tootsuite/mastodon

Advisory: CVE-2015-9284

Criticality: High

URL: https://github.com/omniauth/omniauth/pull/809

Solution: remove or disable this gem until a patch is available!

This cop checks if the length a class exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.

This cop checks if the length a class exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable.

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Checks for if and unless statements that would fit on one line if written as modifier if/unless. The cop also checks for modifier if/unless lines that exceed the maximum line length.

The maximum line length is configured in the Layout/LineLength cop. The tab size is configured in the IndentationWidth of the Layout/IndentationStyle cop.

Example:

# bad
if condition
  do_stuff(bar)
end

unless qux.empty?
  Foo.do_something
end

do_something_in_a_method_with_a_long_name(arg) if long_condition

# good
do_stuff(bar) if condition
Foo.do_something unless qux.empty?

if long_condition
  do_something_in_a_method_with_a_long_name(arg)
end

Checks for if and unless statements that would fit on one line if written as modifier if/unless. The cop also checks for modifier if/unless lines that exceed the maximum line length.

The maximum line length is configured in the Layout/LineLength cop. The tab size is configured in the IndentationWidth of the Layout/IndentationStyle cop.

Example:

# bad
if condition
  do_stuff(bar)
end

unless qux.empty?
  Foo.do_something
end

do_something_in_a_method_with_a_long_name(arg) if long_condition

# good
do_stuff(bar) if condition
Foo.do_something unless qux.empty?

if long_condition
  do_something_in_a_method_with_a_long_name(arg)
end

Checks for if and unless statements that would fit on one line if written as modifier if/unless. The cop also checks for modifier if/unless lines that exceed the maximum line length.

The maximum line length is configured in the Layout/LineLength cop. The tab size is configured in the IndentationWidth of the Layout/IndentationStyle cop.

Example:

# bad
if condition
  do_stuff(bar)
end

unless qux.empty?
  Foo.do_something
end

do_something_in_a_method_with_a_long_name(arg) if long_condition

# good
do_stuff(bar) if condition
Foo.do_something unless qux.empty?

if long_condition
  do_something_in_a_method_with_a_long_name(arg)
end

Checks for if and unless statements that would fit on one line if written as modifier if/unless. The cop also checks for modifier if/unless lines that exceed the maximum line length.

The maximum line length is configured in the Layout/LineLength cop. The tab size is configured in the IndentationWidth of the Layout/IndentationStyle cop.

Example:

# bad
if condition
  do_stuff(bar)
end

unless qux.empty?
  Foo.do_something
end

do_something_in_a_method_with_a_long_name(arg) if long_condition

# good
do_stuff(bar) if condition
Foo.do_something unless qux.empty?

if long_condition
  do_something_in_a_method_with_a_long_name(arg)
end

Check that the keys, separators, and values of a multi-line hash literal are aligned according to configuration. The configuration options are:

- key (left align keys, one space before hash rockets and values)
- separator (align hash rockets and colons, right align keys)
- table (left align keys, hash rockets, and values)

The treatment of hashes passed as the last argument to a method call can also be configured. The options are:

- always_inspect
- always_ignore
- ignore_implicit (without curly braces)

Alternatively you can specify multiple allowed styles. That's done by passing a list of styles to EnforcedStyles.

Example: EnforcedHashRocketStyle: key (default)

# bad
{
  :foo => bar,
   :ba => baz
}
{
  :foo => bar,
  :ba  => baz
}

# good
{
  :foo => bar,
  :ba => baz
}

Example: EnforcedHashRocketStyle: separator

# bad
{
  :foo => bar,
  :ba => baz
}
{
  :foo => bar,
  :ba  => baz
}

# good
{
  :foo => bar,
   :ba => baz
}

Example: EnforcedHashRocketStyle: table

# bad
{
  :foo => bar,
   :ba => baz
}

# good
{
  :foo => bar,
  :ba  => baz
}

Example: EnforcedColonStyle: key (default)

# bad
{
  foo: bar,
   ba: baz
}
{
  foo: bar,
  ba:  baz
}

# good
{
  foo: bar,
  ba: baz
}

Example: EnforcedColonStyle: separator

# bad
{
  foo: bar,
  ba: baz
}

# good
{
  foo: bar,
   ba: baz
}

Example: EnforcedColonStyle: table

# bad
{
  foo: bar,
  ba: baz
}

# good
{
  foo: bar,
  ba:  baz
}

Example: EnforcedLastArgumentHashStyle: always_inspect (default)

# Inspect both implicit and explicit hashes.

# bad
do_something(foo: 1,
  bar: 2)

# bad
do_something({foo: 1,
  bar: 2})

# good
do_something(foo: 1,
             bar: 2)

# good
do_something(
  foo: 1,
  bar: 2
)

# good
do_something({foo: 1,
              bar: 2})

# good
do_something({
  foo: 1,
  bar: 2
})

Example: EnforcedLastArgumentHashStyle: always_ignore

# Ignore both implicit and explicit hashes.

# good
do_something(foo: 1,
  bar: 2)

# good
do_something({foo: 1,
  bar: 2})

Example: EnforcedLastArgumentHashStyle: ignore_implicit

# Ignore only implicit hashes.

# bad
do_something({foo: 1,
  bar: 2})

# good
do_something(foo: 1,
  bar: 2)

Example: EnforcedLastArgumentHashStyle: ignore_explicit

# Ignore only explicit hashes.

# bad
do_something(foo: 1,
  bar: 2)

# good
do_something({foo: 1,
  bar: 2})

This cop looks for has_many or has_one associations that don't specify a :dependent option. It doesn't register an offense if :through option was specified.

Example:

# bad
class User < ActiveRecord::Base
  has_many :comments
  has_one :avatar
end

# good
class User < ActiveRecord::Base
  has_many :comments, dependent: :restrict_with_exception
  has_one :avatar, dependent: :destroy
  has_many :patients, through: :appointments
end

This cop looks for has(one|many) and belongsto associations where Active Record can't automatically determine the inverse association because of a scope or the options used. Using the blog with order scope example below, traversing the a Blog's association in both directions with blog.posts.first.blog would cause the blog to be loaded from the database twice.

:inverse_of must be manually specified for Active Record to use the associated object in memory, or set to false to opt-out. Note that setting nil does not stop Active Record from trying to determine the inverse automatically, and is not considered a valid value for this.

Example:

# good
class Blog < ApplicationRecord
  has_many :posts
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Blog < ApplicationRecord
  has_many :posts, -> { order(published_at: :desc) }
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  has_many(:posts,
           -> { order(published_at: :desc) },
           inverse_of: :blog)
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  with_options inverse_of: :blog do
    has_many :posts, -> { order(published_at: :desc) }
  end
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
# When you don't want to use the inverse association.
class Blog < ApplicationRecord
  has_many(:posts,
           -> { order(published_at: :desc) },
           inverse_of: false)
end

Example:

# bad
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable
end

# good
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

Example:

# bad
# However, RuboCop can not detect this pattern...
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician
  belongs_to :patient
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

# good
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician, inverse_of: :appointments
  belongs_to :patient, inverse_of: :appointments
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

@see https://guides.rubyonrails.org/association_basics.html#bi-directional-associations @see https://api.rubyonrails.org/classes/ActiveRecord/Associations/ClassMethods.html#module-ActiveRecord::Associations::ClassMethods-label-Setting+Inverses

This cop enforces empty line after guard clause

Example:

# bad
def foo
  return if need_return?
  bar
end

# good
def foo
  return if need_return?

  bar
end

# good
def foo
  return if something?
  return if something_different?

  bar
end

# also good
def foo
  if something?
    do_something
    return if need_return?
  end
end

Checks for if and unless statements that would fit on one line if written as modifier if/unless. The cop also checks for modifier if/unless lines that exceed the maximum line length.

The maximum line length is configured in the Layout/LineLength cop. The tab size is configured in the IndentationWidth of the Layout/IndentationStyle cop.

Example:

# bad
if condition
  do_stuff(bar)
end

unless qux.empty?
  Foo.do_something
end

do_something_in_a_method_with_a_long_name(arg) if long_condition

# good
do_stuff(bar) if condition
Foo.do_something unless qux.empty?

if long_condition
  do_something_in_a_method_with_a_long_name(arg)
end

This cop enforces empty line after guard clause

Example:

# bad
def foo
  return if need_return?
  bar
end

# good
def foo
  return if need_return?

  bar
end

# good
def foo
  return if something?
  return if something_different?

  bar
end

# also good
def foo
  if something?
    do_something
    return if need_return?
  end
end

Check that the keys, separators, and values of a multi-line hash literal are aligned according to configuration. The configuration options are:

- key (left align keys, one space before hash rockets and values)
- separator (align hash rockets and colons, right align keys)
- table (left align keys, hash rockets, and values)

The treatment of hashes passed as the last argument to a method call can also be configured. The options are:

- always_inspect
- always_ignore
- ignore_implicit (without curly braces)

Alternatively you can specify multiple allowed styles. That's done by passing a list of styles to EnforcedStyles.

Example: EnforcedHashRocketStyle: key (default)

# bad
{
  :foo => bar,
   :ba => baz
}
{
  :foo => bar,
  :ba  => baz
}

# good
{
  :foo => bar,
  :ba => baz
}

Example: EnforcedHashRocketStyle: separator

# bad
{
  :foo => bar,
  :ba => baz
}
{
  :foo => bar,
  :ba  => baz
}

# good
{
  :foo => bar,
   :ba => baz
}

Example: EnforcedHashRocketStyle: table

# bad
{
  :foo => bar,
   :ba => baz
}

# good
{
  :foo => bar,
  :ba  => baz
}

Example: EnforcedColonStyle: key (default)

# bad
{
  foo: bar,
   ba: baz
}
{
  foo: bar,
  ba:  baz
}

# good
{
  foo: bar,
  ba: baz
}

Example: EnforcedColonStyle: separator

# bad
{
  foo: bar,
  ba: baz
}

# good
{
  foo: bar,
   ba: baz
}

Example: EnforcedColonStyle: table

# bad
{
  foo: bar,
  ba: baz
}

# good
{
  foo: bar,
  ba:  baz
}

Example: EnforcedLastArgumentHashStyle: always_inspect (default)

# Inspect both implicit and explicit hashes.

# bad
do_something(foo: 1,
  bar: 2)

# bad
do_something({foo: 1,
  bar: 2})

# good
do_something(foo: 1,
             bar: 2)

# good
do_something(
  foo: 1,
  bar: 2
)

# good
do_something({foo: 1,
              bar: 2})

# good
do_something({
  foo: 1,
  bar: 2
})

Example: EnforcedLastArgumentHashStyle: always_ignore

# Ignore both implicit and explicit hashes.

# good
do_something(foo: 1,
  bar: 2)

# good
do_something({foo: 1,
  bar: 2})

Example: EnforcedLastArgumentHashStyle: ignore_implicit

# Ignore only implicit hashes.

# bad
do_something({foo: 1,
  bar: 2})

# good
do_something(foo: 1,
  bar: 2)

Example: EnforcedLastArgumentHashStyle: ignore_explicit

# Ignore only explicit hashes.

# bad
do_something(foo: 1,
  bar: 2)

# good
do_something({foo: 1,
  bar: 2})

This cop checks for rescuing StandardError. There are two supported styles implicit and explicit. This cop will not register an offense if any error other than StandardError is specified.

Example: EnforcedStyle: implicit

# `implicit` will enforce using `rescue` instead of
# `rescue StandardError`.

# bad
begin
  foo
rescue StandardError
  bar
end

# good
begin
  foo
rescue
  bar
end

# good
begin
  foo
rescue OtherError
  bar
end

# good
begin
  foo
rescue StandardError, SecurityError
  bar
end

Example: EnforcedStyle: explicit (default)

# `explicit` will enforce using `rescue StandardError`
# instead of `rescue`.

# bad
begin
  foo
rescue
  bar
end

# good
begin
  foo
rescue StandardError
  bar
end

# good
begin
  foo
rescue OtherError
  bar
end

# good
begin
  foo
rescue StandardError, SecurityError
  bar
end

This cop checks for rescuing StandardError. There are two supported styles implicit and explicit. This cop will not register an offense if any error other than StandardError is specified.

Example: EnforcedStyle: implicit

# `implicit` will enforce using `rescue` instead of
# `rescue StandardError`.

# bad
begin
  foo
rescue StandardError
  bar
end

# good
begin
  foo
rescue
  bar
end

# good
begin
  foo
rescue OtherError
  bar
end

# good
begin
  foo
rescue StandardError, SecurityError
  bar
end

Example: EnforcedStyle: explicit (default)

# `explicit` will enforce using `rescue StandardError`
# instead of `rescue`.

# bad
begin
  foo
rescue
  bar
end

# good
begin
  foo
rescue StandardError
  bar
end

# good
begin
  foo
rescue OtherError
  bar
end

# good
begin
  foo
rescue StandardError, SecurityError
  bar
end

This cop looks for has(one|many) and belongsto associations where Active Record can't automatically determine the inverse association because of a scope or the options used. Using the blog with order scope example below, traversing the a Blog's association in both directions with blog.posts.first.blog would cause the blog to be loaded from the database twice.

:inverse_of must be manually specified for Active Record to use the associated object in memory, or set to false to opt-out. Note that setting nil does not stop Active Record from trying to determine the inverse automatically, and is not considered a valid value for this.

Example:

# good
class Blog < ApplicationRecord
  has_many :posts
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Blog < ApplicationRecord
  has_many :posts, -> { order(published_at: :desc) }
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  has_many(:posts,
           -> { order(published_at: :desc) },
           inverse_of: :blog)
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  with_options inverse_of: :blog do
    has_many :posts, -> { order(published_at: :desc) }
  end
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
# When you don't want to use the inverse association.
class Blog < ApplicationRecord
  has_many(:posts,
           -> { order(published_at: :desc) },
           inverse_of: false)
end

Example:

# bad
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable
end

# good
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

Example:

# bad
# However, RuboCop can not detect this pattern...
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician
  belongs_to :patient
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

# good
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician, inverse_of: :appointments
  belongs_to :patient, inverse_of: :appointments
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

@see https://guides.rubyonrails.org/association_basics.html#bi-directional-associations @see https://api.rubyonrails.org/classes/ActiveRecord/Associations/ClassMethods.html#module-ActiveRecord::Associations::ClassMethods-label-Setting+Inverses

Checks for if and unless statements that would fit on one line if written as modifier if/unless. The cop also checks for modifier if/unless lines that exceed the maximum line length.

The maximum line length is configured in the Layout/LineLength cop. The tab size is configured in the IndentationWidth of the Layout/IndentationStyle cop.

Example:

# bad
if condition
  do_stuff(bar)
end

unless qux.empty?
  Foo.do_something
end

do_something_in_a_method_with_a_long_name(arg) if long_condition

# good
do_stuff(bar) if condition
Foo.do_something unless qux.empty?

if long_condition
  do_something_in_a_method_with_a_long_name(arg)
end

Checks for if and unless statements that would fit on one line if written as modifier if/unless. The cop also checks for modifier if/unless lines that exceed the maximum line length.

The maximum line length is configured in the Layout/LineLength cop. The tab size is configured in the IndentationWidth of the Layout/IndentationStyle cop.

Example:

# bad
if condition
  do_stuff(bar)
end

unless qux.empty?
  Foo.do_something
end

do_something_in_a_method_with_a_long_name(arg) if long_condition

# good
do_stuff(bar) if condition
Foo.do_something unless qux.empty?

if long_condition
  do_something_in_a_method_with_a_long_name(arg)
end