Showing 123 of 126 total issues
Conjur::HasAttributes#annotation_value has the variable name 'a' Open
(annotations.find{|a| a['name'] == name} || {})['value']
- Read upRead up
- Exclude checks
An Uncommunicative Variable Name
is a variable name that doesn't communicate its intent well enough.
Poor names make it hard for the reader to build a mental picture of what's going on in the code. They can also be mis-interpreted; and they hurt the flow of reading, because the reader must slow down to interpret the names.
Conjur::ActsAsRole#login has the variable name 't' Open
[ kind, identifier ].delete_if{|t| t == "user"}.join('/')
- Read upRead up
- Exclude checks
An Uncommunicative Variable Name
is a variable name that doesn't communicate its intent well enough.
Poor names make it hard for the reader to build a mental picture of what's going on in the code. They can also be mis-interpreted; and they hurt the flow of reading, because the reader must slow down to interpret the names.
Conjur::API#authenticate_local has the variable name 's' Open
JSON.parse(UNIXSocket.open(Conjur.configuration.authn_local_socket) {|s| s.puts message; s.gets })
- Read upRead up
- Exclude checks
An Uncommunicative Variable Name
is a variable name that doesn't communicate its intent well enough.
Poor names make it hard for the reader to build a mental picture of what's going on in the code. They can also be mis-interpreted; and they hurt the flow of reading, because the reader must slow down to interpret the names.
Conjur::API::TokenFileAuthenticator#refresh_token has the variable name 'f' Open
File.open token_file, 'r' do |f|
- Read upRead up
- Exclude checks
An Uncommunicative Variable Name
is a variable name that doesn't communicate its intent well enough.
Poor names make it hard for the reader to build a mental picture of what's going on in the code. They can also be mis-interpreted; and they hurt the flow of reading, because the reader must slow down to interpret the names.
Conjur::Configuration#add_option has the variable name 'x' Open
convert = options[:convert] || ->(x){ x }
- Read upRead up
- Exclude checks
An Uncommunicative Variable Name
is a variable name that doesn't communicate its intent well enough.
Poor names make it hard for the reader to build a mental picture of what's going on in the code. They can also be mis-interpreted; and they hurt the flow of reading, because the reader must slow down to interpret the names.
Shadowing outer local variable - id
. Open
Array(id).join(':').tap do |id|
- Read upRead up
- Exclude checks
This cop looks for use of the same name as outer local variables
for block arguments or block local variables.
This is a mimic of the warning
"shadowing outer local variable - foo" from ruby -cw
.
Example:
# bad
def some_method
foo = 1
2.times do |foo| # shadowing outer `foo`
do_something(foo)
end
end
Example:
# good
def some_method
foo = 1
2.times do |bar|
do_something(bar)
end
end
The name of this source file (conjur-api.rb
) should use snake_case. Open
# Just a stub so that require 'conjur-api' works
- Read upRead up
- Exclude checks
This cop makes sure that Ruby source files have snake_case names. Ruby scripts (i.e. source files with a shebang in the first line) are ignored.
The cop also ignores .gemspec
files, because Bundler
recommends using dashes to separate namespaces in nested gems
(i.e. bundler-console
becomes Bundler::Console
). As such, the
gemspec is supposed to be named bundler-console.gemspec
.
Example:
# bad
lib/layoutManager.rb
anything/usingCamelCase
# good
lib/layout_manager.rb
anything/using_snake_case.rake
Declare and assign separately to avoid masking return values. Open
local api_key=$(docker compose exec -T conjur rake 'role:retrieve-key[cucumber:user:admin]')
- Read upRead up
- Exclude checks
Declare and assign separately to avoid masking return values.
Problematic code:
export foo="$(mycmd)"
Correct code:
foo=$(mycmd)
export foo
Rationale:
In the original code, the return value of mycmd
is ignored, and export
will instead always return true. This may prevent conditionals, set -e
and traps from working correctly.
When first marked for export and assigned separately, the return value of the assignment will be that of mycmd
. This avoids the problem.
Exceptions:
If you intend to ignore the return value of an assignment, you can either ignore this warning or use
foo=$(mycmd) || true
export foo
Shellcheck does not warn about export foo=bar
because bar
is a literal and not a command substitution with an independent return value. It also does not warn about local -r foo=$(cmd)
, where declaration and assignment must be in the same command.
Notice
Original content from the ShellCheck https://github.com/koalaman/shellcheck/wiki.
Want to escape a single quote? echo 'This is how it'''s done'. Open
docker exec -e CONJUR_AUTHN_API_KEY="$api_key" -it --detach-keys 'ctrl-\' $(docker compose ps -q gem) bash
- Read upRead up
- Exclude checks
Want to escape a single quote? echo 'This is how it'\''s done'.
(Note: in v0.4.6, the error message was accidentally missing the backslash)
Problematic code:
echo 'This is not how it\'s done'.
Correct code:
echo 'This is how it'\''s done'.
Rationale
In POSIX shell, the shell cares about nothing but another single quote to terminate the quoted segment. Not even backslashes are interpreted.
POSIX.1 Shell Command Language § 2.2.2 Single Quotes:
Enclosing characters in single-quotes (
''
) shall preserve the literal value of each character within the single-quotes. A single-quote cannot occur within single-quotes.
Exceptions
If you want your single quoted string to end in a backslash, you can rewrite as 'string'\\
or [[ignore]] this warning.
Notice
Original content from the ShellCheck https://github.com/koalaman/shellcheck/wiki.
Add empty line after guard clause. Open
fail ArgumentError, "host and account are required" unless [host, account].all?
- Read upRead up
- Exclude checks
This cop enforces empty line after guard clause
Example:
# bad
def foo
return if need_return?
bar
end
# good
def foo
return if need_return?
bar
end
# good
def foo
return if something?
return if something_different?
bar
end
# also good
def foo
if something?
do_something
return if need_return?
end
end
Extra blank line detected. Open
puts "Fetching db-password as #{host.id}"
- Read upRead up
- Exclude checks
This cop checks for two or more consecutive blank lines.
Example:
# bad - It has two empty lines.
some_method
# one empty line
# two empty lines
some_method
# good
some_method
# one empty line
some_method
Use e
instead of ex
. Open
rescue OpenSSL::X509::StoreError => ex
- Read upRead up
- Exclude checks
This cop makes sure that rescued exceptions variables are named as expected.
The PreferredName
config option takes a String
. It represents
the required name of the variable. Its default is e
.
Example: PreferredName: e (default)
# bad
begin
# do something
rescue MyException => exception
# do something
end
# good
begin
# do something
rescue MyException => e
# do something
end
# good
begin
# do something
rescue MyException => _e
# do something
end
Example: PreferredName: exception
# bad
begin
# do something
rescue MyException => e
# do something
end
# good
begin
# do something
rescue MyException => exception
# do something
end
# good
begin
# do something
rescue MyException => _exception
# do something
end
Pass array contents as separate arguments. Open
host, credentials, account, kind = options.values_at(*[:host, :credentials, :account, :kind])
- Read upRead up
- Exclude checks
This cop checks for unneeded usages of splat expansion
Example:
# bad
a = *[1, 2, 3]
a = *'a'
a = *1
begin
foo
rescue *[StandardError, ApplicationError]
bar
end
case foo
when *[1, 2, 3]
bar
else
baz
end
Example:
# good
c = [1, 2, 3]
a = *c
a, b = *c
a, *b = *c
a = *1..10
a = ['a']
begin
foo
rescue StandardError, ApplicationError
bar
end
case foo
when 1, 2, 3
bar
else
baz
end
Use e
instead of exn
. Open
rescue OpenSSL::X509::CertificateError => exn
- Read upRead up
- Exclude checks
This cop makes sure that rescued exceptions variables are named as expected.
The PreferredName
config option takes a String
. It represents
the required name of the variable. Its default is e
.
Example: PreferredName: e (default)
# bad
begin
# do something
rescue MyException => exception
# do something
end
# good
begin
# do something
rescue MyException => e
# do something
end
# good
begin
# do something
rescue MyException => _e
# do something
end
Example: PreferredName: exception
# bad
begin
# do something
rescue MyException => e
# do something
end
# good
begin
# do something
rescue MyException => exception
# do something
end
# good
begin
# do something
rescue MyException => _exception
# do something
end
Declare and assign separately to avoid masking return values. Open
local api_key=$(docker compose exec -T conjur rake 'role:retrieve-key[cucumber:user:admin]')
- Read upRead up
- Exclude checks
Declare and assign separately to avoid masking return values.
Problematic code:
export foo="$(mycmd)"
Correct code:
foo=$(mycmd)
export foo
Rationale:
In the original code, the return value of mycmd
is ignored, and export
will instead always return true. This may prevent conditionals, set -e
and traps from working correctly.
When first marked for export and assigned separately, the return value of the assignment will be that of mycmd
. This avoids the problem.
Exceptions:
If you intend to ignore the return value of an assignment, you can either ignore this warning or use
foo=$(mycmd) || true
export foo
Shellcheck does not warn about export foo=bar
because bar
is a literal and not a command substitution with an independent return value. It also does not warn about local -r foo=$(cmd)
, where declaration and assignment must be in the same command.
Notice
Original content from the ShellCheck https://github.com/koalaman/shellcheck/wiki.
Redundant use of Object#to_s
in interpolation. Open
"<#{self.class.name} id='#{id.to_s}'>"
- Read upRead up
- Exclude checks
This cop checks for string conversion in string interpolation, which is redundant.
Example:
# bad
"result is #{something.to_s}"
Example:
# good
"result is #{something}"
Freeze mutable objects assigned to constants. Open
CERT_RE = /-----BEGIN CERTIFICATE-----\n.*?\n-----END CERTIFICATE-----\n/m
- Read upRead up
- Exclude checks
This cop checks whether some constant value isn't a mutable literal (e.g. array or hash).
Strict mode can be used to freeze all constants, rather than just literals. Strict mode is considered an experimental feature. It has not been updated with an exhaustive list of all methods that will produce frozen objects so there is a decent chance of getting some false positives. Luckily, there is no harm in freezing an already frozen object.
Example: EnforcedStyle: literals (default)
# bad
CONST = [1, 2, 3]
# good
CONST = [1, 2, 3].freeze
# good
CONST = <<~TESTING.freeze
This is a heredoc
TESTING
# good
CONST = Something.new
Example: EnforcedStyle: strict
# bad
CONST = Something.new
# bad
CONST = Struct.new do
def foo
puts 1
end
end
# good
CONST = Something.new.freeze
# good
CONST = Struct.new do
def foo
puts 1
end
end.freeze
Add empty line after guard clause. Open
return "false" unless str
- Read upRead up
- Exclude checks
This cop enforces empty line after guard clause
Example:
# bad
def foo
return if need_return?
bar
end
# good
def foo
return if need_return?
bar
end
# good
def foo
return if something?
return if something_different?
bar
end
# also good
def foo
if something?
do_something
return if need_return?
end
end
Use %q
only for strings that contain both single quotes and double quotes. Open
gem.summary = %q{Conjur API}
- Read upRead up
- Exclude checks
This cop checks for usage of the %q/%Q syntax when '' or "" would do.
Example:
# bad
name = %q(Bruce Wayne)
time = %q(8 o'clock)
question = %q("What did you say?")
# good
name = 'Bruce Wayne'
time = "8 o'clock"
question = '"What did you say?"'
Add empty line after guard clause. Open
return @attributes if @attributes
- Read upRead up
- Exclude checks
This cop enforces empty line after guard clause
Example:
# bad
def foo
return if need_return?
bar
end
# good
def foo
return if need_return?
bar
end
# good
def foo
return if something?
return if something_different?
bar
end
# also good
def foo
if something?
do_something
return if need_return?
end
end