HAML inconsistency question

[kwerle]

This relates to #1914, #1842

I would like to understand why brakeman is behaving a certain way with JS in HAML so that I better know what we will have to watch for.

The following block of code is no longer in our app:

= javascript_tag do
  :plain
    MY.ActiveDataContext = {
      toContextParam: "#{@active_data_context.to_context_param}"
    }
    Object.defineProperty(MY, 'features', {
      value: Object.freeze({
        toContextParam: "#{@active_data_context.to_context_param}"
        enableAnnotations: #{@active_data_set&.random_method || false},
        enableForms: #{@active_data_set&.forms_enabled? || false},
        enableInventoryFields: #{current_user.username || false},
        enableMixtures: #{@active_data_set&.mixtures_enabled? || false},
        cardinalMixtureType: #{@active_data_set&.cardinal_mixture_type},
        enableDL: #{@active_data_set&.dl_enabled? || false},
        elnWitnessingEnabled: #{@active_data_set&.eln_witnessing_enabled? || false},
        structureEditor: "ketcher",
        isRegistrationSystem: #{!@active_data_set&.registration_system.nil?},
      }),
      writeable: false,
    })

Brakeman 7.0.0 complains about both instances of @active_data_context.to_context_param - rightly - which is what lead to the removal of this code. But all the other lines pass. And they all look equally horrible.

Why are those 2 lines caught and the others not?