | contains embedded HTTPS URLs | https://lostisland.github.io/faraday |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/connection.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | net/http/post | submit content to websites | HTTP POST http |
+MEDIUM | ref/words/agent | references an 'agent' | user_agent |
+MEDIUM | ref/words/exclamation | gets very excited | !! |
+LOW | ref/site/url | contains embedded HTTPS URLs | https://api.github.com/gists/GIST_ID/star https://httpbingo.org/api/nigiri?token=abc https://httpbingo.org/api?token=abc |
+LOW | ref/words/password | references a 'password' | any password from URI username and password yieldparam password |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/options/proxy_options.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/words/password | references a 'password' | password |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/request.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/site/url | contains embedded HTTP URLs | http://localhost?a=1 |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/utils/headers.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/words/agent | references an 'agent' | user_agent |
+LOW | net/http/request | makes HTTP requests | User-Agent |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/options/proxy_options_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/site/url | contains embedded HTTP URLs | http://example.org |
+LOW | ref/words/password | references a 'password' | password |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/support/shared_examples/request_method.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/words/agent | references an 'agent' | user_agent |
+LOW | compression/gzip | works with gzip files | gzip |
+LOW | net/http/accept/encoding | set HTTP response encoding format (example: gzip) | Accept-Encoding |
+LOW | net/http/request | makes HTTP requests | User-Agent |
+LOW | net/socket/send | send a message to a socket | send socket |
+LOW | ref/site/url | contains embedded HTTPS URLs | lostisland/faraday#718 |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/request/authorization.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/words/password | references a 'password' | be a login and password pair |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/examples/client_test.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/connection_spec.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/words/agent | references an 'agent' | user_agent |
+LOW | net/http/request | makes HTTP requests | User-Agent |
+LOW | net/http_proxy | discover proxy address via environment | HTTP_PROXY |
+LOW | ref/site/url | contains embedded HTTPS URLs | https://ahttpbingo.org/sake.html https://google.co.uk https://httpbingo.org/foo https://httpbingo.org/get/sake.html https://proxy.com |
+LOW | ref/words/password | references a 'password' | password |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/examples/client_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/response/logger_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/words/password | references a 'password' | password |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/request/url_encoded_spec.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | net/url/encode | encodes URL, likely to pass GET variables | urlencode |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/rack_builder.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/site/url | contains embedded HTTPS URLs | https://lostisland.github.io/faraday/usage/. |
+LOW | ref/words/password | references a 'password' | - Proxy server password |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/response.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/words/exclamation | gets very excited | !! |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/request_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/site/url | contains embedded HTTP URLs | http://httpbingo.org/api/foo.json?a=1 http://proxy.com |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/utils_spec.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/words/agent | references an 'agent' | user_agent |
+LOW | net/http/request | makes HTTP requests | HTTP/1. |
+LOW | ref/site/url | contains embedded HTTP URLs | http://example.com/abc |
+LOW | secrets/private_key | References private keys | private_key |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/options/env.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/words/exclamation | gets very excited | !! |
+LOW | ref/words/password | references a 'password' | - Proxy server password |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/adapter/test_spec.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/words/agent | references an 'agent' | with_user_agent |
+LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
+LOW | net/http/request | makes HTTP requests | User-Agent |
+LOW | ref/site/url | contains embedded HTTP URLs | http://domain.test/bait http://domain.test/hello http://foo.com/foo?a=1 http://wrong.test/bait http://wrong.test/hello |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/spec_helper.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/path/relative | references and possibly executes relative path | ./lib ./spec |
+LOW | random/insecure | generate random numbers insecurely | srand |
+LOW | ref/site/url | contains embedded HTTP URLs | http://rspec.info/blog/2012/06/rspecs-new-expectation-syntax/ http://rspec.info/blog/2014/05/notable-changes-in-rspec-3/ http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration http://www.teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation- |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/adapter/test.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | ref/words/agent | references an 'agent' | with_user_agent |
+MEDIUM | ref/words/exclamation | gets very excited | !! |
+LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
+LOW | net/http/request | makes HTTP requests | User-Agent |
+LOW | ref/site/url | contains embedded HTTPS URLs | lostisland/faraday#1444 |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/response/json_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | encoding/json/decode | Decodes JSON messages | JSON.parse |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/spec/faraday/utils/headers_spec.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | net/http/request | makes HTTP requests | HTTP/1. |
+LOW | ref/site/url | contains embedded HTTP URLs | http://httpbingo.org/ |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/options/ssl_options.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | builtin/openssl | This binary includes OpenSSL source code | OpenSSL/ |
+LOW | ref/site/url | contains embedded HTTPS URLs | ruby/openssl#60 https://ruby-doc.org/stdlib-2.5.1/libdoc/openssl/rdoc/OpenSSL/SSL.html https://ruby-doc.org/stdlib-2.5.1/libdoc/openssl/rdoc/OpenSSL/SSL/SSLCont |
+LOW | secrets/private_key | References private keys | private_key |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday/request/url_encoded.rb [⚠️ MEDIUM]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+MEDIUM | net/url/encode | encodes URL, likely to pass GET variables | urlencode |
Added: ruby3.2-faraday/usr/lib/ruby/gems/3.2.0/gems/faraday-2.12.0/lib/faraday.rb [✅ LOW]
RISK | KEY | DESCRIPTION | EVIDENCE |
---|---|---|---|
+LOW | ref/site/url | contains embedded HTTPS URLs | https://faraday.com |