Conjur::CertUtils#parse_certs has approx 8 statements Open
def parse_certs certs
- Read upRead up
- Exclude checks
A method with Too Many Statements
is any method that has a large number of lines.
Too Many Statements
warns about any method that has more than 5 statements. Reek's smell detector for Too Many Statements
counts +1 for every simple statement in a method and +1 for every statement within a control structure (if
, else
, case
, when
, for
, while
, until
, begin
, rescue
) but it doesn't count the control structure itself.
So the following method would score +6 in Reek's statement-counting algorithm:
def parse(arg, argv, &error)
if !(val = arg) and (argv.empty? or /\A-/ =~ (val = argv[0]))
return nil, block, nil # +1
end
opt = (val = parse_arg(val, &error))[1] # +2
val = conv_arg(*val) # +3
if opt and !arg
argv.shift # +4
else
val[0] = nil # +5
end
val # +6
end
(You might argue that the two assigments within the first @if@ should count as statements, and that perhaps the nested assignment should count as +2.)
Conjur::CertUtils has no descriptive comment Open
module CertUtils
- Read upRead up
- Exclude checks
Classes and modules are the units of reuse and release. It is therefore considered good practice to annotate every class and module with a brief comment outlining its responsibilities.
Example
Given
class Dummy
# Do things...
end
Reek would emit the following warning:
test.rb -- 1 warning:
[1]:Dummy has no descriptive comment (IrresponsibleModule)
Fixing this is simple - just an explaining comment:
# The Dummy class is responsible for ...
class Dummy
# Do things...
end
Method add_chained_cert
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
def add_chained_cert store, chained_cert
parse_certs(chained_cert).each do |cert|
begin
store.add_cert cert
rescue OpenSSL::X509::StoreError => ex
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Use e
instead of ex
. Open
rescue OpenSSL::X509::StoreError => ex
- Read upRead up
- Exclude checks
This cop makes sure that rescued exceptions variables are named as expected.
The PreferredName
config option takes a String
. It represents
the required name of the variable. Its default is e
.
Example: PreferredName: e (default)
# bad
begin
# do something
rescue MyException => exception
# do something
end
# good
begin
# do something
rescue MyException => e
# do something
end
# good
begin
# do something
rescue MyException => _e
# do something
end
Example: PreferredName: exception
# bad
begin
# do something
rescue MyException => e
# do something
end
# good
begin
# do something
rescue MyException => exception
# do something
end
# good
begin
# do something
rescue MyException => _exception
# do something
end
Use e
instead of exn
. Open
rescue OpenSSL::X509::CertificateError => exn
- Read upRead up
- Exclude checks
This cop makes sure that rescued exceptions variables are named as expected.
The PreferredName
config option takes a String
. It represents
the required name of the variable. Its default is e
.
Example: PreferredName: e (default)
# bad
begin
# do something
rescue MyException => exception
# do something
end
# good
begin
# do something
rescue MyException => e
# do something
end
# good
begin
# do something
rescue MyException => _e
# do something
end
Example: PreferredName: exception
# bad
begin
# do something
rescue MyException => e
# do something
end
# good
begin
# do something
rescue MyException => exception
# do something
end
# good
begin
# do something
rescue MyException => _exception
# do something
end
Freeze mutable objects assigned to constants. Open
CERT_RE = /-----BEGIN CERTIFICATE-----\n.*?\n-----END CERTIFICATE-----\n/m
- Read upRead up
- Exclude checks
This cop checks whether some constant value isn't a mutable literal (e.g. array or hash).
Strict mode can be used to freeze all constants, rather than just literals. Strict mode is considered an experimental feature. It has not been updated with an exhaustive list of all methods that will produce frozen objects so there is a decent chance of getting some false positives. Luckily, there is no harm in freezing an already frozen object.
Example: EnforcedStyle: literals (default)
# bad
CONST = [1, 2, 3]
# good
CONST = [1, 2, 3].freeze
# good
CONST = <<~TESTING.freeze
This is a heredoc
TESTING
# good
CONST = Something.new
Example: EnforcedStyle: strict
# bad
CONST = Something.new
# bad
CONST = Struct.new do
def foo
puts 1
end
end
# good
CONST = Something.new.freeze
# good
CONST = Struct.new do
def foo
puts 1
end
end.freeze