inspec 1.45.9 → 1.45.13

data/lib/bundles/inspec-supermarket/api.rb

@@ -54,11 +54,11 @@ module Supermarket
 
     def self.find(profile, supermarket_url = SUPERMARKET_URL)
       profiles = Supermarket::API.profiles(supermarket_url)
-      if !profiles.empty?
-        index = profiles.index { |t| same?(profile, t, supermarket_url) }
-        # return profile or nil
-        profiles[index] if !index.nil? && index >= 0
-      end
+      return if profiles.empty?
+
+      index = profiles.index { |t| same?(profile, t, supermarket_url) }
+      # return profile or nil
+      profiles[index] if !index.nil? && index >= 0
     end
 
     # verifies that a profile exists
@@ -75,9 +75,9 @@ module Supermarket
 
     def self.send_request(uri, req)
       # send request
-      res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https') {|http|
+      res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https') do |http|
         http.request(req)
-      }
+      end
       [res.is_a?(Net::HTTPSuccess), res.body]
     end
   end

data/lib/bundles/inspec-supermarket/cli.rb

@@ -42,7 +42,7 @@ module Supermarket
       # check that the profile is available
       supermarket_profiles = Supermarket::API.profiles
       found = supermarket_profiles.select { |p|
-        "#{p['tool_owner']}/#{p['slug']}" == profile
+        profile == "#{p['tool_owner']}/#{p['slug']}"
       }
 
       if found.empty?

data/lib/fetchers/git.rb

@@ -24,14 +24,12 @@ module Fetchers
   # you got to this file during debugging, you may want to look at the
   # omnibus source for hints.
   #
-  class Git < Inspec.fetcher(1) # rubocop:disable ClassLength
+  class Git < Inspec.fetcher(1)
     name 'git'
     priority 200
 
     def self.resolve(target, opts = {})
-      if target.respond_to?(:has_key?) &&target.key?(:git)
-        new(target[:git], opts.merge(target))
-      end
+      new(target[:git], opts.merge(target)) if target.respond_to?(:has_key?) && target.key?(:git)
     end
 
     def initialize(remote_url, opts = {})
@@ -121,10 +119,7 @@ module Fetchers
       if tagged_commit
         tagged_commit.first
       else
-        found = pairs.find { |m| m[1].end_with?(ref_name.to_s) }
-        if found
-          found.first
-        end
+        pairs.find { |m| m[1].end_with?(ref_name.to_s) }&.first
       end
     end
 

data/lib/fetchers/local.rb

@@ -16,19 +16,15 @@ module Fetchers
                      resolve_from_hash(target)
                    end
 
-      if local_path
-        new(local_path)
-      end
+      new(local_path) if local_path
     end
 
     def self.resolve_from_hash(target)
-      if target.key?(:path)
-        local_path = target[:path]
-        if target.key?(:cwd)
-          local_path = File.expand_path(local_path, target[:cwd])
-        end
-        local_path
-      end
+      return unless target.key?(:path)
+
+      local_path = target[:path]
+      local_path = File.expand_path(local_path, target[:cwd]) if target.key?(:cwd)
+      local_path
     end
 
     def self.resolve_from_string(target)
@@ -40,9 +36,7 @@ module Fetchers
         target = target.tr('\\', '/')
       end
 
-      if File.exist?(target)
-        target
-      end
+      target if File.exist?(target)
     end
 
     def initialize(target)

data/lib/fetchers/url.rb

@@ -141,7 +141,7 @@ module Fetchers
 
     # Downloads archive to temporary file with side effect :( of setting @archive_type
     def download_archive_to_temp
-      return @temp_archive_path if ! @temp_archive_path.nil?
+      return @temp_archive_path if !@temp_archive_path.nil?
       Inspec::Log.debug("Fetching URL: #{@target}")
       remote = open(@target, http_opts)
       @archive_type = file_type_from_remote(remote) # side effect :(

data/lib/inspec/backend.rb

@@ -68,7 +68,6 @@ module Inspec
       end
 
       cls.new
-
     rescue Train::ClientError => e
       raise "Client error, can't connect to '#{name}' backend: #{e.message}"
     rescue Train::TransportError => e

data/lib/inspec/base_cli.rb

@@ -134,7 +134,7 @@ module Inspec
         config = File.read(file)
       end
 
-      JSON.load(config)
+      JSON.parse(config)
     rescue JSON::ParserError => e
       puts "Failed to load JSON configuration: #{e}\nConfig was: #{config.inspect}"
       exit 1

data/lib/inspec/cached_fetcher.rb

@@ -48,20 +48,19 @@ module Inspec
     end
 
     def assert_cache_sanity!
-      if target.respond_to?(:key?) && target.key?(:sha256)
-        if fetcher.resolved_source[:sha256] != target[:sha256]
-          raise <<EOF
-The remote source #{fetcher} no longer has the requested content:
+      return unless target.respond_to?(:key?) && target.key?(:sha256)
 
-Request Content Hash: #{target[:sha256]}
- Actual Content Hash: #{fetcher.resolved_source[:sha256]}
+      exception_message = <<~EOF
+        The remote source #{fetcher} no longer has the requested content:
 
-For URL, supermarket, compliance, and other sources that do not
-provide versioned artifacts, this likely means that the remote source
-has changed since your lockfile was generated.
-EOF
-        end
-      end
+        Request Content Hash: #{target[:sha256]}
+        Actual Content Hash: #{fetcher.resolved_source[:sha256]}
+
+        For URL, supermarket, compliance, and other sources that do not
+        provide versioned artifacts, this likely means that the remote source
+        has changed since your lockfile was generated.
+      EOF
+      raise exception_message if fetcher.resolved_source[:sha256] != target[:sha256]
     end
   end
 end

data/lib/inspec/cli.rb

@@ -1,4 +1,3 @@
-#!/usr/bin/env ruby
 # encoding: utf-8
 # Copyright 2015 Dominik Richter
 # author: Dominik Richter

data/lib/inspec/control_eval_context.rb

@@ -40,7 +40,7 @@ module Inspec
       profile_context_owner = profile_context
       profile_id = profile_context.profile_id
 
-      Class.new do
+      Class.new do # rubocop:disable Metrics/BlockLength
         include Inspec::DSL
         include Inspec::DSL::RequireOverride
         include resources_dsl
@@ -80,7 +80,7 @@ module Inspec
         # the describe block in the context of that control.
         #
         define_method :describe do |*args, &block|
-          loc = block_location(block, caller[0])
+          loc = block_location(block, caller(1..1).first)
           id = "(generated from #{loc} #{SecureRandom.hex})"
 
           res = nil

data/lib/inspec/dependencies/lockfile.rb

@@ -31,22 +31,22 @@ module Inspec
     # rubocop:disable Style/GuardClause
     def self.validate_lockfile_version!(version)
       if version < MINIMUM_SUPPORTED_VERSION
-        raise <<EOF
-This lockfile specifies a lockfile_version of #{version} which is
-lower than the minimum supported version #{MINIMUM_SUPPORTED_VERSION}.
+        raise <<~EOF
+          This lockfile specifies a lockfile_version of #{version} which is
+          lower than the minimum supported version #{MINIMUM_SUPPORTED_VERSION}.
 
-Please create a new lockfile for this project by running:
+          Please create a new lockfile for this project by running:
 
-    inspec vendor
-EOF
+              inspec vendor
+        EOF
       elsif version > CURRENT_LOCKFILE_VERSION
-        raise <<EOF
-This lockfile claims to be version #{version} which is greater than
-the most recent lockfile version(#{CURRENT_LOCKFILE_VERSION}).
+        raise <<~EOF
+          This lockfile claims to be version #{version} which is greater than
+          the most recent lockfile version(#{CURRENT_LOCKFILE_VERSION}).
 
-This may happen if you are using an older version of inspec than was
-used to create the lockfile.
-EOF
+          This may happen if you are using an older version of inspec than was
+          used to create the lockfile.
+        EOF
       end
     end
     # rubocop:enable Style/GuardClause
@@ -87,9 +87,7 @@ EOF
     end
 
     def parse_content_hash_1(lockfile_content_hash)
-      @deps = if lockfile_content_hash['depends']
-                lockfile_content_hash['depends'].map { |i| symbolize_keys(i) }
-              end
+      @deps = lockfile_content_hash['depends']&.map { |i| symbolize_keys(i) }
     end
 
     def mutate_hash_keys_with(hash, fun)

data/lib/inspec/dependencies/requirement.rb

@@ -111,7 +111,7 @@ module Inspec
 
     # load the profile for the requirement
     def profile
-      return @profile if ! @profile.nil?
+      return @profile unless @profile.nil?
       opts = @opts.dup
       opts[:backend] = @backend
       if !@dependencies.nil?

data/lib/inspec/dependencies/resolver.rb

@@ -64,11 +64,9 @@ module Inspec
                             path_string + " -> #{dep.name}"
                           end
 
-        if new_seen_items.key?(dep.resolved_source)
-          raise Inspec::CyclicDependencyError, "Dependency #{dep} would cause a dependency cycle (#{new_path_string})"
-        else
-          new_seen_items[dep.resolved_source] = true
-        end
+        raise Inspec::CyclicDependencyError, "Dependency #{dep} would cause a dependency cycle (#{new_path_string})" if new_seen_items.key?(dep.resolved_source)
+
+        new_seen_items[dep.resolved_source] = true
 
         if !dep.source_satisfies_spec?
           raise Inspec::UnsatisfiedVersionSpecification, "The profile #{dep.name} from #{dep.resolved_source} has a version #{dep.source_version} which doesn't match #{dep.version_constraints}"

data/lib/inspec/dsl.rb

@@ -33,12 +33,12 @@ module Inspec::DSL
 
     dep_entry = dependencies.list[profile_id]
     if dep_entry.nil?
-      raise <<EOF
-Cannot load #{profile_id} since it is not listed as a dependency of #{bind_context.profile_name}.
+      raise <<~EOF
+        Cannot load #{profile_id} since it is not listed as a dependency of #{bind_context.profile_name}.
 
-Dependencies available from this context are:
-    #{dependencies.list.keys.join("\n    ")}
-EOF
+        Dependencies available from this context are:
+            #{dependencies.list.keys.join("\n    ")}
+      EOF
     end
 
     context = dep_entry.profile.runner_context

data/lib/inspec/dsl_shared.rb

@@ -18,7 +18,7 @@ module Inspec
         # We cannot rely on libraries residing on disk however.
         # TODO: Sandboxing.
         content, path, line = @require_loader.load(rbpath)
-        eval(content, TOPLEVEL_BINDING, path, line) # rubocop:disable Lint/Eval
+        eval(content, TOPLEVEL_BINDING, path, line) # rubocop:disable Security/Eval
       end
     end
   end

data/lib/inspec/env_printer.rb

@@ -41,7 +41,7 @@ module Inspec
     end
 
     def have_shell?
-      ! (@shell.nil? || @shell.empty?)
+      !(@shell.nil? || @shell.empty?)
     end
 
     def have_shell_completion?
@@ -61,26 +61,26 @@ module Inspec
     end
 
     def print_usage_guidance
-      puts <<EOF
-# To use this, eval it in your shell
-#
-#    #{EVAL_COMMANDS[shell]}
-#
-#
-EOF
+      puts <<~EOF
+        # To use this, eval it in your shell
+        #
+        #    #{EVAL_COMMANDS[shell]}
+        #
+        #
+      EOF
     end
 
     def print_detection_warning(device)
-      device.puts <<EOF
-#
-# The shell #{@shell} was auto-detected. If this is incorrect, please
-# specify a shell explicitly by running:
-#
-#     inspec env SHELLNAME
-#
-# Currently supported shells are: #{shells_with_completions.join(', ')}
-#
-EOF
+      device.puts <<~EOF
+        #
+        # The shell #{@shell} was auto-detected. If this is incorrect, please
+        # specify a shell explicitly by running:
+        #
+        #     inspec env SHELLNAME
+        #
+        # Currently supported shells are: #{shells_with_completions.join(', ')}
+        #
+      EOF
     end
 
     def exit_no_completion
@@ -93,14 +93,14 @@ EOF
       if @detected
         $stderr.puts '# Unable to automatically detect shell and no shell was provided.'
       end
-      $stderr.puts <<EOF
-#
-# Please provide the name of your shell via the command line:
-#
-#    inspec env SHELLNAME
-#
-# Currently supported shells are: #{shells_with_completions.join(', ')}
-EOF
+      $stderr.puts <<~EOF
+        #
+        # Please provide the name of your shell via the command line:
+        #
+        #    inspec env SHELLNAME
+        #
+        # Currently supported shells are: #{shells_with_completions.join(', ')}
+      EOF
       exit 1
     end
 

data/lib/inspec/metadata.rb

@@ -110,7 +110,7 @@ module Inspec
       errors = []
       warnings = []
 
-      %w{ name version }.each do |field|
+      %w{name version}.each do |field|
         next unless params[field.to_sym].nil?
         errors.push("Missing profile #{field} in #{ref}")
       end
@@ -126,7 +126,7 @@ module Inspec
         errors.push('Version needs to be in SemVer format')
       end
 
-      %w{ title summary maintainer copyright license }.each do |field|
+      %w{title summary maintainer copyright license}.each do |field|
         next unless params[field.to_sym].nil?
         warnings.push("Missing profile #{field} in #{ref}")
       end
@@ -165,11 +165,11 @@ module Inspec
       return obj.map { |i| symbolize_keys(i) } if obj.is_a?(Array)
       return obj unless obj.is_a?(Hash)
 
-      obj.each_with_object({}) {|(k, v), h|
+      obj.each_with_object({}) do |(k, v), h|
         v = symbolize_keys(v) if v.is_a?(Hash)
         v = symbolize_keys(v) if v.is_a?(Array)
         h[k.to_sym] = v
-      }
+      end
     end
 
     def self.finalize_supports_elem(elem, logger)
@@ -188,7 +188,8 @@ module Inspec
         logger ||= Logger.new(nil)
         logger.warn(
           "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
-          "supports:\n  - os-family: #{x}\n\n")
+          "supports:\n  - os-family: #{x}\n\n",
+        )
         { :'os-family' => x } # rubocop:disable Style/HashSyntax
       end
     end
@@ -202,7 +203,8 @@ module Inspec
         logger ||= Logger.new(nil)
         logger.warn(
           "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
-          "supports:\n  - os-family: #{x}\n\n")
+          "supports:\n  - os-family: #{x}\n\n",
+        )
         [{ :'os-family' => x }] # rubocop:disable Style/HashSyntax
       end
     end
@@ -223,10 +225,9 @@ module Inspec
       # create a new name based on the original target if it exists
       # Crudely slug the target to not contain slashes, to avoid breaking
       # unit tests that look for warning sequences
-      unless original_target.to_s.empty?
-        metadata.params[:title] = "tests from #{original_target}"
-        metadata.params[:name] = metadata.params[:title].gsub(%r{[\\\/]}, '.')
-      end
+      return if original_target.to_s.empty?
+      metadata.params[:title] = "tests from #{original_target}"
+      metadata.params[:name] = metadata.params[:title].gsub(%r{[\\\/]}, '.')
     end
 
     def self.finalize(metadata, profile_id, options, logger = nil)

data/lib/inspec/objects/or_test.rb

@@ -24,10 +24,12 @@ module Inspec
           test.negate!
           test
         }.map(&:to_ruby).join("\n")
-        return all_tests
+
+        all_tests
       else
         all_tests = @tests.map(&:to_ruby).join("\n").gsub("\n", "\n  ")
-        return format("describe.one do\n  %s\nend", all_tests)
+
+        format("describe.one do\n  %s\nend", all_tests)
       end
     end