Showing 26 of 26 total issues
Dependencies should be sorted in an alphabetical order within their section of the gemspec. Dependency rake
should appear before rspec
. Open
s.add_development_dependency "rake"
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Dependencies in the gemspec should be alphabetically sorted.
Example:
# bad
spec.add_dependency 'rubocop'
spec.add_dependency 'rspec'
# good
spec.add_dependency 'rspec'
spec.add_dependency 'rubocop'
# good
spec.add_dependency 'rubocop'
spec.add_dependency 'rspec'
# bad
spec.add_development_dependency 'rubocop'
spec.add_development_dependency 'rspec'
# good
spec.add_development_dependency 'rspec'
spec.add_development_dependency 'rubocop'
# good
spec.add_development_dependency 'rubocop'
spec.add_development_dependency 'rspec'
# bad
spec.add_runtime_dependency 'rubocop'
spec.add_runtime_dependency 'rspec'
# good
spec.add_runtime_dependency 'rspec'
spec.add_runtime_dependency 'rubocop'
# good
spec.add_runtime_dependency 'rubocop'
spec.add_runtime_dependency 'rspec'
Example: TreatCommentsAsGroupSeparators: true (default)
# good
# For code quality
spec.add_dependency 'rubocop'
# For tests
spec.add_dependency 'rspec'
Example: TreatCommentsAsGroupSeparators: false
# bad
# For code quality
spec.add_dependency 'rubocop'
# For tests
spec.add_dependency 'rspec'
URI.regexp(%w(http https))
is obsolete and should not be used. Instead, use URI::DEFAULT_PARSER.make_regexp(%w(http https))
. Open
raise "Must specify a mode for URL file sources" if source_file =~ URI.regexp(%w(http https))
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Identifies places where URI.regexp
is obsolete and should
not be used. Instead, use URI::DEFAULT_PARSER.make_regexp
.
Example:
# bad
URI.regexp('http://example.com')
# good
URI::DEFAULT_PARSER.make_regexp('http://example.com')
Variable @name
used in void context. Open
@name
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for operators, variables, literals, lambda, proc and nonmutating methods used in void context.
Example: CheckForMethodsWithNoSideEffects: false (default)
# bad
def some_method
some_num * 10
do_something
end
def some_method(some_var)
some_var
do_something
end
Example: CheckForMethodsWithNoSideEffects: true
# bad
def some_method(some_array)
some_array.sort
do_something(some_array)
end
# good
def some_method
do_something
some_num * 10
end
def some_method(some_var)
do_something
some_var
end
def some_method(some_array)
some_array.sort!
do_something(some_array)
end
Use atomic file operation method FileUtils.rm_f
. Open
File.delete(path) if File.exist?(path)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for non-atomic file operation. And then replace it with a nearly equivalent and atomic method.
These can cause problems that are difficult to reproduce, especially in cases of frequent file operations in parallel, such as test runs with parallel_rspec.
For examples: creating a directory if there is none, has the following problems
An exception occurs when the directory didn't exist at the time of exist?
,
but someone else created it before mkdir
was executed.
Subsequent processes are executed without the directory that should be there
when the directory existed at the time of exist?
,
but someone else deleted it shortly afterwards.
Safety:
This cop is unsafe, because autocorrection change to atomic processing. The atomic processing of the replacement destination is not guaranteed to be strictly equivalent to that before the replacement.
Example:
# bad - race condition with another process may result in an error in `mkdir`
unless Dir.exist?(path)
FileUtils.mkdir(path)
end
# good - atomic and idempotent creation
FileUtils.mkdir_p(path)
# bad - race condition with another process may result in an error in `remove`
if File.exist?(path)
FileUtils.remove(path)
end
# good - atomic and idempotent removal
FileUtils.rm_f(path)
Call super
to initialize state of the parent class. Open
def initialize(options = {})
options.each { |n, v| public_send("#{n}=", v) }
@realm = @realm.upcase if @realm
@name ||= "#{service}/#{hostname}@#{realm}"
@name
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the presence of constructors and lifecycle callbacks
without calls to super
.
This cop does not consider method_missing
(and respond_to_missing?
)
because in some cases it makes sense to overtake what is considered a
missing method. In other cases, the theoretical ideal handling could be
challenging or verbose for no actual gain.
Autocorrection is not supported because the position of super
cannot be
determined automatically.
Object
and BasicObject
are allowed by this cop because of their
stateless nature. However, sometimes you might want to allow other parent
classes from this cop, for example in the case of an abstract class that is
not meant to be called with super
. In those cases, you can use the
AllowedParentClasses
option to specify which classes should be allowed
in addition to Object
and BasicObject
.
Example:
# bad
class Employee < Person
def initialize(name, salary)
@salary = salary
end
end
# good
class Employee < Person
def initialize(name, salary)
super(name)
@salary = salary
end
end
# bad
Employee = Class.new(Person) do
def initialize(name, salary)
@salary = salary
end
end
# good
Employee = Class.new(Person) do
def initialize(name, salary)
super(name)
@salary = salary
end
end
# bad
class Parent
def self.inherited(base)
do_something
end
end
# good
class Parent
def self.inherited(base)
super
do_something
end
end
# good
class ClassWithNoParent
def initialize
do_something
end
end
Example: AllowedParentClasses: [MyAbstractClass]
# good
class MyConcreteClass < MyAbstractClass
def initialize
do_something
end
end
metadata['rubygems_mfa_required']
must be set to 'true'
. Open
Gem::Specification.new do |s|
s.name = "httpd_configmap_generator"
s.version = HttpdConfigmapGenerator::VERSION
s.authors = ["Httpd Auth Config Developers"]
s.homepage = "https://github.com/ManageIQ/httpd_configmap_generator"
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Requires a gemspec to have rubygems_mfa_required
metadata set.
This setting tells RubyGems that MFA (Multi-Factor Authentication) is required for accounts to be able perform privileged operations, such as (see RubyGems' documentation for the full list of privileged operations):
gem push
gem yank
gem owner --add/remove
- adding or removing owners using gem ownership page
This helps make your gem more secure, as users can be more confident that gem updates were pushed by maintainers.
Example:
# bad
Gem::Specification.new do |spec|
# no `rubygems_mfa_required` metadata specified
end
# good
Gem::Specification.new do |spec|
spec.metadata = {
'rubygems_mfa_required' => 'true'
}
end
# good
Gem::Specification.new do |spec|
spec.metadata['rubygems_mfa_required'] = 'true'
end
# bad
Gem::Specification.new do |spec|
spec.metadata = {
'rubygems_mfa_required' => 'false'
}
end
# good
Gem::Specification.new do |spec|
spec.metadata = {
'rubygems_mfa_required' => 'true'
}
end
# bad
Gem::Specification.new do |spec|
spec.metadata['rubygems_mfa_required'] = 'false'
end
# good
Gem::Specification.new do |spec|
spec.metadata['rubygems_mfa_required'] = 'true'
end