Showing 10 of 12 total issues
rails-html-sanitizer 1.0.3 is vulnerable (CVE-2018-3741). Upgrade to 1.0.4 Open
rails-html-sanitizer (1.0.3)
- Read upRead up
- Exclude checks
Loofah 2.1.1 is vulnerable (CVE-2018-8048). Upgrade to 2.1.2 Open
loofah (2.1.1)
- Read upRead up
- Exclude checks
Use %i
or %I
for an array of symbols. Open
added_attrs = [:facebook_identifier, :email, :password, :password_confirmation, :remember_me]
- Read upRead up
- Exclude checks
This cop can check for array literals made up of symbols that are not using the %i() syntax.
Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.
Configuration option: MinSize
If set, arrays with fewer elements than this value will not trigger the
cop. For example, a MinSize of
3` will not enforce a style on an array
of 2 or fewer elements.
Example: EnforcedStyle: percent (default)
# good
%i[foo bar baz]
# bad
[:foo, :bar, :baz]
Example: EnforcedStyle: brackets
# good
[:foo, :bar, :baz]
# bad
%i[foo bar baz]
include
is used at the top level. Use inside class
or module
. Open
include FileUtils
- Read upRead up
- Exclude checks
This cop checks that include
, extend
and prepend
exists at
the top level.
Using these at the top level affects the behavior of Object
.
There will not be using include
, extend
and prepend
at
the top level. Let's use it inside class
or module
.
Example:
# bad
include M
class C
end
# bad
extend M
class C
end
# bad
prepend M
class C
end
# good
class C
include M
end
# good
class C
extend M
end
# good
class C
prepend M
end
Use warn
instead of $stderr.puts
to allow such output to be disabled. Open
$stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install"
- Read upRead up
- Exclude checks
This cop identifies places where $stderr.puts
can be replaced by
warn
. The latter has the advantage of easily being disabled by,
e.g. the -W0 interpreter flag, or setting $VERBOSE to nil.
Example:
# bad
$stderr.puts('hello')
# good
warn('hello')
Do not place comments on the same line as the end
keyword. Open
end # content
- Read upRead up
- Exclude checks
This cop checks for comments put on the same line as some keywords.
These keywords are: begin
, class
, def
, end
, module
.
Note that some comments (such as :nodoc:
and rubocop:disable
) are
allowed.
Example:
# bad
if condition
statement
end # end if
# bad
class X # comment
statement
end
# bad
def x; end # comment
# good
if condition
statement
end
# good
class X # :nodoc:
y
end
Use %i
or %I
for an array of symbols. Open
added_attrs = [:facebook_identifier, :email, :password, :password_confirmation, :remember_me]
- Read upRead up
- Exclude checks
This cop can check for array literals made up of symbols that are not using the %i() syntax.
Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.
Configuration option: MinSize
If set, arrays with fewer elements than this value will not trigger the
cop. For example, a MinSize of
3` will not enforce a style on an array
of 2 or fewer elements.
Example: EnforcedStyle: percent (default)
# good
%i[foo bar baz]
# bad
[:foo, :bar, :baz]
Example: EnforcedStyle: brackets
# good
[:foo, :bar, :baz]
# bad
%i[foo bar baz]
%w
-literals should be delimited by [
and ]
. Open
%w(
.ruby-version
.rbenv-vars
tmp/restart.txt
tmp/caching-dev.txt
- Read upRead up
- Exclude checks
This cop enforces the consistent usage of %
-literal delimiters.
Specify the 'default' key to set all preferred delimiters at once. You can continue to specify individual preferred delimiters to override the default.
Example:
# Style/PercentLiteralDelimiters:
# PreferredDelimiters:
# default: '[]'
# '%i': '()'
# good
%w[alpha beta] + %i(gamma delta)
# bad
%W(alpha #{beta})
# bad
%I(alpha beta)
Use warn
instead of $stderr.puts
to allow such output to be disabled. Open
$stderr.puts "Yarn executable was not detected in the system."
- Read upRead up
- Exclude checks
This cop identifies places where $stderr.puts
can be replaced by
warn
. The latter has the advantage of easily being disabled by,
e.g. the -W0 interpreter flag, or setting $VERBOSE to nil.
Example:
# bad
$stderr.puts('hello')
# good
warn('hello')
include
is used at the top level. Use inside class
or module
. Open
include FileUtils
- Read upRead up
- Exclude checks
This cop checks that include
, extend
and prepend
exists at
the top level.
Using these at the top level affects the behavior of Object
.
There will not be using include
, extend
and prepend
at
the top level. Let's use it inside class
or module
.
Example:
# bad
include M
class C
end
# bad
extend M
class C
end
# bad
prepend M
class C
end
# good
class C
include M
end
# good
class C
extend M
end
# good
class C
prepend M
end