cobalt-rubocop 1.0.0 → 1.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +15 -0
  3. data/README.md +24 -63
  4. data/config/rspec.yml +6 -0
  5. data/lib/rubocop/cobalt/version.rb +1 -1
  6. data/lib/rubocop/cop/cobalt/insecure_hash_algorithm.rb +3 -0
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 83361f0df69096d9c273be6b367c117e12ecf9f7f213d8d8838e6b4019332f73
4
- data.tar.gz: 3699ad2b3cee6367a0ea14ac692437380f18f55405a5ae26a77a6831e32d0f99
3
+ metadata.gz: 5a8b20ef0a6e956161bcf06b505456596556afa73a71c71689546256ec9017b4
4
+ data.tar.gz: 4309706cb33ccc799053fbdf2b2afdd92e5bfaa740acadfe4abbac026b0ea505
5
5
  SHA512:
6
- metadata.gz: 768f655514f4c7038d89af1cdc2d3f76bcf9df951b03f0050022adf241a639bb6ce9cb31d799aa148fcaed2e56198d46bd2e0b72de373b27203b8c344c5abe65
7
- data.tar.gz: 28f1315e26ad48aa71ab4aca4771f6323a0e004994182ccffe7f4c19c4426c389f1b2ebb5f64c023b9cc849a13568e1b150f4416c34fd3294e18f1f67ee753ec
6
+ metadata.gz: ce5b1e998d57140cad9de70902ce00c22b6a11072202c6ea90597b7cb6c49bd4108cf912fa90ee082f901b7f52cb3d146f36c0ebba938a0e8b4938a476c20918
7
+ data.tar.gz: 5760968ed4f9e4f59ee565d9aa0c337d70748a273a804d25c2560c174cf02abcd8cd372c0c1480fb7f53cf1b55f034af1fa27f0484ac52d03ada564fae21fa6f
data/CHANGELOG.md CHANGED
@@ -2,6 +2,21 @@
2
2
 
3
3
  ## main (unreleased)
4
4
 
5
+ ## 1.0.2 (2024-02-01)
6
+
7
+ * Designate SHA3-256 as a secure hashing algorithm
8
+
9
+ ## 1.0.1 (2023-07-13)
10
+
11
+ * Disable `RSpec/ScatteredSetup` for specs inside `/api`, since it
12
+ incorrectly thinks that separate `before` blocks can be put together for
13
+ RSwag specs
14
+
15
+ * Maintenance:
16
+ * Add CI status checks
17
+ * Add dependabot
18
+ * Add required CI checks for IaaC setup
19
+
5
20
  ## 1.0.0 (2023-06-09)
6
21
 
7
22
  * Bump required ruby version to 3.2.x
data/README.md CHANGED
@@ -5,8 +5,19 @@
5
5
  ![Gem Downloads](https://img.shields.io/gem/dt/cobalt-rubocop)
6
6
  [![Ruby Style Guide](https://img.shields.io/badge/code_style-rubocop-brightgreen.svg)](https://github.com/rubocop-hq/rubocop)
7
7
 
8
+ ## Description
9
+
8
10
  This repository provides recommended linting rules for Ruby repositories.
9
11
 
12
+ ## Contributing
13
+
14
+ If you wish to contribute, please check our guidelines in
15
+ [CONTRIBUTING.md]
16
+
17
+ ## Who to ask for help
18
+
19
+ Ask the [CODEOWNERS]
20
+
10
21
  ## Installation
11
22
 
12
23
  ### Gemfile
@@ -28,12 +39,12 @@ gem 'rubocop-rails', require: false
28
39
  gem 'rubocop-rspec', require: false
29
40
  ```
30
41
 
31
- [Specific versions](https://github.com/cobalthq/cobalt-rubocop/blob/main/cobalt-rubocop.gemspec) installed for:
42
+ [Specific versions] installed for:
32
43
 
33
- - [rubocop](https://github.com/rubocop-hq/rubocop)
34
- - [rubocop-performance](https://github.com/rubocop/rubocop-performance)
35
- - [rubocop-rails](https://github.com/rubocop/rubocop-rails)
36
- - [rubocop-rspec](https://github.com/rubocop/rubocop-rspec)
44
+ - [rubocop]
45
+ - [rubocop-performance]
46
+ - [rubocop-rails]
47
+ - [rubocop-rspec]
37
48
 
38
49
  ### .rubocop.yml
39
50
 
@@ -66,62 +77,12 @@ The number of offences can be counted:
66
77
  grep "Offense count" .rubocop_todo.yml | awk -F: '{sum+=$2} END {print sum}'
67
78
  ```
68
79
 
69
- ## Custom Cops
70
-
71
- ### InsecureHashAlgorithm
72
-
73
- See [Ruby Docs](https://ruby-doc.org/stdlib-2.7.2/libdoc/openssl/rdoc/OpenSSL/Digest.html) for built in hash functions.
74
-
75
- - Default Configuration:
76
-
77
- ```yml
78
- Cobalt/InsecureHashAlgorithm:
79
- Allowed:
80
- - SHA256
81
- - SHA384
82
- - SHA512
83
- ```
84
-
85
- ```ruby
86
- # bad
87
- OpenSSL::Digest::MD5.digest('abc')
88
- OpenSSL::Digest::SHA1.digest('abc')
89
- OpenSSL::HMAC.new('abc', 'sha1')
90
-
91
- # good
92
- OpenSSL::Digest::SHA256.digest('abc')
93
- OpenSSL::Digest::SHA384.digest('abc')
94
- OpenSSL::Digest::SHA512.digest('abc')
95
- OpenSSL::HMAC.new('abc', 'sha256')
96
- ```
97
-
98
- ## Development
99
-
100
- ```shell
101
- git clone git@github.com:cobalthq/cobalt-rubocop.git
102
- bundle install
103
- ```
104
-
105
- ### Testing locally
106
-
107
- In your application, use the `path` attribute to point to your local copy of the gem
108
-
109
- ```ruby
110
- # Use the relative path from your application, to the cobalt-rubocop folder
111
- gem 'cobalt-rubocop', path: '../cobalt-rubocop', require: false
112
- ```
113
-
114
- Alternatively:
115
-
116
- - `rake build`
117
- - `gem install pkg/cobalt-rubocop-<version_number>.gem`
118
-
119
- ## Publish (internal)
120
-
121
- > Note: Publishing a new version of this gem is only meant for maintainers.
80
+ <!-- Links -->
122
81
 
123
- - Ensure you have access to publish on [rubygems](https://rubygems.org/gems/cobalt-rubocop).
124
- - Update [CHANGELOG](https://github.com/cobalthq/cobalt-rubocop/blob/main/CHANGELOG.md).
125
- - Update [`VERSION`](https://github.com/cobalthq/cobalt-rubocop/blob/main/lib/rubocop/cobalt/version.rb).
126
- - `rake release`
127
- - This command builds the gem, creates a tag and publishes to rubygems, see [bundler docs](https://bundler.io/guides/creating_gem.html#releasing-the-gem).
82
+ [CODEOWNERS]: ./CODEOWNERS
83
+ [CONTRIBUTING.md]: ./CONTRIBUTING.md
84
+ [Specific versions]: ./cobalt-rubocop.gemspec
85
+ [rubocop-performance]: https://github.com/rubocop/rubocop-performance
86
+ [rubocop-rails]: https://github.com/rubocop/rubocop-rails
87
+ [rubocop-rspec]: https://github.com/rubocop/rubocop-rspec
88
+ [rubocop]: https://github.com/rubocop-hq/rubocop
data/config/rspec.yml CHANGED
@@ -26,6 +26,12 @@ RSpec/NamedSubject:
26
26
  RSpec/NestedGroups:
27
27
  Max: 5
28
28
 
29
+ # This cop does not correctly detect that RSwag creates
30
+ # extra contexts, reporting false positives for those tests
31
+ RSpec/ScatteredSetup:
32
+ Exclude:
33
+ - '{components/*/,}spec/api/**/*'
34
+
29
35
  RSpec/VariableName:
30
36
  AllowedPatterns:
31
37
  - ^Authorization
data/lib/rubocop/cobalt/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module RuboCop
4
4
  module Cobalt
5
- VERSION = '1.0.0'
5
+ VERSION = '1.0.2'
6
6
  end
7
7
  end
data/lib/rubocop/cop/cobalt/insecure_hash_algorithm.rb CHANGED
@@ -77,10 +77,13 @@ module RuboCop
77
77
  %i[hexencode bubblebabble].include?(val)
78
78
  end
79
79
 
80
+ # SHA3-256 is designated as secure by
81
+ # https://github.com/cobalthq/cobalt-pentest-api/blob/main/docs/adr/0019_hash_api_tokens.md
80
82
  DEFAULT_ALLOWED = %w[
81
83
  SHA256
82
84
  SHA384
83
85
  SHA512
86
+ SHA3-256
84
87
  ].freeze
85
88
 
86
89
  def allowed_hash_functions
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cobalt-rubocop
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Cobalt Engineering
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-06-07 00:00:00.000000000 Z
11
+ date: 2024-02-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rubocop
@@ -119,7 +119,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
119
119
  - !ruby/object:Gem::Version
120
120
  version: '0'
121
121
  requirements: []
122
- rubygems_version: 3.4.12
122
+ rubygems_version: 3.4.10
123
123
  signing_key:
124
124
  specification_version: 4
125
125
  summary: Cobalt RuboCop