From a2def2424ca67b3bd1631ede220c9969e2e83bec Mon Sep 17 00:00:00 2001
From: Gaetan Craig-Riou <gaetan.riou@gmail.com>
Date: Mon, 24 Jul 2023 11:39:26 +1000
Subject: [PATCH] Add a comment around the use of safe_constantize

It triggers a Brakeman error that can be safely ignored
---
 app/controllers/admin/vouchers_controller.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/controllers/admin/vouchers_controller.rb b/app/controllers/admin/vouchers_controller.rb
index 38a4203fd5..01ca689b91 100644
--- a/app/controllers/admin/vouchers_controller.rb
+++ b/app/controllers/admin/vouchers_controller.rb
@@ -9,6 +9,8 @@ module Admin
     end
 
     def create
+      # The use of "safe_constantize" here will trigger a Brakeman error, it can safely be ignored
+      # as it's a false positive : https://github.com/openfoodfoundation/openfoodnetwork/pull/10821
       voucher_type = params[:vouchers_flat_rate][:voucher_type]
       if Voucher::TYPES.include?(voucher_type)
         @voucher = voucher_type.safe_constantize.create(