cortex-cms/cortex

View on GitHub

Showing 76 of 76 total issues

Similar blocks of code found in 2 locations. Consider refactoring.
Open

        {temporary_render === 'TenantSwitcher' &&
        <TenantSwitcherContainer dispatch={dispatch} railsContext={data.railsContext} data={data.session}/>
        }
Severity: Minor
Found in node_package/src/containers/layout.jsx and 1 other location - About 35 mins to fix
node_package/src/containers/layout.jsx on lines 25..27

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

        {temporary_render === 'Wizard' &&
        <WizardContainer dispatch={dispatch} railsContext={data.railsContext} data={data.wizard}/>
        }
Severity: Minor
Found in node_package/src/containers/layout.jsx and 1 other location - About 35 mins to fix
node_package/src/containers/layout.jsx on lines 22..24

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

unexpected token error (Using Ruby 2.1 parser; configure using TargetRubyVersion parameter, under AllCops)
Open

        plugin_new_transaction_klass(field_item)&.new&.call(field_item)&.value!

Unused block argument - content_item. You can omit the argument if you don't care about it.
Open

        m.success do |content_item|

This cop checks for unused block arguments.

Example:

# bad

do_something do |used, unused|
  puts used
end

do_something do |bar|
  puts :foo
end

define_method(:foo) do |bar|
  puts :baz
end

Example:

#good

do_something do |used, _unused|
  puts used
end

do_something do
  puts :foo
end

define_method(:foo) do |_bar|
  puts :baz
end

unexpected token $end (Using Ruby 2.1 parser; configure using TargetRubyVersion parameter, under AllCops)
Open

Severity: Minor
Found in app/cells/cortex/index_cell.rb by rubocop

Unused block argument - error. You can omit the argument if you don't care about it.
Open

        m.failure do |error|

This cop checks for unused block arguments.

Example:

# bad

do_something do |used, unused|
  puts used
end

do_something do |bar|
  puts :foo
end

define_method(:foo) do |bar|
  puts :baz
end

Example:

#good

do_something do |used, _unused|
  puts used
end

do_something do
  puts :foo
end

define_method(:foo) do |_bar|
  puts :baz
end

Move the invocation into the parens that contain the function.
Open

(function () {

Require IIFEs to be Wrapped (wrap-iife)

You can immediately invoke function expressions, but not function declarations. A common technique to create an immediately-invoked function expression (IIFE) is to wrap a function declaration in parentheses. The opening parentheses causes the contained function to be parsed as an expression, rather than a declaration.

// function expression could be unwrapped
var x = function () { return { y: 1 };}();

// function declaration must be wrapped
function () { /* side effects */ }(); // SyntaxError

Rule Details

This rule requires all immediately-invoked function expressions to be wrapped in parentheses.

Options

This rule has two options, a string option and an object option.

String option:

  • "outside" enforces always wrapping the call expression. The default is "outside".
  • "inside" enforces always wrapping the function expression.
  • "any" enforces always wrapping, but allows either style.

Object option:

  • "functionPrototypeMethods": true additionally enforces wrapping function expressions invoked using .call and .apply. The default is false.

outside

Examples of incorrect code for the default "outside" option:

/*eslint wrap-iife: ["error", "outside"]*/

var x = function () { return { y: 1 };}(); // unwrapped
var x = (function () { return { y: 1 };})(); // wrapped function expression

Examples of correct code for the default "outside" option:

/*eslint wrap-iife: ["error", "outside"]*/

var x = (function () { return { y: 1 };}()); // wrapped call expression

inside

Examples of incorrect code for the "inside" option:

/*eslint wrap-iife: ["error", "inside"]*/

var x = function () { return { y: 1 };}(); // unwrapped
var x = (function () { return { y: 1 };}()); // wrapped call expression

Examples of correct code for the "inside" option:

/*eslint wrap-iife: ["error", "inside"]*/

var x = (function () { return { y: 1 };})(); // wrapped function expression

any

Examples of incorrect code for the "any" option:

/*eslint wrap-iife: ["error", "any"]*/

var x = function () { return { y: 1 };}(); // unwrapped

Examples of correct code for the "any" option:

/*eslint wrap-iife: ["error", "any"]*/

var x = (function () { return { y: 1 };}()); // wrapped call expression
var x = (function () { return { y: 1 };})(); // wrapped function expression

functionPrototypeMethods

Examples of incorrect code for this rule with the "inside", { "functionPrototypeMethods": true } options:

/* eslint wrap-iife: [2, "inside", { functionPrototypeMethods: true }] */

var x = function(){ foo(); }()
var x = (function(){ foo(); }())
var x = function(){ foo(); }.call(bar)
var x = (function(){ foo(); }.call(bar))

Examples of correct code for this rule with the "inside", { "functionPrototypeMethods": true } options:

/* eslint wrap-iife: [2, "inside", { functionPrototypeMethods: true }] */

var x = (function(){ foo(); })()
var x = (function(){ foo(); }).call(bar)

Source: http://eslint.org/docs/rules/

unexpected token error (Using Ruby 2.1 parser; configure using TargetRubyVersion parameter, under AllCops)
Open

      asset_field_item(content_item).data['asset']&.[]('versions')&.[]('mini')&.[]('url')
Severity: Minor
Found in app/cells/cortex/index_cell.rb by rubocop

Unreachable code.
Open

    var dialog = document.getElementById(event.target.closest('dialog').id);

disallow unreachable code after return, throw, continue, and break statements (no-unreachable)

Because the return, throw, break, and continue statements unconditionally exit a block of code, any statements after them cannot be executed. Unreachable statements are usually a mistake.

function fn() {
    x = 1;
    return x;
    x = 3; // this will never execute
}

Rule Details

This rule disallows unreachable code after return, throw, continue, and break statements.

Examples of incorrect code for this rule:

/*eslint no-unreachable: "error"*/

function foo() {
    return true;
    console.log("done");
}

function bar() {
    throw new Error("Oops!");
    console.log("done");
}

while(value) {
    break;
    console.log("done");
}

throw new Error("Oops!");
console.log("done");

function baz() {
    if (Math.random() < 0.5) {
        return;
    } else {
        throw new Error();
    }
    console.log("done");
}

for (;;) {}
console.log("done");

Examples of correct code for this rule, because of JavaScript function and variable hoisting:

/*eslint no-unreachable: "error"*/

function foo() {
    return bar();
    function bar() {
        return 1;
    }
}

function bar() {
    return x;
    var x;
}

switch (foo) {
    case 1:
        break;
        var x;
}

Source: http://eslint.org/docs/rules/

unexpected token error (Using Ruby 2.1 parser; configure using TargetRubyVersion parameter, under AllCops)
Open

        plugin_update_transaction_klass(field_item)&.new&.call(field_item)&.value!

Unused method argument - options. If it's necessary, use _ or _options as an argument name to indicate that it won't be used. You can also write as as_indexed_json(*) if you want the method to accept any arguments but don't care about them.
Open

      def as_indexed_json(options = {})

This cop checks for unused method arguments.

Example:

# bad

def some_method(used, unused, _unused_but_allowed)
  puts used
end

Example:

# good

def some_method(used, _unused, _unused_but_allowed)
  puts used
end

Unused block argument - options. If it's necessary, use _ or _options as an argument name to indicate that it won't be used.
Open

      validations.all? do |type, options|
Severity: Minor
Found in app/models/cortex/field_type.rb by rubocop

This cop checks for unused block arguments.

Example:

# bad

do_something do |used, unused|
  puts used
end

do_something do |bar|
  puts :foo
end

define_method(:foo) do |bar|
  puts :baz
end

Example:

#good

do_something do |used, _unused|
  puts used
end

do_something do
  puts :foo
end

define_method(:foo) do |_bar|
  puts :baz
end

Denial of Service Vulnerability in Action View
Open

    actionview (5.1.6)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2019-5419

URL: https://groups.google.com/forum/#!topic/rubyonrails-security/GN7w9fFAQeI

Solution: upgrade to >= 6.0.0.beta3, >= 5.2.2.1, ~> 5.2.2, >= 5.1.6.2, ~> 5.1.6, >= 5.0.7.2, ~> 5.0.7, >= 4.2.11.1, ~> 4.2.11

unexpected token error (Using Ruby 2.1 parser; configure using TargetRubyVersion parameter, under AllCops)
Open

        plugin_new_transaction_klass(field_item)&.new&.call(field_item)&.value!

unexpected token error (Using Ruby 2.1 parser; configure using TargetRubyVersion parameter, under AllCops)
Open

        plugin_update_transaction_klass(field_item)&.new&.call(field_item)&.value!

Unused block argument - options. If it's necessary, use _ or _options as an argument name to indicate that it won't be used.
Open

      validations.all? do |type, options|
Severity: Minor
Found in app/models/cortex/field_type.rb by rubocop

This cop checks for unused block arguments.

Example:

# bad

do_something do |used, unused|
  puts used
end

do_something do |bar|
  puts :foo
end

define_method(:foo) do |bar|
  puts :baz
end

Example:

#good

do_something do |used, _unused|
  puts used
end

do_something do
  puts :foo
end

define_method(:foo) do |_bar|
  puts :baz
end

Unused block argument - k. If it's necessary, use _ or _k as an argument name to indicate that it won't be used.
Open

      field_type_instance.errors.each do |k, v|
Severity: Minor
Found in app/models/cortex/field_item.rb by rubocop

This cop checks for unused block arguments.

Example:

# bad

do_something do |used, unused|
  puts used
end

do_something do |bar|
  puts :foo
end

define_method(:foo) do |bar|
  puts :baz
end

Example:

#good

do_something do |used, _unused|
  puts used
end

do_something do
  puts :foo
end

define_method(:foo) do |_bar|
  puts :baz
end

File Content Disclosure in Action View
Open

    actionview (5.1.6)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2019-5418

URL: https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q

Solution: upgrade to >= 4.2.11.1, ~> 4.2.11, >= 5.0.7.2, ~> 5.0.7, >= 5.1.6.2, ~> 5.1.6, >= 5.2.2.1, ~> 5.2.2, >= 6.0.0.beta3

Broken Access Control vulnerability in Active Job
Open

    activejob (5.1.6)
Severity: Minor
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2018-16476

URL: https://groups.google.com/forum/#!topic/rubyonrails-security/FL4dSdzr2zw

Solution: upgrade to ~> 4.2.11, ~> 5.0.7.1, ~> 5.1.6.1, ~> 5.1.7, >= 5.2.1.1

Unused block argument - content_item. You can omit the argument if you don't care about it.
Open

        m.success do |content_item|

This cop checks for unused block arguments.

Example:

# bad

do_something do |used, unused|
  puts used
end

do_something do |bar|
  puts :foo
end

define_method(:foo) do |bar|
  puts :baz
end

Example:

#good

do_something do |used, _unused|
  puts used
end

do_something do
  puts :foo
end

define_method(:foo) do |_bar|
  puts :baz
end
Severity
Category
Status
Source
Language