lib/brakeman/checks/check_sql.rb in brakeman-min-4.7.2 vs lib/brakeman/checks/check_sql.rb in brakeman-min-4.8.0

@@ -523,12 +523,10 @@
     end
 
     false
   end
 
-  STRING_METHODS = Set[:<<, :+, :concat, :prepend]
-
   def check_for_string_building exp
     return unless call? exp
 
     target = exp.target
     method = exp.method
@@ -569,18 +567,9 @@
     elsif call? exp and exp.method == :to_s
       check_string_arg exp.target
     else
       exp
     end
-  end
-
-  def string_building? exp
-    return false unless call? exp and STRING_METHODS.include? exp.method
-
-    node_type? exp.target, :str, :dstr or
-    node_type? exp.first_arg, :str, :dstr or
-    string_building? exp.target or
-    string_building? exp.first_arg
   end
 
   IGNORE_METHODS_IN_SQL = Set[:id, :merge_conditions, :table_name, :quoted_table_name,
     :quoted_primary_key, :to_i, :to_f, :sanitize_sql, :sanitize_sql_array,
     :sanitize_sql_for_assignment, :sanitize_sql_for_conditions, :sanitize_sql_hash,