Showing 1,314 of 1,314 total issues
Use filter_map
instead. Open
policies.collect do |p|
next if event && !p.events.include?(event)
policy_hash = {"result" => "N/A", "conditions" => [], "actions" => []}
policy_hash["scope"] = MiqExpression.evaluate_atoms(p.expression, rec) unless p.expression.nil?
- Create a ticketCreate a ticket
- Exclude checks
Argument inputs
was shadowed by a local variable before it was used. Open
inputs = {
:miq_alert_description => description,
:miq_alert_id => id,
:alert_guid => guid,
'EventStream::event_stream' => event_obj.id,
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for shadowed arguments.
This cop has IgnoreImplicitReferences
configuration option.
It means argument shadowing is used in order to pass parameters
to zero arity super
when IgnoreImplicitReferences
is true
.
Example:
# bad
do_something do |foo|
foo = 42
puts foo
end
def do_something(foo)
foo = 42
puts foo
end
# good
do_something do |foo|
foo = foo + 42
puts foo
end
def do_something(foo)
foo = foo + 42
puts foo
end
def do_something(foo)
puts foo
end
Example: IgnoreImplicitReferences: false (default)
# bad
def do_something(foo)
foo = 42
super
end
def do_something(foo)
foo = super
bar
end
Example: IgnoreImplicitReferences: true
# good
def do_something(foo)
foo = 42
super
end
def do_something(foo)
foo = super
bar
end
Prefer using YAML.safe_load
over YAML.load
. Open
input = YAML.load(fd)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.
NOTE: Ruby 3.1+ (Psych 4) uses Psych.load
as Psych.safe_load
by default.
Safety:
The behavior of the code might change depending on what was
in the YAML payload, since YAML.safe_load
is more restrictive.
Example:
# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default
# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo]) # Ruby 2.5 (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.1+ (Psych 4)
YAML.dump(foo)
Remove redundant sort
. Open
Dir.glob(plugin.root.join("content/miq_dialogs/*.{yml,yaml}")).sort
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Sort globbed results by default in Ruby 3.0.
This cop checks for redundant sort
method to Dir.glob
and Dir[]
.
Safety:
This cop is unsafe, in case of having a file and a directory with
identical names, since directory will be loaded before the file, which
will break exe/files.rb
that rely on exe.rb
file.
Example:
# bad
Dir.glob('./lib/**/*.rb').sort.each do |file|
end
Dir['./lib/**/*.rb'].sort.each do |file|
end
# good
Dir.glob('./lib/**/*.rb').each do |file|
end
Dir['./lib/**/*.rb'].each do |file|
end
Use filter_map
instead. Open
miq_policy_contents.where(:miq_event_definition => event).order(order).collect do |pe|
next unless pe.qualifier == on.to_s
pe.get_action(on)
end.compact
- Create a ticketCreate a ticket
- Exclude checks
Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant. Open
if ["categories", "managed"].include?(association)
- Create a ticketCreate a ticket
- Exclude checks
Use filter_map
instead. Open
policies.collect do |p|
next unless p.kind_of?(self) # skip built-in policies
{
:miq_policy => p,
- Create a ticketCreate a ticket
- Exclude checks
Use filter_map
instead. Open
associations_to_get_policies.collect do |assoc|
next unless target.respond_to?(assoc)
obj = target.send(assoc)
next unless obj
- Create a ticketCreate a ticket
- Exclude checks
Prefer using YAML.safe_load
over YAML.load
. Open
input = YAML.load(fd)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.
NOTE: Ruby 3.1+ (Psych 4) uses Psych.load
as Psych.safe_load
by default.
Safety:
The behavior of the code might change depending on what was
in the YAML payload, since YAML.safe_load
is more restrictive.
Example:
# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default
# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo]) # Ruby 2.5 (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.1+ (Psych 4)
YAML.dump(foo)
Duplicate branch body detected. Open
when "notifier"
options[:role] = service
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that there are no repeated bodies
within if/unless
, case-when
, case-in
and rescue
constructs.
With IgnoreLiteralBranches: true
, branches are not registered
as offenses if they return a basic literal value (string, symbol,
integer, float, rational, complex, true
, false
, or nil
), or
return an array, hash, regexp or range that only contains one of
the above basic literal values.
With IgnoreConstantBranches: true
, branches are not registered
as offenses if they return a constant value.
Example:
# bad
if foo
do_foo
do_something_else
elsif bar
do_foo
do_something_else
end
# good
if foo || bar
do_foo
do_something_else
end
# bad
case x
when foo
do_foo
when bar
do_foo
else
do_something_else
end
# good
case x
when foo, bar
do_foo
else
do_something_else
end
# bad
begin
do_something
rescue FooError
handle_error
rescue BarError
handle_error
end
# good
begin
do_something
rescue FooError, BarError
handle_error
end
Example: IgnoreLiteralBranches: true
# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end
Example: IgnoreConstantBranches: true
# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end
Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant. Open
next if %w[id created_on updated_on updated_by].include?(cname) || cname.ends_with?("_id")
- Create a ticketCreate a ticket
- Exclude checks
Prefer using YAML.safe_load
over YAML.load
. Open
input = YAML.load(fd)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.
NOTE: Ruby 3.1+ (Psych 4) uses Psych.load
as Psych.safe_load
by default.
Safety:
The behavior of the code might change depending on what was
in the YAML payload, since YAML.safe_load
is more restrictive.
Example:
# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default
# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo]) # Ruby 2.5 (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.1+ (Psych 4)
YAML.dump(foo)
Use filter_map
instead. Open
when :integer, :fixnum, :decimal, :float then @table.data.collect { |d| d.data[sb] }.compact.max.to_i + 1
- Create a ticketCreate a ticket
- Exclude checks
Variable ScanItem
used in void context. Open
ScanItem # Cause the ScanItemSet class to load, if not already loaded
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for operators, variables, literals, lambda, proc and nonmutating methods used in void context.
Example: CheckForMethodsWithNoSideEffects: false (default)
# bad
def some_method
some_num * 10
do_something
end
def some_method(some_var)
some_var
do_something
end
Example: CheckForMethodsWithNoSideEffects: true
# bad
def some_method(some_array)
some_array.sort
do_something(some_array)
end
# good
def some_method
do_something
some_num * 10
end
def some_method(some_var)
do_something
some_var
end
def some_method(some_array)
some_array.sort!
do_something(some_array)
end
Avoid more than 3 levels of block nesting. Open
if method == "description"
subst = "Policy: #{inputs[:policy].description}" if inputs[:policy].kind_of?(MiqPolicy)
subst = "Alert: #{inputs[:policy].description}" if inputs[:policy].kind_of?(MiqAlert)
end
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for excessive nesting of conditional and looping constructs.
You can configure if blocks are considered using the CountBlocks
option. When set to false
(the default) blocks are not counted
towards the nesting level. Set to true
to count blocks as well.
The maximum level of nesting allowed is configurable.
Use filter_map
instead. Open
ae_class.ae_fields.sort_by(&:priority).collect do |field|
ae_values.detect { |value| value.field_id == field.id }
end.compact
- Create a ticketCreate a ticket
- Exclude checks
Use filter_map
instead. Open
filtered_result = result.collect do |rec|
rec if get_sub_key_values(rec, sub_key).include?(sub_key_value.downcase)
end.compact
- Create a ticketCreate a ticket
- Exclude checks
Use filter_map
instead. Open
@results.each_value { |result| columns.concat(result[section].collect { |k, v| k if k.to_s[0, 1] != '_' && v[:_value_] }.compact) }
- Create a ticketCreate a ticket
- Exclude checks
Use Array.new(scaling_min)
with a block instead of .times.collect
only if scaling_min
is always 0 or more. Open
scaling_min.times.collect do |idx|
create_request_task(idx) do |req_task|
req_task.miq_request_id = service_task.miq_request.id
req_task.userid = service_task.userid
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
This cop checks for .times.map calls. In most cases such calls can be replaced with an explicit array creation.
Example:
# bad
9.times.map do |i|
i.to_s
end
# good
Array.new(9) do |i|
i.to_s
end
Use result["fields"] = "Specification"; result["file"] = "Sysprep Answer File"
instead of result.merge!("fields" => "Specification", "file" => "Sysprep Answer File")
. Open
when 'windows' then result.merge!("fields" => "Specification", "file" => "Sysprep Answer File")
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
This cop identifies places where Hash#merge!
can be replaced by
Hash#[]=
.
Example:
hash.merge!(a: 1)
hash.merge!({'key' => 'value'})
hash.merge!(a: 1, b: 2)