Showing 14 of 14 total issues
Regular Expression Denial of Service in Addressable templates Open
addressable (2.7.0)
- Read upRead up
- Exclude checks
Advisory: CVE-2021-32740
Criticality: High
URL: https://github.com/advisories/GHSA-jxhc-q857-3j6g
Solution: upgrade to >= 2.8.0
Method generate
has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring. Open
def generate
puts Paint["Grace period: #{grace_period} days", :blue]
branches = client.branches(repository, protected: false)
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method generate
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
def generate
puts Paint["Grace period: #{grace_period} days", :blue]
branches = client.branches(repository, protected: false)
Method parse
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
def parse(args)
parser = OptionParser.new do |opts|
opts.banner = banner
opts.program_name = program_name if program_name
Method ignore_branch?
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
def ignore_branch?(branch)
ignored_branches = [config.dig('branches', 'protected'), config.dig('branches', 'exclude')].flatten.compact
if branch.protected? ||
branch.last_commit > (Date.today - grace_period).to_time.utc ||
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Multiple top level headers in the same document Open
# Setup
- Read upRead up
- Exclude checks
MD025 - Multiple top level headers in the same document
Tags: headers
Aliases: single-h1
Parameters: level (number; default 1)
This rule is triggered when a top level header is in use (the first line of the file is a h1 header), and more than one h1 header is in use in the document:
# Top level header
# Another top level header
To fix, structure your document so that there is a single h1 header that is the title for the document, and all later headers are h2 or lower level headers:
# Title
## Header
## Another header
Rationale: A top level header is a h1 on the first line of the file, and serves as the title for the document. If this convention is in use, then there can not be more than one title for the document, and the entire document should be contained within this header.
Note: The level
parameter can be used to change the top level (ex: to h2) in
cases where an h1 is added externally.
Missing top-level module documentation comment. Open
module Hubtrics
- Read upRead up
- Exclude checks
This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.
The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.
Example:
# bad
class Person
# ...
end
# good
# Description/Explanation of Person class
class Person
# ...
end
Missing magic comment # frozen_string_literal: true
. Open
module Hubtrics
- Read upRead up
- Exclude checks
This cop is designed to help you transition from mutable string literals
to frozen string literals.
It will add the comment # frozen_string_literal: true
to the top of
files to enable frozen string literals. Frozen string literals may be
default in future Ruby. The comment will be added below a shebang and
encoding comment. The frozen string literal comment is only valid in
Ruby 2.3+.
Note that the cop will ignore files where the comment exists but is set
to false
instead of true
.
Example: EnforcedStyle: always (default)
# The `always` style will always add the frozen string literal comment
# to a file, regardless of the Ruby version or if `freeze` or `<<` are
# called on a string literal.
# bad
module Bar
# ...
end
# good
# frozen_string_literal: true
module Bar
# ...
end
# good
# frozen_string_literal: false
module Bar
# ...
end
Example: EnforcedStyle: never
# The `never` will enforce that the frozen string literal comment does
# not exist in a file.
# bad
# frozen_string_literal: true
module Baz
# ...
end
# good
module Baz
# ...
end
Missing top-level module documentation comment. Open
module Hubtrics
- Read upRead up
- Exclude checks
This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.
The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.
Example:
# bad
class Person
# ...
end
# good
# Description/Explanation of Person class
class Person
# ...
end
Missing top-level class documentation comment. Open
class Rule
- Read upRead up
- Exclude checks
This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.
The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.
Example:
# bad
class Person
# ...
end
# good
# Description/Explanation of Person class
class Person
# ...
end
Line length Open
If you decide to use the [.netrc implementation](https://ec.haxx.se/usingcurl/usingcurl-netrc), follow the steps GitHub provides for ["Creating a personal access token for the command line"](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line) and use the token created as your password in the `.netrc` file.
- Read upRead up
- Exclude checks
MD013 - Line length
Tags: line_length
Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)
This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.
This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.
You also have the option to exclude this rule for code blocks and tables. To
do this, set the code_blocks
and/or tables
parameters to false.
Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.
Line length Open
After you have run `bin/setup`, you will need to fill out the `.hubtrics.yml` configuration file that was created for you in the project root. Specifically, you will want to populate the client configuration.
- Read upRead up
- Exclude checks
MD013 - Line length
Tags: line_length
Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)
This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.
This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.
You also have the option to exclude this rule for code blocks and tables. To
do this, set the code_blocks
and/or tables
parameters to false.
Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.
Missing top-level module documentation comment. Open
module Hubtrics
- Read upRead up
- Exclude checks
This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.
The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.
Example:
# bad
class Person
# ...
end
# good
# Description/Explanation of Person class
class Person
# ...
end
Missing magic comment # frozen_string_literal: true
. Open
module Hubtrics
- Read upRead up
- Exclude checks
This cop is designed to help you transition from mutable string literals
to frozen string literals.
It will add the comment # frozen_string_literal: true
to the top of
files to enable frozen string literals. Frozen string literals may be
default in future Ruby. The comment will be added below a shebang and
encoding comment. The frozen string literal comment is only valid in
Ruby 2.3+.
Note that the cop will ignore files where the comment exists but is set
to false
instead of true
.
Example: EnforcedStyle: always (default)
# The `always` style will always add the frozen string literal comment
# to a file, regardless of the Ruby version or if `freeze` or `<<` are
# called on a string literal.
# bad
module Bar
# ...
end
# good
# frozen_string_literal: true
module Bar
# ...
end
# good
# frozen_string_literal: false
module Bar
# ...
end
Example: EnforcedStyle: never
# The `never` will enforce that the frozen string literal comment does
# not exist in a file.
# bad
# frozen_string_literal: true
module Baz
# ...
end
# good
module Baz
# ...
end