Sign upLogin

FitnessKeeper/leeroy

View on GitHub
Star

Showing 89 of 89 total issues

OS Command Injection in Rake
Open

    rake (10.5.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8130

Criticality: High

URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8

Solution: upgrade to >= 12.3.3

Module has too many lines. [329/250]
Open

    module AWS
      include Leeroy::Helpers

      attr :ec2, :rds, :s3
Severity: Minor
Found in lib/leeroy/helpers/aws.rb by rubocop

This cop checks if the length a module exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.

JMESPath for Ruby using JSON.load instead of JSON.parse
Open

    jmespath (1.3.1)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2022-32511

Criticality: Critical

URL: https://github.com/jmespath/jmespath.rb/pull/55

Solution: upgrade to >= 1.6.1

File aws.rb has 342 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'aws-sdk'
require 'base64'

require 'leeroy/helpers'
require 'leeroy/helpers/env'
Severity: Minor
Found in lib/leeroy/helpers/aws.rb - About 4 hrs to fix

    Method has too many lines. [37/30]
    Open

          def _getPackerParams(state = self.state, env = self.env, options = self.options)
        begin
          logger.debug "generating Packer params to create an AMI"
          packer_params = Leeroy::Types::Mash.new
    Severity: Minor
    Found in lib/leeroy/task/packer.rb by rubocop

    This cop checks if the length of a method exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.

    Method has too many lines. [34/30]
    Open

          def _genInstanceParams(state = self.state, env = self.env, ec2 = self.ec2, options = self.options)
        begin
          logger.debug "generating params for creating an EC2 instance"

          # gather the necessary parameters
    Severity: Minor
    Found in lib/leeroy/task/instantiate.rb by rubocop

    This cop checks if the length of a method exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.

    Cyclomatic complexity for _getPackerParams is too high. [10/6]
    Open

          def _getPackerParams(state = self.state, env = self.env, options = self.options)
        begin
          logger.debug "generating Packer params to create an AMI"
          packer_params = Leeroy::Types::Mash.new
    Severity: Minor
    Found in lib/leeroy/task/packer.rb by rubocop

    This cop checks that the cyclomatic complexity of methods is not higher than the configured maximum. The cyclomatic complexity is the number of linearly independent paths through a method. The algorithm counts decision points and adds one.

    An if statement (or unless or ?:) increases the complexity by one. An else branch does not, since it doesn't add a decision point. The && operator (or keyword and) can be converted to a nested if statement, and ||/or is shorthand for a sequence of ifs, so they also add one. Loops can be said to have an exit condition, so they add one.

    Cyclomatic complexity for _genInstanceParams is too high. [7/6]
    Open

          def _genInstanceParams(state = self.state, env = self.env, ec2 = self.ec2, options = self.options)
        begin
          logger.debug "generating params for creating an EC2 instance"

          # gather the necessary parameters
    Severity: Minor
    Found in lib/leeroy/task/instantiate.rb by rubocop

    This cop checks that the cyclomatic complexity of methods is not higher than the configured maximum. The cyclomatic complexity is the number of linearly independent paths through a method. The algorithm counts decision points and adds one.

    An if statement (or unless or ?:) increases the complexity by one. An else branch does not, since it doesn't add a decision point. The && operator (or keyword and) can be converted to a nested if statement, and ||/or is shorthand for a sequence of ifs, so they also add one. Loops can be said to have an exit condition, so they add one.

    Cyclomatic complexity for genImageName is too high. [7/6]
    Open

          def genImageName(phase = nil, state = self.state, options = self.options)
        begin
          # extract phase from state if not provided
          phase = state.phase if phase.nil?
    Severity: Minor
    Found in lib/leeroy/helpers/inventory.rb by rubocop

    This cop checks that the cyclomatic complexity of methods is not higher than the configured maximum. The cyclomatic complexity is the number of linearly independent paths through a method. The algorithm counts decision points and adds one.

    An if statement (or unless or ?:) increases the complexity by one. An else branch does not, since it doesn't add a decision point. The && operator (or keyword and) can be converted to a nested if statement, and ||/or is shorthand for a sequence of ifs, so they also add one. Loops can be said to have an exit condition, so they add one.

    Method _getPackerParams has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
    Open

          def _getPackerParams(state = self.state, env = self.env, options = self.options)
        begin
          logger.debug "generating Packer params to create an AMI"
          packer_params = Leeroy::Types::Mash.new
    Severity: Minor
    Found in lib/leeroy/task/packer.rb - About 1 hr to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method _getPackerParams has 37 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

          def _getPackerParams(state = self.state, env = self.env, options = self.options)
        begin
          logger.debug "generating Packer params to create an AMI"
          packer_params = Leeroy::Types::Mash.new
    Severity: Minor
    Found in lib/leeroy/task/packer.rb - About 1 hr to fix

      Method _genInstanceParams has 34 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

            def _genInstanceParams(state = self.state, env = self.env, ec2 = self.ec2, options = self.options)
        begin
          logger.debug "generating params for creating an EC2 instance"

          # gather the necessary parameters
      Severity: Minor
      Found in lib/leeroy/task/instantiate.rb - About 1 hr to fix

        Method dump has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
        Open

              def dump
        begin
          logger.debug "beginning dump"

          dump_mash = Leeroy::Types::Mash.new
        Severity: Minor
        Found in lib/leeroy/helpers/dumpable.rb - About 1 hr to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Similar blocks of code found in 3 locations. Consider refactoring.
        Open

              c.action do |global_options,options,args|
        # validate input
        unless options[:fixture].nil? or valid_fixture.include?(options[:fixture])
          help_now! "Valid arguments for '--fixture' are: #{valid_fixture.join(',')}."
        end
        Severity: Major
        Found in lib/leeroy/app.rb and 2 other locations - About 50 mins to fix
        lib/leeroy/app.rb on lines 62..69
        lib/leeroy/app.rb on lines 132..139

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 37.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 3 locations. Consider refactoring.
        Open

              c.action do |global_options,options,args|
      # validate input
        unless options[:phase].nil? or valid_phase.include?(options[:phase])
        help_now! "Valid arguments for '--phase' are: #{valid_phase.join(',')}."
        end
        Severity: Major
        Found in lib/leeroy/app.rb and 2 other locations - About 50 mins to fix
        lib/leeroy/app.rb on lines 62..69
        lib/leeroy/app.rb on lines 154..161

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 37.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 3 locations. Consider refactoring.
        Open

              c.action do |global_options,options,args|
        # validate input
        unless options[:phase].nil? or valid_phase.include?(options[:phase])
          help_now! "Valid arguments for '--phase' are: #{valid_phase.join(',')}."
        end
        Severity: Major
        Found in lib/leeroy/app.rb and 2 other locations - About 50 mins to fix
        lib/leeroy/app.rb on lines 132..139
        lib/leeroy/app.rb on lines 154..161

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 37.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Method filterImages has 6 arguments (exceeds 4 allowed). Consider refactoring.
        Open

              def filterImages(selector, collector = lambda { |x| x }, state = self.state, env = self.env, ec2 = self.ec2, options = self.options)
        Severity: Minor
        Found in lib/leeroy/helpers/aws.rb - About 45 mins to fix

          Method createTags has 5 arguments (exceeds 4 allowed). Consider refactoring.
          Open

                def createTags(tags = {}, resourceids = [], state = self.state, env = self.env, options = self.options)
          Severity: Minor
          Found in lib/leeroy/helpers/aws.rb - About 35 mins to fix

            Method _genImageParams has 5 arguments (exceeds 4 allowed). Consider refactoring.
            Open

                  def _genImageParams(phase, state = self.state, env = self.env, ec2 = self.ec2, options = self.options)
            Severity: Minor
            Found in lib/leeroy/task/image.rb - About 35 mins to fix

              Method _resolveResources has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
              Open

                    def _resolveResources(state = self.state, env = self.env, ec2 = self.ec2, options = self.options)
        begin
          # resolve VPC ID
          if state.vpcid?
            vpcid = state.vpcid
              Severity: Minor
              Found in lib/leeroy/task/instantiate.rb - About 35 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Severity
              Category
              Status
              Source
              Language