chore(deps-dev): bump rubocop-rails from 2.34.3 to 2.35.0 in the bundler group

Gemfile.lock

@@ -149,7 +149,7 @@ GEM
       prism (>= 1.3.0)
       rdoc (>= 4.0.0)
       reline (>= 0.4.2)
-    json (2.19.4)
+    json (2.19.5)
     language_server-protocol (3.17.0.5)
     lint_roller (1.1.0)
     listen (3.9.0)
@@ -168,7 +168,7 @@ GEM
     marcel (1.1.0)
     method_source (1.1.0)
     mini_mime (1.1.5)
-    minitest (6.0.4)
+    minitest (6.0.6)
       drb (~> 2.0)
       prism (~> 1.5)
     msgpack (1.8.0)
@@ -204,8 +204,8 @@ GEM
       childprocess (>= 0.6.3, < 6)
       iniparse (~> 1.4)
       rexml (>= 3.3.9)
-    parallel (1.27.0)
-    parser (3.3.10.0)
+    parallel (2.1.0)
+    parser (3.3.11.1)
       ast (~> 2.4.1)
       racc
     pp (0.6.3)
@@ -331,7 +331,7 @@ GEM
       erb
       psych (>= 4.0.0)
       tsort
-    regexp_parser (2.11.3)
+    regexp_parser (2.12.0)
     reline (0.6.3)
       io-console (~> 0.5)
     rexml (3.4.4)
@@ -352,18 +352,18 @@ GEM
       rspec-mocks (>= 3.13.0, < 5.0.0)
       rspec-support (>= 3.13.0, < 5.0.0)
     rspec-support (3.13.7)
-    rubocop (1.82.1)
+    rubocop (1.86.1)
       json (~> 2.3)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.1.0)
-      parallel (~> 1.10)
+      parallel (>= 1.10)
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 2.9.3, < 3.0)
-      rubocop-ast (>= 1.48.0, < 2.0)
+      rubocop-ast (>= 1.49.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.49.0)
+    rubocop-ast (1.49.1)
       parser (>= 3.3.7.2)
       prism (~> 1.7)
     rubocop-factory_bot (2.28.0)
@@ -381,7 +381,7 @@ GEM
       lint_roller (~> 1.1)
       rubocop (>= 1.75.0, < 2.0)
       rubocop-ast (>= 1.47.1, < 2.0)
-    rubocop-rails (2.34.3)
+    rubocop-rails (2.35.0)
       activesupport (>= 4.2.0)
       lint_roller (~> 1.1)
       rack (>= 1.1)

app/controllers/stacks_controller.rb

@@ -99,7 +99,7 @@ def log
 
   def set_stack
     Rails.logger.debug { params.to_json }
-    @stack = Stack.find_by!(uuid: params[:uuid])
+    @stack = Stack.find_by!(uuid: params.expect(:uuid))
   rescue ActiveRecord::RecordNotFound
     render json: { error: 'Stack not found' }, status: :not_found
   end

app/controllers/stacks_controller/streams_logs.rb

@@ -38,7 +38,7 @@ def open_log_file!(sse)
           return nil
         end
 
-        log = File.open(log_file, 'r')
+        log = File.open(log_file, 'r') # rubocop:disable Style/FileOpen
         log.seek(0, IO::SEEK_END)
         log
       end

config/brakeman.ignore

@@ -1,27 +1,27 @@
 {
   "ignored_warnings": [
     {
-      "warning_type": "Dangerous Send",
-      "warning_code": 23,
-      "fingerprint": "63882a8ffe1934e347e4599d7c873cdafd65959dd4ea1ecd627f5f25f8f1a10b",
-      "check_name": "Send",
-      "message": "User controlled method execution",
-      "file": "app/controllers/stacks_controller.rb",
-      "line": 62,
-      "link": "https://brakemanscanner.org/docs/warning_types/dangerous_send/",
-      "code": "Stack.find_by!(:uuid => params[:uuid]).send(params[:command].to_sym)",
+      "warning_type": "File Access",
+      "warning_code": 16,
+      "fingerprint": "4904d0275afd5c2d4fb814d72e167bb544b6dd751e408e81881671fc3c8d3b69",
+      "check_name": "FileAccess",
+      "message": "Model attribute used in file name",
+      "file": "app/controllers/stacks_controller/streams_logs.rb",
+      "line": 41,
+      "link": "https://brakemanscanner.org/docs/warning_types/file_access/",
+      "code": "File.open(Stack.find_by!(:uuid => params.expect(:uuid)).assets.log_file.to_s, \"r\")",
       "render_path": null,
       "location": {
         "type": "method",
         "class": "StacksController",
-        "method": "control"
+        "method": "open_log_file!"
       },
-      "user_input": "params[:command].to_sym",
-      "confidence": "High",
+      "user_input": "Stack.find_by!(:uuid => params.expect(:uuid)).assets.log_file.to_s",
+      "confidence": "Medium",
       "cwe_id": [
-        77
+        22
       ],
-      "note": "User input is verified in previous code"
+      "note": "Allow stack log streaming."
     },
     {
       "warning_type": "File Access",
@@ -46,14 +46,37 @@
       ],
       "note": "Allow stack log file download"
     },
+    {
+      "warning_type": "Dangerous Send",
+      "warning_code": 23,
+      "fingerprint": "7e985fe2f6eed90f6be94d15e341029faaf889fddca596fe02ce5fff090cdd46",
+      "check_name": "Send",
+      "message": "User controlled method execution",
+      "file": "app/controllers/stacks_controller.rb",
+      "line": 62,
+      "link": "https://brakemanscanner.org/docs/warning_types/dangerous_send/",
+      "code": "Stack.find_by!(:uuid => params.expect(:uuid)).send(params[:command].to_sym)",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "StacksController",
+        "method": "control"
+      },
+      "user_input": "params[:command].to_sym",
+      "confidence": "High",
+      "cwe_id": [
+        77
+      ],
+      "note": "Allow stack log streaming."
+    },
     {
       "warning_type": "Command Injection",
       "warning_code": 14,
       "fingerprint": "80bd62a07f42d85dc647bd1d0dd51666c6ca09f0ed5e61e7c497098e6757a2be",
       "check_name": "Execute",
       "message": "Possible command injection",
       "file": "app/jobs/stack_job.rb",
-      "line": 29,
+      "line": 46,
       "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
       "code": "Open3.capture2e({}, ERB.new(Rails.root.join(\"app/jobs/stack_job/templates/#{self.class.script_template}.sh.tt\").read, :trim_mode => \"-\").result(binding))",
       "render_path": null,
@@ -68,30 +91,7 @@
         77
       ],
       "note": "Script templates are part of the source code"
-    },
-    {
-      "warning_type": "File Access",
-      "warning_code": 16,
-      "fingerprint": "ecd18b0a8cd3cb99d43f5dcb2686642841fc8763951d1748fd7b384ed4cbab93",
-      "check_name": "FileAccess",
-      "message": "Model attribute used in file name",
-      "file": "app/controllers/stacks_controller/streams_logs.rb",
-      "line": 36,
-      "link": "https://brakemanscanner.org/docs/warning_types/file_access/",
-      "code": "File.open(Stack.find_by!(:uuid => params[:uuid]).assets.log_file.to_s, \"r\")",
-      "render_path": null,
-      "location": {
-        "type": "method",
-        "class": "StacksController",
-        "method": "open_log_file!"
-      },
-      "user_input": "Stack.find_by!(:uuid => params[:uuid]).assets.log_file.to_s",
-      "confidence": "Medium",
-      "cwe_id": [
-        22
-      ],
-      "note": ""
     }
   ],
-  "brakeman_version": "7.0.0"
+  "brakeman_version": "8.0.4"
 }