Sign upLogin

SpeciesFileGroup/taxonworks

View on GitHub
Star

Showing 12,636 of 12,636 total issues

Prefer :ok over 200 to define HTTP status code.
Open

    render status: 200
Severity: Minor
Found in app/controllers/api/v1/base_controller.rb by rubocop

Enforces use of symbolic or numeric value to define HTTP status.

Example: EnforcedStyle: symbolic (default)

# bad
render :foo, status: 200
render json: { foo: 'bar' }, status: 200
render plain: 'foo/bar', status: 304
redirect_to root_url, status: 301

# good
render :foo, status: :ok
render json: { foo: 'bar' }, status: :ok
render plain: 'foo/bar', status: :not_modified
redirect_to root_url, status: :moved_permanently

Example: EnforcedStyle: numeric

# bad
render :foo, status: :ok
render json: { foo: 'bar' }, status: :not_found
render plain: 'foo/bar', status: :not_modified
redirect_to root_url, status: :moved_permanently

# good
render :foo, status: 200
render json: { foo: 'bar' }, status: 404
render plain: 'foo/bar', status: 304
redirect_to root_url, status: 301

Do not use instance variables in helpers.
Open

      page_entries_info(@list_collection_objects)
Severity: Minor
Found in app/helpers/tasks/gis/report_helper.rb by rubocop

Use if body.present? instead of unless body.blank?.
Open

      unless body.blank?
Severity: Minor
Found in app/helpers/taxon_names/catalog_helper.rb by rubocop

This cop checks for code that can be written with simpler conditionals using Object#present? defined by Active Support.

Interaction with Style/UnlessElse: The configuration of NotBlank will not produce an offense in the context of unless else if Style/UnlessElse is inabled. This is to prevent interference between the auto-correction of the two cops.

Example: NotNilAndNotEmpty: true (default)

# Converts usages of `!nil? && !empty?` to `present?`

# bad
!foo.nil? && !foo.empty?

# bad
foo != nil && !foo.empty?

# good
foo.present?

Example: NotBlank: true (default)

# Converts usages of `!blank?` to `present?`

# bad
!foo.blank?

# bad
not foo.blank?

# good
foo.present?

Example: UnlessBlank: true (default)

# Converts usages of `unless blank?` to `if present?`

# bad
something unless foo.blank?

# good
something if foo.present?

Tagging a string as html safe may be a security risk.
Open

        letters.collect{|l| content_tag(:li, link_to("#{l}", "\##{l}")) }.join.html_safe
Severity: Minor
Found in app/helpers/workbench/navigation_helper.rb by rubocop

This cop checks for the use of output safety calls like html_safe, raw, and safe_concat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

Example:

user_content = "hi"

# bad
"
#{user_content}
".html_safe
# => ActiveSupport::SafeBuffer "
hi
"

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "
<b>hi</b>
"

# bad
out = ""
out << "
  • #{user_content}
    • "
out << "
  • #{user_content}
    • "
out.html_safe
# => ActiveSupport::SafeBuffer "
  • hi
    • 

  • hi
    • "

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "
  • <b>hi</b>
    • 

  • <b>hi</b>
    • "

# bad
out = "
    trusted content
    ".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "
    trusted_content
    
hi"

# good
out = "
    trusted content
    ".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "
    trusted_content
    <b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

    Prefer symbols instead of strings as hash keys.
    Open

          'smart-selector-title' => params[:title],
    Severity: Minor
    Found in app/helpers/workbench/smart_selector_helper.rb by rubocop

    This cop checks for the use of strings as keys in hashes. The use of symbols is preferred instead.

    Example:

    # bad
{ 'one' => 1, 'two' => 2, 'three' => 3 }

# good
{ one: 1, two: 2, three: 3 }

    Prefer symbols instead of strings as hash keys.
    Open

          'smart-selector-current-object-label' => label_for(params[:current])
    Severity: Minor
    Found in app/helpers/workbench/smart_selector_helper.rb by rubocop

    This cop checks for the use of strings as keys in hashes. The use of symbols is preferred instead.

    Example:

    # bad
{ 'one' => 1, 'two' => 2, 'three' => 3 }

# good
{ one: 1, two: 2, three: 3 }

    Prefer symbols instead of strings as hash keys.
    Open

          id: object_id_string(object, 'soft_validation'), 'title' => 'Click to view validations',
    Severity: Minor
    Found in app/helpers/workbench/soft_validation_helper.rb by rubocop

    This cop checks for the use of strings as keys in hashes. The use of symbols is preferred instead.

    Example:

    # bad
{ 'one' => 1, 'two' => 2, 'three' => 3 }

# good
{ one: 1, two: 2, three: 3 }

    Please use Rails.root.join('path', 'to') instead.
    Open

            render file: "#{Rails.root}/public/404.html", layout: false, status: :not_found
    Severity: Minor
    Found in app/controllers/api/v1/stats_controller.rb by rubocop

    This cop is used to identify usages of file path joining process to use Rails.root.join clause. It is used to add uniformity when joining paths.

    Example: EnforcedStyle: arguments (default)

    # bad
Rails.root.join('app/models/goober')
File.join(Rails.root, 'app/models/goober')
"#{Rails.root}/app/models/goober"

# good
Rails.root.join('app', 'models', 'goober')

    Example: EnforcedStyle: slashes

    # bad
Rails.root.join('app', 'models', 'goober')
File.join(Rails.root, 'app/models/goober')
"#{Rails.root}/app/models/goober"

# good
Rails.root.join('app/models/goober')

    Do not use instance variables in helpers.
    Open

          @c_o_table_store = nil
    Severity: Minor
    Found in app/helpers/tasks/gis/report_helper.rb by rubocop

    Do not use instance variables in helpers.
    Open

        @c_o_table_data[c_o.id.to_s] = retval
    Severity: Minor
    Found in app/helpers/tasks/gis/report_helper.rb by rubocop

    Do not use instance variables in helpers.
    Open

          paginate(@list_collection_objects, remote: true)
    Severity: Minor
    Found in app/helpers/tasks/gis/report_helper.rb by rubocop

    Tagging a string as html safe may be a security risk.
    Open

            original_author_year(taxon_name_relationship.subject_taxon_name)].join(' ').html_safe, class: 'type_information'
    Severity: Minor
    Found in app/helpers/taxon_name_relationships_helper.rb by rubocop

    This cop checks for the use of output safety calls like html_safe, raw, and safe_concat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

    Example:

    user_content = "hi"

# bad
"
    #{user_content}
    ".html_safe
# => ActiveSupport::SafeBuffer "
    hi
    "

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "
    <b>hi</b>
    "

# bad
out = ""
out << "
  • #{user_content}
    • "
out << "
  • #{user_content}
    • "
out.html_safe
# => ActiveSupport::SafeBuffer "
  • hi
    • 

  • hi
    • "

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "
  • <b>hi</b>
    • 

  • <b>hi</b>
    • "

# bad
out = "
    trusted content
    ".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "
    trusted_content
    
hi"

# good
out = "
    trusted content
    ".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "
    trusted_content
    <b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

    Tagging a string as html safe may be a security risk.
    Open

               content_tag(:span, (tnc.classification_label + soft_validation_alert_tag(tnc).to_s + (tnc.citations.load.any? ? (content_tag(:em, ' in ') + citations_tag(tnc)).html_safe : '') ).html_safe, class: ['history__status'])
    Severity: Minor
    Found in app/helpers/taxon_names/catalog_helper.rb by rubocop

    This cop checks for the use of output safety calls like html_safe, raw, and safe_concat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

    Example:

    user_content = "hi"

# bad
"
    #{user_content}
    ".html_safe
# => ActiveSupport::SafeBuffer "
    hi
    "

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "
    <b>hi</b>
    "

# bad
out = ""
out << "
  • #{user_content}
    • "
out << "
  • #{user_content}
    • "
out.html_safe
# => ActiveSupport::SafeBuffer "
  • hi
    • 

  • hi
    • "

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "
  • <b>hi</b>
    • 

  • <b>hi</b>
    • "

# bad
out = "
    trusted content
    ".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "
    trusted_content
    
hi"

# good
out = "
    trusted content
    ".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "
    trusted_content
    <b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

    Tagging a string as html safe may be a security risk.
    Open

          html ? html.html_safe : nil
    Severity: Minor
    Found in app/helpers/workbench/display_helper.rb by rubocop

    This cop checks for the use of output safety calls like html_safe, raw, and safe_concat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

    Example:

    user_content = "hi"

# bad
"
    #{user_content}
    ".html_safe
# => ActiveSupport::SafeBuffer "
    hi
    "

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "
    <b>hi</b>
    "

# bad
out = ""
out << "
  • #{user_content}
    • "
out << "
  • #{user_content}
    • "
out.html_safe
# => ActiveSupport::SafeBuffer "
  • hi
    • 

  • hi
    • "

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "
  • <b>hi</b>
    • 

  • <b>hi</b>
    • "

# bad
out = "
    trusted content
    ".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "
    trusted_content
    
hi"

# good
out = "
    trusted content
    ".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "
    trusted_content
    <b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

    Prefer symbols instead of strings as hash keys.
    Open

        link_text = content_tag(:span, text,  'data-icon' => 'arrow-left', 'class' => 'small-icon')
    Severity: Minor
    Found in app/helpers/workbench/navigation_helper.rb by rubocop

    This cop checks for the use of strings as keys in hashes. The use of symbols is preferred instead.

    Example:

    # bad
{ 'one' => 1, 'two' => 2, 'three' => 3 }

# good
{ one: 1, two: 2, three: 3 }

    Prefer symbols instead of strings as hash keys.
    Open

        link_to(link_text, target, 'data-arrow' => 'next', 'class' => 'navigation-item')
    Severity: Minor
    Found in app/helpers/workbench/navigation_helper.rb by rubocop

    This cop checks for the use of strings as keys in hashes. The use of symbols is preferred instead.

    Example:

    # bad
{ 'one' => 1, 'two' => 2, 'three' => 3 }

# good
{ one: 1, two: 2, three: 3 }

    Prefer symbols instead of strings as hash keys.
    Open

          link_to('New', new_source_path, 'class' => 'small-icon', 'data-icon' => 'new')
    Severity: Minor
    Found in app/helpers/workbench/navigation_helper.rb by rubocop

    This cop checks for the use of strings as keys in hashes. The use of symbols is preferred instead.

    Example:

    # bad
{ 'one' => 1, 'two' => 2, 'three' => 3 }

# good
{ one: 1, two: 2, three: 3 }

    cannot assign to a keyword (Using Ruby 2.4 parser; configure using TargetRubyVersion parameter, under AllCops)
    Open

          link_to('Unfavorite page', unfavorite_page_path(kind:, name:), method: :post, remote: true, id: "unfavorite_link_#{kind}-#{name}", class: :unfavorite_link, title: 'Remove to favorite')
    Severity: Minor
    Found in app/helpers/workbench/sessions_helper.rb by rubocop

    This is not actually a cop. It does not inspect anything. It just provides methods to repack Parser's diagnostics/errors into RuboCop's offenses.

    Use find_by instead of dynamic find_by_id.
    Open

        @alternate_value = AlternateValue.find_by_id(params[:id]).metamorphosize
    Severity: Minor
    Found in app/controllers/alternate_values_controller.rb by rubocop

    This cop checks dynamic find_by_* methods. Use find_by instead of dynamic method. See. https://github.com/rubocop-hq/rails-style-guide#find_by

    Example:

    # bad
User.find_by_name(name)

# bad
User.find_by_name_and_email(name)

# bad
User.find_by_email!(name)

# good
User.find_by(name: name)

# good
User.find_by(name: name, email: email)

# good
User.find_by!(email: email)

    Use find_by instead of dynamic find_by_id.
    Open

          altval = AlternateValue.find_by_id(params[:id]).metamorphosize
    Severity: Minor
    Found in app/controllers/alternate_values_controller.rb by rubocop

    This cop checks dynamic find_by_* methods. Use find_by instead of dynamic method. See. https://github.com/rubocop-hq/rails-style-guide#find_by

    Example:

    # bad
User.find_by_name(name)

# bad
User.find_by_name_and_email(name)

# bad
User.find_by_email!(name)

# good
User.find_by(name: name)

# good
User.find_by(name: name, email: email)

# good
User.find_by!(email: email)
    Severity
    Category
    Status
    Source
    Language