Showing 1,313 of 1,313 total issues
Duplicate branch body detected. Open
when "Host"
e_title = rec[:name]
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that there are no repeated bodies
within if/unless
, case-when
, case-in
and rescue
constructs.
With IgnoreLiteralBranches: true
, branches are not registered
as offenses if they return a basic literal value (string, symbol,
integer, float, rational, complex, true
, false
, or nil
), or
return an array, hash, regexp or range that only contains one of
the above basic literal values.
With IgnoreConstantBranches: true
, branches are not registered
as offenses if they return a constant value.
Example:
# bad
if foo
do_foo
do_something_else
elsif bar
do_foo
do_something_else
end
# good
if foo || bar
do_foo
do_something_else
end
# bad
case x
when foo
do_foo
when bar
do_foo
else
do_something_else
end
# good
case x
when foo, bar
do_foo
else
do_something_else
end
# bad
begin
do_something
rescue FooError
handle_error
rescue BarError
handle_error
end
# good
begin
do_something
rescue FooError, BarError
handle_error
end
Example: IgnoreLiteralBranches: true
# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end
Example: IgnoreConstantBranches: true
# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end
Use filter_map
instead. Open
map { |engine| AssetPath.new(engine) if AssetPath.asset_path?(engine) }.compact
- Create a ticketCreate a ticket
- Exclude checks
Avoid using or-assignment with constants. Open
INFO ||= "info".freeze
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for unintended or-assignment to a constant.
Constants should always be assigned in the same location. And its value
should always be the same. If constants are assigned in multiple
locations, the result may vary depending on the order of require
.
Safety:
This cop is unsafe because code that is already conditionally assigning a constant may have its behavior changed by autocorrection.
Example:
# bad
CONST ||= 1
# good
CONST = 1
Avoid immutable Array literals in loops. It is better to extract it into a local variable or a constant. Open
elsif %w[not !].include?(k.to_s.downcase) # not atom is a hash expression
- Create a ticketCreate a ticket
- Exclude checks
Use block explicitly instead of block-passing a method object. Open
component[operator].all?(&method(:valid?))
- Create a ticketCreate a ticket
- Exclude checks
Avoid rescuing the Exception
class. Perhaps you meant to rescue StandardError
? Open
rescue Exception => err
_log.error("'#{err.message}'")
obj = nil
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for rescue
blocks targeting the Exception class.
Example:
# bad
begin
do_something
rescue Exception
handle_exception
end
Example:
# good
begin
do_something
rescue ArgumentError
handle_exception
end
Avoid more than 3 levels of block nesting. Open
e_title = if rec[:vm_name] # Create the title using VM name
rec[:vm_name]
elsif rec[:host_name] # or Host Name
rec[:host_name]
elsif rec[:ems_cluster_name] # or Cluster Name
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for excessive nesting of conditional and looping constructs.
You can configure if blocks are considered using the CountBlocks
option. When set to false
(the default) blocks are not counted
towards the nesting level. Set to true
to count blocks as well.
The maximum level of nesting allowed is configurable.
Remove redundant sort
. Open
Dir.glob(yaml_glob_full).sort.each do |file|
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Sort globbed results by default in Ruby 3.0.
This cop checks for redundant sort
method to Dir.glob
and Dir[]
.
Safety:
This cop is unsafe, in case of having a file and a directory with
identical names, since directory will be loaded before the file, which
will break exe/files.rb
that rely on exe.rb
file.
Example:
# bad
Dir.glob('./lib/**/*.rb').sort.each do |file|
end
Dir['./lib/**/*.rb'].sort.each do |file|
end
# good
Dir.glob('./lib/**/*.rb').each do |file|
end
Dir['./lib/**/*.rb'].each do |file|
end
Duplicate branch body detected. Open
when "value exists"
clause, = operands2rubyvalue(operator, op_args, context_type)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that there are no repeated bodies
within if/unless
, case-when
, case-in
and rescue
constructs.
With IgnoreLiteralBranches: true
, branches are not registered
as offenses if they return a basic literal value (string, symbol,
integer, float, rational, complex, true
, false
, or nil
), or
return an array, hash, regexp or range that only contains one of
the above basic literal values.
With IgnoreConstantBranches: true
, branches are not registered
as offenses if they return a constant value.
Example:
# bad
if foo
do_foo
do_something_else
elsif bar
do_foo
do_something_else
end
# good
if foo || bar
do_foo
do_something_else
end
# bad
case x
when foo
do_foo
when bar
do_foo
else
do_something_else
end
# good
case x
when foo, bar
do_foo
else
do_something_else
end
# bad
begin
do_something
rescue FooError
handle_error
rescue BarError
handle_error
end
# good
begin
do_something
rescue FooError, BarError
handle_error
end
Example: IgnoreLiteralBranches: true
# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end
Example: IgnoreConstantBranches: true
# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end
Specify development dependencies in gemspec. Open
gem "american_date"
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Enforce that development dependencies for a gem are specified in
Gemfile
, rather than in the gemspec
using
add_development_dependency
. Alternatively, using EnforcedStyle:
gemspec
, enforce that all dependencies are specified in gemspec
,
rather than in Gemfile
.
Example: EnforcedStyle: Gemfile (default)
# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
# bad
# example.gemspec
s.add_development_dependency "foo"
# good
# Gemfile
gem "foo"
# good
# gems.rb
gem "foo"
# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"
Example: EnforcedStyle: gems.rb
# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
#
# Identical to `EnforcedStyle: Gemfile`, but with a different error message.
# Rely on Bundler/GemFilename to enforce the use of `Gemfile` vs `gems.rb`.
# bad
# example.gemspec
s.add_development_dependency "foo"
# good
# Gemfile
gem "foo"
# good
# gems.rb
gem "foo"
# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"
Example: EnforcedStyle: gemspec
# Specify all dependencies in your gemspec.
# bad
# Gemfile
gem "foo"
# good
# example.gemspec
s.add_development_dependency "foo"
# good (with AllowedGems: ["bar"])
# Gemfile
gem "bar"
Specify development dependencies in gemspec. Open
gem "ruby-dbus" # For external auth
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Enforce that development dependencies for a gem are specified in
Gemfile
, rather than in the gemspec
using
add_development_dependency
. Alternatively, using EnforcedStyle:
gemspec
, enforce that all dependencies are specified in gemspec
,
rather than in Gemfile
.
Example: EnforcedStyle: Gemfile (default)
# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
# bad
# example.gemspec
s.add_development_dependency "foo"
# good
# Gemfile
gem "foo"
# good
# gems.rb
gem "foo"
# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"
Example: EnforcedStyle: gems.rb
# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
#
# Identical to `EnforcedStyle: Gemfile`, but with a different error message.
# Rely on Bundler/GemFilename to enforce the use of `Gemfile` vs `gems.rb`.
# bad
# example.gemspec
s.add_development_dependency "foo"
# good
# Gemfile
gem "foo"
# good
# gems.rb
gem "foo"
# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"
Example: EnforcedStyle: gemspec
# Specify all dependencies in your gemspec.
# bad
# Gemfile
gem "foo"
# good
# example.gemspec
s.add_development_dependency "foo"
# good (with AllowedGems: ["bar"])
# Gemfile
gem "bar"
Prefer JSON.parse
over JSON.load
. Open
value = JSON.load(value)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the use of JSON class methods which have potential security issues.
Safety:
This cop's autocorrection is unsafe because it's potentially dangerous.
If using a stream, like JSON.load(open('file'))
, it will need to call
#read
manually, like JSON.parse(open('file').read)
.
If reading single values (rather than proper JSON objects), like
JSON.load('false')
, it will need to pass the quirks_mode: true
option, like JSON.parse('false', quirks_mode: true)
.
Other similar issues may apply.
Example:
# bad
JSON.load("{}")
JSON.restore("{}")
# good
JSON.parse("{}")
Prefer using YAML.safe_load
over YAML.load
. Open
dialogs = YAML.load(import_file_upload.uploaded_content)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for the use of YAML class methods which have potential security issues leading to remote code execution when loading from an untrusted source.
NOTE: Ruby 3.1+ (Psych 4) uses Psych.load
as Psych.safe_load
by default.
Safety:
The behavior of the code might change depending on what was
in the YAML payload, since YAML.safe_load
is more restrictive.
Example:
# bad
YAML.load("--- !ruby/object:Foo {}") # Psych 3 is unsafe by default
# good
YAML.safe_load("--- !ruby/object:Foo {}", [Foo]) # Ruby 2.5 (Psych 3)
YAML.safe_load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.0- (Psych 3)
YAML.load("--- !ruby/object:Foo {}", permitted_classes: [Foo]) # Ruby 3.1+ (Psych 4)
YAML.dump(foo)
Use filter_map
instead. Open
categories = Classification.categories.collect { |c| c if c.show }.compact
- Create a ticketCreate a ticket
- Exclude checks
Use search_opts[:base] = username; search_opts[:scope] = :base
instead of search_opts.merge!(:base => username, :scope => :base)
. Open
search_opts.merge!(:base => username, :scope => :base)
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
This cop identifies places where Hash#merge!
can be replaced by
Hash#[]=
.
Example:
hash.merge!(a: 1)
hash.merge!({'key' => 'value'})
hash.merge!(a: 1, b: 2)
Specify development dependencies in gemspec. Open
gem "rufus-scheduler"
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Enforce that development dependencies for a gem are specified in
Gemfile
, rather than in the gemspec
using
add_development_dependency
. Alternatively, using EnforcedStyle:
gemspec
, enforce that all dependencies are specified in gemspec
,
rather than in Gemfile
.
Example: EnforcedStyle: Gemfile (default)
# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
# bad
# example.gemspec
s.add_development_dependency "foo"
# good
# Gemfile
gem "foo"
# good
# gems.rb
gem "foo"
# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"
Example: EnforcedStyle: gems.rb
# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
#
# Identical to `EnforcedStyle: Gemfile`, but with a different error message.
# Rely on Bundler/GemFilename to enforce the use of `Gemfile` vs `gems.rb`.
# bad
# example.gemspec
s.add_development_dependency "foo"
# good
# Gemfile
gem "foo"
# good
# gems.rb
gem "foo"
# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"
Example: EnforcedStyle: gemspec
# Specify all dependencies in your gemspec.
# bad
# Gemfile
gem "foo"
# good
# example.gemspec
s.add_development_dependency "foo"
# good (with AllowedGems: ["bar"])
# Gemfile
gem "bar"
Avoid using or-assignment with constants. Open
TEXT_DOMAIN ||= 'manageiq'.freeze
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks for unintended or-assignment to a constant.
Constants should always be assigned in the same location. And its value
should always be the same. If constants are assigned in multiple
locations, the result may vary depending on the order of require
.
Safety:
This cop is unsafe because code that is already conditionally assigning a constant may have its behavior changed by autocorrection.
Example:
# bad
CONST ||= 1
# good
CONST = 1
Use all?(Tenant)
instead of block. Open
unless tenants.respond_to?(:all?) && tenants.all? { |t| t.kind_of?(Tenant) }
- Create a ticketCreate a ticket
- Exclude checks
Duplicate branch body detected. Open
else
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that there are no repeated bodies
within if/unless
, case-when
, case-in
and rescue
constructs.
With IgnoreLiteralBranches: true
, branches are not registered
as offenses if they return a basic literal value (string, symbol,
integer, float, rational, complex, true
, false
, or nil
), or
return an array, hash, regexp or range that only contains one of
the above basic literal values.
With IgnoreConstantBranches: true
, branches are not registered
as offenses if they return a constant value.
Example:
# bad
if foo
do_foo
do_something_else
elsif bar
do_foo
do_something_else
end
# good
if foo || bar
do_foo
do_something_else
end
# bad
case x
when foo
do_foo
when bar
do_foo
else
do_something_else
end
# good
case x
when foo, bar
do_foo
else
do_something_else
end
# bad
begin
do_something
rescue FooError
handle_error
rescue BarError
handle_error
end
# good
begin
do_something
rescue FooError, BarError
handle_error
end
Example: IgnoreLiteralBranches: true
# good
case size
when "small" then 100
when "medium" then 250
when "large" then 1000
else 250
end
Example: IgnoreConstantBranches: true
# good
case size
when "small" then SMALL_SIZE
when "medium" then MEDIUM_SIZE
when "large" then LARGE_SIZE
else MEDIUM_SIZE
end
Use #key?
instead of #keys.include?
. Open
if exp[operator].keys.include?("field") && exp[operator]["field"].split(".").length == 1
- Create a ticketCreate a ticket
- Exclude checks