Re-enable SqlInjection and CommandInjection

author: Brian Neel <brian@gitlab.com> 2017-08-03 22:20:34 -0400
committer: Brian Neel <brian@gitlab.com> 2017-08-08 10:50:54 -0400
commit: 9770c57fab0315865a33c8b6df269eded0d57b5c (patch)
tree: 5a7c7a9fccbce5ef3ccf6b02b1297aace41101fd /.rubocop.yml
parent: b612a47da0e0225332a59ab961206f84602ad629 (diff)
download: gitlab-ce-9770c57fab0315865a33c8b6df269eded0d57b5c.tar.gz
1 files changed, 33 insertions, 0 deletions
diff --git a/.rubocop.yml b/.rubocop.yml
index a5ccec0437b..876828f68f1 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -1,5 +1,6 @@
 require:
   - rubocop-rspec
+  - rubocop-gitlab-security
   - ./rubocop/rubocop
 
 inherit_from: .rubocop_todo.yml
@@ -1156,3 +1157,35 @@ RSpec/SubjectStub:
 # Prefer using verifying doubles over normal doubles.
 RSpec/VerifiedDoubles:
   Enabled: false
+
+# GitlabSecurity ##############################################################
+
+GitlabSecurity/DeepMunge:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
+
+GitlabSecurity/PublicSend:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
+
+GitlabSecurity/RedirectToParamsUpdate:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
+
+GitlabSecurity/SqlInjection:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
+
+GitlabSecurity/SystemCommandInjection:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
author	Brian Neel <brian@gitlab.com>	2017-08-03 22:20:34 -0400
committer	Brian Neel <brian@gitlab.com>	2017-08-08 10:50:54 -0400
commit	9770c57fab0315865a33c8b6df269eded0d57b5c (patch)
tree	5a7c7a9fccbce5ef3ccf6b02b1297aace41101fd /.rubocop.yml
parent	b612a47da0e0225332a59ab961206f84602ad629 (diff)
download	gitlab-ce-9770c57fab0315865a33c8b6df269eded0d57b5c.tar.gz