chore(ci): fix lint, brakeman, and test command by bstruong · Pull Request #34 · bstruong/saber

bstruong · 2026-05-11T22:39:20Z

Rubocop: auto-corrected Layout/HashAlignment in
ConnectionScoreCalculator and its spec.
Brakeman: rewrote Person.with_upcoming_events to use
integer-encoded month*100+day instead of an interpolated
tuple IN clause. Same semantics, no string interpolation,
resolves the weak SQL-injection warning.
CI test job: project uses RSpec; switched the runner from
�[1mUnrecognized command "test" (�[1;4mRails::Command::UnrecognizedCommandError�[m�[1m)�[m (Minitest) to
/home/brian/.rbenv/versions/3.4.8/bin/ruby -I/home/brian/.rbenv/versions/3.4.8/lib/ruby/gems/3.4.0/gems/rspec-core-3.13.6/lib:/home/brian/.rbenv/versions/3.4.8/lib/ruby/gems/3.4.0/gems/rspec-support-3.13.7/lib /home/brian/.rbenv/versions/3.4.8/lib/ruby/gems/3.4.0/gems/rspec-core-3.13.6/exe/rspec --pattern spec/**{,/*/**}/*_spec.rb
............................*........................................................................................................

Pending: (Failures listed here are expected and do not affect your suite's status)

User add some examples to (or delete) /home/brian/projects/saber/spec/models/user_spec.rb
Not yet implemented

./spec/models/user_spec.rb:4

Finished in 0.62195 seconds (files took 0.32583 seconds to load)
133 examples, 0 failures, 1 pending.

These checks have been failing since M5; M5 backend likely
merged via admin bypass. Landing this first so M6 frontend
PR #33 can rebase onto green main.

- Rubocop: auto-corrected Layout/HashAlignment in ConnectionScoreCalculator and its spec. - Brakeman: rewrote Person.with_upcoming_events to use integer-encoded month*100+day instead of an interpolated tuple IN clause. Same semantics, no string interpolation, resolves the weak SQL-injection warning. - CI test job: project uses RSpec; switched the runner from �[1mUnrecognized command "test" (�[1;4mRails::Command::UnrecognizedCommandError�[m�[1m)�[m (Minitest) to /home/brian/.rbenv/versions/3.4.8/bin/ruby -I/home/brian/.rbenv/versions/3.4.8/lib/ruby/gems/3.4.0/gems/rspec-core-3.13.6/lib:/home/brian/.rbenv/versions/3.4.8/lib/ruby/gems/3.4.0/gems/rspec-support-3.13.7/lib /home/brian/.rbenv/versions/3.4.8/lib/ruby/gems/3.4.0/gems/rspec-core-3.13.6/exe/rspec --pattern spec/\*\*\{,/\*/\*\*\}/\*_spec.rb ............................*........................................................................................................ Pending: (Failures listed here are expected and do not affect your suite's status) 1) User add some examples to (or delete) /home/brian/projects/saber/spec/models/user_spec.rb # Not yet implemented # ./spec/models/user_spec.rb:4 Finished in 0.62195 seconds (files took 0.32583 seconds to load) 133 examples, 0 failures, 1 pending. These checks have been failing since M5; M5 backend likely merged via admin bypass. Landing this first so M6 frontend PR #33 can rebase onto green main.

- Patches GHSA-c4rq-3m3g-8wgx (High, CSS selector tokenizer regex backtracking) and GHSA-v2fc-qm4h-8hqv (Medium, XSLT memory leak). - Surfaced by `bin/bundler-audit` in the scan_ruby CI job, which was already failing alongside the other three issues in this PR. - Transitive update only — no `Gemfile` change.

bstruong added 2 commits May 11, 2026 15:38

bstruong merged commit 283e984 into main May 11, 2026
3 checks passed

bstruong deleted the chore/fix-ci branch May 11, 2026 22:46

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(ci): fix lint, brakeman, and test command#34

chore(ci): fix lint, brakeman, and test command#34
bstruong merged 2 commits into
mainfrom
chore/fix-ci

bstruong commented May 11, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

bstruong commented May 11, 2026

Not yet implemented

./spec/models/user_spec.rb:4

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant