gitlab-styles 9.1.0 → 10.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitlab-ci.yml +14 -2
- data/.rubocop.yml +2 -1
- data/.rubocop_todo.yml +12 -0
- data/.tests_mapping.yml +10 -0
- data/Gemfile +9 -4
- data/README.md +9 -8
- data/gitlab-styles.gemspec +7 -7
- data/lefthook.yml +11 -3
- data/lib/gitlab/styles/version.rb +1 -1
- data/lib/rubocop/cop/active_record_dependent.rb +0 -5
- data/lib/rubocop/cop/active_record_serialize.rb +0 -6
- data/lib/rubocop/cop/avoid_return_from_blocks.rb +4 -4
- data/lib/rubocop/cop/gem_fetcher.rb +18 -20
- data/lib/rubocop/cop/gitlab_security/deep_munge.rb +36 -0
- data/lib/rubocop/cop/gitlab_security/json_serialization.rb +133 -0
- data/lib/rubocop/cop/gitlab_security/public_send.rb +47 -0
- data/lib/rubocop/cop/gitlab_security/redirect_to_params_update.rb +38 -0
- data/lib/rubocop/cop/gitlab_security/send_file_params.rb +40 -0
- data/lib/rubocop/cop/gitlab_security/sql_injection.rb +41 -0
- data/lib/rubocop/cop/gitlab_security/system_command_injection.rb +38 -0
- data/lib/rubocop/cop/in_batches.rb +0 -2
- data/lib/rubocop/cop/line_break_after_guard_clauses.rb +3 -5
- data/lib/rubocop/cop/line_break_around_conditional_block.rb +5 -0
- data/lib/rubocop/cop/migration/update_large_table.rb +1 -0
- data/lib/rubocop/cop/polymorphic_associations.rb +0 -5
- data/lib/rubocop/cop/rails/include_url_helper.rb +0 -2
- data/lib/rubocop/cop/redirect_with_status.rb +44 -30
- data/lib/rubocop/cop/rspec/empty_line_after_shared_example.rb +1 -1
- data/rubocop-bundler.yml +10 -0
- data/rubocop-capybara.yml +8 -0
- data/rubocop-default.yml +1 -1
- data/rubocop-layout.yml +48 -4
- data/rubocop-lint.yml +131 -3
- data/rubocop-naming.yml +5 -0
- data/rubocop-performance.yml +32 -0
- data/rubocop-rails.yml +25 -0
- data/rubocop-rspec.yml +1 -5
- data/rubocop-security.yml +19 -1
- data/rubocop-style.yml +18 -3
- metadata +38 -29
- data/lib/gitlab/styles/rubocop/model_helpers.rb +0 -19
data/rubocop-performance.yml
CHANGED
@@ -28,6 +28,11 @@ Performance/Casecmp:
|
|
28
28
|
Performance/CollectionLiteralInLoop: # (new in 1.8)
|
29
29
|
Enabled: true
|
30
30
|
|
31
|
+
# Identifies places where Concurrent.monotonic_time can be replaced by
|
32
|
+
# Process.clock_gettime(Process::CLOCK_MONOTONIC).
|
33
|
+
Performance/ConcurrentMonotonicTime:
|
34
|
+
Enabled: true
|
35
|
+
|
31
36
|
Performance/ConstantRegexp: # (new in 1.9)
|
32
37
|
Enabled: true
|
33
38
|
|
@@ -36,6 +41,17 @@ Performance/ConstantRegexp: # (new in 1.9)
|
|
36
41
|
Performance/DoubleStartEndWith:
|
37
42
|
Enabled: true
|
38
43
|
|
44
|
+
# Identifies usages of map { ... }.flatten and change them to use
|
45
|
+
# flat_map { ... } instead.
|
46
|
+
Performance/FlatMap:
|
47
|
+
Enabled: true
|
48
|
+
EnabledForFlattenWithoutParams: true
|
49
|
+
|
50
|
+
# This cop identifies places where map { … }.compact can be replaced by
|
51
|
+
# filter_map.
|
52
|
+
Performance/MapCompact:
|
53
|
+
Enabled: true
|
54
|
+
|
39
55
|
Performance/MethodObjectAsBlock: # (new in 1.9)
|
40
56
|
Enabled: true
|
41
57
|
|
@@ -52,6 +68,11 @@ Performance/RangeInclude:
|
|
52
68
|
Performance/RedundantBlockCall:
|
53
69
|
Enabled: true
|
54
70
|
|
71
|
+
# Checks for uses Enumerable#all?, Enumerable#any?, Enumerable#one?, and
|
72
|
+
# Enumerable#none? are compared with === or similar methods in block.
|
73
|
+
Performance/RedundantEqualityComparisonBlock:
|
74
|
+
Enabled: true
|
75
|
+
|
55
76
|
# This cop identifies use of `Regexp#match` or `String#match in a context
|
56
77
|
# where the integral return value of `=~` would do just as well.
|
57
78
|
Performance/RedundantMatch:
|
@@ -73,6 +94,11 @@ Performance/RedundantSortBlock:
|
|
73
94
|
Performance/RedundantStringChars:
|
74
95
|
Enabled: true
|
75
96
|
|
97
|
+
# Identifies places where split argument can be replaced from a deterministic
|
98
|
+
# regexp to a string.
|
99
|
+
Performance/RedundantSplitRegexpArgument:
|
100
|
+
Enabled: true
|
101
|
+
|
76
102
|
# Identifies places where reverse.first(n) and reverse.first can be replaced by last(n).reverse and last.
|
77
103
|
# https://docs.rubocop.org/rubocop-performance/1.8/cops_performance.html#performancereversefirst
|
78
104
|
Performance/ReverseFirst:
|
@@ -98,6 +124,12 @@ Performance/StartWith:
|
|
98
124
|
Performance/StringInclude:
|
99
125
|
Enabled: true
|
100
126
|
|
127
|
+
# Identifies places where string identifier argument can be replaced by symbol
|
128
|
+
# identifier argument. It prevents the redundancy of the internal
|
129
|
+
# string-to-symbol conversion.
|
130
|
+
Performance/StringIdentifierArgument:
|
131
|
+
Enabled: true
|
132
|
+
|
101
133
|
# Use `tr` instead of `gsub` when you are replacing the same number of
|
102
134
|
# characters. Use `delete` instead of `gsub` when you are deleting
|
103
135
|
# characters.
|
data/rubocop-rails.yml
CHANGED
@@ -3,6 +3,31 @@ require:
|
|
3
3
|
- rubocop-rails
|
4
4
|
- ./lib/gitlab/styles/rubocop
|
5
5
|
|
6
|
+
# Cop that prevents the use of `dependent: ...` in ActiveRecord models.
|
7
|
+
Cop/ActiveRecordDependent:
|
8
|
+
Enabled: true
|
9
|
+
Include:
|
10
|
+
- app/models/**/*.rb
|
11
|
+
|
12
|
+
# Cop that prevents the use of `serialize` in ActiveRecord models.
|
13
|
+
Cop/ActiveRecordSerialize:
|
14
|
+
Enabled: true
|
15
|
+
Include:
|
16
|
+
- app/models/**/*.rb
|
17
|
+
|
18
|
+
# Cop that prevents the use of polymorphic associations.
|
19
|
+
Cop/PolymorphicAssociations:
|
20
|
+
Enabled: true
|
21
|
+
Include:
|
22
|
+
- app/models/**/*.rb
|
23
|
+
|
24
|
+
# Prevents usage of 'redirect_to' in actions 'destroy' and 'destroy_all'
|
25
|
+
# without specifying 'status'.
|
26
|
+
Cop/RedirectWithStatus:
|
27
|
+
Enabled: true
|
28
|
+
Include:
|
29
|
+
- app/controllers/**/*.rb
|
30
|
+
|
6
31
|
# Enables Rails cops.
|
7
32
|
Rails:
|
8
33
|
Enabled: true
|
data/rubocop-rspec.yml
CHANGED
@@ -14,11 +14,6 @@ RSpec/BeEql:
|
|
14
14
|
RSpec/BeforeAfterAll:
|
15
15
|
Enabled: false
|
16
16
|
|
17
|
-
# Checks if there is a more specific finder offered by Capybara.
|
18
|
-
# https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles/-/merge_requests/131#note_1141024624
|
19
|
-
RSpec/Capybara/SpecificFinders:
|
20
|
-
Enabled: false
|
21
|
-
|
22
17
|
# Enforces consistent use of be_a or be_kind_of.
|
23
18
|
# https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles/-/merge_requests/131#note_1141022718
|
24
19
|
RSpec/ClassCheck:
|
@@ -40,6 +35,7 @@ RSpec/DescribeSymbol:
|
|
40
35
|
# Checks that tests use `described_class`.
|
41
36
|
RSpec/DescribedClass:
|
42
37
|
Enabled: true
|
38
|
+
SkipBlocks: true
|
43
39
|
|
44
40
|
# Checks if an example group does not include any tests.
|
45
41
|
RSpec/EmptyExampleGroup:
|
data/rubocop-security.yml
CHANGED
@@ -1,6 +1,11 @@
|
|
1
1
|
---
|
2
2
|
require:
|
3
|
-
- rubocop
|
3
|
+
- ./lib/gitlab/styles/rubocop
|
4
|
+
|
5
|
+
# Checks for implementations of the hash method which combine values using
|
6
|
+
# custom logic instead of delegating to Array#hash.
|
7
|
+
Security/CompoundHash:
|
8
|
+
Enabled: true
|
4
9
|
|
5
10
|
# This cop checks for the use of JSON class methods which have potential
|
6
11
|
# security issues.
|
@@ -16,17 +21,23 @@ Security/IoMethods:
|
|
16
21
|
Enabled: true
|
17
22
|
|
18
23
|
GitlabSecurity/DeepMunge:
|
24
|
+
Description: Checks for disabling the deep munge security control.
|
19
25
|
Enabled: true
|
26
|
+
StyleGuide: https://www.rubydoc.info/gems/gitlab-styles/RuboCop/Cop/GitlabSecurity/DeepMunge
|
20
27
|
Exclude:
|
21
28
|
- 'lib/**/*.rake'
|
22
29
|
- 'spec/**/*'
|
23
30
|
|
24
31
|
# To be enabled by https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13610
|
25
32
|
GitlabSecurity/JsonSerialization:
|
33
|
+
Description: Checks for `to_json` / `as_json` without allowing via `only`.
|
26
34
|
Enabled: false
|
35
|
+
StyleGuide: https://www.rubydoc.info/gems/gitlab-styles/RuboCop/Cop/GitlabSecurity/JsonSerialization
|
27
36
|
|
28
37
|
GitlabSecurity/PublicSend:
|
38
|
+
Description: Checks for the use of `public_send`, `send`, and `__send__` methods.
|
29
39
|
Enabled: true
|
40
|
+
StyleGuide: https://www.rubydoc.info/gems/gitlab-styles/RuboCop/Cop/GitlabSecurity/PublicSend
|
30
41
|
Exclude:
|
31
42
|
- 'config/**/*'
|
32
43
|
- 'db/**/*'
|
@@ -35,19 +46,26 @@ GitlabSecurity/PublicSend:
|
|
35
46
|
- 'qa/**/*'
|
36
47
|
- 'spec/**/*'
|
37
48
|
|
49
|
+
GitlabSecurity/SendFileParams:
|
50
|
+
Description: Check for passing of params hash to send_file()
|
51
|
+
Enabled: true
|
52
|
+
|
38
53
|
GitlabSecurity/RedirectToParamsUpdate:
|
54
|
+
Description: Check for use of redirect_to(params.update())
|
39
55
|
Enabled: true
|
40
56
|
Exclude:
|
41
57
|
- 'lib/**/*.rake'
|
42
58
|
- 'spec/**/*'
|
43
59
|
|
44
60
|
GitlabSecurity/SqlInjection:
|
61
|
+
Description: Check for SQL Injection in where()
|
45
62
|
Enabled: true
|
46
63
|
Exclude:
|
47
64
|
- 'lib/**/*.rake'
|
48
65
|
- 'spec/**/*'
|
49
66
|
|
50
67
|
GitlabSecurity/SystemCommandInjection:
|
68
|
+
Description: Check for Command Injection in System()
|
51
69
|
Enabled: true
|
52
70
|
Exclude:
|
53
71
|
- 'lib/**/*.rake'
|
data/rubocop-style.yml
CHANGED
@@ -18,10 +18,14 @@ Style/AndOr:
|
|
18
18
|
Enabled: true
|
19
19
|
EnforcedStyle: always
|
20
20
|
|
21
|
-
#
|
22
|
-
#
|
21
|
+
# This cop enforces the use of Array() instead of explicit Array check or [*var]
|
22
|
+
# It must remain disabled because of safety concern on Array().
|
23
|
+
# A false positive may occur depending on how the argument is handled by Array()
|
24
|
+
# (which can be different than just wrapping the argument in an array)
|
25
|
+
# As of Rubocop 1.0, this cop has been disabled by default.
|
26
|
+
# https://docs.rubocop.org/rubocop/1.44/cops_style.html#safety-3
|
23
27
|
Style/ArrayCoercion:
|
24
|
-
Enabled:
|
28
|
+
Enabled: false
|
25
29
|
|
26
30
|
# Use `Array#join` instead of `Array#*`.
|
27
31
|
Style/ArrayJoin:
|
@@ -289,6 +293,17 @@ Style/NonNilCheck:
|
|
289
293
|
Style/Not:
|
290
294
|
Enabled: true
|
291
295
|
|
296
|
+
# Checks for numbered parameters. It can either restrict the use of numbered
|
297
|
+
# parameters to single-lined blocks, or disallow completely numbered
|
298
|
+
# parameters.
|
299
|
+
Style/NumberedParameters:
|
300
|
+
EnforcedStyle: disallow
|
301
|
+
Enabled: true
|
302
|
+
|
303
|
+
# Detects use of an excessive amount of numbered parameters in a single block.
|
304
|
+
Style/NumberedParametersLimit:
|
305
|
+
Enabled: false
|
306
|
+
|
292
307
|
# Add underscores to large numeric literals to improve their readability.
|
293
308
|
Style/NumericLiterals:
|
294
309
|
Enabled: false
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gitlab-styles
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 10.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- GitLab
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-02-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rubocop
|
@@ -16,84 +16,70 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 1.
|
19
|
+
version: 1.43.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 1.
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: rubocop-gitlab-security
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: 0.1.1
|
34
|
-
type: :runtime
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: 0.1.1
|
26
|
+
version: 1.43.0
|
41
27
|
- !ruby/object:Gem::Dependency
|
42
28
|
name: rubocop-graphql
|
43
29
|
requirement: !ruby/object:Gem::Requirement
|
44
30
|
requirements:
|
45
31
|
- - "~>"
|
46
32
|
- !ruby/object:Gem::Version
|
47
|
-
version: '0.
|
33
|
+
version: '0.18'
|
48
34
|
type: :runtime
|
49
35
|
prerelease: false
|
50
36
|
version_requirements: !ruby/object:Gem::Requirement
|
51
37
|
requirements:
|
52
38
|
- - "~>"
|
53
39
|
- !ruby/object:Gem::Version
|
54
|
-
version: '0.
|
40
|
+
version: '0.18'
|
55
41
|
- !ruby/object:Gem::Dependency
|
56
42
|
name: rubocop-performance
|
57
43
|
requirement: !ruby/object:Gem::Requirement
|
58
44
|
requirements:
|
59
45
|
- - "~>"
|
60
46
|
- !ruby/object:Gem::Version
|
61
|
-
version: '1.
|
47
|
+
version: '1.15'
|
62
48
|
type: :runtime
|
63
49
|
prerelease: false
|
64
50
|
version_requirements: !ruby/object:Gem::Requirement
|
65
51
|
requirements:
|
66
52
|
- - "~>"
|
67
53
|
- !ruby/object:Gem::Version
|
68
|
-
version: '1.
|
54
|
+
version: '1.15'
|
69
55
|
- !ruby/object:Gem::Dependency
|
70
56
|
name: rubocop-rails
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
72
58
|
requirements:
|
73
59
|
- - "~>"
|
74
60
|
- !ruby/object:Gem::Version
|
75
|
-
version: '2.
|
61
|
+
version: '2.17'
|
76
62
|
type: :runtime
|
77
63
|
prerelease: false
|
78
64
|
version_requirements: !ruby/object:Gem::Requirement
|
79
65
|
requirements:
|
80
66
|
- - "~>"
|
81
67
|
- !ruby/object:Gem::Version
|
82
|
-
version: '2.
|
68
|
+
version: '2.17'
|
83
69
|
- !ruby/object:Gem::Dependency
|
84
70
|
name: rubocop-rspec
|
85
71
|
requirement: !ruby/object:Gem::Requirement
|
86
72
|
requirements:
|
87
73
|
- - "~>"
|
88
74
|
- !ruby/object:Gem::Version
|
89
|
-
version: '2.
|
75
|
+
version: '2.18'
|
90
76
|
type: :runtime
|
91
77
|
prerelease: false
|
92
78
|
version_requirements: !ruby/object:Gem::Requirement
|
93
79
|
requirements:
|
94
80
|
- - "~>"
|
95
81
|
- !ruby/object:Gem::Version
|
96
|
-
version: '2.
|
82
|
+
version: '2.18'
|
97
83
|
- !ruby/object:Gem::Dependency
|
98
84
|
name: bundler
|
99
85
|
requirement: !ruby/object:Gem::Requirement
|
@@ -128,14 +114,14 @@ dependencies:
|
|
128
114
|
requirements:
|
129
115
|
- - "~>"
|
130
116
|
- !ruby/object:Gem::Version
|
131
|
-
version: '
|
117
|
+
version: '13.0'
|
132
118
|
type: :development
|
133
119
|
prerelease: false
|
134
120
|
version_requirements: !ruby/object:Gem::Requirement
|
135
121
|
requirements:
|
136
122
|
- - "~>"
|
137
123
|
- !ruby/object:Gem::Version
|
138
|
-
version: '
|
124
|
+
version: '13.0'
|
139
125
|
- !ruby/object:Gem::Dependency
|
140
126
|
name: rspec
|
141
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -150,6 +136,20 @@ dependencies:
|
|
150
136
|
- - "~>"
|
151
137
|
- !ruby/object:Gem::Version
|
152
138
|
version: '3.0'
|
139
|
+
- !ruby/object:Gem::Dependency
|
140
|
+
name: rubocop-rake
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
142
|
+
requirements:
|
143
|
+
- - "~>"
|
144
|
+
- !ruby/object:Gem::Version
|
145
|
+
version: '0.6'
|
146
|
+
type: :development
|
147
|
+
prerelease: false
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
149
|
+
requirements:
|
150
|
+
- - "~>"
|
151
|
+
- !ruby/object:Gem::Version
|
152
|
+
version: '0.6'
|
153
153
|
description:
|
154
154
|
email:
|
155
155
|
- gitlab_rubygems@gitlab.com
|
@@ -165,6 +165,8 @@ files:
|
|
165
165
|
- ".gitlab/merge_request_templates/Release.md"
|
166
166
|
- ".rspec"
|
167
167
|
- ".rubocop.yml"
|
168
|
+
- ".rubocop_todo.yml"
|
169
|
+
- ".tests_mapping.yml"
|
168
170
|
- CODE_OF_CONDUCT.md
|
169
171
|
- CONTRIBUTING.md
|
170
172
|
- Dangerfile
|
@@ -180,7 +182,6 @@ files:
|
|
180
182
|
- lib/gitlab/styles/common/banned_constants.rb
|
181
183
|
- lib/gitlab/styles/rubocop.rb
|
182
184
|
- lib/gitlab/styles/rubocop/migration_helpers.rb
|
183
|
-
- lib/gitlab/styles/rubocop/model_helpers.rb
|
184
185
|
- lib/gitlab/styles/version.rb
|
185
186
|
- lib/rubocop/cop/active_record_dependent.rb
|
186
187
|
- lib/rubocop/cop/active_record_serialize.rb
|
@@ -191,6 +192,13 @@ files:
|
|
191
192
|
- lib/rubocop/cop/fips/open_ssl.rb
|
192
193
|
- lib/rubocop/cop/fips/sha1.rb
|
193
194
|
- lib/rubocop/cop/gem_fetcher.rb
|
195
|
+
- lib/rubocop/cop/gitlab_security/deep_munge.rb
|
196
|
+
- lib/rubocop/cop/gitlab_security/json_serialization.rb
|
197
|
+
- lib/rubocop/cop/gitlab_security/public_send.rb
|
198
|
+
- lib/rubocop/cop/gitlab_security/redirect_to_params_update.rb
|
199
|
+
- lib/rubocop/cop/gitlab_security/send_file_params.rb
|
200
|
+
- lib/rubocop/cop/gitlab_security/sql_injection.rb
|
201
|
+
- lib/rubocop/cop/gitlab_security/system_command_injection.rb
|
194
202
|
- lib/rubocop/cop/in_batches.rb
|
195
203
|
- lib/rubocop/cop/internal_affairs/deprecate_cop_helper.rb
|
196
204
|
- lib/rubocop/cop/line_break_after_guard_clauses.rb
|
@@ -212,6 +220,7 @@ files:
|
|
212
220
|
- lib/rubocop/cop/without_reactive_cache.rb
|
213
221
|
- rubocop-all.yml
|
214
222
|
- rubocop-bundler.yml
|
223
|
+
- rubocop-capybara.yml
|
215
224
|
- rubocop-code_reuse.yml
|
216
225
|
- rubocop-default.yml
|
217
226
|
- rubocop-fips.yml
|
@@ -1,19 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Gitlab
|
4
|
-
module Styles
|
5
|
-
module Rubocop
|
6
|
-
module Gitlab::Styles::Rubocop::ModelHelpers
|
7
|
-
# Returns true if the given node originated from the models directory.
|
8
|
-
def in_model?(node)
|
9
|
-
path = node.location.expression.source_buffer.name
|
10
|
-
pwd = Dir.pwd
|
11
|
-
models_path = File.join(pwd, 'app', 'models')
|
12
|
-
ee_models_path = File.join(pwd, 'ee', 'app', 'models')
|
13
|
-
|
14
|
-
path.start_with?(models_path, ee_models_path)
|
15
|
-
end
|
16
|
-
end
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|