Add details to disabled rubocop (!76166) · Merge requests · GitLab.org / GitLab

Dominic Couture requested to merge dcouture-marshal-load-rubocop-comment into master Dec 06, 2021

What does this MR do and why?

Marshal.load can be a very dangerous method and we have a call where the rubocop rule Security/MarshalLoad is disabled. This was done a long time ago and we were wondering why. I added a link to the discussion so the next person asking themselves this question doesn't have to do the analysis again.

This MR only adds 2 lines of comment and doesn't change any code.

Screenshots or screen recordings

N/A

How to set up and validate locally

Nothing to validate, this only adds a comment

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Dec 06, 2021 by Dominic Couture

Add details to disabled rubocop

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports