Sign upLogin

ManageIQ/manageiq

View on GitHub
Star

Showing 1,311 of 1,311 total issues

Prefer JSON.parse over JSON.load.
Open

    value = JSON.load(value)
Severity: Minor
Found in lib/tasks/po_to_json_override.rb by rubocop

Checks for the use of JSON class methods which have potential security issues.

Safety:

This cop's autocorrection is unsafe because it's potentially dangerous. If using a stream, like JSON.load(open('file')), it will need to call #read manually, like JSON.parse(open('file').read). If reading single values (rather than proper JSON objects), like JSON.load('false'), it will need to pass the quirks_mode: true option, like JSON.parse('false', quirks_mode: true). Other similar issues may apply.

Example:

# bad
JSON.load("{}")
JSON.restore("{}")

# good
JSON.parse("{}")

Use search_opts[:base] = username; search_opts[:scope] = :base instead of search_opts.merge!(:base => username, :scope => :base).
Open

        search_opts.merge!(:base => username, :scope => :base)
Severity: Minor
Found in lib/miq_ldap.rb by rubocop

This cop identifies places where Hash#merge! can be replaced by Hash#[]=.

Example:

hash.merge!(a: 1)
hash.merge!({'key' => 'value'})
hash.merge!(a: 1, b: 2)

Avoid using or-assignment with constants.
Open

  ERROR ||= "error".freeze
Severity: Minor
Found in lib/tasks/evm_settings.rake by rubocop

Checks for unintended or-assignment to a constant.

Constants should always be assigned in the same location. And its value should always be the same. If constants are assigned in multiple locations, the result may vary depending on the order of require.

Safety:

This cop is unsafe because code that is already conditionally assigning a constant may have its behavior changed by autocorrection.

Example:

# bad
CONST ||= 1

# good
CONST = 1

Use all?(Tenant) instead of block.
Open

    unless tenants.respond_to?(:all?) && tenants.all? { |t| t.kind_of?(Tenant) }
Severity: Minor
Found in lib/services/resource_sharer.rb by rubocop

Do not suppress exceptions.
Open

          rescue ActiveRecord::StaleObjectError
Severity: Minor
Found in lib/vmdb/console_methods.rb by rubocop

Checks for rescue blocks with no body.

Example:

# bad
def some_method
  do_something
rescue
end

# bad
begin
  do_something
rescue
end

# good
def some_method
  do_something
rescue
  handle_exception
end

# good
begin
  do_something
rescue
  handle_exception
end

Example: AllowComments: true (default)

# good
def some_method
  do_something
rescue
  # do nothing
end

# good
begin
  do_something
rescue
  # do nothing
end

Example: AllowComments: false

# bad
def some_method
  do_something
rescue
  # do nothing
end

# bad
begin
  do_something
rescue
  # do nothing
end

Example: AllowNil: true (default)

# good
def some_method
  do_something
rescue
  nil
end

# good
begin
  do_something
rescue
  # do nothing
end

# good
do_something rescue nil

Example: AllowNil: false

# bad
def some_method
  do_something
rescue
  nil
end

# bad
begin
  do_something
rescue
  nil
end

# bad
do_something rescue nil

Empty class detected.
Open

      class MissingKey; end
Severity: Minor
Found in lib/vmdb/settings/hash_differ.rb by rubocop

Checks for classes and metaclasses without a body. Such empty classes and metaclasses are typically an oversight or we should provide a comment to be clearer what we're aiming for.

Example:

# bad
class Foo
end

class Bar
  class << self
  end
end

class << obj
end

# good
class Foo
  def do_something
    # ... code
  end
end

class Bar
  class << self
    attr_reader :bar
  end
end

class << obj
  attr_reader :bar
end

Example: AllowComments: false (default)

# bad
class Foo
  # TODO: implement later
end

class Bar
  class << self
    # TODO: implement later
  end
end

class << obj
  # TODO: implement later
end

Example: AllowComments: true

# good
class Foo
  # TODO: implement later
end

class Bar
  class << self
    # TODO: implement later
  end
end

class << obj
  # TODO: implement later
end

Use atomic file operation method FileUtils.rm_f.
Open

    File.unlink(attributes_file) if File.exist?(attributes_file)
Severity: Minor
Found in lib/tasks/locale.rake by rubocop

Checks for non-atomic file operation. And then replace it with a nearly equivalent and atomic method.

These can cause problems that are difficult to reproduce, especially in cases of frequent file operations in parallel, such as test runs with parallel_rspec.

For examples: creating a directory if there is none, has the following problems

An exception occurs when the directory didn't exist at the time of exist?, but someone else created it before mkdir was executed.

Subsequent processes are executed without the directory that should be there when the directory existed at the time of exist?, but someone else deleted it shortly afterwards.

Safety:

This cop is unsafe, because autocorrection change to atomic processing. The atomic processing of the replacement destination is not guaranteed to be strictly equivalent to that before the replacement.

Example:

# bad - race condition with another process may result in an error in `mkdir`
unless Dir.exist?(path)
  FileUtils.mkdir(path)
end

# good - atomic and idempotent creation
FileUtils.mkdir_p(path)

# bad - race condition with another process may result in an error in `remove`
if File.exist?(path)
  FileUtils.remove(path)
end

# good - atomic and idempotent removal
FileUtils.rm_f(path)

Avoid more than 3 levels of block nesting.
Open

                ems_cloud = true if ems.kind_of?(EmsCloud)
Severity: Minor
Found in lib/manageiq/reporting/formatter/timeline.rb by rubocop

Checks for excessive nesting of conditional and looping constructs.

You can configure if blocks are considered using the CountBlocks option. When set to false (the default) blocks are not counted towards the nesting level. Set to true to count blocks as well.

The maximum level of nesting allowed is configurable.

Remove redundant sort.
Open

Dir.glob(File.join(__dir__, "session/*")).sort.each { |f| require f }
Severity: Minor
Found in lib/manageiq/session.rb by rubocop

Sort globbed results by default in Ruby 3.0. This cop checks for redundant sort method to Dir.glob and Dir[].

Safety:

This cop is unsafe, in case of having a file and a directory with identical names, since directory will be loaded before the file, which will break exe/files.rb that rely on exe.rb file.

Example:

# bad
Dir.glob('./lib/**/*.rb').sort.each do |file|
end

Dir['./lib/**/*.rb'].sort.each do |file|
end

# good
Dir.glob('./lib/**/*.rb').each do |file|
end

Dir['./lib/**/*.rb'].each do |file|
end

Do not use prefix _ for a variable that is used.
Open

  def _search(opts, seen = nil, &_blk)
Severity: Minor
Found in lib/miq_ldap.rb by rubocop

Checks for underscore-prefixed variables that are actually used.

Since block keyword arguments cannot be arbitrarily named at call sites, the AllowKeywordBlockArguments will allow use of underscore- prefixed block keyword arguments.

Example: AllowKeywordBlockArguments: false (default)

# bad

[1, 2, 3].each do |_num|
  do_something(_num)
end

query(:sales) do |_id:, revenue:, cost:|
  {_id: _id, profit: revenue - cost}
end

# good

[1, 2, 3].each do |num|
  do_something(num)
end

[1, 2, 3].each do |_num|
  do_something # not using `_num`
end

Example: AllowKeywordBlockArguments: true

# good

query(:sales) do |_id:, revenue:, cost:|
  {_id: _id, profit: revenue - cost}
end

Specify development dependencies in gemspec.
Open

  gem "routes_lazy_routes"
Severity: Minor
Found in Gemfile by rubocop

Enforce that development dependencies for a gem are specified in Gemfile, rather than in the gemspec using add_development_dependency. Alternatively, using EnforcedStyle: gemspec, enforce that all dependencies are specified in gemspec, rather than in Gemfile.

Example: EnforcedStyle: Gemfile (default)

# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.

# bad
# example.gemspec
s.add_development_dependency "foo"

# good
# Gemfile
gem "foo"

# good
# gems.rb
gem "foo"

# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"

Example: EnforcedStyle: gems.rb

# Specify runtime dependencies in your gemspec,
# but all other dependencies in your Gemfile.
#
# Identical to `EnforcedStyle: Gemfile`, but with a different error message.
# Rely on Bundler/GemFilename to enforce the use of `Gemfile` vs `gems.rb`.

# bad
# example.gemspec
s.add_development_dependency "foo"

# good
# Gemfile
gem "foo"

# good
# gems.rb
gem "foo"

# good (with AllowedGems: ["bar"])
# example.gemspec
s.add_development_dependency "bar"

Example: EnforcedStyle: gemspec

# Specify all dependencies in your gemspec.

# bad
# Gemfile
gem "foo"

# good
# example.gemspec
s.add_development_dependency "foo"

# good (with AllowedGems: ["bar"])
# Gemfile
gem "bar"
Severity
Category
Status
Source
Language