Skip to content

Support for rails 8#134

Merged
bliof-fc merged 7 commits into
masterfrom
support-rails8
Sep 2, 2025
Merged

Support for rails 8#134
bliof-fc merged 7 commits into
masterfrom
support-rails8

Conversation

@bliof-fc

@bliof-fc bliof-fc commented Aug 28, 2025

Copy link
Copy Markdown
Member
  • Test against rails 7.2
  • Support for rails 8.0
  • Support for sidekiq 8
  • Fix tests for ruby 3.4 and head

@fc-infosec-sast

fc-infosec-sast commented Aug 28, 2025

Copy link
Copy Markdown

⚠️ Coberos SAST Report

Warnings (2)

Fingerprint: 3a35bef3cc97f0f0c4b87df1ae3d9d2de93308e2480af02395583bf6f19ffdde
Category: CWE-352 Cross-Site Request Forgery (CSRF)
Rule ID: ruby.lang.security.missing-csrf-protection.missing-csrf-protection
Location: spec/fixtures/rails72.rb [24:1]

  24 | class ApplicationController < ActionController::Base
  25 |   include Rails.application.routes.url_helpers
  26 |   protect_from_forgery with: :null_session
     | ...
  48 |   def update
  49 |     @id = params[:id]
  50 |     render '/user'

Detected controller which does not enable cross-site request forgery protections using 'protect_from_forgery'. Add 'protect_from_forgery :with => :exception' to your controller class.


Fingerprint: 3a35bef3cc97f0f0c4b87df1ae3d9d2de93308e2480af02395583bf6f19ffdde
Category: CWE-352 Cross-Site Request Forgery (CSRF)
Rule ID: ruby.lang.security.missing-csrf-protection.missing-csrf-protection
Location: spec/fixtures/rails80.rb [24:1]

  24 | class ApplicationController < ActionController::Base
  25 |   include Rails.application.routes.url_helpers
  26 |   protect_from_forgery with: :null_session
     | ...
  48 |   def update
  49 |     @id = params[:id]
  50 |     render '/user'

Detected controller which does not enable cross-site request forgery protections using 'protect_from_forgery'. Add 'protect_from_forgery :with => :exception' to your controller class.


For more details, please check code annotations on the changed files.

To create an exception, follow this guide. For further help, ask on #security.

@fc-wiz-scanner

fc-wiz-scanner Bot commented Aug 28, 2025

Copy link
Copy Markdown

Wiz Scan Summary

Scanner Findings
Vulnerability Finding Vulnerabilities -
Data Finding Sensitive Data -
SAST Finding SAST Findings 2 Medium
Total 2 Medium

View scan details in Wiz

To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension.

@bliof-fc bliof-fc force-pushed the support-rails8 branch 6 times, most recently from ba9ccea to acae12f Compare August 29, 2025 08:49
Add benchmark gem to the gemfile
Run tests for sidekiq 6 and bellow only against ruby < 3.5
@bliof-fc bliof-fc merged commit 0821102 into master Sep 2, 2025
17 checks passed
@bliof-fc bliof-fc deleted the support-rails8 branch September 2, 2025 08:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants