Sign upLogin

ManageIQ/manageiq

View on GitHub
Star

Showing 1,311 of 1,311 total issues

Prefer using YAML.safe_load over YAML.load.
Open

          decrypt_passwords!(YAML.load(contents))
Severity: Minor
Found in lib/vmdb/settings.rb by rubocop

Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.

NOTE: Ruby 3.1+ (Psych 4) uses Psych.load as Psych.safe_load by default.

Safety:

The behavior of the code might change depending on what was in the YAML payload, since YAML.safe_load is more restrictive.

Example:

# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default

# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo])                    # Ruby 2.5  (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo])      # Ruby 3.1+ (Psych 4)
YAML.dump(foo)

Wrap expressions with varying precedence with parentheses to avoid ambiguity.
Open

    if args.empty? || args.size == 1 && args.first.respond_to?(:empty?) && args.first.empty?
Severity: Minor
Found in lib/acts_as_ar_scope.rb by rubocop

Looks for expressions containing multiple binary operators where precedence is ambiguous due to lack of parentheses. For example, in 1 + 2 * 3, the multiplication will happen before the addition, but lexically it appears that the addition will happen first.

The cop does not consider unary operators (ie. !a or -b) or comparison operators (ie. a =~ b) because those are not ambiguous.

NOTE: Ranges are handled by Lint/AmbiguousRange.

Example:

# bad
a + b * c
a || b && c
a ** b + c

# good (different precedence)
a + (b * c)
a || (b && c)
(a ** b) + c

# good (same precedence)
a + b + c
a * b / c % d

Wrap expressions with varying precedence with parentheses to avoid ambiguity.
Open

      index = field_position + dialog_group_position * 1000 + dialog_tab_position * 100_000
Severity: Minor
Found in lib/services/dialog_import_service.rb by rubocop

Looks for expressions containing multiple binary operators where precedence is ambiguous due to lack of parentheses. For example, in 1 + 2 * 3, the multiplication will happen before the addition, but lexically it appears that the addition will happen first.

The cop does not consider unary operators (ie. !a or -b) or comparison operators (ie. a =~ b) because those are not ambiguous.

NOTE: Ranges are handled by Lint/AmbiguousRange.

Example:

# bad
a + b * c
a || b && c
a ** b + c

# good (different precedence)
a + (b * c)
a || (b && c)
(a ** b) + c

# good (same precedence)
a + b + c
a * b / c % d

Specify development dependencies in gemspec.
Open

  gem "PoParser"
Severity: Minor
Found in Gemfile by rubocop

Enforce that development dependencies for a gem are specified in Gemfile, rather than in the gemspec using add_development_dependency. Alternatively, using EnforcedStyle: gemspec, enforce that all dependencies are specified in gemspec, rather than in Gemfile.

Example: EnforcedStyle: Gemfile (default)

# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.

# bad
# example.gemspec
s.add_development_dependency "foo"

# good
# Gemfile
gem "foo"

# good
# gems.rb
gem "foo"

# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"

Example: EnforcedStyle: gems.rb

# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
#
# Identical to `EnforcedStyle: Gemfile`, but with a different error message.
# Rely on Bundler/GemFilename to enforce the use of `Gemfile` vs `gems.rb`.

# bad
# example.gemspec
s.add_development_dependency "foo"

# good
# Gemfile
gem "foo"

# good
# gems.rb
gem "foo"

# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"

Example: EnforcedStyle: gemspec

# Specify all dependencies in your gemspec.

# bad
# Gemfile
gem "foo"

# good
# example.gemspec
s.add_development_dependency "foo"

# good (with AllowedGems: ["bar"])
# Gemfile
gem "bar"

Avoid using or-assignment with constants.
Open

      TEXT_DOMAIN ||= 'manageiq'.freeze
Severity: Minor
Found in lib/vmdb/gettext/domains.rb by rubocop

Checks for unintended or-assignment to a constant.

Constants should always be assigned in the same location. And its value should always be the same. If constants are assigned in multiple locations, the result may vary depending on the order of require.

Safety:

This cop is unsafe because code that is already conditionally assigning a constant may have its behavior changed by autocorrection.

Example:

# bad
CONST ||= 1

# good
CONST = 1

Avoid using or-assignment with constants.
Open

  WARN  ||= "warn".freeze
Severity: Minor
Found in lib/tasks/evm_settings.rake by rubocop

Checks for unintended or-assignment to a constant.

Constants should always be assigned in the same location. And its value should always be the same. If constants are assigned in multiple locations, the result may vary depending on the order of require.

Safety:

This cop is unsafe because code that is already conditionally assigning a constant may have its behavior changed by autocorrection.

Example:

# bad
CONST ||= 1

# good
CONST = 1

Duplicate branch body detected.
Open

    when base_model.starts_with?("Container")
      excludes += ["^.*derived_host_count_off$", "^.*derived_host_count_on$", "^.*derived_vm_count_off$", "^.*derived_vm_count_on$", "^.*derived_storage.*$"]
Severity: Minor
Found in lib/miq_expression.rb by rubocop

Checks that there are no repeated bodies within if/unless, case-when, case-in and rescue constructs.

With IgnoreLiteralBranches: true, branches are not registered as offenses if they return a basic literal value (string, symbol, integer, float, rational, complex, true, false, or nil), or return an array, hash, regexp or range that only contains one of the above basic literal values.

With IgnoreConstantBranches: true, branches are not registered as offenses if they return a constant value.

Example:

# bad
if foo
  do_foo
  do_something_else
elsif bar
  do_foo
  do_something_else
end

# good
if foo || bar
  do_foo
  do_something_else
end

# bad
case x
when foo
  do_foo
when bar
  do_foo
else
  do_something_else
end

# good
case x
when foo, bar
  do_foo
else
  do_something_else
end

# bad
begin
  do_something
rescue FooError
  handle_error
rescue BarError
  handle_error
end

# good
begin
  do_something
rescue FooError, BarError
  handle_error
end

Example: IgnoreLiteralBranches: true

# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end

Example: IgnoreConstantBranches: true

# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end

Avoid rescuing the Exception class. Perhaps you meant to rescue StandardError?
Open

  rescue Exception => err
    MiqWorker::Runner.safe_log(worker, "An unhandled error has occurred: #{err}\n#{err.backtrace.join("\n")}", :error)
    STDERR.puts("ERROR: An unhandled error has occurred: #{err}. See log for details.") rescue nil
    exit 1
Severity: Minor
Found in lib/workers/bin/run_single_worker.rb by rubocop

Checks for rescue blocks targeting the Exception class.

Example:

# bad

begin
  do_something
rescue Exception
  handle_exception
end

Example:

# good

begin
  do_something
rescue ArgumentError
  handle_exception
end

Use filter_map instead.
Open

          categories = Classification.categories.collect { |c| c if c.show }.compact
Severity: Minor
Found in lib/manageiq/reporting/formatter/text.rb by rubocop

Duplicate branch body detected.
Open

    when "contains"
      operands = operands2humanvalue(exp[operator], options)
      clause = operands.join(" #{normalize_operator(operator)} ")
Severity: Minor
Found in lib/miq_expression.rb by rubocop

Checks that there are no repeated bodies within if/unless, case-when, case-in and rescue constructs.

With IgnoreLiteralBranches: true, branches are not registered as offenses if they return a basic literal value (string, symbol, integer, float, rational, complex, true, false, or nil), or return an array, hash, regexp or range that only contains one of the above basic literal values.

With IgnoreConstantBranches: true, branches are not registered as offenses if they return a constant value.

Example:

# bad
if foo
  do_foo
  do_something_else
elsif bar
  do_foo
  do_something_else
end

# good
if foo || bar
  do_foo
  do_something_else
end

# bad
case x
when foo
  do_foo
when bar
  do_foo
else
  do_something_else
end

# good
case x
when foo, bar
  do_foo
else
  do_something_else
end

# bad
begin
  do_something
rescue FooError
  handle_error
rescue BarError
  handle_error
end

# good
begin
  do_something
rescue FooError, BarError
  handle_error
end

Example: IgnoreLiteralBranches: true

# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end

Example: IgnoreConstantBranches: true

# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end

Duplicate branch body detected.
Open

    when "is null", "is empty"
      "=="
Severity: Minor
Found in lib/miq_expression.rb by rubocop

Checks that there are no repeated bodies within if/unless, case-when, case-in and rescue constructs.

With IgnoreLiteralBranches: true, branches are not registered as offenses if they return a basic literal value (string, symbol, integer, float, rational, complex, true, false, or nil), or return an array, hash, regexp or range that only contains one of the above basic literal values.

With IgnoreConstantBranches: true, branches are not registered as offenses if they return a constant value.

Example:

# bad
if foo
  do_foo
  do_something_else
elsif bar
  do_foo
  do_something_else
end

# good
if foo || bar
  do_foo
  do_something_else
end

# bad
case x
when foo
  do_foo
when bar
  do_foo
else
  do_something_else
end

# good
case x
when foo, bar
  do_foo
else
  do_something_else
end

# bad
begin
  do_something
rescue FooError
  handle_error
rescue BarError
  handle_error
end

# good
begin
  do_something
rescue FooError, BarError
  handle_error
end

Example: IgnoreLiteralBranches: true

# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end

Example: IgnoreConstantBranches: true

# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end

Use filter_map instead.
Open

      friendly = tables.split(".").collect do |t|
        if t.downcase == "managed"
          val_is_a_tag = true
          "#{Tenant.root_tenant.name} Tags"
        elsif t.downcase == "user_tag"
Severity: Minor
Found in lib/miq_expression.rb by rubocop

Avoid more than 3 levels of block nesting.
Open

                e_title = if rec[:vm_name] # Create the title using VM name
                            rec[:vm_name]
                          elsif rec[:host_name] # or Host Name
                            rec[:host_name]
                          elsif rec[:ems_cluster_name] # or Cluster Name
Severity: Minor
Found in lib/manageiq/reporting/formatter/timeline.rb by rubocop

Checks for excessive nesting of conditional and looping constructs.

You can configure if blocks are considered using the CountBlocks option. When set to false (the default) blocks are not counted towards the nesting level. Set to true to count blocks as well.

The maximum level of nesting allowed is configurable.

Remove unnecessary existence check File.exist?.
Open

      File.delete(zfile) if File.exist?(zfile)
Severity: Minor
Found in lib/vmdb/util.rb by rubocop

Checks for non-atomic file operation. And then replace it with a nearly equivalent and atomic method.

These can cause problems that are difficult to reproduce, especially in cases of frequent file operations in parallel, such as test runs with parallel_rspec.

For examples: creating a directory if there is none, has the following problems

An exception occurs when the directory didn't exist at the time of exist?, but someone else created it before mkdir was executed.

Subsequent processes are executed without the directory that should be there when the directory existed at the time of exist?, but someone else deleted it shortly afterwards.

Safety:

This cop is unsafe, because autocorrection change to atomic processing. The atomic processing of the replacement destination is not guaranteed to be strictly equivalent to that before the replacement.

Example:

# bad - race condition with another process may result in an error in `mkdir`
unless Dir.exist?(path)
  FileUtils.mkdir(path)
end

# good - atomic and idempotent creation
FileUtils.mkdir_p(path)

# bad - race condition with another process may result in an error in `remove`
if File.exist?(path)
  FileUtils.remove(path)
end

# good - atomic and idempotent removal
FileUtils.rm_f(path)

Use filter_map instead.
Open

    attributes_as_nice_string = self.class.attribute_names.collect do |name|
      "#{name}: #{attribute_for_inspect(name)}"
    end.compact.join(", ")
Severity: Minor
Found in lib/acts_as_ar_model.rb by rubocop

Use #key? instead of #keys.include?.
Open

      if exp[operator].keys.include?("field") && exp[operator]["field"].split(".").length == 1
Severity: Minor
Found in lib/miq_expression.rb by rubocop

Specify development dependencies in gemspec.
Open

gem "more_core_extensions"                                                     # min version should be set in manageiq-gems-pending, not here
Severity: Minor
Found in Gemfile by rubocop

Enforce that development dependencies for a gem are specified in Gemfile, rather than in the gemspec using add_development_dependency. Alternatively, using EnforcedStyle: gemspec, enforce that all dependencies are specified in gemspec, rather than in Gemfile.

Example: EnforcedStyle: Gemfile (default)

# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.

# bad
# example.gemspec
s.add_development_dependency "foo"

# good
# Gemfile
gem "foo"

# good
# gems.rb
gem "foo"

# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"

Example: EnforcedStyle: gems.rb

# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
#
# Identical to `EnforcedStyle: Gemfile`, but with a different error message.
# Rely on Bundler/GemFilename to enforce the use of `Gemfile` vs `gems.rb`.

# bad
# example.gemspec
s.add_development_dependency "foo"

# good
# Gemfile
gem "foo"

# good
# gems.rb
gem "foo"

# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"

Example: EnforcedStyle: gemspec

# Specify all dependencies in your gemspec.

# bad
# Gemfile
gem "foo"

# good
# example.gemspec
s.add_development_dependency "foo"

# good (with AllowedGems: ["bar"])
# Gemfile
gem "bar"

Specify development dependencies in gemspec.
Open

gem "american_date"
Severity: Minor
Found in Gemfile by rubocop

Enforce that development dependencies for a gem are specified in Gemfile, rather than in the gemspec using add_development_dependency. Alternatively, using EnforcedStyle: gemspec, enforce that all dependencies are specified in gemspec, rather than in Gemfile.

Example: EnforcedStyle: Gemfile (default)

# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.

# bad
# example.gemspec
s.add_development_dependency "foo"

# good
# Gemfile
gem "foo"

# good
# gems.rb
gem "foo"

# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"

Example: EnforcedStyle: gems.rb

# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
#
# Identical to `EnforcedStyle: Gemfile`, but with a different error message.
# Rely on Bundler/GemFilename to enforce the use of `Gemfile` vs `gems.rb`.

# bad
# example.gemspec
s.add_development_dependency "foo"

# good
# Gemfile
gem "foo"

# good
# gems.rb
gem "foo"

# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"

Example: EnforcedStyle: gemspec

# Specify all dependencies in your gemspec.

# bad
# Gemfile
gem "foo"

# good
# example.gemspec
s.add_development_dependency "foo"

# good (with AllowedGems: ["bar"])
# Gemfile
gem "bar"

Remove unnecessary existence check File.exist?.
Open

      FileUtils.mkdir_p(zip_dir) unless File.exist?(zip_dir)
Severity: Minor
Found in lib/vmdb/util.rb by rubocop

Checks for non-atomic file operation. And then replace it with a nearly equivalent and atomic method.

These can cause problems that are difficult to reproduce, especially in cases of frequent file operations in parallel, such as test runs with parallel_rspec.

For examples: creating a directory if there is none, has the following problems

An exception occurs when the directory didn't exist at the time of exist?, but someone else created it before mkdir was executed.

Subsequent processes are executed without the directory that should be there when the directory existed at the time of exist?, but someone else deleted it shortly afterwards.

Safety:

This cop is unsafe, because autocorrection change to atomic processing. The atomic processing of the replacement destination is not guaranteed to be strictly equivalent to that before the replacement.

Example:

# bad - race condition with another process may result in an error in `mkdir`
unless Dir.exist?(path)
  FileUtils.mkdir(path)
end

# good - atomic and idempotent creation
FileUtils.mkdir_p(path)

# bad - race condition with another process may result in an error in `remove`
if File.exist?(path)
  FileUtils.remove(path)
end

# good - atomic and idempotent removal
FileUtils.rm_f(path)

Duplicate branch body detected.
Open

    when "is null", "is not null", "is empty", "is not empty"
      operands = operands2rubyvalue(operator, op_args, context_type)
      clause = operands.join(" #{normalize_ruby_operator(operator)} ")
Severity: Minor
Found in lib/miq_expression.rb by rubocop

Checks that there are no repeated bodies within if/unless, case-when, case-in and rescue constructs.

With IgnoreLiteralBranches: true, branches are not registered as offenses if they return a basic literal value (string, symbol, integer, float, rational, complex, true, false, or nil), or return an array, hash, regexp or range that only contains one of the above basic literal values.

With IgnoreConstantBranches: true, branches are not registered as offenses if they return a constant value.

Example:

# bad
if foo
  do_foo
  do_something_else
elsif bar
  do_foo
  do_something_else
end

# good
if foo || bar
  do_foo
  do_something_else
end

# bad
case x
when foo
  do_foo
when bar
  do_foo
else
  do_something_else
end

# good
case x
when foo, bar
  do_foo
else
  do_something_else
end

# bad
begin
  do_something
rescue FooError
  handle_error
rescue BarError
  handle_error
end

# good
begin
  do_something
rescue FooError, BarError
  handle_error
end

Example: IgnoreLiteralBranches: true

# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end

Example: IgnoreConstantBranches: true

# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end
Severity
Category
Status
Source
Language