FrancisCMS/FrancisCMS

View on GitHub

Showing 163 of 165 total issues

Method has too many lines. [26/10]
Open

    def verify
      @agent.user_agent = "#{FrancisCms.configuration.site_url} (http://webmention.org/)"

      if target_accepts_webmentions? && source_links_to_target?
        collection = Microformats2.parse(source_page.body)

This cop checks if the length of a method exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.

Assignment Branch Condition size for verify is too high. [30.03/15]
Open

    def verify
      @agent.user_agent = "#{FrancisCms.configuration.site_url} (http://webmention.org/)"

      if target_accepts_webmentions? && source_links_to_target?
        collection = Microformats2.parse(source_page.body)

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Assignment Branch Condition size for create is too high. [23.39/15]
Open

    def create
      source = params[:source]
      target = params[:target]

      @webmention = Webmention.where(source: source, target: target).first_or_create(source: source, target: target)

This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

Class AttributesBuilder has 23 methods (exceeds 20 allowed). Consider refactoring.
Open

    class AttributesBuilder
      def initialize(webmention, collection)
        @webmention = webmention
        @source = webmention.source
        @collection = collection
Severity: Minor
Found in app/models/francis_cms/webmention_entry.rb - About 2 hrs to fix

    Assignment Branch Condition size for show is too high. [22.87/15]
    Open

        def show
          if __logged_in__
            links = Link.tagged_with(tag)
            photos = Photo.tagged_with(tag)
            posts = Post.tagged_with(tag)

    This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

    Assignment Branch Condition size for create is too high. [22.23/15]
    Open

        def create
          @syndication = syndicatable.syndications.new(syndication_params)
    
          if @syndication.save
            flash[:notice] = t(['flashes', 'syndications', params[:silo], 'create_notice'].compact.join('.'))

    This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

    Assignment Branch Condition size for publish is too high. [21.1/15]
    Open

          def publish
            url = @syndicatable.link? ? @syndicatable.url : @canonical_url
    
            if @syndicatable.photo?
              status = @syndicatable.title.truncate(90, omission: '…', separator: ' ')

    This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

    Method has too many lines. [14/10]
    Open

          def publish
            url = @syndicatable.link? ? @syndicatable.url : @canonical_url
    
            if @syndicatable.photo?
              status = @syndicatable.title.truncate(90, omission: '…', separator: ' ')

    This cop checks if the length of a method exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.

    Assignment Branch Condition size for can_syndicate_to_flickr? is too high. [17.46/15]
    Open

            def can_syndicate_to_flickr?
              photo? &&
                Rails.application.secrets.flickr_api_key.present? &&
                Rails.application.secrets.flickr_shared_secret.present? &&
                Rails.application.secrets.flickr_access_token_key.present? &&

    This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

    Perceived complexity for verify is too high. [8/7]
    Open

        def verify
          @agent.user_agent = "#{FrancisCms.configuration.site_url} (http://webmention.org/)"
    
          if target_accepts_webmentions? && source_links_to_target?
            collection = Microformats2.parse(source_page.body)

    This cop tries to produce a complexity score that's a measure of the complexity the reader experiences when looking at a method. For that reason it considers when nodes as something that doesn't add as much complexity as an if or a &&. Except if it's one of those special case/when constructs where there's no expression after case. Then the cop treats it as an if/elsif/elsif... and lets all the when nodes count. In contrast to the CyclomaticComplexity cop, this cop considers else nodes as adding complexity.

    Example:

    def my_method                   # 1
      if cond                       # 1
        case var                    # 2 (0.8 + 4 * 0.2, rounded)
        when 1 then func_one
        when 2 then func_two
        when 3 then func_three
        when 4..10 then func_other
        end
      else                          # 1
        do_something until a && b   # 2
      end                           # ===
    end                             # 7 complexity points

    Cyclomatic complexity for verify is too high. [7/6]
    Open

        def verify
          @agent.user_agent = "#{FrancisCms.configuration.site_url} (http://webmention.org/)"
    
          if target_accepts_webmentions? && source_links_to_target?
            collection = Microformats2.parse(source_page.body)

    This cop checks that the cyclomatic complexity of methods is not higher than the configured maximum. The cyclomatic complexity is the number of linearly independent paths through a method. The algorithm counts decision points and adds one.

    An if statement (or unless or ?:) increases the complexity by one. An else branch does not, since it doesn't add a decision point. The && operator (or keyword and) can be converted to a nested if statement, and ||/or is shorthand for a sequence of ifs, so they also add one. Loops can be said to have an exit condition, so they add one.

    Assignment Branch Condition size for source_links_to_target? is too high. [16.06/15]
    Open

        def source_links_to_target?
          # Account for blank spaces in target URLs stored in database
          target.gsub!(' ', '%20')
    
          regex_string = if source =~ /^#{site_url_regex_string}/

    This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

    Assignment Branch Condition size for can_syndicate_to_twitter? is too high. [16.28/15]
    Open

            def can_syndicate_to_twitter?
              Rails.application.secrets.twitter_consumer_key.present? &&
                Rails.application.secrets.twitter_consumer_secret.present? &&
                Rails.application.secrets.twitter_access_token.present? &&
                Rails.application.secrets.twitter_access_token_secret.present?

    This cop checks that the ABC size of methods is not higher than the configured maximum. The ABC size is based on assignments, branches (method calls), and conditions. See http://c2.com/cgi/wiki?AbcMetric

    Method verify has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring.
    Open

        def verify
          @agent.user_agent = "#{FrancisCms.configuration.site_url} (http://webmention.org/)"
    
          if target_accepts_webmentions? && source_links_to_target?
            collection = Microformats2.parse(source_page.body)
    Severity: Minor
    Found in app/models/francis_cms/webmention_verification.rb - About 1 hr to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method verify has 26 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

        def verify
          @agent.user_agent = "#{FrancisCms.configuration.site_url} (http://webmention.org/)"
    
          if target_accepts_webmentions? && source_links_to_target?
            collection = Microformats2.parse(source_page.body)
    Severity: Minor
    Found in app/models/francis_cms/webmention_verification.rb - About 1 hr to fix

      FrancisCms::AuthorAvatarUploader#manipulate_author_avatar refers to 'c' more than self (maybe move it to another class?)
      Open

                c.interlace 'plane'
                c.quality 72
                c.resize geometry
                c.unsharp 1

      Feature Envy occurs when a code fragment references another object more often than it references itself, or when several clients do the same series of manipulations on a particular type of object.

      Feature Envy reduces the code's ability to communicate intent: code that "belongs" on one class but which is located in another can be hard to find, and may upset the "System of Names" in the host class.

      Feature Envy also affects the design's flexibility: A code fragment that is in the wrong class creates couplings that may not be natural within the application's domain, and creates a loss of cohesion in the unwilling host class.

      Feature Envy often arises because it must manipulate other objects (usually its arguments) to get them into a useful form, and one force preventing them (the arguments) doing this themselves is that the common knowledge lives outside the arguments, or the arguments are of too basic a type to justify extending that type. Therefore there must be something which 'knows' about the contents or purposes of the arguments. That thing would have to be more than just a basic type, because the basic types are either containers which don't know about their contents, or they are single objects which can't capture their relationship with their fellows of the same type. So, this thing with the extra knowledge should be reified into a class, and the utility method will most likely belong there.

      Example

      Running Reek on:

      class Warehouse
        def sale_price(item)
          (item.price - item.rebate) * @vat
        end
      end

      would report:

      Warehouse#total_price refers to item more than self (FeatureEnvy)

      since this:

      (item.price - item.rebate)

      belongs to the Item class, not the Warehouse.

      Nokogiri gem, via libxslt, is affected by improper access control vulnerability
      Open

          nokogiri (1.10.1)
      Severity: Minor
      Found in Gemfile.lock by bundler-audit

      Advisory: CVE-2019-11068

      URL: https://github.com/sparklemotion/nokogiri/issues/1892

      Solution: upgrade to >= 1.10.3

      FrancisCms::WebmentionVerification#verify has approx 12 statements
      Open

          def verify

      A method with Too Many Statements is any method that has a large number of lines.

      Too Many Statements warns about any method that has more than 5 statements. Reek's smell detector for Too Many Statements counts +1 for every simple statement in a method and +1 for every statement within a control structure (if, else, case, when, for, while, until, begin, rescue) but it doesn't count the control structure itself.

      So the following method would score +6 in Reek's statement-counting algorithm:

      def parse(arg, argv, &error)
        if !(val = arg) and (argv.empty? or /\A-/ =~ (val = argv[0]))
          return nil, block, nil                                         # +1
        end
        opt = (val = parse_arg(val, &error))[1]                          # +2
        val = conv_arg(*val)                                             # +3
        if opt and !arg
          argv.shift                                                     # +4
        else
          val[0] = nil                                                   # +5
        end
        val                                                              # +6
      end

      (You might argue that the two assigments within the first @if@ should count as statements, and that perhaps the nested assignment should count as +2.)

      FrancisCms::PhotosHelper#link_to_openstreetmap refers to 'photo' more than self (maybe move it to another class?)
      Open

            link_to %(https://www.openstreetmap.org/#map=15/#{photo.latitude}/#{photo.longitude}), html_options do
              out = ''
      
              out << %(<span class="p-locality">#{photo.city}</span>) if photo.city
              out << %(, <span class="p-region">#{photo.state}</span>) if photo.state

      Feature Envy occurs when a code fragment references another object more often than it references itself, or when several clients do the same series of manipulations on a particular type of object.

      Feature Envy reduces the code's ability to communicate intent: code that "belongs" on one class but which is located in another can be hard to find, and may upset the "System of Names" in the host class.

      Feature Envy also affects the design's flexibility: A code fragment that is in the wrong class creates couplings that may not be natural within the application's domain, and creates a loss of cohesion in the unwilling host class.

      Feature Envy often arises because it must manipulate other objects (usually its arguments) to get them into a useful form, and one force preventing them (the arguments) doing this themselves is that the common knowledge lives outside the arguments, or the arguments are of too basic a type to justify extending that type. Therefore there must be something which 'knows' about the contents or purposes of the arguments. That thing would have to be more than just a basic type, because the basic types are either containers which don't know about their contents, or they are single objects which can't capture their relationship with their fellows of the same type. So, this thing with the extra knowledge should be reified into a class, and the utility method will most likely belong there.

      Example

      Running Reek on:

      class Warehouse
        def sale_price(item)
          (item.price - item.rebate) * @vat
        end
      end

      would report:

      Warehouse#total_price refers to item more than self (FeatureEnvy)

      since this:

      (item.price - item.rebate)

      belongs to the Item class, not the Warehouse.

      FrancisCms::WebmentionVerification#webmentionable has approx 6 statements
      Open

          def webmentionable

      A method with Too Many Statements is any method that has a large number of lines.

      Too Many Statements warns about any method that has more than 5 statements. Reek's smell detector for Too Many Statements counts +1 for every simple statement in a method and +1 for every statement within a control structure (if, else, case, when, for, while, until, begin, rescue) but it doesn't count the control structure itself.

      So the following method would score +6 in Reek's statement-counting algorithm:

      def parse(arg, argv, &error)
        if !(val = arg) and (argv.empty? or /\A-/ =~ (val = argv[0]))
          return nil, block, nil                                         # +1
        end
        opt = (val = parse_arg(val, &error))[1]                          # +2
        val = conv_arg(*val)                                             # +3
        if opt and !arg
          argv.shift                                                     # +4
        else
          val[0] = nil                                                   # +5
        end
        val                                                              # +6
      end

      (You might argue that the two assigments within the first @if@ should count as statements, and that perhaps the nested assignment should count as +2.)

      Severity
      Category
      Status
      Source
      Language