Sign upLogin

ManageIQ/manageiq

View on GitHub
Star

Showing 1,311 of 1,311 total issues

Use block explicitly instead of block-passing a method object.
Open

        ems.endpoints = endpoints.map(&method(:assign_nested_endpoint))
Severity: Minor
Found in app/models/ext_management_system.rb by rubocop

Use s[:enabled] = true; s[:message] = "" instead of s.merge!(:enabled => true, :message => "").
Open

      s.merge!(:enabled => true, :message => "")
Severity: Minor
Found in app/models/host.rb by rubocop

This cop identifies places where Hash#merge! can be replaced by Hash#[]=.

Example:

hash.merge!(a: 1)
hash.merge!({'key' => 'value'})
hash.merge!(a: 1, b: 2)

Prefer using YAML.safe_load over YAML.load.
Open

    YAML.load(binary_blob.binary)
Severity: Minor
Found in app/models/import_file_upload.rb by rubocop

Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.

NOTE: Ruby 3.1+ (Psych 4) uses Psych.load as Psych.safe_load by default.

Safety:

The behavior of the code might change depending on what was in the YAML payload, since YAML.safe_load is more restrictive.

Example:

# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default

# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo])                    # Ruby 2.5  (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo])      # Ruby 3.1+ (Psych 4)
YAML.dump(foo)

Use filter_map instead.
Open

    collections_data = collections.map do |_, collection|
      next if collection.data.blank? &&
              collection.targeted_scope.primary_references.blank? &&
              collection.all_manager_uuids.nil? &&
              collection.skeletal_primary_index.index_data.blank?
Severity: Minor
Found in app/models/manageiq/providers/inventory/persister.rb by rubocop

Use collect { |x| x.manager_uuids.to_a } instead of collect method chain.
Open

          manager_uuids = inventory_collection.parent_inventory_collections.collect(&:manager_uuids).map(&:to_a).flatten
Severity: Minor
Found in app/models/manageiq/providers/inventory/persister/builder/shared.rb by rubocop

Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant.
Open

      %i[metric cost rate].collect do |type|
Severity: Minor
Found in app/models/chargeback_vm.rb by rubocop

Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant.
Open

      [:name, :product_name, :device_name].each do |k|
Severity: Minor
Found in app/models/ems_refresh.rb by rubocop

Avoid more than 3 levels of block nesting.
Open

            attrs[:mem_usage_absolute_average] = 100.0 / total_mem * attrs[:derived_memory_used] if total_mem > 0 && !attrs[:derived_memory_used].nil?
Severity: Minor
Found in app/models/metric/processing.rb by rubocop

Checks for excessive nesting of conditional and looping constructs.

You can configure if blocks are considered using the CountBlocks option. When set to false (the default) blocks are not counted towards the nesting level. Set to true to count blocks as well.

The maximum level of nesting allowed is configurable.

Avoid rescuing the Exception class. Perhaps you meant to rescue StandardError?
Open

            rescue Exception => err
              _log.warn("#{err.message} (from Authenticator#user_proxy_membership)")
Severity: Minor
Found in app/models/authenticator/ldap.rb by rubocop

Checks for rescue blocks targeting the Exception class.

Example:

# bad

begin
  do_something
rescue Exception
  handle_exception
end

Example:

# good

begin
  do_something
rescue ArgumentError
  handle_exception
end

Use filter_map instead.
Open

    containers.map(&:limit_memory_bytes).compact.sum
Severity: Minor
Found in app/models/container_image.rb by rubocop

Use filter_map instead.
Open

    vms_uids = hashes.collect { |h| h[:uid_ems] }.compact
Severity: Minor
Found in app/models/ems_refresh/save_inventory.rb by rubocop

Do not suppress exceptions.
Open

  rescue
Severity: Minor
Found in app/models/host.rb by rubocop

Checks for rescue blocks with no body.

Example:

# bad
def some_method
  do_something
rescue
end

# bad
begin
  do_something
rescue
end

# good
def some_method
  do_something
rescue
  handle_exception
end

# good
begin
  do_something
rescue
  handle_exception
end

Example: AllowComments: true (default)

# good
def some_method
  do_something
rescue
  # do nothing
end

# good
begin
  do_something
rescue
  # do nothing
end

Example: AllowComments: false

# bad
def some_method
  do_something
rescue
  # do nothing
end

# bad
begin
  do_something
rescue
  # do nothing
end

Example: AllowNil: true (default)

# good
def some_method
  do_something
rescue
  nil
end

# good
begin
  do_something
rescue
  # do nothing
end

# good
do_something rescue nil

Example: AllowNil: false

# bad
def some_method
  do_something
rescue
  nil
end

# bad
begin
  do_something
rescue
  nil
end

# bad
do_something rescue nil

Use #key? instead of #keys.include?.
Open

          next unless report_col_options.keys.include?("#{chargeable_field.rate_name}_cost")
Severity: Minor
Found in app/models/chargeback.rb by rubocop

private (on line 245) does not make singleton methods private. Use private_class_method or private inside a class << self block instead.
Open

  def self.default_rate_details_for(rate_type)
Severity: Minor
Found in app/models/chargeback_rate_detail.rb by rubocop

Checks for private or protected access modifiers which are applied to a singleton method. These access modifiers do not make singleton methods private/protected. private_class_method can be used for that.

Example:

# bad

class C
  private

  def self.method
    puts 'hi'
  end
end

Example:

# good

class C
  def self.method
    puts 'hi'
  end

  private_class_method :method
end

Example:

# good

class C
  class << self
    private

    def method
      puts 'hi'
    end
  end
end

Prefer using YAML.safe_load over YAML.load.
Open

    input = YAML.load(fd)
Severity: Minor
Found in app/models/classification.rb by rubocop

Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.

NOTE: Ruby 3.1+ (Psych 4) uses Psych.load as Psych.safe_load by default.

Safety:

The behavior of the code might change depending on what was in the YAML payload, since YAML.safe_load is more restrictive.

Example:

# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default

# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo])                    # Ruby 2.5  (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo])      # Ruby 3.1+ (Psych 4)
YAML.dump(foo)

Avoid when branches without a body.
Open

      when :none
Severity: Minor
Found in app/models/metric/ci_mixin.rb by rubocop

Checks for the presence of when branches without a body.

Example:

# bad
case foo
when bar
  do_something
when baz
end

Example:

# good
case condition
when foo
  do_something
when bar
  nil
end

Example: AllowComments: true (default)

# good
case condition
when foo
  do_something
when bar
  # noop
end

Example: AllowComments: false

# bad
case condition
when foo
  do_something
when bar
  # do nothing
end

Duplicate branch body detected.
Open

    when Service then true
Severity: Minor
Found in app/models/metric/ci_mixin/targets.rb by rubocop

Checks that there are no repeated bodies within if/unless, case-when, case-in and rescue constructs.

With IgnoreLiteralBranches: true, branches are not registered as offenses if they return a basic literal value (string, symbol, integer, float, rational, complex, true, false, or nil), or return an array, hash, regexp or range that only contains one of the above basic literal values.

With IgnoreConstantBranches: true, branches are not registered as offenses if they return a constant value.

Example:

# bad
if foo
  do_foo
  do_something_else
elsif bar
  do_foo
  do_something_else
end

# good
if foo || bar
  do_foo
  do_something_else
end

# bad
case x
when foo
  do_foo
when bar
  do_foo
else
  do_something_else
end

# good
case x
when foo, bar
  do_foo
else
  do_something_else
end

# bad
begin
  do_something
rescue FooError
  handle_error
rescue BarError
  handle_error
end

# good
begin
  do_something
rescue FooError, BarError
  handle_error
end

Example: IgnoreLiteralBranches: true

# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end

Example: IgnoreConstantBranches: true

# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end

Wrap expressions with varying precedence with parentheses to avoid ambiguity.
Open

    starts_with_zero? && value.zero? || value > start && value.to_f <= finish
Severity: Minor
Found in app/models/chargeback_tier.rb by rubocop

Looks for expressions containing multiple binary operators where precedence is ambiguous due to lack of parentheses. For example, in 1 + 2 * 3, the multiplication will happen before the addition, but lexically it appears that the addition will happen first.

The cop does not consider unary operators (ie. !a or -b) or comparison operators (ie. a =~ b) because those are not ambiguous.

NOTE: Ranges are handled by Lint/AmbiguousRange.

Example:

# bad
a + b * c
a || b && c
a ** b + c

# good (different precedence)
a + (b * c)
a || (b && c)
(a ** b) + c

# good (same precedence)
a + b + c
a * b / c % d

Use filter_map instead.
Open

    containers.map(&:limit_cpu_cores).compact.sum
Severity: Minor
Found in app/models/container_image.rb by rubocop

Wrap expressions with varying precedence with parentheses to avoid ambiguity.
Open

    return if !required? && @value.blank? || !visible
Severity: Minor
Found in app/models/dialog_field_text_box.rb by rubocop

Looks for expressions containing multiple binary operators where precedence is ambiguous due to lack of parentheses. For example, in 1 + 2 * 3, the multiplication will happen before the addition, but lexically it appears that the addition will happen first.

The cop does not consider unary operators (ie. !a or -b) or comparison operators (ie. a =~ b) because those are not ambiguous.

NOTE: Ranges are handled by Lint/AmbiguousRange.

Example:

# bad
a + b * c
a || b && c
a ** b + c

# good (different precedence)
a + (b * c)
a || (b && c)
(a ** b) + c

# good (same precedence)
a + b + c
a * b / c % d
Severity
Category
Status
Source
Language