betterlint 1.17.0 → 1.19.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a22aae83c05b82fd78756d3d69d45c25d71b5a63715831c947239a73a6ce5f1f
-  data.tar.gz: 1b80addb1d93b9823303e94c0e87b7360bd5d3456af6ab250c4f13a2e3bac625
+  metadata.gz: 0adfef8c242987ffe23f5281c1bf5adceefbe66b1d21e4720cc3eecb5a11f7ef
+  data.tar.gz: 824104f6bbba860b30dcc6231935774307c238ef96d077a50a7f30faf79fab27
 SHA512:
-  metadata.gz: 95a2bd3580e962c52fab4a4cdb9778137ca3c96506f1dde5e9d8ae69f188364b81930980b68538200aeb9e1bc433a590725370216d239a754f9c8f19e7e055bc
-  data.tar.gz: e685d82cf02b3065077014c89d44b1bb91aa593a087c4479d29a55aa938f3f7ccf31fa3da5486ccba8a1dbd64ff62bd23246f6e8715232fee785545db518607e
+  metadata.gz: 71e15b73154d81aef392ee4acefb64548ed6c51ce0789ee7d74fb9010077cb91361752faeed7d45331ea0311ac934073f5ba924cf2f887e77702ed863dbd1b25
+  data.tar.gz: 944e4b25de84d12030f27c1346e79311906426216bd45ae7a6431aa6341c2d51828b601d16ed0ae2b6ddc9d03a08ea102f405c0a613b58300e3cc78825b3a0fe

data/README.md

@@ -130,6 +130,27 @@ end
 ```
 
 All three `params.permit` calls will be flagged.
+
+### Betterment/EnvironmentConfiguration
+
+This cop identifies references to `ENV` outside of the config directory.
+
+Environment variables should be parsed at boot time. If an environment variable is missing or invalid,
+the application should fail to boot.
+
+If there isn't a better place to assign your environment variable, Rails provides the `config.x` namespace
+for [custom configuration](https://guides.rubyonrails.org/configuring.html#custom-configuration):
+
+```ruby
+config.x.whatever = ENV.fetch('WHATEVER')
+```
+
+Here's how you'd reference this configuration parameter at runtime:
+
+```ruby
+Rails.configuration.x.whatever
+```
+
 ### Betterment/InternalsProtection
 
 This cop is not enabled by default, and must be enabled from your `.rubocop.yml` file:

data/config/default.yml

@@ -31,12 +31,21 @@ Betterment/AuthorizationInController:
   Description: Detects unsafe handling of id-like parameters in controllers.
   Enabled: false
   StyleGuide: '#bettermentauthorizationincontroller'
+  unsafe_regex: ".*_id$"
+  unsafe_parameters: []
 
 Betterment/DirectDelayedEnqueue:
   StyleGuide: '#bettermentdirectdelayedenqueue'
 
 Betterment/DynamicParams:
   StyleGuide: '#bettermentdynamicparams'
+  
+Betterment/EnvironmentConfiguration:
+  StyleGuide: '#bettermentenvironmentconfiguration'
+  Exclude:
+    - config/**/*.rb
+    - spec/**/*.rb
+    - test/**/*.rb
 
 Betterment/HardcodedID:
   AutoCorrect: false
@@ -94,6 +103,7 @@ Betterment/SitePrismLoaded:
 Betterment/UnsafeJob:
   Enabled: false
   StyleGuide: '#bettermentunsafejob'
+  class_regex: ".*Job$"
   sensitive_params:
     - password
     - social_security_number
@@ -101,6 +111,7 @@ Betterment/UnsafeJob:
 
 Betterment/UnscopedFind:
   StyleGuide: '#bettermentunscopedfind'
+  unauthenticated_models: []
 
 Betterment/UseGlobalStrictLoading/ByDefaultForModels:
   Enabled: true

data/lib/rubocop/cop/betterment/active_job_performable.rb

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module Betterment
-      class ActiveJobPerformable < Cop
+      class ActiveJobPerformable < Base
         MSG = <<~DOC
           Classes that are "performable" should be ActiveJobs
 

data/lib/rubocop/cop/betterment/allowlist_blocklist.rb

@@ -4,8 +4,8 @@
 module RuboCop
   module Cop
     module Betterment
-      class AllowlistBlocklist < Cop
-        MSG = <<-DOC
+      class AllowlistBlocklist < Base
+        MSG = <<~DOC
           Avoid usages of whitelist & blacklist, in favor of more inclusive and descriptive language.
           For consistency, favor 'allowlist' and 'blocklist' where possible, but other terms (such as
           denylist, ignorelist, warnlist, safelist, etc) may be appropriate, depending on the use case.

data/lib/rubocop/cop/betterment/authorization_in_controller.rb

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module Betterment
-      class AuthorizationInController < Cop
+      class AuthorizationInController < Base
         attr_accessor :unsafe_parameters, :unsafe_regex
 
         # MSG_UNSAFE_CREATE = 'Model created/updated using unsafe parameters'.freeze
@@ -34,10 +34,9 @@ module RuboCop
         PATTERN
 
         def initialize(config = nil, options = nil)
-          super(config, options)
-          config = @config.for_cop(self)
-          @unsafe_parameters = config.fetch("unsafe_parameters", []).map(&:to_sym)
-          @unsafe_regex = Regexp.new config.fetch("unsafe_regex", ".*_id$")
+          super
+          @unsafe_parameters = cop_config.fetch("unsafe_parameters").map(&:to_sym)
+          @unsafe_regex = Regexp.new cop_config.fetch("unsafe_regex")
           @param_wrappers = []
         end
 
@@ -67,6 +66,7 @@ module RuboCop
             end
           end
         end
+        alias on_csend on_send
 
         private
 

data/lib/rubocop/cop/betterment/direct_delayed_enqueue.rb

@@ -16,6 +16,7 @@ module RuboCop
           add_offense(node, message: DELAY_MESSAGE) if node.method?(:delay)
           add_offense(node, message: ENQUEUE_MESSAGE) if enqueue?(node)
         end
+        alias on_csend on_send
       end
     end
   end

data/lib/rubocop/cop/betterment/dynamic_params.rb

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module Betterment
-      class DynamicParams < Cop
+      class DynamicParams < Base
         MSG_DYNAMIC_PARAMS = <<~MSG
           Parameter names accessed dynamically, cannot determine safeness. Please inline the keys explicitly when calling `permit` or when accessing `params` like a hash.
 
@@ -22,6 +22,7 @@ module RuboCop
           dynamic_param = find_dynamic_param(arg_nodes)
           add_offense(dynamic_param, message: MSG_DYNAMIC_PARAMS) if dynamic_param
         end
+        alias on_csend on_send
 
         private
 

data/lib/rubocop/cop/betterment/environment_configuration.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Betterment
+      class EnvironmentConfiguration < Base
+        MSG =
+          "Environment variables should be parsed at boot time and assigned " \
+          "to `Rails.configuration` or some other configurable object."
+
+        # @!method env?(node)
+        def_node_matcher :env?, '(const nil? :ENV)'
+
+        def on_const(node)
+          add_offense(node) if env?(node)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/betterment/fetch_boolean.rb

@@ -46,6 +46,7 @@ module RuboCop
 
           add_offense(node)
         end
+        alias on_csend on_send
 
         private
 

data/lib/rubocop/cop/betterment/hardcoded_id.rb

@@ -44,6 +44,7 @@ module RuboCop
             end
           end
         end
+        alias on_csend on_send
 
         def on_block(node)
           on_let_id(node) do |name, value|

data/lib/rubocop/cop/betterment/implicit_redirect_type.rb

@@ -14,7 +14,7 @@ module RuboCop
       #   # good
       #   get '/', redirect('/dashboard', status: 301)
       #   get(status: 302) { |params, request| '/dashboard' }
-      class ImplicitRedirectType < Cop
+      class ImplicitRedirectType < Base
         ROUTES_FILE_NAME = 'routes.rb'
         MSG =
           'Rails will create a permanent (301) redirect, which is dangerous. ' \
@@ -60,6 +60,7 @@ module RuboCop
             add_offense(node)
           end
         end
+        alias on_csend on_send
 
         private
 

data/lib/rubocop/cop/betterment/internals_protection.rb

@@ -40,6 +40,7 @@ module RuboCop
             ensure_allowed_reference!(class_name_node, module_path)
           end
         end
+        alias on_csend on_send
 
         private
 

data/lib/rubocop/cop/betterment/memoization_with_arguments.rb

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module Betterment
-      class MemoizationWithArguments < Cop
+      class MemoizationWithArguments < Base
         MSG = 'Memoized method `%<method>s` accepts arguments, ' \
               'which may cause it to return a stale result. ' \
               'Remove memoization or refactor to remove arguments.'
@@ -26,7 +26,7 @@ module RuboCop
           return if ivar_assign.nil? || node.arguments.empty? || method_name == :initialize
 
           msg = format(MSG, method: method_name)
-          add_offense(node, location: ivar_assign.source_range, message: msg)
+          add_offense(ivar_assign, message: msg)
         end
         alias on_defs on_def
       end

data/lib/rubocop/cop/betterment/non_standard_actions.rb

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module Betterment
-      class NonStandardActions < Cop
+      class NonStandardActions < Base
         MSG_GENERAL = 'Use a new controller instead of custom actions.'
         MSG_RESOURCE_ONLY = "Resource route refers to a non-standard action in it's 'only:' param. #{MSG_GENERAL}".freeze
         MSG_ROUTE_TO = "Route goes to a non-standard controller action. #{MSG_GENERAL}".freeze
@@ -62,9 +62,8 @@ module RuboCop
           end
         end
 
-        # NOTE: The InternalAffairs/UndefinedConfig rule seems to have a bug where it can't fine these configs in config/default.yml
         def allowed_actions
-          @allowed_actions ||= cop_config['StandardActions'] + cop_config['AdditionalAllowedActions'] # rubocop:disable InternalAffairs/UndefinedConfig
+          @allowed_actions ||= cop_config['StandardActions'] + cop_config['AdditionalAllowedActions']
         end
 
         def allowed_action?(action)

data/lib/rubocop/cop/betterment/non_standard_controller.rb

@@ -18,6 +18,7 @@ module RuboCop
         def on_send(node)
           resources_with_controller(node) { |option| add_offense(option) }
         end
+        alias on_csend on_send
       end
     end
   end

data/lib/rubocop/cop/betterment/server_error_assertion.rb

@@ -29,7 +29,7 @@ module RuboCop
       #
       #     # good
       #     expect(response).to have_http_status 422
-      class ServerErrorAssertion < Cop
+      class ServerErrorAssertion < Base
         MSG = 'Do not assert on 5XX statuses. Use a semantic status (e.g., 403, 422, etc.) or treat them as bugs (omit tests).'
         BAD_STATUSES = %i(
           internal_server_error
@@ -57,6 +57,7 @@ module RuboCop
 
           add_offense(node)
         end
+        alias on_csend on_send
       end
     end
   end

data/lib/rubocop/cop/betterment/site_prism_loaded.rb

@@ -3,24 +3,23 @@
 module RuboCop
   module Cop
     module Betterment
-      class SitePrismLoaded < Cop
+      class SitePrismLoaded < Base
+        extend AutoCorrector
+
         MSG = 'Use `be_loaded` instead of `be_displayed`'
 
-        def_node_matcher :be_displayed_call?, <<-PATTERN
-          (send (send nil? :expect _) _ (send nil? :be_displayed))
+        def_node_matcher :on_be_displayed, <<-PATTERN
+          (send (send nil? :expect _) _ $(send nil? :be_displayed))
         PATTERN
 
         def on_send(node)
-          return unless be_displayed_call?(node)
-
-          add_offense(node, location: node.children[2].source_range)
-        end
-
-        def autocorrect(node)
-          lambda do |corrector|
-            corrector.replace(node.children[2], 'be_loaded')
+          on_be_displayed(node) do |be_displayed|
+            add_offense(be_displayed) do |corrector|
+              corrector.replace(be_displayed, 'be_loaded')
+            end
           end
         end
+        alias on_csend on_send
       end
     end
   end

data/lib/rubocop/cop/betterment/spec_helper_required_outside_spec_dir.rb

@@ -14,7 +14,7 @@ module RuboCop
       #   # good
       #   spec/models/my_class_spec.rb
       #   require 'rails_helper'
-      class SpecHelperRequiredOutsideSpecDir < Cop
+      class SpecHelperRequiredOutsideSpecDir < Base
         MSG = 'Spec helper required outside of a spec/ directory.'
 
         def_node_matcher :requires_spec_helper?, <<-PATTERN
@@ -25,6 +25,7 @@ module RuboCop
         def on_send(node)
           add_offense(node) if requires_spec_helper?(node) && !spec_directory?
         end
+        alias on_csend on_send
 
         private
 

data/lib/rubocop/cop/betterment/timeout.rb

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module Betterment
-      class Timeout < Cop
+      class Timeout < Base
         MSG = 'Using Timeout.timeout without a custom exception can prevent rescue blocks from executing'
 
         def_node_matcher :timeout_call?, <<-PATTERN
@@ -15,6 +15,7 @@ module RuboCop
 
           add_offense(node)
         end
+        alias on_csend on_send
       end
     end
   end

data/lib/rubocop/cop/betterment/unsafe_job.rb

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module Betterment
-      class UnsafeJob < Cop
+      class UnsafeJob < Base
         attr_accessor :sensitive_params, :class_regex
 
         MSG = <<~MSG
@@ -14,10 +14,9 @@ module RuboCop
         MSG
 
         def initialize(config = nil, options = nil)
-          super(config, options)
-          config = @config.for_cop(self)
-          @sensitive_params = config.fetch("sensitive_params", []).map(&:to_sym)
-          @class_regex = Regexp.new config.fetch("class_regex", ".*Job$")
+          super
+          @sensitive_params = cop_config.fetch("sensitive_params").map(&:to_sym)
+          @class_regex = Regexp.new cop_config.fetch("class_regex")
         end
 
         def on_def(node)

data/lib/rubocop/cop/betterment/unscoped_find.rb

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module Betterment
-      class UnscopedFind < Cop
+      class UnscopedFind < Base
         attr_accessor :unauthenticated_models
 
         MSG = <<~MSG
@@ -36,9 +36,8 @@ module RuboCop
         PATTERN
 
         def initialize(config = nil, options = nil)
-          super(config, options)
-          config = @config.for_cop(self)
-          @unauthenticated_models = config.fetch("unauthenticated_models", []).map(&:to_sym)
+          super
+          @unauthenticated_models = cop_config.fetch("unauthenticated_models").map(&:to_sym)
         end
 
         def on_class(node)
@@ -56,6 +55,7 @@ module RuboCop
 
           add_offense(node) if find_param_arg(arg_nodes) || graphql_file? || graphql_namespace?(node)
         end
+        alias on_csend on_send
 
         private
 

data/lib/rubocop/cop/betterment/use_global_strict_loading.rb

@@ -23,6 +23,7 @@ module RuboCop
               end
             end
           end
+          alias on_csend on_send
         end
 
         # This cop ensures that `strict_loading: <any value>` is not set in ActiveRecord associations.
@@ -46,6 +47,7 @@ module RuboCop
               end
             end
           end
+          alias on_csend on_send
         end
       end
     end

data/lib/rubocop/cop/betterment/vague_serialize.rb

@@ -17,6 +17,7 @@ module RuboCop
 
           add_offense(node) if node.arguments.length < 2 || !node.arguments[1].const_type?
         end
+        alias on_csend on_send
       end
     end
   end

data/lib/rubocop/cop/betterment.rb

@@ -6,6 +6,7 @@ require 'rubocop/cop/betterment/allowlist_blocklist'
 require 'rubocop/cop/betterment/authorization_in_controller'
 require 'rubocop/cop/betterment/direct_delayed_enqueue'
 require 'rubocop/cop/betterment/dynamic_params'
+require 'rubocop/cop/betterment/environment_configuration'
 require 'rubocop/cop/betterment/fetch_boolean'
 require 'rubocop/cop/betterment/hardcoded_id'
 require 'rubocop/cop/betterment/implicit_redirect_type'

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: betterlint
 version: !ruby/object:Gem::Version
-  version: 1.17.0
+  version: 1.19.0
 platform: ruby
 authors:
 - Development
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-25 00:00:00.000000000 Z
+date: 2025-03-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop
@@ -16,84 +15,84 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.62.0
+        version: '1.71'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.62.0
+        version: '1.71'
 - !ruby/object:Gem::Dependency
   name: rubocop-graphql
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.5.0
+        version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.5.0
+        version: '1.5'
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.21.0
+        version: '1.23'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.21.0
+        version: '1.23'
 - !ruby/object:Gem::Dependency
   name: rubocop-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.24.0
+        version: '2.29'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.24.0
+        version: '2.29'
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.6.0
+        version: '0.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.6.0
+        version: '0.6'
 - !ruby/object:Gem::Dependency
   name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.28.0
+        version: '2.29'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.28.0
+        version: '2.29'
 description: Betterment rubocop configuration
 email:
 - development@betterment.com
@@ -110,6 +109,7 @@ files:
 - lib/rubocop/cop/betterment/authorization_in_controller.rb
 - lib/rubocop/cop/betterment/direct_delayed_enqueue.rb
 - lib/rubocop/cop/betterment/dynamic_params.rb
+- lib/rubocop/cop/betterment/environment_configuration.rb
 - lib/rubocop/cop/betterment/fetch_boolean.rb
 - lib/rubocop/cop/betterment/hardcoded_id.rb
 - lib/rubocop/cop/betterment/implicit_redirect_type.rb
@@ -136,12 +136,11 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/Betterment/betterlint
-  source_code_uri: https://github.com/Betterment/betterlint/tree/v1.17.0
-  changelog_uri: https://github.com/Betterment/betterlint/blob/v1.17.0/CHANGELOG.md
+  source_code_uri: https://github.com/Betterment/betterlint/tree/v1.19.0
+  changelog_uri: https://github.com/Betterment/betterlint/blob/v1.19.0/CHANGELOG.md
   bug_tracker_uri: https://github.com/Betterment/betterlint/issues
-  documentation_uri: https://www.rubydoc.info/gems/betterlint/1.17.0
+  documentation_uri: https://www.rubydoc.info/gems/betterlint/1.19.0
   rubygems_mfa_required: 'true'
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -156,8 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.23
-signing_key:
+rubygems_version: 3.6.5
 specification_version: 4
 summary: Betterment rubocop configuration
 test_files: []