Sign upLogin

joshminnie/hubtrics

View on GitHub
Star

Showing 14 of 14 total issues

Regular Expression Denial of Service in Addressable templates
Open

    addressable (2.7.0)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2021-32740

Criticality: High

URL: https://github.com/advisories/GHSA-jxhc-q857-3j6g

Solution: upgrade to >= 2.8.0

Method generate has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
Open

      def generate
        puts Paint["Grace period: #{grace_period} days", :blue]

        branches = client.branches(repository, protected: false)
Severity: Minor
Found in lib/hubtrics/reports/branches_without_pulls_report.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method generate has 28 lines of code (exceeds 25 allowed). Consider refactoring.
Open

      def generate
        puts Paint["Grace period: #{grace_period} days", :blue]

        branches = client.branches(repository, protected: false)
Severity: Minor
Found in lib/hubtrics/reports/branches_without_pulls_report.rb - About 1 hr to fix

    Method parse has 27 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

        def parse(args)
      parser = OptionParser.new do |opts|
        opts.banner = banner
        opts.program_name = program_name if program_name
    Severity: Minor
    Found in lib/hubtrics/parser.rb - About 1 hr to fix

      Method ignore_branch? has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
      Open

            def ignore_branch?(branch)
        ignored_branches = [config.dig('branches', 'protected'), config.dig('branches', 'exclude')].flatten.compact

        if branch.protected? ||
           branch.last_commit > (Date.today - grace_period).to_time.utc ||
      Severity: Minor
      Found in lib/hubtrics/reports/branches_without_pulls_report.rb - About 25 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Multiple top level headers in the same document
      Open

      # Setup
      Severity: Info
      Found in README.md by markdownlint

      MD025 - Multiple top level headers in the same document

      Tags: headers

      Aliases: single-h1

      Parameters: level (number; default 1)

      This rule is triggered when a top level header is in use (the first line of the file is a h1 header), and more than one h1 header is in use in the document:

      # Top level header

# Another top level header

      To fix, structure your document so that there is a single h1 header that is the title for the document, and all later headers are h2 or lower level headers:

      # Title

## Header

## Another header

      Rationale: A top level header is a h1 on the first line of the file, and serves as the title for the document. If this convention is in use, then there can not be more than one title for the document, and the entire document should be contained within this header.

      Note: The level parameter can be used to change the top level (ex: to h2) in cases where an h1 is added externally.

      Missing top-level module documentation comment.
      Open

      module Hubtrics
      Severity: Minor
      Found in lib/hubtrics/configuration.rb by rubocop

      This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.

      The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.

      Example:

      # bad
class Person
  # ...
end

# good
# Description/Explanation of Person class
class Person
  # ...
end

      Missing magic comment # frozen_string_literal: true.
      Open

      module Hubtrics
      Severity: Minor
      Found in lib/hubtrics/rules/rule.rb by rubocop

      This cop is designed to help you transition from mutable string literals to frozen string literals. It will add the comment # frozen_string_literal: true to the top of files to enable frozen string literals. Frozen string literals may be default in future Ruby. The comment will be added below a shebang and encoding comment. The frozen string literal comment is only valid in Ruby 2.3+.

      Note that the cop will ignore files where the comment exists but is set to false instead of true.

      Example: EnforcedStyle: always (default)

      # The `always` style will always add the frozen string literal comment
# to a file, regardless of the Ruby version or if `freeze` or `<<` are
# called on a string literal.
# bad
module Bar
  # ...
end

# good
# frozen_string_literal: true

module Bar
  # ...
end

# good
# frozen_string_literal: false

module Bar
  # ...
end

      Example: EnforcedStyle: never

      # The `never` will enforce that the frozen string literal comment does
# not exist in a file.
# bad
# frozen_string_literal: true

module Baz
  # ...
end

# good
module Baz
  # ...
end

      Missing top-level module documentation comment.
      Open

      module Hubtrics
      Severity: Minor
      Found in lib/hubtrics/label.rb by rubocop

      This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.

      The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.

      Example:

      # bad
class Person
  # ...
end

# good
# Description/Explanation of Person class
class Person
  # ...
end

      Missing top-level class documentation comment.
      Open

          class Rule
      Severity: Minor
      Found in lib/hubtrics/rules/rule.rb by rubocop

      This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.

      The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.

      Example:

      # bad
class Person
  # ...
end

# good
# Description/Explanation of Person class
class Person
  # ...
end

      Line length
      Open

      If you decide to use the [.netrc implementation](https://ec.haxx.se/usingcurl/usingcurl-netrc), follow the steps GitHub provides for ["Creating a personal access token for the command line"](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line) and use the token created as your password in the `.netrc` file.
      Severity: Info
      Found in README.md by markdownlint

      MD013 - Line length

      Tags: line_length

      Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)

      This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.

      This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.

      You also have the option to exclude this rule for code blocks and tables. To do this, set the code_blocks and/or tables parameters to false.

      Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.

      Line length
      Open

      After you have run `bin/setup`, you will need to fill out the `.hubtrics.yml` configuration file that was created for you in the project root. Specifically, you will want to populate the client configuration.
      Severity: Info
      Found in README.md by markdownlint

      MD013 - Line length

      Tags: line_length

      Aliases: line-length Parameters: linelength, codeblocks, tables (number; default 80, boolean; default true)

      This rule is triggered when there are lines that are longer than the configured line length (default: 80 characters). To fix this, split the line up into multiple lines.

      This rule has an exception where there is no whitespace beyond the configured line length. This allows you to still include items such as long URLs without being forced to break them in the middle.

      You also have the option to exclude this rule for code blocks and tables. To do this, set the code_blocks and/or tables parameters to false.

      Code blocks are included in this rule by default since it is often a requirement for document readability, and tentatively compatible with code rules. Still, some languages do not lend themselves to short lines.

      Missing top-level module documentation comment.
      Open

      module Hubtrics
      Severity: Minor
      Found in lib/hubtrics/client.rb by rubocop

      This cop checks for missing top-level documentation of classes and modules. Classes with no body are exempt from the check and so are namespace modules - modules that have nothing in their bodies except classes, other modules, or constant definitions.

      The documentation requirement is annulled if the class or module has a "#:nodoc:" comment next to it. Likewise, "#:nodoc: all" does the same for all its children.

      Example:

      # bad
class Person
  # ...
end

# good
# Description/Explanation of Person class
class Person
  # ...
end

      Missing magic comment # frozen_string_literal: true.
      Open

      module Hubtrics
      Severity: Minor
      Found in lib/hubtrics/configuration.rb by rubocop

      This cop is designed to help you transition from mutable string literals to frozen string literals. It will add the comment # frozen_string_literal: true to the top of files to enable frozen string literals. Frozen string literals may be default in future Ruby. The comment will be added below a shebang and encoding comment. The frozen string literal comment is only valid in Ruby 2.3+.

      Note that the cop will ignore files where the comment exists but is set to false instead of true.

      Example: EnforcedStyle: always (default)

      # The `always` style will always add the frozen string literal comment
# to a file, regardless of the Ruby version or if `freeze` or `<<` are
# called on a string literal.
# bad
module Bar
  # ...
end

# good
# frozen_string_literal: true

module Bar
  # ...
end

# good
# frozen_string_literal: false

module Bar
  # ...
end

      Example: EnforcedStyle: never

      # The `never` will enforce that the frozen string literal comment does
# not exist in a file.
# bad
# frozen_string_literal: true

module Baz
  # ...
end

# good
module Baz
  # ...
end
      Severity
      Category
      Status
      Source
      Language