Showing 62 of 62 total issues
File express.ts
has 357 lines of code (exceeds 250 allowed). Consider refactoring. Open
import bodyParser = require( 'body-parser' );
import chalk from 'chalk';
import express = require( 'express' );
import _ = require( 'lodash' );
Function prepareQueryHandling
has 44 lines of code (exceeds 25 allowed). Consider refactoring. Open
protected prepareQueryHandling( apiNumber: EQueryPlurality ): IHookFunction<express.Request>{
return async ( req, res, next, model ) => {
const queryId = generateUUID();
Diaspora.logger.verbose(
`Received ${chalk.bold.red( req.method )} request ${chalk.bold.yellow(
Function configureList
has 34 lines of code (exceeds 25 allowed). Consider refactoring. Open
export const configureList = <T extends object>( pickers: { [key: string]: T | boolean }, set: string[] ) => {
const configurationObject: { [key: string]: T | undefined | boolean } = {};
forEach( pickers, ( picker, key ) => {
// If the key is a regex or a minimatch (check for `*`), this var will be set to a function
Function constructor
has 29 lines of code (exceeds 25 allowed). Consider refactoring. Open
protected constructor( configHash: IConfigurationRaw, middleware: T ){
// Get only models authorized
const allModels = _.keys( Diaspora.models );
const configuredModels = ( () => {
try {
Function constructor
has a Cognitive Complexity of 13 (exceeds 10 allowed). Consider refactoring. Open
protected constructor( configHash: IConfigurationRaw, middleware: T ){
// Get only models authorized
const allModels = _.keys( Diaspora.models );
const configuredModels = ( () => {
try {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Similar blocks of code found in 3 locations. Consider refactoring. Open
if ( _.isEmpty( req.diasporaApi.where ) ) {
return res.status( EHttpStatusCode.MalformedQuery ).send( {
message: `${req.method} requires a "where" clause`,
} );
} else {
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 46.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 3 locations. Consider refactoring. Open
if ( _.isEmpty( req.diasporaApi.where ) ) {
return res.status( EHttpStatusCode.MalformedQuery ).send( {
message: `${req.method} requires a "where" clause`,
} );
} else {
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 46.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Similar blocks of code found in 3 locations. Consider refactoring. Open
if ( _.isEmpty( req.diasporaApi.where ) ) {
return res.status( EHttpStatusCode.MalformedQuery ).send( {
message: `${req.method} requires a "where" clause`,
} );
} else {
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 46.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Avoid too many return
statements within this function. Open
return ExpressApiGenerator.respondError( req, res, error );
marked
Regular Expression Denial of Service Open
"marked": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/marked/-/marked-0.4.0.tgz",
"integrity": "sha512-tMsdNBgOsrUophCAFQl0XPe6Zqk/uy9gnue+jIIKhykO51hxyu6uNx7zBPy0+y/WKYVZZMspV9YeXLNdKk+iYw==",
"dev": true
- Read upRead up
- Exclude checks
Regular Expression Denial of Service
Overview:
The marked module is vulnerable to a regular expression denial of service. Based on the information published in the public issue, 1k characters can block for around 6 seconds.
Recommendation:
Consider another markdown parser until the issue can be addressed.
semver
Regular Expression Denial of Service Open
"semver": {
"version": "2.3.2",
"resolved": "https://registry.npmjs.org/semver/-/semver-2.3.2.tgz",
"integrity": "sha1-uYSPJdbPNjMwc+ye+IVtQvEjPlI=",
"dev": true
- Read upRead up
- Exclude checks
Regular Expression Denial of Service
Overview:
semver is vulnerable to regular expression denial of service (ReDoS) when extremely long version strings are parsed.
"The Regular expression Denial of Service (ReDoS) is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size). An attacker can then cause a program using a Regular Expression to enter these extreme situations and then hang for a very long time." [1]
Recommendation:
Update to a version 4.3.2 or greater
marked
Regular Expression Denial of Service Open
"marked": {
"version": "0.3.17",
"resolved": "https://registry.npmjs.org/marked/-/marked-0.3.17.tgz",
"integrity": "sha512-+AKbNsjZl6jFfLPwHhWmGTqE009wTKn3RTmn9K8oUKHrX/abPJjtcRtXpYB/FFrwPJRUA86LX/de3T0knkPCmQ==",
"dev": true
- Read upRead up
- Exclude checks
Regular Expression Denial of Service
Overview:
The marked module is vulnerable to a regular expression denial of service. Based on the information published in the public issue, 1k characters can block for around 6 seconds.
Recommendation:
Consider another markdown parser until the issue can be addressed.
Function castToDiasporaApiRequest
has a Cognitive Complexity of 11 (exceeds 10 allowed). Consider refactoring. Open
protected static async castToDiasporaApiRequest ( request: express.Request, diasporaApi: IDiasporaApiRequestDescriptorPreParse ): Promise<IDiasporaApiRequestDescriptor>{
const diasporaApiWithParsedQuery = _.assign( diasporaApi, ExpressApiGenerator.parseQuery( request.query ) );
if ( EQueryPlurality.SINGULAR === diasporaApiWithParsedQuery.number ) {
const id = _.get( request, 'params[1]' );
if ( !_.isNil( id ) ) {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Line length Open
Each middleware will be called as a standard Express middleware (eg with `req`, `res` & `next`). You can use them to customize the behavior of Diaspora Server.
- Read upRead up
- Exclude checks
MD013 - Line length
Tags: line_length
Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)
This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.
This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.
You also have the option to exclude this rule for code blocks and tables. To
do this, set the code_blocks
and/or tables
parameters to false.
Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.
Multiple top level headers in the same document Open
# [0.2.0-alpha.2](https://github.com/diaspora-orm/plugin-server/compare/v0.2.0-alpha.1...v0.2.0-alpha.2) (2018-07-03)
- Read upRead up
- Exclude checks
MD025 - Multiple top level headers in the same document
Tags: headers
Aliases: single-h1
Parameters: level (number; default 1)
This rule is triggered when a top level header is in use (the first line of the file is a h1 header), and more than one h1 header is in use in the document:
# Top level header
# Another top level header
To fix, structure your document so that there is a single h1 header that is the title for the document, and all later headers are h2 or lower level headers:
# Title
## Header
## Another header
Rationale: A top level header is a h1 on the first line of the file, and serves as the title for the document. If this convention is in use, then there can not be more than one title for the document, and the entire document should be contained within this header.
Note: The level
parameter can be used to change the top level (ex: to h2) in
cases where an h1 is added externally.
Trailing spaces Open
[![Test Coverage](https://api.codeclimate.com/v1/badges/733743517275d5b31c83/test_coverage)](https://codeclimate.com/github/diaspora-orm/plugin-server/test_coverage)
- Read upRead up
- Exclude checks
MD009 - Trailing spaces
Tags: whitespace
Aliases: no-trailing-spaces
Parameters: br_spaces (number; default: 0)
This rule is triggered on any lines that end with whitespace. To fix this, find the line that is triggered and remove any trailing spaces from the end.
The brspaces parameter allows an exception to this rule for a specific amount of trailing spaces used to insert an explicit line break/br element. For example, set brspaces to 2 to allow exactly 2 spaces at the end of a line.
Note: you have to set brspaces to 2 or higher for this exception to take effect - you can't insert a br element with just a single trailing space, so if you set brspaces to 1, the exception will be disabled, just as if it was set to the default of 0.
Hard tabs Open
},
- Read upRead up
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead
Line length Open
# [0.2.0-alpha.2](https://github.com/diaspora-orm/plugin-server/compare/v0.2.0-alpha.1...v0.2.0-alpha.2) (2018-07-03)
- Read upRead up
- Exclude checks
MD013 - Line length
Tags: line_length
Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)
This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.
This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.
You also have the option to exclude this rule for code blocks and tables. To
do this, set the code_blocks
and/or tables
parameters to false.
Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.
Line length Open
[![Test Coverage](https://api.codeclimate.com/v1/badges/733743517275d5b31c83/test_coverage)](https://codeclimate.com/github/diaspora-orm/plugin-server/test_coverage)
- Read upRead up
- Exclude checks
MD013 - Line length
Tags: line_length
Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)
This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.
This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.
You also have the option to exclude this rule for code blocks and tables. To
do this, set the code_blocks
and/or tables
parameters to false.
Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.
Hard tabs Open
PhoneBook: {
- Read upRead up
- Exclude checks
MD010 - Hard tabs
Tags: whitespace, hard_tab
Aliases: no-hard-tabs
This rule is triggered by any lines that contain hard tab characters instead of using spaces for indentation. To fix this, replace any hard tab characters with spaces instead.
Example:
Some text
* hard tab character used to indent the list item
Corrected example:
Some text
* Spaces used to indent the list item instead