Sign upLogin

JonMidhir/ruby-time_range

View on GitHub
Star

Showing 8 of 8 total issues

OS Command Injection in Rake
Open

    rake (10.4.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8130

Criticality: High

URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8

Solution: upgrade to >= 12.3.3

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)
Open

    json (2.0.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-10663

Criticality: High

URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/

Solution: upgrade to >= 2.3.0

RuboCop gem Insecure use of /tmp
Open

    rubocop (0.42.0)
Severity: Info
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2017-8418

Criticality: Low

URL: https://github.com/bbatsov/rubocop/issues/4336

Solution: upgrade to >= 0.49.0

Method initialize has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def initialize(b, e, exclude_end = false)
    raise TypeError unless [b, e].all? { |arg| arg.is_a?(Time) }

    valid_time = if exclude_end
                   (e - 1) >= b
Severity: Minor
Found in lib/time_range.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Prefer single-quoted strings when you don't need string interpolation or special symbols.
Open

gem "codeclimate-test-reporter", group: :test, require: nil
Severity: Minor
Found in Gemfile by rubocop

Checks if uses of quotes match the configured preference.

Example: EnforcedStyle: single_quotes (default)

# bad
"No special symbols"
"No string interpolation"
"Just text"

# good
'No special symbols'
'No string interpolation'
'Just text'
"Wait! What's #{this}!"

Example: EnforcedStyle: double_quotes

# bad
'Just some text'
'No special chars or interpolation'

# good
"Just some text"
"No special chars or interpolation"
"Every string in #{project} uses double_quotes"

%w-literals should be delimited by [ and ].
Open

    %w(begins_within? ends_within? encapsulates?).any? do |condition|
Severity: Minor
Found in lib/time_range.rb by rubocop

This cop enforces the consistent usage of %-literal delimiters.

Specify the 'default' key to set all preferred delimiters at once. You can continue to specify individual preferred delimiters to override the default.

Example:

# Style/PercentLiteralDelimiters:
#   PreferredDelimiters:
#     default: '[]'
#     '%i':    '()'

# good
%w[alpha beta] + %i(gamma delta)

# bad
%W(alpha #{beta})

# bad
%I(alpha beta)

Favor a normal if-statement over a modifier clause in a multiline statement.
Open

    self.class.new(
      [self.begin, time_range.begin].max,
      [max, time_range.max].min
    ) if overlaps?(time_range)
Severity: Minor
Found in lib/time_range.rb by rubocop

Checks for uses of if/unless modifiers with multiple-lines bodies.

Example:

# bad
{
  result: 'this should not happen'
} unless cond

# good
{ result: 'ok' } if cond

Add an empty line after magic comments.
Open

lib = File.expand_path('../lib', __FILE__)
Severity: Minor
Found in ruby-time_range.gemspec by rubocop

Checks for a newline after the final magic comment.

Example:

# good
# frozen_string_literal: true

# Some documentation for Person
class Person
  # Some code
end

# bad
# frozen_string_literal: true
# Some documentation for Person
class Person
  # Some code
end
Severity
Category
Status
Source
Language