# File lib/brakeman/checks/check_link_to.rb, line 119 def actually_process_call exp return if @matched target = exp.target target = process target.dup if sexp? target #Bare records create links to the model resource, #not a string that could have injection #TODO: Needs test? I think this is broken? return exp if model_name? target and context == [:call, :arglist] super end