gitlab-styles 9.2.0 → 10.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +3 -3
- data/.gitlab/merge_request_templates/Release.md +18 -5
- data/.gitlab-ci.yml +17 -2
- data/.rubocop.yml +6 -1
- data/.rubocop_todo.yml +36 -0
- data/.tests_mapping.yml +10 -0
- data/Gemfile +0 -11
- data/Gemfile.lock +227 -0
- data/README.md +0 -1
- data/gitlab-styles.gemspec +15 -8
- data/lefthook.yml +11 -3
- data/lib/gitlab/styles/rubocop/migration_helpers.rb +1 -1
- data/lib/gitlab/styles/version.rb +1 -1
- data/lib/rubocop/cop/active_record_dependent.rb +0 -5
- data/lib/rubocop/cop/active_record_serialize.rb +0 -6
- data/lib/rubocop/cop/avoid_return_from_blocks.rb +4 -4
- data/lib/rubocop/cop/custom_error_class.rb +1 -1
- data/lib/rubocop/cop/gem_fetcher.rb +1 -1
- data/lib/rubocop/cop/gitlab_security/deep_munge.rb +36 -0
- data/lib/rubocop/cop/gitlab_security/json_serialization.rb +133 -0
- data/lib/rubocop/cop/gitlab_security/public_send.rb +47 -0
- data/lib/rubocop/cop/gitlab_security/redirect_to_params_update.rb +38 -0
- data/lib/rubocop/cop/gitlab_security/send_file_params.rb +40 -0
- data/lib/rubocop/cop/gitlab_security/sql_injection.rb +41 -0
- data/lib/rubocop/cop/gitlab_security/system_command_injection.rb +38 -0
- data/lib/rubocop/cop/in_batches.rb +0 -2
- data/lib/rubocop/cop/internal_affairs/missing_cop_department.rb +80 -0
- data/lib/rubocop/cop/internal_affairs/use_restrict_on_send.rb +99 -0
- data/lib/rubocop/cop/line_break_after_guard_clauses.rb +4 -6
- data/lib/rubocop/cop/line_break_around_conditional_block.rb +1 -1
- data/lib/rubocop/cop/migration/update_large_table.rb +1 -0
- data/lib/rubocop/cop/polymorphic_associations.rb +0 -5
- data/lib/rubocop/cop/rails/include_url_helper.rb +0 -2
- data/lib/rubocop/cop/redirect_with_status.rb +44 -30
- data/lib/rubocop/cop/rspec/empty_line_after_shared_example.rb +9 -2
- data/lib/rubocop/cop/rspec/example_starting_character.rb +1 -1
- data/lib/rubocop/cop/rspec/factory_bot/excessive_create_list.rb +52 -0
- data/lib/rubocop/cop/rspec/useless_dynamic_definition.rb +67 -0
- data/lib/rubocop/cop/rspec/verbose_include_metadata.rb +1 -1
- data/rubocop-capybara.yml +8 -0
- data/rubocop-default.yml +2 -4
- data/rubocop-gemspec.yml +6 -0
- data/rubocop-internal-affairs.yml +11 -0
- data/rubocop-layout.yml +2 -2
- data/rubocop-lint.yml +134 -5
- data/rubocop-naming.yml +5 -0
- data/rubocop-rails.yml +33 -1
- data/rubocop-rspec.yml +5 -5
- data/rubocop-security.yml +19 -1
- data/rubocop-style.yml +18 -3
- metadata +142 -29
- data/lib/gitlab/styles/rubocop/model_helpers.rb +0 -19
@@ -44,8 +44,15 @@ module Rubocop
|
|
44
44
|
MSG = 'Add an empty line after `%<example>s` block.'
|
45
45
|
|
46
46
|
# @!method shared_examples(node)
|
47
|
-
def_node_matcher :shared_examples,
|
48
|
-
|
47
|
+
def_node_matcher :shared_examples, <<~PATTERN
|
48
|
+
{
|
49
|
+
(block (send #rspec? #SharedGroups.all ...) ...)
|
50
|
+
{
|
51
|
+
(block (send nil? #Includes.all ...) ...)
|
52
|
+
(send nil? #Includes.all ...)
|
53
|
+
}
|
54
|
+
}
|
55
|
+
PATTERN
|
49
56
|
|
50
57
|
def on_block(node)
|
51
58
|
shared_examples(node) do
|
@@ -0,0 +1,52 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'rubocop-rspec'
|
4
|
+
require_relative '../base'
|
5
|
+
|
6
|
+
module Rubocop
|
7
|
+
module Cop
|
8
|
+
module RSpec
|
9
|
+
module FactoryBot
|
10
|
+
# Check for create_list FactoryBot declarations higher than configured MaxAmount.
|
11
|
+
#
|
12
|
+
# @example MaxAmount: 20
|
13
|
+
# We do not allow more than 20 items to be created.
|
14
|
+
#
|
15
|
+
# # bad
|
16
|
+
# create_list(:merge_request, 1000, state: :opened)
|
17
|
+
#
|
18
|
+
# # good
|
19
|
+
# create_list(:merge_request, 15, state: :opened)
|
20
|
+
#
|
21
|
+
# @example
|
22
|
+
# We do not allow more than 10 items to be created (default)
|
23
|
+
# # bad
|
24
|
+
# create_list(:merge_request, 1000, state: :opened)
|
25
|
+
#
|
26
|
+
# # good
|
27
|
+
# create_list(:merge_request, 10, state: :opened)
|
28
|
+
#
|
29
|
+
class ExcessiveCreateList < Base
|
30
|
+
MESSAGE = 'Avoid using `create_list` with more than %{max_amount} items.'
|
31
|
+
|
32
|
+
# @!method create_list?(node)
|
33
|
+
def_node_matcher :create_list?, <<~PATTERN
|
34
|
+
(send nil? :create_list (sym ...) $(int _) ...)
|
35
|
+
PATTERN
|
36
|
+
|
37
|
+
RESTRICT_ON_SEND = %i[create_list].freeze
|
38
|
+
|
39
|
+
def on_send(node)
|
40
|
+
number_node = create_list?(node)
|
41
|
+
return unless number_node
|
42
|
+
|
43
|
+
max_amount = cop_config['MaxAmount']
|
44
|
+
return if number_node.value <= max_amount
|
45
|
+
|
46
|
+
add_offense(number_node, message: format(MESSAGE, max_amount: max_amount))
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
@@ -0,0 +1,67 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'base'
|
4
|
+
|
5
|
+
module Rubocop
|
6
|
+
module Cop
|
7
|
+
module RSpec
|
8
|
+
# Flags useless dynamic hook/let definitions via `.each`, `.each_key`, or
|
9
|
+
# `.each_value` without defining a wrapping `context` explicitly inside
|
10
|
+
# the loop block. Without it, the let definition will always/only be set
|
11
|
+
# to the final value.
|
12
|
+
#
|
13
|
+
# @example
|
14
|
+
#
|
15
|
+
# # bad
|
16
|
+
# context 'foo' do
|
17
|
+
# [true, false].each do |bool|
|
18
|
+
# before do
|
19
|
+
# stub_something(bool: bool)
|
20
|
+
# end
|
21
|
+
#
|
22
|
+
# let(:foo) { build(:model, bool: bool) }
|
23
|
+
#
|
24
|
+
# it 'works' do
|
25
|
+
# # `bool` is always `false`
|
26
|
+
# end
|
27
|
+
# end
|
28
|
+
# end
|
29
|
+
#
|
30
|
+
# # good
|
31
|
+
# context 'foo' do
|
32
|
+
# [true, false].each do |bool|
|
33
|
+
# context "with bool #{bool}" do # <--
|
34
|
+
# before do
|
35
|
+
# stub_something(bool: bool)
|
36
|
+
# end
|
37
|
+
#
|
38
|
+
# let(:foo) { build(:model, bool: bool) }
|
39
|
+
#
|
40
|
+
# it 'works' do
|
41
|
+
# # `bool` is `true` and then `false`
|
42
|
+
# end
|
43
|
+
# end
|
44
|
+
# end
|
45
|
+
# end
|
46
|
+
class UselessDynamicDefinition < Base
|
47
|
+
MSG = 'Avoid useless dynamic definitions without `context`.'
|
48
|
+
|
49
|
+
RESTRICT_ON_SEND = %i[each each_key each_value].freeze
|
50
|
+
|
51
|
+
def on_send(node)
|
52
|
+
return unless dynamic_definition?(node.parent)
|
53
|
+
|
54
|
+
add_offense(node.loc.selector)
|
55
|
+
end
|
56
|
+
|
57
|
+
private
|
58
|
+
|
59
|
+
def dynamic_definition?(node)
|
60
|
+
group = RuboCop::RSpec::ExampleGroup.new(node)
|
61
|
+
|
62
|
+
group.lets.any? || group.hooks.any?
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -42,7 +42,7 @@ module Rubocop
|
|
42
42
|
invalid_metadata_matches(node) do |match|
|
43
43
|
add_offense(node, message: format(MSG, good(match), bad(match))) do |corrector|
|
44
44
|
invalid_metadata_matches(node) do |match|
|
45
|
-
corrector.replace(match
|
45
|
+
corrector.replace(match, good(match))
|
46
46
|
end
|
47
47
|
end
|
48
48
|
end
|
data/rubocop-default.yml
CHANGED
@@ -1,6 +1,5 @@
|
|
1
1
|
---
|
2
2
|
require:
|
3
|
-
- rubocop-gitlab-security
|
4
3
|
- rubocop-performance
|
5
4
|
- rubocop-rspec
|
6
5
|
- rubocop-rails
|
@@ -10,9 +9,11 @@ require:
|
|
10
9
|
inherit_from:
|
11
10
|
- rubocop-all.yml
|
12
11
|
- rubocop-bundler.yml
|
12
|
+
- rubocop-capybara.yml
|
13
13
|
- rubocop-fips.yml
|
14
14
|
- rubocop-gemspec.yml
|
15
15
|
- rubocop-graphql.yml
|
16
|
+
- rubocop-internal-affairs.yml
|
16
17
|
- rubocop-layout.yml
|
17
18
|
- rubocop-lint.yml
|
18
19
|
- rubocop-metrics.yml
|
@@ -23,6 +24,3 @@ inherit_from:
|
|
23
24
|
- rubocop-rspec.yml
|
24
25
|
- rubocop-security.yml
|
25
26
|
- rubocop-style.yml
|
26
|
-
|
27
|
-
InternalAffairs/DeprecateCopHelper:
|
28
|
-
Enabled: false
|
data/rubocop-gemspec.yml
CHANGED
@@ -4,3 +4,9 @@
|
|
4
4
|
Gemspec/OrderedDependencies:
|
5
5
|
Include:
|
6
6
|
- '**/*.gemspec'
|
7
|
+
|
8
|
+
# Enforce that development dependencies for a gem are specified in Gemfile,
|
9
|
+
# rather than in the gemspec using add_development_dependency
|
10
|
+
# Reason: Each project may decide to use a different strategy.
|
11
|
+
Gemspec/DevelopmentDependencies:
|
12
|
+
Enabled: false
|
data/rubocop-layout.yml
CHANGED
@@ -54,9 +54,9 @@ Layout/DotPosition:
|
|
54
54
|
Layout/ElseAlignment:
|
55
55
|
Enabled: true
|
56
56
|
|
57
|
-
#
|
57
|
+
# Checks for a newline after the final magic comment.
|
58
58
|
Layout/EmptyLineAfterMagicComment:
|
59
|
-
Enabled:
|
59
|
+
Enabled: true
|
60
60
|
|
61
61
|
# Use empty lines between defs.
|
62
62
|
Layout/EmptyLineBetweenDefs:
|
data/rubocop-lint.yml
CHANGED
@@ -1,4 +1,8 @@
|
|
1
1
|
---
|
2
|
+
# Checks for mistyped shorthand assignments.
|
3
|
+
Lint/AmbiguousAssignment:
|
4
|
+
Enabled: true
|
5
|
+
|
2
6
|
# Checks for ambiguous block association with method when param passed without
|
3
7
|
# parentheses.
|
4
8
|
Lint/AmbiguousBlockAssociation:
|
@@ -9,15 +13,25 @@ Lint/AmbiguousBlockAssociation:
|
|
9
13
|
Lint/AmbiguousOperator:
|
10
14
|
Enabled: true
|
11
15
|
|
16
|
+
# Looks for expressions containing multiple binary operators where precedence
|
17
|
+
# is ambiguous due to lack of parentheses.
|
18
|
+
Lint/AmbiguousOperatorPrecedence:
|
19
|
+
Enabled: true
|
20
|
+
|
21
|
+
# Checks for ambiguous ranges.
|
22
|
+
Lint/AmbiguousRange:
|
23
|
+
Enabled: true
|
24
|
+
|
12
25
|
# This cop checks for ambiguous regexp literals in the first argument of
|
13
26
|
# a method invocation without parentheses.
|
14
27
|
Lint/AmbiguousRegexpLiteral:
|
15
28
|
Enabled: true
|
16
29
|
|
17
|
-
# This cop checks for assignments in the conditions of
|
18
|
-
#
|
30
|
+
# This cop checks for assignments in the conditions of if/while/until.
|
31
|
+
# Forbid assignments within conditions.
|
19
32
|
Lint/AssignmentInCondition:
|
20
|
-
Enabled:
|
33
|
+
Enabled: true
|
34
|
+
AllowSafeAssignment: false
|
21
35
|
|
22
36
|
# Checks for places where binary operator has identical operands
|
23
37
|
Lint/BinaryOperatorWithIdenticalOperands:
|
@@ -31,6 +45,10 @@ Lint/CircularArgumentReference:
|
|
31
45
|
Lint/ConstantDefinitionInBlock: # (new in 0.91)
|
32
46
|
Enabled: true
|
33
47
|
|
48
|
+
# Checks for overwriting an exception with an exception result by use rescue =>.
|
49
|
+
Lint/ConstantOverwrittenInRescue:
|
50
|
+
Enabled: true
|
51
|
+
|
34
52
|
# Check for debugger calls.
|
35
53
|
Lint/Debugger:
|
36
54
|
Enabled: true
|
@@ -39,17 +57,36 @@ Lint/Debugger:
|
|
39
57
|
Lint/DeprecatedClassMethods:
|
40
58
|
Enabled: true
|
41
59
|
|
60
|
+
# Checks for deprecated constants.
|
61
|
+
Lint/DeprecatedConstants:
|
62
|
+
Enabled: true
|
63
|
+
|
42
64
|
# Algorithmic constants for OpenSSL::Cipher and OpenSSL::Digest deprecated since OpenSSL version 2.2.0.
|
43
65
|
# Prefer passing a string instead.
|
44
66
|
# https://docs.rubocop.org/rubocop/0.89/cops_lint.html#lintdeprecatedopensslconstant
|
45
67
|
Lint/DeprecatedOpenSSLConstant:
|
46
68
|
Enabled: true
|
47
69
|
|
70
|
+
# Checks that there are no repeated bodies within if/unless, case-when, case-in
|
71
|
+
# and rescue constructs.
|
72
|
+
Lint/DuplicateBranch:
|
73
|
+
Enabled: true
|
74
|
+
IgnoreLiteralBranches: true
|
75
|
+
IgnoreConstantBranches: true
|
76
|
+
|
48
77
|
# Checks that there are no repeated conditions used in if 'elsif'.
|
49
78
|
# https://docs.rubocop.org/rubocop/0.89/cops_lint.html#lintduplicateelsifcondition
|
50
79
|
Lint/DuplicateElsifCondition:
|
51
80
|
Enabled: true
|
52
81
|
|
82
|
+
# Checks for duplicated magic comments.
|
83
|
+
Lint/DuplicateMagicComment:
|
84
|
+
Enabled: true
|
85
|
+
|
86
|
+
# Checks for duplicate elements in Regexp character classes.
|
87
|
+
Lint/DuplicateRegexpCharacterClassElement:
|
88
|
+
Enabled: true
|
89
|
+
|
53
90
|
Lint/DuplicateRequire: # (new in 0.90)
|
54
91
|
Enabled: true
|
55
92
|
|
@@ -66,6 +103,17 @@ Lint/EachWithObjectArgument:
|
|
66
103
|
Lint/ElseLayout:
|
67
104
|
Enabled: true
|
68
105
|
|
106
|
+
# Checks for blocks without a body. Such empty blocks are typically an
|
107
|
+
# oversight or we should provide a comment be clearer what we’re aiming for.
|
108
|
+
Lint/EmptyBlock:
|
109
|
+
Enabled: true
|
110
|
+
|
111
|
+
# Checks for classes and metaclasses without a body. Such empty classes and
|
112
|
+
# metaclasses are typically an oversight or we should provide a comment to be
|
113
|
+
# clearer what we’re aiming for.
|
114
|
+
Lint/EmptyClass:
|
115
|
+
Enabled: true
|
116
|
+
|
69
117
|
# Checks for the presence of if, elsif and unless branches without a body.
|
70
118
|
# https://docs.rubocop.org/rubocop/0.89/cops_lint.html#lintemptyconditionalbody
|
71
119
|
Lint/EmptyConditionalBody:
|
@@ -78,6 +126,10 @@ Lint/EmptyEnsure:
|
|
78
126
|
Lint/EmptyFile: # (new in 0.90)
|
79
127
|
Enabled: true
|
80
128
|
|
129
|
+
# Checks for the presence of in pattern branches without a body.
|
130
|
+
Lint/EmptyInPattern:
|
131
|
+
Enabled: true
|
132
|
+
|
81
133
|
# Checks for the presence of `when` branches without a body.
|
82
134
|
Lint/EmptyWhen:
|
83
135
|
Enabled: true
|
@@ -111,11 +163,21 @@ Lint/IdentityComparison: # (new in 0.91)
|
|
111
163
|
Lint/ImplicitStringConcatenation:
|
112
164
|
Enabled: true
|
113
165
|
|
166
|
+
# This cop checks for IO.select that is incompatible with Fiber Scheduler since
|
167
|
+
# Ruby 3.0.
|
168
|
+
Lint/IncompatibleIoSelectWithFiberScheduler:
|
169
|
+
Enabled: true
|
170
|
+
|
114
171
|
# Checks for attempts to use `private` or `protected` to set the visibility
|
115
172
|
# of a class method, which does not work.
|
116
173
|
Lint/IneffectiveAccessModifier:
|
117
174
|
Enabled: false
|
118
175
|
|
176
|
+
# Checks uses of lambda without a literal block. It emulates the following
|
177
|
+
# warning in Ruby 3.0:
|
178
|
+
Lint/LambdaWithoutLiteralBlock:
|
179
|
+
Enabled: true
|
180
|
+
|
119
181
|
# Checks of literals used in conditions.
|
120
182
|
Lint/LiteralAsCondition:
|
121
183
|
Enabled: true
|
@@ -147,11 +209,30 @@ Lint/NestedMethodDefinition:
|
|
147
209
|
Lint/NextWithoutAccumulator:
|
148
210
|
Enabled: true
|
149
211
|
|
212
|
+
# Checks for non-atomic file operation. And then replace it with a nearly
|
213
|
+
# equivalent and atomic method.
|
214
|
+
Lint/NonAtomicFileOperation:
|
215
|
+
Enabled: true
|
216
|
+
|
217
|
+
# Checks for the presence of a return inside a begin..end block in assignment
|
218
|
+
# contexts.
|
219
|
+
Lint/NoReturnInBeginEndBlocks:
|
220
|
+
Enabled: true
|
221
|
+
|
222
|
+
# Checks for uses of numbered parameter assignment.
|
223
|
+
# Reason: Ruby >= 3.0 causes an error so no need to enable it.
|
224
|
+
Lint/NumberedParameterAssignment:
|
225
|
+
Enabled: false
|
226
|
+
|
150
227
|
# Looks for references of Regexp captures that are out of range and thus always returns nil.
|
151
228
|
# https://docs.rubocop.org/rubocop/0.89/cops_lint.html#lintoutofrangeregexpref
|
152
229
|
Lint/OutOfRangeRegexpRef:
|
153
230
|
Enabled: true
|
154
231
|
|
232
|
+
# Checks for unintended or-assignment to a constant.
|
233
|
+
Lint/OrAssignmentToConstant:
|
234
|
+
Enabled: true
|
235
|
+
|
155
236
|
# Checks for method calls with a space before the opening parenthesis.
|
156
237
|
Lint/ParenthesesAsGroupedExpression:
|
157
238
|
Enabled: true
|
@@ -165,6 +246,11 @@ Lint/RaiseException:
|
|
165
246
|
Lint/RandOne:
|
166
247
|
Enabled: true
|
167
248
|
|
249
|
+
# This cop checks for redundant sort method to Dir.glob and Dir[]. Sort globbed
|
250
|
+
# results by default in Ruby 3.0.
|
251
|
+
Lint/RedundantDirGlobSort:
|
252
|
+
Enabled: true
|
253
|
+
|
168
254
|
# This cop checks for unneeded usages of splat expansion
|
169
255
|
Lint/RedundantSplatExpansion:
|
170
256
|
Enabled: false
|
@@ -173,10 +259,23 @@ Lint/RedundantSplatExpansion:
|
|
173
259
|
Lint/RedundantStringCoercion:
|
174
260
|
Enabled: true
|
175
261
|
|
262
|
+
# Checks if include or prepend is called in refine block.
|
263
|
+
Lint/RefinementImportMethods:
|
264
|
+
Enabled: true
|
265
|
+
|
176
266
|
# Use parentheses in the method call to avoid confusion about precedence.
|
177
267
|
Lint/RequireParentheses:
|
178
268
|
Enabled: true
|
179
269
|
|
270
|
+
# Checks that a range literal is enclosed in parentheses when the end of the
|
271
|
+
# range is at a line break.
|
272
|
+
Lint/RequireRangeParentheses:
|
273
|
+
Enabled: true
|
274
|
+
|
275
|
+
# Checks for uses a file requiring itself with require_relative.
|
276
|
+
Lint/RequireRelativeSelfPath:
|
277
|
+
Enabled: true
|
278
|
+
|
180
279
|
# Avoid rescuing the Exception class.
|
181
280
|
Lint/RescueException:
|
182
281
|
Enabled: true
|
@@ -207,6 +306,17 @@ Lint/StructNewOverride:
|
|
207
306
|
Lint/SuppressedException:
|
208
307
|
Enabled: false
|
209
308
|
|
309
|
+
# Checks for uses of literal strings converted to a symbol where a literal
|
310
|
+
# symbol could be used instead.
|
311
|
+
Lint/SymbolConversion:
|
312
|
+
Enabled: true
|
313
|
+
EnforcedStyle: strict
|
314
|
+
|
315
|
+
# Ensures that to_enum/enum_for, called for the current method, has correct
|
316
|
+
# arguments.
|
317
|
+
Lint/ToEnumArguments:
|
318
|
+
Enabled: true
|
319
|
+
|
210
320
|
# Checks for top level return with arguments.
|
211
321
|
# https://docs.rubocop.org/rubocop/0.89/cops_lint.html#linttoplevelreturnwithargument
|
212
322
|
Lint/TopLevelReturnWithArgument:
|
@@ -215,10 +325,25 @@ Lint/TopLevelReturnWithArgument:
|
|
215
325
|
Lint/TrailingCommaInAttributeDeclaration: # (new in 0.90)
|
216
326
|
Enabled: true
|
217
327
|
|
328
|
+
# Checks for "triple quotes" (strings delimited by any odd number of quotes
|
329
|
+
# greater than 1).
|
330
|
+
Lint/TripleQuotes:
|
331
|
+
Enabled: true
|
332
|
+
|
218
333
|
# Do not use prefix `_` for a variable that is used.
|
219
334
|
Lint/UnderscorePrefixedVariableName:
|
220
335
|
Enabled: true
|
221
336
|
|
337
|
+
# Checks for a block that is known to need more positional block arguments than
|
338
|
+
# are given.
|
339
|
+
Lint/UnexpectedBlockArity:
|
340
|
+
Enabled: true
|
341
|
+
|
342
|
+
# Looks for reduce or inject blocks where the value returned (implicitly or
|
343
|
+
# explicitly) does not include the accumulator.
|
344
|
+
Lint/UnmodifiedReduceAccumulator:
|
345
|
+
Enabled: true
|
346
|
+
|
222
347
|
# This cop checks for using Fixnum or Bignum constant
|
223
348
|
Lint/UnifiedInteger:
|
224
349
|
Enabled: true
|
@@ -234,11 +359,11 @@ Lint/UnreachableLoop:
|
|
234
359
|
|
235
360
|
# This cop checks for unused block arguments.
|
236
361
|
Lint/UnusedBlockArgument:
|
237
|
-
Enabled:
|
362
|
+
Enabled: true
|
238
363
|
|
239
364
|
# This cop checks for unused method arguments.
|
240
365
|
Lint/UnusedMethodArgument:
|
241
|
-
Enabled:
|
366
|
+
Enabled: true
|
242
367
|
|
243
368
|
# Checks for useless access modifiers.
|
244
369
|
Lint/UselessAccessModifier:
|
@@ -263,6 +388,10 @@ Lint/UselessSetterCall:
|
|
263
388
|
Lint/UselessTimes: # (new in 0.91)
|
264
389
|
Enabled: true
|
265
390
|
|
391
|
+
# Looks for ruby2_keywords calls for methods that do not need it.
|
392
|
+
Lint/UselessRuby2Keywords:
|
393
|
+
Enabled: true
|
394
|
+
|
266
395
|
# Possible use of operator/literal/variable in void context.
|
267
396
|
Lint/Void:
|
268
397
|
Enabled: true
|
data/rubocop-naming.yml
CHANGED
@@ -27,6 +27,11 @@ Naming/FileName:
|
|
27
27
|
Naming/MemoizedInstanceVariableName:
|
28
28
|
Enabled: false
|
29
29
|
|
30
|
+
# Recommends the use of inclusive language instead of problematic terms.
|
31
|
+
Naming/InclusiveLanguage:
|
32
|
+
Enabled: true
|
33
|
+
CheckStrings: true
|
34
|
+
|
30
35
|
# Use the configured style when naming methods.
|
31
36
|
Naming/MethodName:
|
32
37
|
Enabled: true
|
data/rubocop-rails.yml
CHANGED
@@ -3,6 +3,31 @@ require:
|
|
3
3
|
- rubocop-rails
|
4
4
|
- ./lib/gitlab/styles/rubocop
|
5
5
|
|
6
|
+
# Cop that prevents the use of `dependent: ...` in ActiveRecord models.
|
7
|
+
Cop/ActiveRecordDependent:
|
8
|
+
Enabled: true
|
9
|
+
Include:
|
10
|
+
- app/models/**/*.rb
|
11
|
+
|
12
|
+
# Cop that prevents the use of `serialize` in ActiveRecord models.
|
13
|
+
Cop/ActiveRecordSerialize:
|
14
|
+
Enabled: true
|
15
|
+
Include:
|
16
|
+
- app/models/**/*.rb
|
17
|
+
|
18
|
+
# Cop that prevents the use of polymorphic associations.
|
19
|
+
Cop/PolymorphicAssociations:
|
20
|
+
Enabled: true
|
21
|
+
Include:
|
22
|
+
- app/models/**/*.rb
|
23
|
+
|
24
|
+
# Prevents usage of 'redirect_to' in actions 'destroy' and 'destroy_all'
|
25
|
+
# without specifying 'status'.
|
26
|
+
Cop/RedirectWithStatus:
|
27
|
+
Enabled: true
|
28
|
+
Include:
|
29
|
+
- app/controllers/**/*.rb
|
30
|
+
|
6
31
|
# Enables Rails cops.
|
7
32
|
Rails:
|
8
33
|
Enabled: true
|
@@ -115,7 +140,7 @@ Rails/Output:
|
|
115
140
|
# This cop checks for the use of output safety calls like html_safe and
|
116
141
|
# raw.
|
117
142
|
Rails/OutputSafety:
|
118
|
-
Enabled:
|
143
|
+
Enabled: true
|
119
144
|
|
120
145
|
# Enforces the use of pluck over map.
|
121
146
|
# https://docs.rubocop.org/rubocop-rails/2.8/cops_rails.html#railspluck
|
@@ -171,6 +196,13 @@ Rails/SquishedSQLHeredocs:
|
|
171
196
|
Rails/TimeZone:
|
172
197
|
Enabled: false
|
173
198
|
|
199
|
+
# Checks for the use of exit statements (namely return, break and throw) in
|
200
|
+
# transactions. This is due to the eventual unexpected behavior when using
|
201
|
+
# ActiveRecord >= 7, where transactions exited using these statements are being
|
202
|
+
# rollbacked rather than committed (pre ActiveRecord 7 behavior).
|
203
|
+
Rails/TransactionExitStatement:
|
204
|
+
Enabled: true
|
205
|
+
|
174
206
|
# This cop checks for the use of old-style attribute validation macros.
|
175
207
|
Rails/Validation:
|
176
208
|
Enabled: true
|
data/rubocop-rspec.yml
CHANGED
@@ -2,6 +2,11 @@
|
|
2
2
|
require:
|
3
3
|
- ./lib/gitlab/styles/rubocop
|
4
4
|
|
5
|
+
# Check for create_list FactoryBot declarations higher than MaxAmount
|
6
|
+
RSpec/FactoryBot/ExcessiveCreateList:
|
7
|
+
Enabled: true
|
8
|
+
MaxAmount: 10
|
9
|
+
|
5
10
|
# Check that instances are not being stubbed globally.
|
6
11
|
RSpec/AnyInstance:
|
7
12
|
Enabled: false
|
@@ -14,11 +19,6 @@ RSpec/BeEql:
|
|
14
19
|
RSpec/BeforeAfterAll:
|
15
20
|
Enabled: false
|
16
21
|
|
17
|
-
# Checks if there is a more specific finder offered by Capybara.
|
18
|
-
# https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles/-/merge_requests/131#note_1141024624
|
19
|
-
RSpec/Capybara/SpecificFinders:
|
20
|
-
Enabled: false
|
21
|
-
|
22
22
|
# Enforces consistent use of be_a or be_kind_of.
|
23
23
|
# https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles/-/merge_requests/131#note_1141022718
|
24
24
|
RSpec/ClassCheck:
|
data/rubocop-security.yml
CHANGED
@@ -1,6 +1,11 @@
|
|
1
1
|
---
|
2
2
|
require:
|
3
|
-
- rubocop
|
3
|
+
- ./lib/gitlab/styles/rubocop
|
4
|
+
|
5
|
+
# Checks for implementations of the hash method which combine values using
|
6
|
+
# custom logic instead of delegating to Array#hash.
|
7
|
+
Security/CompoundHash:
|
8
|
+
Enabled: true
|
4
9
|
|
5
10
|
# This cop checks for the use of JSON class methods which have potential
|
6
11
|
# security issues.
|
@@ -16,17 +21,23 @@ Security/IoMethods:
|
|
16
21
|
Enabled: true
|
17
22
|
|
18
23
|
GitlabSecurity/DeepMunge:
|
24
|
+
Description: Checks for disabling the deep munge security control.
|
19
25
|
Enabled: true
|
26
|
+
StyleGuide: https://www.rubydoc.info/gems/gitlab-styles/RuboCop/Cop/GitlabSecurity/DeepMunge
|
20
27
|
Exclude:
|
21
28
|
- 'lib/**/*.rake'
|
22
29
|
- 'spec/**/*'
|
23
30
|
|
24
31
|
# To be enabled by https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13610
|
25
32
|
GitlabSecurity/JsonSerialization:
|
33
|
+
Description: Checks for `to_json` / `as_json` without allowing via `only`.
|
26
34
|
Enabled: false
|
35
|
+
StyleGuide: https://www.rubydoc.info/gems/gitlab-styles/RuboCop/Cop/GitlabSecurity/JsonSerialization
|
27
36
|
|
28
37
|
GitlabSecurity/PublicSend:
|
38
|
+
Description: Checks for the use of `public_send`, `send`, and `__send__` methods.
|
29
39
|
Enabled: true
|
40
|
+
StyleGuide: https://www.rubydoc.info/gems/gitlab-styles/RuboCop/Cop/GitlabSecurity/PublicSend
|
30
41
|
Exclude:
|
31
42
|
- 'config/**/*'
|
32
43
|
- 'db/**/*'
|
@@ -35,19 +46,26 @@ GitlabSecurity/PublicSend:
|
|
35
46
|
- 'qa/**/*'
|
36
47
|
- 'spec/**/*'
|
37
48
|
|
49
|
+
GitlabSecurity/SendFileParams:
|
50
|
+
Description: Check for passing of params hash to send_file()
|
51
|
+
Enabled: true
|
52
|
+
|
38
53
|
GitlabSecurity/RedirectToParamsUpdate:
|
54
|
+
Description: Check for use of redirect_to(params.update())
|
39
55
|
Enabled: true
|
40
56
|
Exclude:
|
41
57
|
- 'lib/**/*.rake'
|
42
58
|
- 'spec/**/*'
|
43
59
|
|
44
60
|
GitlabSecurity/SqlInjection:
|
61
|
+
Description: Check for SQL Injection in where()
|
45
62
|
Enabled: true
|
46
63
|
Exclude:
|
47
64
|
- 'lib/**/*.rake'
|
48
65
|
- 'spec/**/*'
|
49
66
|
|
50
67
|
GitlabSecurity/SystemCommandInjection:
|
68
|
+
Description: Check for Command Injection in System()
|
51
69
|
Enabled: true
|
52
70
|
Exclude:
|
53
71
|
- 'lib/**/*.rake'
|
data/rubocop-style.yml
CHANGED
@@ -18,10 +18,14 @@ Style/AndOr:
|
|
18
18
|
Enabled: true
|
19
19
|
EnforcedStyle: always
|
20
20
|
|
21
|
-
#
|
22
|
-
#
|
21
|
+
# This cop enforces the use of Array() instead of explicit Array check or [*var]
|
22
|
+
# It must remain disabled because of safety concern on Array().
|
23
|
+
# A false positive may occur depending on how the argument is handled by Array()
|
24
|
+
# (which can be different than just wrapping the argument in an array)
|
25
|
+
# As of Rubocop 1.0, this cop has been disabled by default.
|
26
|
+
# https://docs.rubocop.org/rubocop/1.44/cops_style.html#safety-3
|
23
27
|
Style/ArrayCoercion:
|
24
|
-
Enabled:
|
28
|
+
Enabled: false
|
25
29
|
|
26
30
|
# Use `Array#join` instead of `Array#*`.
|
27
31
|
Style/ArrayJoin:
|
@@ -289,6 +293,17 @@ Style/NonNilCheck:
|
|
289
293
|
Style/Not:
|
290
294
|
Enabled: true
|
291
295
|
|
296
|
+
# Checks for numbered parameters. It can either restrict the use of numbered
|
297
|
+
# parameters to single-lined blocks, or disallow completely numbered
|
298
|
+
# parameters.
|
299
|
+
Style/NumberedParameters:
|
300
|
+
EnforcedStyle: disallow
|
301
|
+
Enabled: true
|
302
|
+
|
303
|
+
# Detects use of an excessive amount of numbered parameters in a single block.
|
304
|
+
Style/NumberedParametersLimit:
|
305
|
+
Enabled: false
|
306
|
+
|
292
307
|
# Add underscores to large numeric literals to improve their readability.
|
293
308
|
Style/NumericLiterals:
|
294
309
|
Enabled: false
|