Showing 22 of 22 total issues
OS Command Injection in Rake Open
rake (10.5.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-8130
Criticality: High
URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8
Solution: upgrade to >= 12.3.3
json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix) Open
json (1.8.3)
- Read upRead up
- Exclude checks
Advisory: CVE-2020-10663
Criticality: High
URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
Solution: upgrade to >= 2.3.0
Method parser
has 34 lines of code (exceeds 25 allowed). Consider refactoring. Open
def parser # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
OptionParser.new do |opts|
opts.banner = banner_usages + "\nOptions:"
opts.on('-m', '--machine MACHINE', 'Target Vagrant machine(s).',
Method collect_folders_by_machine
has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring. Open
def collect_folders_by_machine
if @machine_synced_folders.empty?
{ 'default' => default_synced_folders }
else
folders = @machine_synced_folders.map do |name, synced_folders|
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Block has too many lines. [32/25] Open
OptionParser.new do |opts|
opts.banner = banner_usages + "\nOptions:"
opts.on('-m', '--machine MACHINE', 'Target Vagrant machine(s).',
'Can be specified as a plain string for a single machine, a',
- Read upRead up
- Exclude checks
This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.
Method match_machines!
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
def match_machines!(search_string)
machines =
if (pattern = search_string[%r{^/(.+?)/$}, 1])
match_machines_by_regexp(pattern)
elsif search_string.include? ','
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method find
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
def find(host_directory)
start_directory = File.expand_path(@vagrant_cwd || host_directory)
cur_directory = start_directory
filenames = filenames_to_check
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method merge_with_defaults
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
def merge_with_defaults(synced_folders)
default_synced_folders.tap do |merged|
synced_folders.each do |guest_path, opts|
if opts[:disabled]
merged.delete(guest_path)
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method match
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
def match(host_directory, machine_search_string = nil)
real_host_directory = File.expand_path(host_directory)
synced_folders_by_machine = @vagrant_config.collect_folders_by_machine
if machine_search_string
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method execute
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
def execute(command, guest_directory = nil, interactive = true,
user_ssh_options = '')
if command.empty?
# No command, so run a login shell
command = 'exec $SHELL -l'
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Do not place comments on the same line as the def
keyword. Open
def self.method_missing(*) end # ignore everything else
- Read upRead up
- Exclude checks
This cop checks for comments put on the same line as some keywords.
These keywords are: begin
, class
, def
, end
, module
.
Note that some comments (such as :nodoc:
and rubocop:disable
) are
allowed.
Example:
# bad
if condition
statement
end # end if
# bad
class X # comment
statement
end
# bad
def x; end # comment
# good
if condition
statement
end
# good
class X # :nodoc:
y
end
When using method_missing
, define respond_to_missing?
and fall back on super
. (https://github.com/bbatsov/ruby-style-guide#no-method-missing) Open
def method_missing(*)
DummyConfig
end
- Read upRead up
- Exclude checks
This cop checks for the presence of method_missing
without also
defining respond_to_missing?
and falling back on super
.
Example:
#bad
def method_missing(name, *args)
# ...
end
#good
def respond_to_missing?(name, include_private)
# ...
end
def method_missing(name, *args)
# ...
super
end
Use %i
or %I
for an array of symbols. (https://github.com/bbatsov/ruby-style-guide#percent-i) Open
task default: [:spec, :rubocop, :script]
- Read upRead up
- Exclude checks
This cop can check for array literals made up of symbols that are not using the %i() syntax.
Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.
Configuration option: MinSize
If set, arrays with fewer elements than this value will not trigger the
cop. For example, a MinSize of
3` will not enforce a style on an array
of 2 or fewer elements.
Example: EnforcedStyle: percent (default)
# good
%i[foo bar baz]
# bad
[:foo, :bar, :baz]
Example: EnforcedStyle: brackets
# good
[:foo, :bar, :baz]
# bad
%i[foo bar baz]
When using method_missing
, define respond_to_missing?
and fall back on super
. (https://github.com/bbatsov/ruby-style-guide#no-method-missing) Open
def self.method_missing(*) end # ignore everything else
- Read upRead up
- Exclude checks
This cop checks for the presence of method_missing
without also
defining respond_to_missing?
and falling back on super
.
Example:
#bad
def method_missing(name, *args)
# ...
end
#good
def respond_to_missing?(name, include_private)
# ...
end
def method_missing(name, *args)
# ...
super
end
Favor format
over String#%
. (https://github.com/bbatsov/ruby-style-guide#sprintf) Open
script = template % { avsh_version: Avsh::VERSION, avsh_libs: avsh_libs }
- Read upRead up
- Exclude checks
This cop enforces the use of a single string formatting utility. Valid options include Kernel#format, Kernel#sprintf and String#%.
The detection of String#% cannot be implemented in a reliable manner for all cases, so only two scenarios are considered - if the first argument is a string literal and if the second argument is an array literal.
Example: EnforcedStyle: format(default)
# bad
puts sprintf('%10s', 'hoge')
puts '%10s' % 'hoge'
# good
puts format('%10s', 'hoge')
Example: EnforcedStyle: sprintf
# bad
puts format('%10s', 'hoge')
puts '%10s' % 'hoge'
# good
puts sprintf('%10s', 'hoge')
Example: EnforcedStyle: percent
# bad
puts format('%10s', 'hoge')
puts sprintf('%10s', 'hoge')
# good
puts '%10s' % 'hoge'
Use 0o for octal literals. (https://github.com/bbatsov/ruby-style-guide#numeric-literal-prefixes) Open
file.chmod(0755)
- Read upRead up
- Exclude checks
This cop checks for octal, hex, binary and decimal literals using
uppercase prefixes and corrects them to lowercase prefix
or no prefix (in case of decimals).
eg. for octal use 0o
instead of 0
or 0O
.
Can be configured to use 0
only for octal literals using
EnforcedOctalStyle
=> zero_only
%w
-literals should be delimited by [
and ]
. (https://github.com/bbatsov/ruby-style-guide#percent-literal-braces) Open
%w(Vagrantfile vagrantfile)
- Read upRead up
- Exclude checks
This cop enforces the consistent usage of %
-literal delimiters.
Specify the 'default' key to set all preferred delimiters at once. You can continue to specify individual preferred delimiters to override the default.
Example:
# Style/PercentLiteralDelimiters:
# PreferredDelimiters:
# default: '[]'
# '%i': '()'
# good
%w[alpha beta] + %i(gamma delta)
# bad
%W(alpha #{beta})
# bad
%I(alpha beta)
When using method_missing
, define respond_to_missing?
and fall back on super
. (https://github.com/bbatsov/ruby-style-guide#no-method-missing) Open
def self.method_missing(*)
DummyConfig
end
- Read upRead up
- Exclude checks
This cop checks for the presence of method_missing
without also
defining respond_to_missing?
and falling back on super
.
Example:
#bad
def method_missing(name, *args)
# ...
end
#good
def respond_to_missing?(name, include_private)
# ...
end
def method_missing(name, *args)
# ...
super
end
Use a guard clause instead of wrapping the code inside a conditional expression. (https://github.com/bbatsov/ruby-style-guide#no-nested-conditionals) Open
unless @multiplex_manager.active?(@machine_name)
- Read upRead up
- Exclude checks
Use a guard clause instead of wrapping the code inside a conditional expression
Example:
# bad
def test
if something
work
end
end
# good
def test
return unless something
work
end
# also good
def test
work if something
end
# bad
if something
raise 'exception'
else
ok
end
# good
raise 'exception' if something
ok
Use a guard clause instead of wrapping the code inside a conditional expression. (https://github.com/bbatsov/ruby-style-guide#no-nested-conditionals) Open
unless status.success?
- Read upRead up
- Exclude checks
Use a guard clause instead of wrapping the code inside a conditional expression
Example:
# bad
def test
if something
work
end
end
# good
def test
return unless something
work
end
# also good
def test
work if something
end
# bad
if something
raise 'exception'
else
ok
end
# good
raise 'exception' if something
ok