gitlab-styles 7.0.0 → 9.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +11 -0
- data/Gemfile +3 -3
- data/gitlab-styles.gemspec +6 -6
- data/lib/gitlab/styles/common/banned_constants.rb +28 -0
- data/lib/gitlab/styles/rubocop/model_helpers.rb +1 -1
- data/lib/gitlab/styles/rubocop.rb +2 -2
- data/lib/gitlab/styles/version.rb +1 -1
- data/lib/rubocop/cop/active_record_dependent.rb +32 -0
- data/lib/rubocop/cop/active_record_serialize.rb +20 -0
- data/lib/rubocop/cop/avoid_return_from_blocks.rb +79 -0
- data/lib/rubocop/cop/code_reuse/active_record.rb +80 -0
- data/lib/rubocop/cop/custom_error_class.rb +67 -0
- data/lib/rubocop/cop/fips/md5.rb +27 -0
- data/lib/rubocop/cop/fips/open_ssl.rb +31 -0
- data/lib/rubocop/cop/fips/sha1.rb +27 -0
- data/lib/rubocop/cop/gem_fetcher.rb +37 -0
- data/lib/rubocop/cop/in_batches.rb +18 -0
- data/lib/rubocop/cop/internal_affairs/deprecate_cop_helper.rb +42 -0
- data/lib/rubocop/cop/line_break_after_guard_clauses.rb +101 -0
- data/lib/rubocop/cop/line_break_around_conditional_block.rb +127 -0
- data/lib/rubocop/cop/migration/update_large_table.rb +61 -0
- data/lib/rubocop/cop/performance/rubyzip.rb +36 -0
- data/lib/rubocop/cop/polymorphic_associations.rb +25 -0
- data/lib/rubocop/cop/rails/include_url_helper.rb +28 -0
- data/lib/rubocop/cop/redirect_with_status.rb +46 -0
- data/lib/rubocop/cop/rspec/base.rb +12 -0
- data/lib/rubocop/cop/rspec/empty_line_after_let_block.rb +61 -0
- data/lib/rubocop/cop/rspec/empty_line_after_shared_example.rb +63 -0
- data/lib/rubocop/cop/rspec/example_starting_character.rb +122 -0
- data/lib/rubocop/cop/rspec/have_link_parameters.rb +45 -0
- data/lib/rubocop/cop/rspec/single_line_hook.rb +43 -0
- data/lib/rubocop/cop/rspec/verbose_include_metadata.rb +73 -0
- data/lib/rubocop/cop/style/hash_transformation.rb +81 -0
- data/lib/rubocop/cop/style/open_struct_use.rb +40 -0
- data/lib/rubocop/cop/without_reactive_cache.rb +16 -0
- data/rubocop-default.yml +1 -0
- data/rubocop-fips.yml +15 -0
- data/rubocop-layout.yml +1 -1
- data/rubocop-rspec.yml +13 -5
- metadata +44 -47
- data/lib/gitlab/styles/rubocop/cop/active_record_dependent.rb +0 -36
- data/lib/gitlab/styles/rubocop/cop/active_record_serialize.rb +0 -24
- data/lib/gitlab/styles/rubocop/cop/avoid_return_from_blocks.rb +0 -81
- data/lib/gitlab/styles/rubocop/cop/code_reuse/active_record.rb +0 -84
- data/lib/gitlab/styles/rubocop/cop/custom_error_class.rb +0 -73
- data/lib/gitlab/styles/rubocop/cop/gem_fetcher.rb +0 -41
- data/lib/gitlab/styles/rubocop/cop/in_batches.rb +0 -22
- data/lib/gitlab/styles/rubocop/cop/internal_affairs/deprecate_cop_helper.rb +0 -43
- data/lib/gitlab/styles/rubocop/cop/line_break_after_guard_clauses.rb +0 -104
- data/lib/gitlab/styles/rubocop/cop/line_break_around_conditional_block.rb +0 -132
- data/lib/gitlab/styles/rubocop/cop/migration/update_large_table.rb +0 -64
- data/lib/gitlab/styles/rubocop/cop/performance/rubyzip.rb +0 -39
- data/lib/gitlab/styles/rubocop/cop/polymorphic_associations.rb +0 -29
- data/lib/gitlab/styles/rubocop/cop/rails/include_url_helper.rb +0 -31
- data/lib/gitlab/styles/rubocop/cop/redirect_with_status.rb +0 -50
- data/lib/gitlab/styles/rubocop/cop/rspec/base.rb +0 -18
- data/lib/gitlab/styles/rubocop/cop/rspec/empty_line_after_final_let_it_be.rb +0 -51
- data/lib/gitlab/styles/rubocop/cop/rspec/empty_line_after_let_block.rb +0 -65
- data/lib/gitlab/styles/rubocop/cop/rspec/empty_line_after_shared_example.rb +0 -65
- data/lib/gitlab/styles/rubocop/cop/rspec/example_starting_character.rb +0 -124
- data/lib/gitlab/styles/rubocop/cop/rspec/have_link_parameters.rb +0 -48
- data/lib/gitlab/styles/rubocop/cop/rspec/single_line_hook.rb +0 -45
- data/lib/gitlab/styles/rubocop/cop/rspec/verbose_include_metadata.rb +0 -75
- data/lib/gitlab/styles/rubocop/cop/style/hash_transformation.rb +0 -87
- data/lib/gitlab/styles/rubocop/cop/style/open_struct_use.rb +0 -43
- data/lib/gitlab/styles/rubocop/cop/without_reactive_cache.rb +0 -20
- data/lib/gitlab/styles/rubocop/rspec/helpers.rb +0 -18
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 410e573c3c17d84349a00ff756141e55ece0ba68c0d9aa23b76cfe2a8abde3ae
|
4
|
+
data.tar.gz: a2fb908127f5f31c8d4a235155b4b2ad3208802cfc01bf895321a522a270477b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: aa3f38ac00b776237c2a497ebb76d36e1ad51addc814ecbba7370a4d4cbeb0f67777131494a825431a2aa592d6597e57eaa83cae86ec452955b0399e1e46e1ec
|
7
|
+
data.tar.gz: 445dfab1d9c2f0874c1c7ddb65426bf32953515fcfe1e96b15a119914acc5258753182318b524ff2d8af86b0fb1769d09f0991ce1aa8d2d24cd2a22cfcbe62fb
|
data/.rubocop.yml
CHANGED
@@ -4,7 +4,18 @@ inherit_from:
|
|
4
4
|
require:
|
5
5
|
- rubocop/cop/internal_affairs
|
6
6
|
|
7
|
+
AllCops:
|
8
|
+
NewCops: disable # https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles/-/issues/40
|
9
|
+
SuggestExtensions: false # https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles/-/issues/39
|
10
|
+
|
7
11
|
InternalAffairs/DeprecateCopHelper:
|
8
12
|
Enabled: true
|
9
13
|
Include:
|
10
14
|
- spec/**/*.rb
|
15
|
+
|
16
|
+
# This only makes sense for cops that are included with RuboCop. We could add
|
17
|
+
# our own config/default.yml and do something like
|
18
|
+
# https://github.com/rubocop/rubocop-rspec/blob/master/lib/rubocop/rspec/inject.rb,
|
19
|
+
# but realistically this is OK here.
|
20
|
+
InternalAffairs/UndefinedConfig:
|
21
|
+
Enabled: false
|
data/Gemfile
CHANGED
@@ -7,7 +7,7 @@ gemspec
|
|
7
7
|
|
8
8
|
group :test do
|
9
9
|
# Pin these dependencies, otherwise a new rule could break the CI pipelines
|
10
|
-
gem 'rubocop', '
|
11
|
-
gem 'rubocop-rspec', '
|
12
|
-
gem 'rspec-parameterized', '0.
|
10
|
+
gem 'rubocop', '1.36.0'
|
11
|
+
gem 'rubocop-rspec', '2.12.1'
|
12
|
+
gem 'rspec-parameterized', '0.5.2', require: false
|
13
13
|
end
|
data/gitlab-styles.gemspec
CHANGED
@@ -22,15 +22,15 @@ Gem::Specification.new do |spec|
|
|
22
22
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
23
23
|
spec.require_paths = ['lib']
|
24
24
|
|
25
|
-
spec.add_dependency 'rubocop', '~>
|
25
|
+
spec.add_dependency 'rubocop', '~> 1.36.0'
|
26
26
|
spec.add_dependency 'rubocop-gitlab-security', '~> 0.1.1'
|
27
|
-
spec.add_dependency 'rubocop-graphql', '~> 0.
|
28
|
-
spec.add_dependency 'rubocop-performance', '~> 1.
|
29
|
-
spec.add_dependency 'rubocop-rails', '~> 2.
|
30
|
-
spec.add_dependency 'rubocop-rspec', '~>
|
27
|
+
spec.add_dependency 'rubocop-graphql', '~> 0.14'
|
28
|
+
spec.add_dependency 'rubocop-performance', '~> 1.14'
|
29
|
+
spec.add_dependency 'rubocop-rails', '~> 2.15'
|
30
|
+
spec.add_dependency 'rubocop-rspec', '~> 2.12'
|
31
31
|
|
32
32
|
spec.add_development_dependency 'bundler', '~> 2.1'
|
33
|
-
spec.add_development_dependency 'gitlab-dangerfiles', '~> 2.
|
33
|
+
spec.add_development_dependency 'gitlab-dangerfiles', '~> 2.11.0'
|
34
34
|
spec.add_development_dependency 'rake', '~> 10.0'
|
35
35
|
spec.add_development_dependency 'rspec', '~> 3.0'
|
36
36
|
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Gitlab
|
4
|
+
module Styles
|
5
|
+
module Common
|
6
|
+
module BannedConstants
|
7
|
+
attr_reader :replacements, :message_template, :autocorrect
|
8
|
+
|
9
|
+
def on_const(node)
|
10
|
+
constant = node.source.delete_prefix('::')
|
11
|
+
|
12
|
+
return unless replacements.key?(constant)
|
13
|
+
|
14
|
+
replacement = replacements.fetch(constant)
|
15
|
+
message = format(message_template, { replacement: replacement })
|
16
|
+
|
17
|
+
add_offense(node, message: message) do |corrector|
|
18
|
+
next unless autocorrect
|
19
|
+
|
20
|
+
replacement = "::#{replacement}" if node.source.start_with?("::")
|
21
|
+
|
22
|
+
corrector.replace(node, replacement)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
# Auto-require all cops under `
|
4
|
-
cops_glob = File.join(__dir__, 'rubocop', 'cop', '**', '*.rb')
|
3
|
+
# Auto-require all cops under `rubocop/cop/**/*.rb`
|
4
|
+
cops_glob = File.join(__dir__, '..', '..', 'rubocop', 'cop', '**', '*.rb')
|
5
5
|
Dir[cops_glob].sort.each { |cop| require(cop) }
|
6
6
|
|
7
7
|
module Gitlab
|
@@ -0,0 +1,32 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative '../../gitlab/styles/rubocop/model_helpers'
|
4
|
+
|
5
|
+
module Rubocop
|
6
|
+
module Cop
|
7
|
+
# Cop that prevents the use of `dependent: ...` in ActiveRecord models.
|
8
|
+
class ActiveRecordDependent < RuboCop::Cop::Base
|
9
|
+
include Gitlab::Styles::Rubocop::ModelHelpers
|
10
|
+
|
11
|
+
MSG = 'Do not use `dependent:` to remove associated data, ' \
|
12
|
+
'use foreign keys with cascading deletes instead.'
|
13
|
+
|
14
|
+
METHOD_NAMES = [:has_many, :has_one, :belongs_to].freeze
|
15
|
+
ALLOWED_OPTIONS = [:restrict_with_error].freeze
|
16
|
+
|
17
|
+
def on_send(node)
|
18
|
+
return unless in_model?(node)
|
19
|
+
return unless METHOD_NAMES.include?(node.children[1])
|
20
|
+
|
21
|
+
node.children.last.each_node(:pair) do |pair|
|
22
|
+
key_name = pair.children[0].children[0]
|
23
|
+
option_name = pair.children[1].children[0]
|
24
|
+
|
25
|
+
break if ALLOWED_OPTIONS.include?(option_name)
|
26
|
+
|
27
|
+
add_offense(pair) if key_name == :dependent
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative '../../gitlab/styles/rubocop/model_helpers'
|
4
|
+
|
5
|
+
module Rubocop
|
6
|
+
module Cop
|
7
|
+
# Cop that prevents the use of `serialize` in ActiveRecord models.
|
8
|
+
class ActiveRecordSerialize < RuboCop::Cop::Base
|
9
|
+
include Gitlab::Styles::Rubocop::ModelHelpers
|
10
|
+
|
11
|
+
MSG = 'Do not store serialized data in the database, use separate columns and/or tables instead'
|
12
|
+
|
13
|
+
def on_send(node)
|
14
|
+
return unless in_model?(node)
|
15
|
+
|
16
|
+
add_offense(node.loc.selector) if node.children[1] == :serialize
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,79 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Rubocop
|
4
|
+
module Cop
|
5
|
+
# Checks for return inside blocks.
|
6
|
+
# For more information see: https://gitlab.com/gitlab-org/gitlab-foss/issues/42889
|
7
|
+
#
|
8
|
+
# @example
|
9
|
+
# # bad
|
10
|
+
# call do
|
11
|
+
# return if something
|
12
|
+
#
|
13
|
+
# do_something_else
|
14
|
+
# end
|
15
|
+
#
|
16
|
+
# # good
|
17
|
+
# call do
|
18
|
+
# break if something
|
19
|
+
#
|
20
|
+
# do_something_else
|
21
|
+
# end
|
22
|
+
#
|
23
|
+
class AvoidReturnFromBlocks < RuboCop::Cop::Base
|
24
|
+
MSG = 'Do not return from a block, use next or break instead.'
|
25
|
+
DEF_METHODS = %i[define_method lambda].freeze
|
26
|
+
WHITELISTED_METHODS = %i[each each_filename times loop].freeze
|
27
|
+
|
28
|
+
def on_block(node)
|
29
|
+
block_body = node.body
|
30
|
+
|
31
|
+
return unless block_body
|
32
|
+
return unless top_block?(node)
|
33
|
+
|
34
|
+
block_body.each_node(:return) do |return_node|
|
35
|
+
next if parent_blocks(node, return_node).all? { |block| whitelisted?(block) }
|
36
|
+
|
37
|
+
add_offense(return_node)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
alias_method :on_numblock, :on_block
|
42
|
+
|
43
|
+
private
|
44
|
+
|
45
|
+
def top_block?(node)
|
46
|
+
current_node = node
|
47
|
+
top_block = nil
|
48
|
+
|
49
|
+
while current_node && current_node.type != :def
|
50
|
+
top_block = current_node if current_node.block_type?
|
51
|
+
current_node = current_node.parent
|
52
|
+
end
|
53
|
+
|
54
|
+
top_block == node
|
55
|
+
end
|
56
|
+
|
57
|
+
def parent_blocks(node, current_node)
|
58
|
+
blocks = []
|
59
|
+
|
60
|
+
until node == current_node || def?(current_node)
|
61
|
+
blocks << current_node if current_node.block_type?
|
62
|
+
current_node = current_node.parent
|
63
|
+
end
|
64
|
+
|
65
|
+
blocks << node if node == current_node && !def?(node)
|
66
|
+
blocks
|
67
|
+
end
|
68
|
+
|
69
|
+
def def?(node)
|
70
|
+
node.def_type? || node.defs_type? ||
|
71
|
+
(node.block_type? && DEF_METHODS.include?(node.method_name))
|
72
|
+
end
|
73
|
+
|
74
|
+
def whitelisted?(block_node)
|
75
|
+
WHITELISTED_METHODS.include?(block_node.method_name)
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
@@ -0,0 +1,80 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Rubocop
|
4
|
+
module Cop
|
5
|
+
module CodeReuse
|
6
|
+
# Cop that denies the use of ActiveRecord methods outside of models.
|
7
|
+
class ActiveRecord < RuboCop::Cop::Base
|
8
|
+
MSG = 'This method can only be used inside an ActiveRecord model: ' \
|
9
|
+
'https://gitlab.com/gitlab-org/gitlab-foss/issues/49653'
|
10
|
+
|
11
|
+
# Various methods from ActiveRecord::Querying that are denied. We
|
12
|
+
# exclude some generic ones such as `any?` and `first`, as these may
|
13
|
+
# lead to too many false positives, since `Array` also supports these
|
14
|
+
# methods.
|
15
|
+
#
|
16
|
+
# The keys of this Hash are the denied method names. The values are
|
17
|
+
# booleans that indicate if the method should only be denied if any
|
18
|
+
# arguments are provided.
|
19
|
+
NOT_ALLOWED = {
|
20
|
+
average: true,
|
21
|
+
calculate: true,
|
22
|
+
count_by_sql: true,
|
23
|
+
create_with: true,
|
24
|
+
distinct: false,
|
25
|
+
eager_load: true,
|
26
|
+
exists?: true,
|
27
|
+
find_by: true,
|
28
|
+
find_by!: true,
|
29
|
+
find_by_sql: true,
|
30
|
+
find_each: true,
|
31
|
+
find_in_batches: true,
|
32
|
+
find_or_create_by: true,
|
33
|
+
find_or_create_by!: true,
|
34
|
+
find_or_initialize_by: true,
|
35
|
+
first!: false,
|
36
|
+
first_or_create: true,
|
37
|
+
first_or_create!: true,
|
38
|
+
first_or_initialize: true,
|
39
|
+
from: true,
|
40
|
+
group: true,
|
41
|
+
having: true,
|
42
|
+
ids: false,
|
43
|
+
includes: true,
|
44
|
+
joins: true,
|
45
|
+
lock: false,
|
46
|
+
many?: false,
|
47
|
+
offset: true,
|
48
|
+
order: true,
|
49
|
+
pluck: true,
|
50
|
+
preload: true,
|
51
|
+
readonly: false,
|
52
|
+
references: true,
|
53
|
+
reorder: true,
|
54
|
+
rewhere: true,
|
55
|
+
take: false,
|
56
|
+
take!: false,
|
57
|
+
unscope: false,
|
58
|
+
where: false,
|
59
|
+
with: true
|
60
|
+
}.freeze
|
61
|
+
|
62
|
+
def on_send(node)
|
63
|
+
receiver = node.children[0]
|
64
|
+
send_name = node.children[1]
|
65
|
+
first_arg = node.children[2]
|
66
|
+
|
67
|
+
return unless receiver && NOT_ALLOWED.key?(send_name)
|
68
|
+
|
69
|
+
# If the rule requires an argument to be given, but none are
|
70
|
+
# provided, we won't register an offense. This prevents us from
|
71
|
+
# adding offenses for `project.group`, while still covering
|
72
|
+
# `Project.group(:name)`.
|
73
|
+
return if NOT_ALLOWED[send_name] && !first_arg
|
74
|
+
|
75
|
+
add_offense(node.loc.selector)
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
@@ -0,0 +1,67 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Rubocop
|
4
|
+
module Cop
|
5
|
+
# Makes sure that custom error classes, when empty, are declared
|
6
|
+
# with Class.new.
|
7
|
+
#
|
8
|
+
# @example
|
9
|
+
# # bad
|
10
|
+
# class FooError < StandardError
|
11
|
+
# end
|
12
|
+
#
|
13
|
+
# # okish
|
14
|
+
# class FooError < StandardError; end
|
15
|
+
#
|
16
|
+
# # good
|
17
|
+
# FooError = Class.new(StandardError)
|
18
|
+
class CustomErrorClass < RuboCop::Cop::Base
|
19
|
+
extend RuboCop::Cop::AutoCorrector
|
20
|
+
|
21
|
+
MSG = 'Use `Class.new(SuperClass)` to define an empty custom error class.'
|
22
|
+
|
23
|
+
def on_class(node)
|
24
|
+
parent = node.parent_class
|
25
|
+
body = node.body
|
26
|
+
|
27
|
+
return if body
|
28
|
+
|
29
|
+
parent_klass = class_name_from_node(parent)
|
30
|
+
|
31
|
+
return unless parent_klass&.to_s&.end_with?('Error')
|
32
|
+
|
33
|
+
add_offense(node) do |corrector|
|
34
|
+
klass = node.identifier
|
35
|
+
parent = node.parent_class
|
36
|
+
|
37
|
+
replacement = "#{class_name_from_node(klass)} = Class.new(#{class_name_from_node(parent)})"
|
38
|
+
|
39
|
+
corrector.replace(node.source_range, replacement)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
private
|
44
|
+
|
45
|
+
# The nested constant `Foo::Bar::Baz` looks like:
|
46
|
+
#
|
47
|
+
# s(:const,
|
48
|
+
# s(:const,
|
49
|
+
# s(:const, nil, :Foo), :Bar), :Baz)
|
50
|
+
#
|
51
|
+
# So recurse through that to get the name as written in the source.
|
52
|
+
#
|
53
|
+
def class_name_from_node(node, suffix = nil)
|
54
|
+
return unless node&.type == :const
|
55
|
+
|
56
|
+
name = node.children[1].to_s
|
57
|
+
name = "#{name}::#{suffix}" if suffix
|
58
|
+
|
59
|
+
if node.children[0]
|
60
|
+
class_name_from_node(node.children[0], name)
|
61
|
+
else
|
62
|
+
name
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative '../../../gitlab/styles/common/banned_constants'
|
4
|
+
|
5
|
+
module Rubocop
|
6
|
+
module Cop
|
7
|
+
module Fips
|
8
|
+
class MD5 < RuboCop::Cop::Base
|
9
|
+
include Gitlab::Styles::Common::BannedConstants
|
10
|
+
|
11
|
+
MESSAGE_TEMPLATE = 'MD5 is not FIPS-compliant. Use %{replacement} instead.'
|
12
|
+
|
13
|
+
REPLACEMENTS = {
|
14
|
+
'OpenSSL::Digest::MD5' => 'OpenSSL::Digest::SHA256',
|
15
|
+
'Digest::MD5' => 'OpenSSL::Digest::SHA256'
|
16
|
+
}.freeze
|
17
|
+
|
18
|
+
def initialize(config = nil, options = nil)
|
19
|
+
@message_template = MESSAGE_TEMPLATE
|
20
|
+
@replacements = REPLACEMENTS
|
21
|
+
@autocorrect = false
|
22
|
+
super(config, options)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative '../../../gitlab/styles/common/banned_constants'
|
4
|
+
|
5
|
+
module Rubocop
|
6
|
+
module Cop
|
7
|
+
module Fips
|
8
|
+
class OpenSSL < RuboCop::Cop::Base
|
9
|
+
extend RuboCop::Cop::AutoCorrector
|
10
|
+
include Gitlab::Styles::Common::BannedConstants
|
11
|
+
|
12
|
+
MESSAGE_TEMPLATE = 'Usage of this class is not FIPS-compliant. Use %{replacement} instead.'
|
13
|
+
|
14
|
+
REPLACEMENTS = {
|
15
|
+
'Digest::SHA1' => 'OpenSSL::Digest::SHA1',
|
16
|
+
'Digest::SHA2' => 'OpenSSL::Digest::SHA256',
|
17
|
+
'Digest::SHA256' => 'OpenSSL::Digest::SHA256',
|
18
|
+
'Digest::SHA384' => 'OpenSSL::Digest::SHA384',
|
19
|
+
'Digest::SHA512' => 'OpenSSL::Digest::SHA512'
|
20
|
+
}.freeze
|
21
|
+
|
22
|
+
def initialize(config = nil, options = nil)
|
23
|
+
@message_template = MESSAGE_TEMPLATE
|
24
|
+
@replacements = REPLACEMENTS
|
25
|
+
@autocorrect = true
|
26
|
+
super(config, options)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative '../../../gitlab/styles/common/banned_constants'
|
4
|
+
|
5
|
+
module Rubocop
|
6
|
+
module Cop
|
7
|
+
module Fips
|
8
|
+
class SHA1 < RuboCop::Cop::Base
|
9
|
+
include Gitlab::Styles::Common::BannedConstants
|
10
|
+
|
11
|
+
MESSAGE_TEMPLATE = 'SHA1 is likely to become non-compliant in the near future. Use %{replacement} instead.'
|
12
|
+
|
13
|
+
REPLACEMENTS = {
|
14
|
+
'OpenSSL::Digest::SHA1' => 'OpenSSL::Digest::SHA256',
|
15
|
+
'Digest::SHA1' => 'OpenSSL::Digest::SHA256'
|
16
|
+
}.freeze
|
17
|
+
|
18
|
+
def initialize(config = nil, options = nil)
|
19
|
+
@message_template = MESSAGE_TEMPLATE
|
20
|
+
@replacements = REPLACEMENTS
|
21
|
+
@autocorrect = false
|
22
|
+
super(config, options)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Rubocop
|
4
|
+
module Cop
|
5
|
+
# Prevents usage of the `git` and `github` arguments to `gem` in a
|
6
|
+
# `Gemfile` in order to avoid additional points of failure beyond
|
7
|
+
# rubygems.org.
|
8
|
+
class GemFetcher < RuboCop::Cop::Base
|
9
|
+
MSG = 'Do not use gems from git repositories, only use gems from RubyGems.'
|
10
|
+
|
11
|
+
GIT_KEYS = [:git, :github].freeze
|
12
|
+
|
13
|
+
def on_send(node)
|
14
|
+
return unless gemfile?(node)
|
15
|
+
|
16
|
+
func_name = node.children[1]
|
17
|
+
return unless func_name == :gem
|
18
|
+
|
19
|
+
node.children.last.each_node(:pair) do |pair|
|
20
|
+
key_name = pair.children[0].children[0].to_sym
|
21
|
+
add_offense(pair.source_range) if GIT_KEYS.include?(key_name)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
private
|
26
|
+
|
27
|
+
def gemfile?(node)
|
28
|
+
node
|
29
|
+
.location
|
30
|
+
.expression
|
31
|
+
.source_buffer
|
32
|
+
.name
|
33
|
+
.end_with?("Gemfile")
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative '../../gitlab/styles/rubocop/model_helpers'
|
4
|
+
|
5
|
+
module Rubocop
|
6
|
+
module Cop
|
7
|
+
# Cop that prevents the use of `in_batches`
|
8
|
+
class InBatches < RuboCop::Cop::Base
|
9
|
+
MSG = 'Do not use `in_batches`, use `each_batch` from the EachBatch module instead'
|
10
|
+
|
11
|
+
def on_send(node)
|
12
|
+
return unless node.children[1] == :in_batches
|
13
|
+
|
14
|
+
add_offense(node.loc.selector)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Rubocop
|
4
|
+
module Cop
|
5
|
+
module InternalAffairs
|
6
|
+
# Cop that denies the use of CopHelper.
|
7
|
+
class DeprecateCopHelper < RuboCop::Cop::Base
|
8
|
+
MSG = 'Do not use `CopHelper` or methods from it, use improved patterns described in https://www.rubydoc.info/gems/rubocop/RuboCop/RSpec/ExpectOffense'
|
9
|
+
|
10
|
+
# @!method cop_helper(node)
|
11
|
+
def_node_matcher :cop_helper, <<~PATTERN
|
12
|
+
(send nil? ${:include :extend :prepend}
|
13
|
+
(const _ {:CopHelper}))
|
14
|
+
PATTERN
|
15
|
+
|
16
|
+
# @!method cop_helper_method(node)
|
17
|
+
def_node_search :cop_helper_method, <<~PATTERN
|
18
|
+
(send nil? {:inspect_source :inspect_source_file :parse_source :autocorrect_source_file :autocorrect_source :_investigate} ...)
|
19
|
+
PATTERN
|
20
|
+
|
21
|
+
# @!method cop_helper_method_on_instance(node)
|
22
|
+
def_node_search :cop_helper_method_on_instance, <<~PATTERN
|
23
|
+
(send (send nil? _) {:messages :highlights :offenses} ...)
|
24
|
+
PATTERN
|
25
|
+
|
26
|
+
def on_send(node)
|
27
|
+
cop_helper(node) do
|
28
|
+
add_offense(node)
|
29
|
+
end
|
30
|
+
|
31
|
+
cop_helper_method(node) do
|
32
|
+
add_offense(node)
|
33
|
+
end
|
34
|
+
|
35
|
+
cop_helper_method_on_instance(node) do
|
36
|
+
add_offense(node)
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|