lib/brakeman/checks/check_session_settings.rb in brakeman-lib-4.3.1 vs lib/brakeman/checks/check_session_settings.rb in brakeman-lib-4.4.0
- old
+ new
@@ -121,10 +121,10 @@
Brakeman.notify "[Notice] #{self.class}: Unable to parse `#{secrets_file}`"
Brakeman.debug "Failed to parse #{secrets_file}: #{e.inspect}"
return
end
- if secrets["production"] and secret = secrets["production"]["secret_key_base"]
+ if secrets && secrets["production"] and secret = secrets["production"]["secret_key_base"]
unless secret.include? "<%="
line = yaml.lines.find_index { |l| l.include? secret } + 1
warn_about_secret_token line, @app_tree.expand_path(secrets_file)
end