From 42205084256be46d8aebe8511fb7c3e01cd6b531 Mon Sep 17 00:00:00 2001
From: Sammy <sammysteiner@navapbc.com>
Date: Fri, 28 Jun 2024 19:45:21 -0400
Subject: [PATCH] Security doc multiline update (#45)

---
 docs/app-rails/application-security.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/app-rails/application-security.md b/docs/app-rails/application-security.md
index c274fc7..eec0102 100644
--- a/docs/app-rails/application-security.md
+++ b/docs/app-rails/application-security.md
@@ -55,7 +55,7 @@ There is currently no file upload or download functionality at this time, so ple
 - [x] Filter log entries so they do not include passwords or secrets
     - Note:  Log filtering is set in  [filter_parameter_logging.rb](app-rails/config/initializers/filter_parameter_logging.rb): `:passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn`.
 - [x] Use the correct Ruby REGEX: `\A` and `\z` and not the more common: `/^` and `$/`.
-- [ ] Add `multiline: true` to regex `format:` in validations.
+    - Note: If there is a need to use `/^` and `$/` in the regex, add `multiline: true` to regex `format:` in validations.
 - [x] When searching for data belonging to the user, search using Active Record from the user and not from the target data object. ie. Instead of doing: `@task = Task.find(params[:id])`, instead do: `@user.tasks.find(params[:id])`. 
     - Note: This application is also using [pundit](https://github.com/varvet/pundit) to support resource authorization.