Showing 1,313 of 1,313 total issues
Call super
to initialize state of the parent class. Open
def initialize(resource_action_serializer = ResourceActionSerializer.new)
@resource_action_serializer = resource_action_serializer
end
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the presence of constructors and lifecycle callbacks
without calls to super
.
This cop does not consider method_missing
(and respond_to_missing?
)
because in some cases it makes sense to overtake what is considered a
missing method. In other cases, the theoretical ideal handling could be
challenging or verbose for no actual gain.
Autocorrection is not supported because the position of super
cannot be
determined automatically.
Object
and BasicObject
are allowed by this cop because of their
stateless nature. However, sometimes you might want to allow other parent
classes from this cop, for example in the case of an abstract class that is
not meant to be called with super
. In those cases, you can use the
AllowedParentClasses
option to specify which classes should be allowed
in addition to Object
and BasicObject
.
Example:
# bad
class Employee < Person
def initialize(name, salary)
@salary = salary
end
end
# good
class Employee < Person
def initialize(name, salary)
super(name)
@salary = salary
end
end
# bad
Employee = Class.new(Person) do
def initialize(name, salary)
@salary = salary
end
end
# good
Employee = Class.new(Person) do
def initialize(name, salary)
super(name)
@salary = salary
end
end
# bad
class Parent
def self.inherited(base)
do_something
end
end
# good
class Parent
def self.inherited(base)
super
do_something
end
end
# good
class ClassWithNoParent
def initialize
do_something
end
end
Example: AllowedParentClasses: [MyAbstractClass]
# good
class MyConcreteClass < MyAbstractClass
def initialize
do_something
end
end
Wrap expressions with varying precedence with parentheses to avoid ambiguity. Open
t.grouping(Arel::Nodes::Division.new(
Arel::Nodes::NamedFunction.new("CAST", [t[:disk_free_space].as("float")]),
t[:disk_capacity]) * -100 + 100)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Looks for expressions containing multiple binary operators
where precedence is ambiguous due to lack of parentheses. For example,
in 1 + 2 * 3
, the multiplication will happen before the addition, but
lexically it appears that the addition will happen first.
The cop does not consider unary operators (ie. !a
or -b
) or comparison
operators (ie. a =~ b
) because those are not ambiguous.
NOTE: Ranges are handled by Lint/AmbiguousRange
.
Example:
# bad
a + b * c
a || b && c
a ** b + c
# good (different precedence)
a + (b * c)
a || (b && c)
(a ** b) + c
# good (same precedence)
a + b + c
a * b / c % d
Do not suppress exceptions. Open
rescue
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for rescue
blocks with no body.
Example:
# bad
def some_method
do_something
rescue
end
# bad
begin
do_something
rescue
end
# good
def some_method
do_something
rescue
handle_exception
end
# good
begin
do_something
rescue
handle_exception
end
Example: AllowComments: true (default)
# good
def some_method
do_something
rescue
# do nothing
end
# good
begin
do_something
rescue
# do nothing
end
Example: AllowComments: false
# bad
def some_method
do_something
rescue
# do nothing
end
# bad
begin
do_something
rescue
# do nothing
end
Example: AllowNil: true (default)
# good
def some_method
do_something
rescue
nil
end
# good
begin
do_something
rescue
# do nothing
end
# good
do_something rescue nil
Example: AllowNil: false
# bad
def some_method
do_something
rescue
nil
end
# bad
begin
do_something
rescue
nil
end
# bad
do_something rescue nil
Remove unnecessary existence check File.exist?
. Open
FileUtils.rm_f(local_file) if File.exist?(local_file)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for non-atomic file operation. And then replace it with a nearly equivalent and atomic method.
These can cause problems that are difficult to reproduce, especially in cases of frequent file operations in parallel, such as test runs with parallel_rspec.
For examples: creating a directory if there is none, has the following problems
An exception occurs when the directory didn't exist at the time of exist?
,
but someone else created it before mkdir
was executed.
Subsequent processes are executed without the directory that should be there
when the directory existed at the time of exist?
,
but someone else deleted it shortly afterwards.
Safety:
This cop is unsafe, because autocorrection change to atomic processing. The atomic processing of the replacement destination is not guaranteed to be strictly equivalent to that before the replacement.
Example:
# bad - race condition with another process may result in an error in `mkdir`
unless Dir.exist?(path)
FileUtils.mkdir(path)
end
# good - atomic and idempotent creation
FileUtils.mkdir_p(path)
# bad - race condition with another process may result in an error in `remove`
if File.exist?(path)
FileUtils.remove(path)
end
# good - atomic and idempotent removal
FileUtils.rm_f(path)
Do not define constants this way within a block. Open
INVENTORY_RECONNECT_BLOCK = lambda do |inventory_collection, inventory_objects_index, attributes_index|
relation = inventory_collection.model_class.where(:ems_id => nil)
return if relation.count <= 0
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Do not define constants within a block, since the block's scope does not isolate or namespace the constant in any way.
If you are trying to define that constant once, define it outside of the block instead, or use a variable or method if defining the constant in the outer scope would be problematic.
For meta-programming, use const_set
.
Example:
# bad
task :lint do
FILES_TO_LINT = Dir['lib/*.rb']
end
# bad
describe 'making a request' do
class TestRequest; end
end
# bad
module M
extend ActiveSupport::Concern
included do
LIST = []
end
end
# good
task :lint do
files_to_lint = Dir['lib/*.rb']
end
# good
describe 'making a request' do
let(:test_request) { Class.new }
# see also `stub_const` for RSpec
end
# good
module M
extend ActiveSupport::Concern
included do
const_set(:LIST, [])
end
end
Example: AllowedMethods: ['enums'] (default)
# good
# `enums` for Typed Enums via `T::Enum` in Sorbet.
# https://sorbet.org/docs/tenum
class TestEnum < T::Enum
enums do
Foo = new("foo")
end
end
Avoid rescuing the Exception
class. Perhaps you meant to rescue StandardError
? Open
rescue Exception => err
_log.log_backtrace(err)
raise
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for rescue
blocks targeting the Exception class.
Example:
# bad
begin
do_something
rescue Exception
handle_exception
end
Example:
# good
begin
do_something
rescue ArgumentError
handle_exception
end
Use filter_map
instead. Open
connected_components = resource_actions.collect do |ra|
# not find - we need nil when not found
ra.resource_type.constantize.find_by(:id => ra.resource_id)
end.compact
- Create a ticketCreate a ticket
- Exclude checks
Literal true
used in void context. Open
true
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for operators, variables, literals, lambda, proc and nonmutating methods used in void context.
Example: CheckForMethodsWithNoSideEffects: false (default)
# bad
def some_method
some_num * 10
do_something
end
def some_method(some_var)
some_var
do_something
end
Example: CheckForMethodsWithNoSideEffects: true
# bad
def some_method(some_array)
some_array.sort
do_something(some_array)
end
# good
def some_method
do_something
some_num * 10
end
def some_method(some_var)
do_something
some_var
end
def some_method(some_array)
some_array.sort!
do_something(some_array)
end
Avoid rescuing the Exception
class. Perhaps you meant to rescue StandardError
? Open
rescue Exception => err
audit_failure(audit.merge(:message => err.message))
raise
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for rescue
blocks targeting the Exception class.
Example:
# bad
begin
do_something
rescue Exception
handle_exception
end
Example:
# good
begin
do_something
rescue ArgumentError
handle_exception
end
Shadowing outer local variable - times
. Open
times_by_tp.each do |tp, times|
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the use of local variable names from an outer scope
in block arguments or block-local variables. This mirrors the warning
given by ruby -cw
prior to Ruby 2.6:
"shadowing outer local variable - foo".
NOTE: Shadowing of variables in block passed to Ractor.new
is allowed
because Ractor
should not access outer variables.
eg. following style is encouraged:
```ruby
worker_id, pipe = env
Ractor.new(worker_id, pipe) do |worker_id, pipe|
end
```
Example:
# bad
def some_method
foo = 1
2.times do |foo| # shadowing outer `foo`
do_something(foo)
end
end
Example:
# good
def some_method
foo = 1
2.times do |bar|
do_something(bar)
end
end
Call super
to initialize state of the parent class. Open
def initialize(dialog_group_serializer = DialogGroupSerializer.new)
@dialog_group_serializer = dialog_group_serializer
end
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the presence of constructors and lifecycle callbacks
without calls to super
.
This cop does not consider method_missing
(and respond_to_missing?
)
because in some cases it makes sense to overtake what is considered a
missing method. In other cases, the theoretical ideal handling could be
challenging or verbose for no actual gain.
Autocorrection is not supported because the position of super
cannot be
determined automatically.
Object
and BasicObject
are allowed by this cop because of their
stateless nature. However, sometimes you might want to allow other parent
classes from this cop, for example in the case of an abstract class that is
not meant to be called with super
. In those cases, you can use the
AllowedParentClasses
option to specify which classes should be allowed
in addition to Object
and BasicObject
.
Example:
# bad
class Employee < Person
def initialize(name, salary)
@salary = salary
end
end
# good
class Employee < Person
def initialize(name, salary)
super(name)
@salary = salary
end
end
# bad
Employee = Class.new(Person) do
def initialize(name, salary)
@salary = salary
end
end
# good
Employee = Class.new(Person) do
def initialize(name, salary)
super(name)
@salary = salary
end
end
# bad
class Parent
def self.inherited(base)
do_something
end
end
# good
class Parent
def self.inherited(base)
super
do_something
end
end
# good
class ClassWithNoParent
def initialize
do_something
end
end
Example: AllowedParentClasses: [MyAbstractClass]
# good
class MyConcreteClass < MyAbstractClass
def initialize
do_something
end
end
Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant. Open
[:name, :product_name, :device_name].each do |k|
- Create a ticketCreate a ticket
- Exclude checks
Use filter_map
instead. Open
networks.collect(&:ipaddress).compact.uniq + networks.collect(&:ipv6address).compact.uniq
- Create a ticketCreate a ticket
- Exclude checks
Use filter_map
instead. Open
@mac_addresses ||= nics.collect(&:address).compact.uniq
- Create a ticketCreate a ticket
- Exclude checks
Avoid rescuing the Exception
class. Perhaps you meant to rescue StandardError
? Open
rescue Exception => err
_log.warn(err.inspect)
raise MiqException::MiqHostError, _("Unexpected response returned from system, see log for details")
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for rescue
blocks targeting the Exception class.
Example:
# bad
begin
do_something
rescue Exception
handle_exception
end
Example:
# good
begin
do_something
rescue ArgumentError
handle_exception
end
Prefer using YAML.safe_load
over YAML.load
. Open
doc = data_type.include?('yaml') ? YAML.load(data) : MiqXml.load(data)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.
NOTE: Ruby 3.1+ (Psych 4) uses Psych.load
as Psych.safe_load
by default.
Safety:
The behavior of the code might change depending on what was
in the YAML payload, since YAML.safe_load
is more restrictive.
Example:
# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default
# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo]) # Ruby 2.5 (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.1+ (Psych 4)
YAML.dump(foo)
Prefer using YAML.safe_load
over YAML.load
. Open
YAML.load(binary_blob.binary)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.
NOTE: Ruby 3.1+ (Psych 4) uses Psych.load
as Psych.safe_load
by default.
Safety:
The behavior of the code might change depending on what was
in the YAML payload, since YAML.safe_load
is more restrictive.
Example:
# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default
# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo]) # Ruby 2.5 (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.1+ (Psych 4)
YAML.dump(foo)
Duplicate branch body detected. Open
when Service then true
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that there are no repeated bodies
within if/unless
, case-when
, case-in
and rescue
constructs.
With IgnoreLiteralBranches: true
, branches are not registered
as offenses if they return a basic literal value (string, symbol,
integer, float, rational, complex, true
, false
, or nil
), or
return an array, hash, regexp or range that only contains one of
the above basic literal values.
With IgnoreConstantBranches: true
, branches are not registered
as offenses if they return a constant value.
Example:
# bad
if foo
do_foo
do_something_else
elsif bar
do_foo
do_something_else
end
# good
if foo || bar
do_foo
do_something_else
end
# bad
case x
when foo
do_foo
when bar
do_foo
else
do_something_else
end
# good
case x
when foo, bar
do_foo
else
do_something_else
end
# bad
begin
do_something
rescue FooError
handle_error
rescue BarError
handle_error
end
# good
begin
do_something
rescue FooError, BarError
handle_error
end
Example: IgnoreLiteralBranches: true
# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end
Example: IgnoreConstantBranches: true
# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end
Do not return
in begin..end
blocks in assignment contexts. Open
return Vm.none
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the presence of a return
inside a begin..end
block
in assignment contexts.
In this situation, the return
will result in an exit from the current
method, possibly leading to unexpected behavior.
Example:
# bad
@some_variable ||= begin
return some_value if some_condition_is_met
do_something
end
Example:
# good
@some_variable ||= begin
if some_condition_is_met
some_value
else
do_something
end
end
# good
some_variable = if some_condition_is_met
return if another_condition_is_met
some_value
else
do_something
end
Use filter_map
instead. Open
containers.map(&:limit_cpu_cores).compact.sum
- Create a ticketCreate a ticket
- Exclude checks