Sign upLogin

ManageIQ/manageiq

View on GitHub
Star

Showing 1,311 of 1,311 total issues

Use filter_map instead.
Open

    class_array = user.current_tenant.visible_domains.pluck(:name).collect do |domain|
      fq_ns = domain + "/" + partial_ns
      ae_ns = MiqAeNamespace.lookup_by_fqname(fq_ns)
      next if ae_ns.nil?
Severity: Minor
Found in app/models/miq_ae_class.rb by rubocop

Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant.
Open

      next if %w[name].include?(cname)
Severity: Minor
Found in app/models/miq_ae_instance.rb by rubocop

Remove redundant sort.
Open

        Dir.glob(DIALOG_DIR.join("*.{yml,yaml}")).sort + seed_plugin_files
Severity: Minor
Found in app/models/miq_dialog/seeding.rb by rubocop

Sort globbed results by default in Ruby 3.0. This cop checks for redundant sort method to Dir.glob and Dir[].

Safety:

This cop is unsafe, in case of having a file and a directory with identical names, since directory will be loaded before the file, which will break exe/files.rb that rely on exe.rb file.

Example:

# bad
Dir.glob('./lib/**/*.rb').sort.each do |file|
end

Dir['./lib/**/*.rb'].sort.each do |file|
end

# good
Dir.glob('./lib/**/*.rb').each do |file|
end

Dir['./lib/**/*.rb'].each do |file|
end

Use inputs['MiqEvent::miq_event'] = event_obj.id; inputs[:miq_event_id] = event_obj.id instead of inputs.merge!('MiqEvent::miq_event' => event_obj.id, :miq_event_id => event_obj.id).
Open

    inputs.merge!('MiqEvent::miq_event' => event_obj.id, :miq_event_id => event_obj.id)
Severity: Minor
Found in app/models/miq_event.rb by rubocop

This cop identifies places where Hash#merge! can be replaced by Hash#[]=.

Example:

hash.merge!(a: 1)
hash.merge!({'key' => 'value'})
hash.merge!(a: 1, b: 2)

Remove redundant sort.
Open

          Dir.glob("#{plugin.root.join(RELATIVE_FIXTURE_PATH)}{.yml,.yaml,/*.yml,/*.yaml}").sort
Severity: Minor
Found in app/models/miq_product_feature/seeding.rb by rubocop

Sort globbed results by default in Ruby 3.0. This cop checks for redundant sort method to Dir.glob and Dir[].

Safety:

This cop is unsafe, in case of having a file and a directory with identical names, since directory will be loaded before the file, which will break exe/files.rb that rely on exe.rb file.

Example:

# bad
Dir.glob('./lib/**/*.rb').sort.each do |file|
end

Dir['./lib/**/*.rb'].sort.each do |file|
end

# good
Dir.glob('./lib/**/*.rb').each do |file|
end

Dir['./lib/**/*.rb'].each do |file|
end

Avoid (in)equality comparisons of floats as they are unreliable.
Open

    return from_ws_ver_1_0(*args) if version == 1.0
Severity: Minor
Found in app/models/miq_provision_virt_workflow.rb by rubocop

Checks for the presence of precise comparison of floating point numbers.

Floating point values are inherently inaccurate, and comparing them for exact equality is almost never the desired semantics. Comparison via the ==/!= operators checks floating-point value representation to be exactly the same, which is very unlikely if you perform any arithmetic operations involving precision loss.

Example:

# bad
x == 0.1
x != 0.1

# good - using BigDecimal
x.to_d == 0.1.to_d

# good
(x - 0.1).abs < Float::EPSILON

# good
tolerance = 0.0001
(x - 0.1).abs < tolerance

# Or some other epsilon based type of comparison:
# https://www.embeddeduse.com/2019/08/26/qt-compare-two-floats/

Use filter_map instead.
Open

    klass_array.collect do |klass|
      cls = find_by(:id => klass.id)
      next if cls.nil?

      cls.ae_instances.sort_by(&:fqname).collect do |inst|
Severity: Minor
Found in app/models/miq_ae_class.rb by rubocop

Prefer using YAML.safe_load over YAML.load.
Open

    YAML.load(data)
Severity: Minor
Found in app/models/miq_ae_method.rb by rubocop

Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.

NOTE: Ruby 3.1+ (Psych 4) uses Psych.load as Psych.safe_load by default.

Safety:

The behavior of the code might change depending on what was in the YAML payload, since YAML.safe_load is more restrictive.

Example:

# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default

# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo])                    # Ruby 2.5  (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo])      # Ruby 3.1+ (Psych 4)
YAML.dump(foo)

Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant.
Open

      next if %w[id created_on updated_on updated_by].include?(cname) || cname.ends_with?("_id")
Severity: Minor
Found in app/models/miq_ae_method.rb by rubocop

Prefer using YAML.safe_load over YAML.load.
Open

    input = YAML.load(fd)
Severity: Minor
Found in app/models/miq_alert_set.rb by rubocop

Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.

NOTE: Ruby 3.1+ (Psych 4) uses Psych.load as Psych.safe_load by default.

Safety:

The behavior of the code might change depending on what was in the YAML payload, since YAML.safe_load is more restrictive.

Example:

# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default

# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo])                    # Ruby 2.5  (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo])      # Ruby 3.1+ (Psych 4)
YAML.dump(foo)

Use filter_map instead.
Open

    current.collect do |c|
      return [] unless c.respond_to?(attr)

      c.send(attr)
    end.compact
Severity: Minor
Found in app/models/miq_bulk_import.rb by rubocop

Prefer using YAML.safe_load over YAML.load.
Open

        eventData = YAML.load(row.attributes["event_data"])
Severity: Minor
Found in app/models/miq_event_definition.rb by rubocop

Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.

NOTE: Ruby 3.1+ (Psych 4) uses Psych.load as Psych.safe_load by default.

Safety:

The behavior of the code might change depending on what was in the YAML payload, since YAML.safe_load is more restrictive.

Example:

# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default

# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo])                    # Ruby 2.5  (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo])      # Ruby 3.1+ (Psych 4)
YAML.dump(foo)

Wrap expressions with varying precedence with parentheses to avoid ambiguity.
Open

      if node.name == klass_name && (datacenter == false || datacenter == true && ci.datacenter?)
Severity: Minor
Found in app/models/miq_request_workflow.rb by rubocop

Looks for expressions containing multiple binary operators where precedence is ambiguous due to lack of parentheses. For example, in 1 + 2 * 3, the multiplication will happen before the addition, but lexically it appears that the addition will happen first.

The cop does not consider unary operators (ie. !a or -b) or comparison operators (ie. a =~ b) because those are not ambiguous.

NOTE: Ranges are handled by Lint/AmbiguousRange.

Example:

# bad
a + b * c
a || b && c
a ** b + c

# good (different precedence)
a + (b * c)
a || (b && c)
(a ** b) + c

# good (same precedence)
a + b + c
a * b / c % d

Avoid more than 3 levels of block nesting.
Open

                   [found.id, found.name] if found
Severity: Minor
Found in app/models/miq_request_workflow.rb by rubocop

Checks for excessive nesting of conditional and looping constructs.

You can configure if blocks are considered using the CountBlocks option. When set to false (the default) blocks are not counted towards the nesting level. Set to true to count blocks as well.

The maximum level of nesting allowed is configurable.

Avoid rescuing the Exception class. Perhaps you meant to rescue StandardError?
Open

  rescue Exception => err
    _log.error(err.message)
    _log.log_backtrace(err)

    begin
Severity: Minor
Found in app/models/miq_server.rb by rubocop

Checks for rescue blocks targeting the Exception class.

Example:

# bad

begin
  do_something
rescue Exception
  handle_exception
end

Example:

# good

begin
  do_something
rescue ArgumentError
  handle_exception
end

Do not shadow rescued Exceptions.
Open

    rescue StandardError, Timeout::Error => err
      _log.error("#{log_prefix} Posting of #{log_type.downcase} logs failed for #{who_am_i} due to error: [#{err.class.name}] [#{err}]")
      task.update_status("Finished", "Error", "Posting of #{log_type.downcase} logs failed for #{who_am_i} due to error: [#{err.class.name}] [#{err}]")
      logfile.update(:state => "error")
      raise
Severity: Minor
Found in app/models/miq_server/log_management.rb by rubocop

Checks for a rescued exception that get shadowed by a less specific exception being rescued before a more specific exception is rescued.

An exception is considered shadowed if it is rescued after its ancestor is, or if it and its ancestor are both rescued in the same rescue statement. In both cases, the more specific rescue is unnecessary because it is covered by rescuing the less specific exception. (ie. rescue Exception, StandardError has the same behavior whether StandardError is included or not, because all StandardErrors are rescued by rescue Exception).

Example:

# bad

begin
  something
rescue Exception
  handle_exception
rescue StandardError
  handle_standard_error
end

# bad
begin
  something
rescue Exception, StandardError
  handle_error
end

# good

begin
  something
rescue StandardError
  handle_standard_error
rescue Exception
  handle_exception
end

# good, however depending on runtime environment.
#
# This is a special case for system call errors.
# System dependent error code depends on runtime environment.
# For example, whether `Errno::EAGAIN` and `Errno::EWOULDBLOCK` are
# the same error code or different error code depends on environment.
# This good case is for `Errno::EAGAIN` and `Errno::EWOULDBLOCK` with
# the same error code.
begin
  something
rescue Errno::EAGAIN, Errno::EWOULDBLOCK
  handle_standard_error
end

Variable roles used in void context.
Open

    roles
Severity: Minor
Found in app/models/miq_server/role_management.rb by rubocop

Checks for operators, variables, literals, lambda, proc and nonmutating methods used in void context.

Example: CheckForMethodsWithNoSideEffects: false (default)

# bad
def some_method
  some_num * 10
  do_something
end

def some_method(some_var)
  some_var
  do_something
end

Example: CheckForMethodsWithNoSideEffects: true

# bad
def some_method(some_array)
  some_array.sort
  do_something(some_array)
end

# good
def some_method
  do_something
  some_num * 10
end

def some_method(some_var)
  do_something
  some_var
end

def some_method(some_array)
  some_array.sort!
  do_something(some_array)
end

Useless method definition detected.
Open

  def message=(message)
    super(message)
  end
Severity: Minor
Found in app/models/miq_task.rb by rubocop

Checks for useless method definitions, specifically: empty constructors and methods just delegating to super.

Safety:

This cop is unsafe as it can register false positives for cases when an empty constructor just overrides the parent constructor, which is bad anyway.

Example:

# bad
def initialize
  super
end

def method
  super
end

# good - with default arguments
def initialize(x = Object.new)
  super
end

# good
def initialize
  super
  initialize_internals
end

def method(*args)
  super(:extra_arg, *args)
end

Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant.
Open

      .select { |klass, _ids| ["miq_policy", "miq_policy_set"].include?(klass) }
Severity: Minor
Found in app/models/mixins/miq_policy_mixin.rb by rubocop

Duplicate branch body detected.
Open

      else
Severity: Minor
Found in app/models/mixins/scanning_mixin.rb by rubocop

Checks that there are no repeated bodies within if/unless, case-when, case-in and rescue constructs.

With IgnoreLiteralBranches: true, branches are not registered as offenses if they return a basic literal value (string, symbol, integer, float, rational, complex, true, false, or nil), or return an array, hash, regexp or range that only contains one of the above basic literal values.

With IgnoreConstantBranches: true, branches are not registered as offenses if they return a constant value.

Example:

# bad
if foo
  do_foo
  do_something_else
elsif bar
  do_foo
  do_something_else
end

# good
if foo || bar
  do_foo
  do_something_else
end

# bad
case x
when foo
  do_foo
when bar
  do_foo
else
  do_something_else
end

# good
case x
when foo, bar
  do_foo
else
  do_something_else
end

# bad
begin
  do_something
rescue FooError
  handle_error
rescue BarError
  handle_error
end

# good
begin
  do_something
rescue FooError, BarError
  handle_error
end

Example: IgnoreLiteralBranches: true

# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end

Example: IgnoreConstantBranches: true

# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end
Severity
Category
Status
Source
Language