Sign upLogin

jwhitcraft/dockercompose-generator

View on GitHub
Star

Showing 25 of 25 total issues

OS Command Injection in Rake
Open

    rake (10.4.2)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-8130

Criticality: High

URL: https://github.com/advisories/GHSA-jppv-gw3r-w3q8

Solution: upgrade to >= 12.3.3

json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)
Open

    json (1.8.3)
Severity: Critical
Found in Gemfile.lock by bundler-audit

Advisory: CVE-2020-10663

Criticality: High

URL: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/

Solution: upgrade to >= 2.3.0

Don't use parentheses around a variable.
Open

          (link_name) ? "#{name}:#{link_name}" : "#{name}"
Severity: Minor
Found in lib/docker-compose/generator/service/links.rb by rubocop

This cop checks for redundant parentheses.

Example:

# bad
(x) if ((y.z).nil?)

# good
x if y.z.nil?

Use %i or %I for an array of symbols.
Open

      [:build, :dockerfile, :command, :working_dir, :entrypoint, :user,
       :hostname, :domainname, :mac_address, :mem_limit, :memswap_limit,
       :privileged, :restart, :stdin_open, :tty, :cpu_shares, :cpuset,
       :read_only, :volume_driver, :container_name, :image].each do |method|
Severity: Minor
Found in lib/docker-compose/generator/service.rb by rubocop

This cop can check for array literals made up of symbols that are not using the %i() syntax.

Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.

Configuration option: MinSize If set, arrays with fewer elements than this value will not trigger the cop. For example, a MinSize of3` will not enforce a style on an array of 2 or fewer elements.

Example: EnforcedStyle: percent (default)

# good
%i[foo bar baz]

# bad
[:foo, :bar, :baz]

Example: EnforcedStyle: brackets

# good
[:foo, :bar, :baz]

# bad
%i[foo bar baz]

Prefer to_s over string interpolation.
Open

          @attrs["#{method}"] = value
Severity: Minor
Found in lib/docker-compose/generator/service.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var

Prefer to_s over string interpolation.
Open

          @attrs["#{method}"]
Severity: Minor
Found in lib/docker-compose/generator/service.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var

Prefer to_s over string interpolation.
Open

          add_to_array("#{method}", item)
Severity: Minor
Found in lib/docker-compose/generator/service.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var

Add an empty line after magic comments.
Open

lib = File.expand_path('../lib', __FILE__)
Severity: Minor
Found in docker-compose-generator.gemspec by rubocop

Checks for a newline after the final magic comment.

Example:

# good
# frozen_string_literal: true

# Some documentation for Person
class Person
  # Some code
end

# bad
# frozen_string_literal: true
# Some documentation for Person
class Person
  # Some code
end

Do not return a value in pid=.
Open

          return @attrs['pid'] = 'host' if value.is_a?(TrueClass)
Severity: Minor
Found in lib/docker-compose/generator/service/pid.rb by rubocop

This cop checks for the use of a return with a value in a context where the value will be ignored. (initialize and setter methods)

Example:

# bad
def initialize
  foo
  return :qux if bar?
  baz
end

def foo=(bar)
  return 42
end

Example:

# good
def initialize
  foo
  return if bar?
  baz
end

def foo=(bar)
  return
end

Prefer to_s over string interpolation.
Open

          (link_name) ? "#{name}:#{link_name}" : "#{name}"
Severity: Minor
Found in lib/docker-compose/generator/service/links.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var

Use %i or %I for an array of symbols.
Open

      [:expose, :volumes_from, :dns, :extra_hosts, :dns_search, :cap_add,
       :cap_drop, :env_file].each do |method|
Severity: Minor
Found in lib/docker-compose/generator/service.rb by rubocop

This cop can check for array literals made up of symbols that are not using the %i() syntax.

Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.

Configuration option: MinSize If set, arrays with fewer elements than this value will not trigger the cop. For example, a MinSize of3` will not enforce a style on an array of 2 or fewer elements.

Example: EnforcedStyle: percent (default)

# good
%i[foo bar baz]

# bad
[:foo, :bar, :baz]

Example: EnforcedStyle: brackets

# good
[:foo, :bar, :baz]

# bad
%i[foo bar baz]

required_ruby_version (1.9, declared in docker-compose-generator.gemspec) and TargetRubyVersion (2.1, declared in .rubocop.yml) should be equal.
Open

  spec.required_ruby_version = '>= 1.9.3'
Severity: Minor
Found in docker-compose-generator.gemspec by rubocop

Checks that required_ruby_version of gemspec and TargetRubyVersion of .rubocop.yml are equal. Thereby, RuboCop to perform static analysis working on the version required by gemspec.

Example:

# When `TargetRubyVersion` of .rubocop.yml is `2.3`.

# bad
Gem::Specification.new do |spec|
  spec.required_ruby_version = '>= 2.2.0'
end

# bad
Gem::Specification.new do |spec|
  spec.required_ruby_version = '>= 2.4.0'
end

# good
Gem::Specification.new do |spec|
  spec.required_ruby_version = '>= 2.3.0'
end

# good
Gem::Specification.new do |spec|
  spec.required_ruby_version = '>= 2.3'
end

# good
Gem::Specification.new do |spec|
  spec.required_ruby_version = ['>= 2.3.0', '< 2.5.0']
end

Prefer to_s over string interpolation.
Open

          drop_from_array('ports', "#{host}")
Severity: Minor
Found in lib/docker-compose/generator/service/ports.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var

Do not return a value in net=.
Open

          return @attrs.delete('net') if value.nil?
Severity: Minor
Found in lib/docker-compose/generator/service/net.rb by rubocop

This cop checks for the use of a return with a value in a context where the value will be ignored. (initialize and setter methods)

Example:

# bad
def initialize
  foo
  return :qux if bar?
  baz
end

def foo=(bar)
  return 42
end

Example:

# good
def initialize
  foo
  return if bar?
  baz
end

def foo=(bar)
  return
end

Prefer to_s over string interpolation.
Open

          ports.include?("#{host}")
Severity: Minor
Found in lib/docker-compose/generator/service/ports.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var

Omit parentheses for ternary conditions.
Open

          (link_name) ? "#{name}:#{link_name}" : "#{name}"
Severity: Minor
Found in lib/docker-compose/generator/service/links.rb by rubocop

This cop checks for the presence of parentheses around ternary conditions. It is configurable to enforce inclusion or omission of parentheses using EnforcedStyle. Omission is only enforced when removing the parentheses won't cause a different behavior.

Example: EnforcedStyle: requirenoparentheses (default)

# bad
foo = (bar?) ? a : b
foo = (bar.baz?) ? a : b
foo = (bar && baz) ? a : b

# good
foo = bar? ? a : b
foo = bar.baz? ? a : b
foo = bar && baz ? a : b

Example: EnforcedStyle: require_parentheses

# bad
foo = bar? ? a : b
foo = bar.baz? ? a : b
foo = bar && baz ? a : b

# good
foo = (bar?) ? a : b
foo = (bar.baz?) ? a : b
foo = (bar && baz) ? a : b

Example: EnforcedStyle: requireparentheseswhen_complex

# bad
foo = (bar?) ? a : b
foo = (bar.baz?) ? a : b
foo = bar && baz ? a : b

# good
foo = bar? ? a : b
foo = bar.baz? ? a : b
foo = (bar && baz) ? a : b

%w-literals should be delimited by [ and ].
Open

          valid_values = %w(bridge none host container:name container:id)
Severity: Minor
Found in lib/docker-compose/generator/service/net.rb by rubocop

This cop enforces the consistent usage of %-literal delimiters.

Specify the 'default' key to set all preferred delimiters at once. You can continue to specify individual preferred delimiters to override the default.

Example:

# Style/PercentLiteralDelimiters:
#   PreferredDelimiters:
#     default: '[]'
#     '%i':    '()'

# good
%w[alpha beta] + %i(gamma delta)

# bad
%W(alpha #{beta})

# bad
%I(alpha beta)

Prefer to_s over string interpolation.
Open

          (@attrs["#{method}"])
Severity: Minor
Found in lib/docker-compose/generator/service.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var

Prefer to_s over string interpolation.
Open

        define_method "#{method}" do
Severity: Minor
Found in lib/docker-compose/generator/service.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var

Prefer to_s over string interpolation.
Open

          items = @attrs["#{method}"] || []
Severity: Minor
Found in lib/docker-compose/generator/service.rb by rubocop

This cop checks for strings that are just an interpolated expression.

Example:

# bad
"#{@var}"

# good
@var.to_s

# good if @var is already a String
@var
Severity
Category
Status
Source
Language