gitlab-styles 6.4.0 → 7.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7243d64ca027fd058b9183cab0e19417797fa05e9b13de3f31200027b39c0440
-  data.tar.gz: c45d182c5dc811e729bc93c26db12c9127b276ad266fad7be3bc921b7d1def89
+  metadata.gz: 9fcbcb3937df65b5a6ef170918f4abd96786642c5ba2e379b4f0c3273cd21411
+  data.tar.gz: dde017a2f0091139175945e0bafd2f0d9c43f2ad280ca9f60c350093fe441dd2
 SHA512:
-  metadata.gz: 64fed474c7b045454a9dad3e9faf742ca4bc371084562033e7062eeb4a6e0130084000e5579e6b1c2f32c47c4b674d5b5f6d7cc4dd07d6b53d93e229e5178453
-  data.tar.gz: 735af04bd27f127aa2bc99cb1ca06a951892bcf42957e82c2a3e029b570ae29ca88d3be4de3aba0f21e6d0a82197c1fbc26b4f6c96289c8d682832c4291c37af
+  metadata.gz: ccd9e7b074e48b11b2c9d13f929b2f20d7fcd71e6ad89ae6eaf558d690f1122cbfa78ea145494ada2944ca5f37113ee1ac77fa88679b3194126e24b1c563063c
+  data.tar.gz: c38476316f30eed488850324802911e538369ba88a2110357d5b8c5dbb2be08fdf99119f640b05e2a11d90d703e7f2646425e2083a8d96fa96996bf1f7c2e966

data/.gitlab/changelog_config.yml

@@ -0,0 +1,13 @@
+---
+# Settings for generating changelogs using the GitLab API. See
+# https://docs.gitlab.com/ee/api/repositories.html#generate-changelog-data for
+# more information.
+categories:
+  added: Added
+  fixed: Fixed
+  changed: Changed
+  deprecated: Deprecated
+  removed: Removed
+  security: Security
+  performance: Performance
+  other: Other

data/.gitlab/merge_request_templates/Release.md

@@ -1,35 +1,13 @@
-<!-- Replace `v4.5.0` with the previous release here, and `e18d76b309e42888759c1effe96767f13e34ae55`
-with the latest commit from https://gitlab.com/gitlab-org/gitlab-styles/commits/master that will be included in the release. -->
-- Diff: https://gitlab.com/gitlab-org/gitlab-styles/compare/v4.5.0...e18d76b309e42888759c1effe96767f13e34ae55
+<!-- Replace `<PREVIOUS_VERSION>` with the previous version number here, `<COMMIT_UPDATING_VERSION>` with the latest
+commit from this merge request, and `<NEW_VERSION>` with the upcoming version number. -->
+## Diff
 
-- Release notes:
+https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles/compare/v<PREVIOUS_VERSION>...<COMMIT_UPDATING_VERSION>
 
-<!-- Keep the sections order but remove the empty sections -->
+## Checklist
 
-```markdown
-### New features and features updates
+- [ ] Diff link is up-to-date.
+- [ ] Check the release notes: https://gitlab.com/api/v4/projects/4176070/repository/changelog?version=<NEW_VERSION>
+- [ ] Based on the diff and the release notes, `version.rb` is updated, according to [SemVer](https://semver.org).
 
-- !aaa <Title of the aaa MR>.
-
-### Fixes
-
-- !bbb <Title of the bbb MR>.
-
-### Doc changes
-
-- !ccc <Title of the ccc MR>.
-
-### Other changes (tooling, technical debt)
-
-- !ddd <Title of the ddd MR>.
-```
-
-- Checklist before merging:
-  - [ ] Diff link is up-to-date.
-  - [ ] Based on the diff, `lib/gitlab/styles/version.rb` is updated, according to [SemVer](https://semver.org).
-  - [ ] Release notes are accurate.
-
-- Checklist after merging:
-  - [ ] [Update the release notes for the newly created tag](docs/release_process.md#how-to).
-
-/label ~"Engineering Productivity" ~"feature" ~"feature::maintenance" ~"static code analysis"
+/label ~"type::maintenance" ~"static code analysis"

data/.gitlab-ci.yml

@@ -31,4 +31,6 @@ specs:
 
 include:
   - project: 'gitlab-org/quality/pipeline-common'
-    file: '/ci/gem-release.yml'
+    file:
+      - '/ci/gem-release.yml'
+      - '/ci/danger-review.yml'

data/Dangerfile

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+require 'gitlab-dangerfiles'
+
+Gitlab::Dangerfiles.for_project(self, &:import_defaults)

data/gitlab-styles.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.email         = ['gitlab_rubygems@gitlab.com']
 
   spec.summary       = 'GitLab style guides and shared style configs.'
-  spec.homepage      = 'https://gitlab.com/gitlab-org/gitlab-styles'
+  spec.homepage      = 'https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles'
   spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0").reject do |f|
@@ -24,11 +24,13 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency 'rubocop', '~> 0.91', '>= 0.91.1'
   spec.add_dependency 'rubocop-gitlab-security', '~> 0.1.1'
+  spec.add_dependency 'rubocop-graphql', '~> 0.10'
   spec.add_dependency 'rubocop-performance', '~> 1.9.2'
   spec.add_dependency 'rubocop-rails', '~> 2.9'
   spec.add_dependency 'rubocop-rspec', '~> 1.44'
 
   spec.add_development_dependency 'bundler', '~> 2.1'
+  spec.add_development_dependency 'gitlab-dangerfiles', '~> 2.6.1'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
 end

data/lib/gitlab/styles/rubocop/cop/active_record_dependent.rb

@@ -10,10 +10,11 @@ module Gitlab
         class ActiveRecordDependent < RuboCop::Cop::Cop
           include ModelHelpers
 
-          MSG = 'Do not use `dependent: to remove associated data, ' \
-            'use foreign keys with cascading deletes instead'
+          MSG = 'Do not use `dependent:` to remove associated data, ' \
+            'use foreign keys with cascading deletes instead.'
 
           METHOD_NAMES = [:has_many, :has_one, :belongs_to].freeze
+          ALLOWED_OPTIONS = [:restrict_with_error].freeze
 
           def on_send(node)
             return unless in_model?(node)
@@ -21,6 +22,9 @@ module Gitlab
 
             node.children.last.each_node(:pair) do |pair|
               key_name = pair.children[0].children[0]
+              option_name = pair.children[1].children[0]
+
+              break if ALLOWED_OPTIONS.include?(option_name)
 
               add_offense(pair) if key_name == :dependent
             end

data/lib/gitlab/styles/rubocop/cop/avoid_return_from_blocks.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Styles
+    module Rubocop
+      module Cop
+        # Checks for return inside blocks.
+        # For more information see: https://gitlab.com/gitlab-org/gitlab-foss/issues/42889
+        #
+        # @example
+        #   # bad
+        #   call do
+        #     return if something
+        #
+        #     do_something_else
+        #   end
+        #
+        #   # good
+        #   call do
+        #     break if something
+        #
+        #     do_something_else
+        #   end
+        #
+        class AvoidReturnFromBlocks < RuboCop::Cop::Cop
+          MSG = 'Do not return from a block, use next or break instead.'
+          DEF_METHODS = %i[define_method lambda].freeze
+          WHITELISTED_METHODS = %i[each each_filename times loop].freeze
+
+          def on_block(node)
+            block_body = node.body
+
+            return unless block_body
+            return unless top_block?(node)
+
+            block_body.each_node(:return) do |return_node|
+              next if parent_blocks(node, return_node).all? { |block| whitelisted?(block) }
+
+              add_offense(return_node)
+            end
+          end
+
+          private
+
+          def top_block?(node)
+            current_node = node
+            top_block = nil
+
+            while current_node && current_node.type != :def
+              top_block = current_node if current_node.block_type?
+              current_node = current_node.parent
+            end
+
+            top_block == node
+          end
+
+          def parent_blocks(node, current_node)
+            blocks = []
+
+            until node == current_node || def?(current_node)
+              blocks << current_node if current_node.block_type?
+              current_node = current_node.parent
+            end
+
+            blocks << node if node == current_node && !def?(node)
+            blocks
+          end
+
+          def def?(node)
+            node.def_type? || node.defs_type? ||
+              (node.block_type? && DEF_METHODS.include?(node.method_name))
+          end
+
+          def whitelisted?(block_node)
+            WHITELISTED_METHODS.include?(block_node.method_name)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/styles/rubocop/cop/code_reuse/active_record.rb

@@ -76,52 +76,6 @@ module Gitlab
 
               add_offense(node, location: :selector)
             end
-
-            # We can not auto correct code like this, as it requires manual
-            # refactoring. Instead, we'll just allow the surrounding scope.
-            #
-            # Despite this method's presence, you should not use it. This method
-            # exists to make it possible to allow large chunks of offenses we
-            # can't fix in the short term. If you are writing new code, follow the
-            # code reuse guidelines, instead of allowing any new offenses.
-            def autocorrect(node)
-              scope = surrounding_scope_of(node)
-              indent = indentation_of(scope)
-
-              lambda do |corrector|
-                # This prevents us from inserting the same enable/disable comment
-                # for a method or block that has multiple offenses.
-                next if allowed_scopes.include?(scope)
-
-                corrector.insert_before(
-                  scope.source_range,
-                  "# rubocop: disable #{cop_name}\n#{indent}"
-                )
-
-                corrector.insert_after(
-                  scope.source_range,
-                  "\n#{indent}# rubocop: enable #{cop_name}"
-                )
-
-                allowed_scopes << scope
-              end
-            end
-
-            def indentation_of(node)
-              ' ' * node.loc.expression.source_line[/\A */].length
-            end
-
-            def surrounding_scope_of(node)
-              %i[def defs block begin].each do |type|
-                if (found = node.each_ancestor(type).first)
-                  return found
-                end
-              end
-            end
-
-            def allowed_scopes
-              @allowed_scopes ||= Set.new
-            end
           end
         end
       end

data/lib/gitlab/styles/rubocop/cop/performance/rubyzip.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Styles
+    module Rubocop
+      module Cop
+        module Performance
+          # This cop flags inefficient uses of rubyzip's Zip::File, since when instantiated
+          # it reads the file's Central Directory into memory entirely. For zips with many
+          # files and directories, this can be very expensive even when the archive's size
+          # in bytes is small.
+          #
+          # See also:
+          # - https://github.com/rubyzip/rubyzip/issues/506
+          # - https://github.com/rubyzip/rubyzip#notes-on-zipinputstream
+          class Rubyzip < RuboCop::Cop::Cop
+            MSG = 'Be careful when opening or iterating zip files via Zip::File. ' \
+                  'Zip archives may contain many entries, and their file index is ' \
+                  'read into memory upon construction, which can lead to ' \
+                  'high memory use and poor performance. ' \
+                  'Consider iterating archive entries via Zip::InputStream instead.'
+
+            def_node_matcher :reads_central_directory?, <<-PATTERN
+              (send
+                (const
+                  (const {nil? (cbase)} :Zip) :File) {:new :open :foreach} ...)
+            PATTERN
+
+            def on_send(node)
+              return unless reads_central_directory?(node)
+
+              add_offense(node)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/gitlab/styles/version.rb

@@ -2,6 +2,6 @@
 
 module Gitlab
   module Styles
-    VERSION = '6.4.0'
+    VERSION = '7.0.0'
   end
 end

data/rubocop-default.yml

@@ -4,12 +4,14 @@ require:
   - rubocop-performance
   - rubocop-rspec
   - rubocop-rails
+  - rubocop-graphql
   - ./lib/gitlab/styles/rubocop
 
 inherit_from:
   - rubocop-all.yml
   - rubocop-bundler.yml
   - rubocop-gemspec.yml
+  - rubocop-graphql.yml
   - rubocop-layout.yml
   - rubocop-lint.yml
   - rubocop-metrics.yml

data/rubocop-graphql.yml

@@ -0,0 +1,30 @@
+---
+require:
+  - rubocop-graphql
+
+# Ensures all arguments have a description
+# Disabled because our bespoke Graphql/Descriptions cop covers this.
+GraphQL/ArgumentDescription:
+  Enabled: false
+
+# Ensures all fields have a description
+# Disabled because our bespoke Graphql/Descriptions cop covers this.
+GraphQL/FieldDescription:
+  Enabled: false
+
+# Suggests using input type instead of many arguments
+GraphQL/ExtractInputType:
+  Enabled: false
+
+# Suggests extracting fields with common prefixes to the separate type
+GraphQL/ExtractType:
+  Enabled: false
+
+# Checks that types are defined with class-based API
+GraphQL/LegacyDsl:
+  Enabled: false
+
+# Ensures all types have a description
+# Disabled because our bespoke Graphql/Descriptions cop covers this.
+GraphQL/ObjectDescription:
+  Enabled: false

data/rubocop-performance.yml

@@ -1,6 +1,7 @@
 ---
 require:
   - rubocop-performance
+  - ./lib/gitlab/styles/rubocop
 
 # Used to identify usages of ancestors.include? and change them to use ⇐ instead.
 # https://docs.rubocop.org/rubocop-performance/1.8/cops_performance.html#performanceancestorsinclude
@@ -112,3 +113,9 @@ Performance/Sum:
 # Checks for `.times.map` calls.
 Performance/TimesMap:
   Enabled: true
+
+# Flags potentially expensive operations on ZIP archives.
+Performance/Rubyzip:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'

data/rubocop-rspec.yml

@@ -95,8 +95,9 @@ RSpec/ImplicitExpect:
   EnforcedStyle: is_expected
 
 # Checks for the usage of instance variables.
+# https://docs.gitlab.com/ee/development/testing_guide/best_practices.html#subject-and-let-variables
 RSpec/InstanceVariable:
-  Enabled: false
+  Enabled: true
 
 # Checks for `subject` definitions that come after `let` definitions.
 RSpec/LeadingSubject:
@@ -157,4 +158,4 @@ RSpec/SubjectStub:
 
 # Prefer using verifying doubles over normal doubles.
 RSpec/VerifiedDoubles:
-  Enabled: false
+  Enabled: true

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-styles
 version: !ruby/object:Gem::Version
-  version: 6.4.0
+  version: 7.0.0
 platform: ruby
 authors:
 - GitLab
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-10-28 00:00:00.000000000 Z
+date: 2022-03-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop
@@ -44,6 +44,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.1.1
+- !ruby/object:Gem::Dependency
+  name: rubocop-graphql
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -100,6 +114,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: gitlab-dangerfiles
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.6.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.6.1
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -138,12 +166,14 @@ files:
 - ".editorconfig"
 - ".gitignore"
 - ".gitlab-ci.yml"
+- ".gitlab/changelog_config.yml"
 - ".gitlab/merge_request_templates/New Static Analysis Check.md"
 - ".gitlab/merge_request_templates/Release.md"
 - ".rspec"
 - ".rubocop.yml"
 - CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
+- Dangerfile
 - Gemfile
 - LICENSE.md
 - README.md
@@ -155,6 +185,7 @@ files:
 - lib/gitlab/styles/rubocop.rb
 - lib/gitlab/styles/rubocop/cop/active_record_dependent.rb
 - lib/gitlab/styles/rubocop/cop/active_record_serialize.rb
+- lib/gitlab/styles/rubocop/cop/avoid_return_from_blocks.rb
 - lib/gitlab/styles/rubocop/cop/code_reuse/active_record.rb
 - lib/gitlab/styles/rubocop/cop/custom_error_class.rb
 - lib/gitlab/styles/rubocop/cop/gem_fetcher.rb
@@ -163,6 +194,7 @@ files:
 - lib/gitlab/styles/rubocop/cop/line_break_after_guard_clauses.rb
 - lib/gitlab/styles/rubocop/cop/line_break_around_conditional_block.rb
 - lib/gitlab/styles/rubocop/cop/migration/update_large_table.rb
+- lib/gitlab/styles/rubocop/cop/performance/rubyzip.rb
 - lib/gitlab/styles/rubocop/cop/polymorphic_associations.rb
 - lib/gitlab/styles/rubocop/cop/rails/include_url_helper.rb
 - lib/gitlab/styles/rubocop/cop/redirect_with_status.rb
@@ -186,6 +218,7 @@ files:
 - rubocop-code_reuse.yml
 - rubocop-default.yml
 - rubocop-gemspec.yml
+- rubocop-graphql.yml
 - rubocop-layout.yml
 - rubocop-lint.yml
 - rubocop-metrics.yml
@@ -196,7 +229,7 @@ files:
 - rubocop-rspec.yml
 - rubocop-security.yml
 - rubocop-style.yml
-homepage: https://gitlab.com/gitlab-org/gitlab-styles
+homepage: https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles
 licenses:
 - MIT
 metadata: {}