mavenlint 1.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 00bca785c140f5c034c9977fb69cdc6b1cf5969b
4
+ data.tar.gz: 61434659e9f5bd87c794db25ae9cd632584f4e07
5
+ SHA512:
6
+ metadata.gz: 197eaa339fad01ae1e3d6c683321f9755a65bd47a30d4d0efed39a38ac5288139994055850da93203f397ca77ce8bb237d71549ce1626fb5fec4d2af39619036
7
+ data.tar.gz: 80dda4fe38ea6c5dc33f094bfa4221215472683619be6be86e3f36f6792ed997b58120dd13b55374c2bb7adfe8fb6c76385829f75009e47123b7e8a6bbece8fe
data/lib/mavenlint.rb ADDED
@@ -0,0 +1 @@
1
+ require 'rubocop/cop/mavenlint/unsafe-mass-assignment'
@@ -0,0 +1,38 @@
1
+ require 'rubocop'
2
+
3
+ module RuboCop
4
+ module Cop
5
+ module Mavenlint
6
+ # Identify usages of mass assignment with potentially 'unsafe' columns allowed.
7
+ #
8
+ # For example
9
+ #
10
+ # class SomeModel
11
+ # attr_accessible :account_id
12
+ # end
13
+ #
14
+ # Allowing mass assignment of a foreign key column is dangerous for models that are created
15
+ # or updated through a publicly accessible endpoint, because the associated model isn't
16
+ # necessarily loaded and ran through security checks.
17
+ class UnsafeMassAssignment < RuboCop::Cop::Cop
18
+ MSG = "Do not allow mass-assignment of foreign key columns".freeze
19
+
20
+ def on_send(node)
21
+ return unless node.command?(:attr_accessible)
22
+
23
+ if unsafe_names?(node)
24
+ add_offense(node, message: MSG)
25
+ end
26
+ end
27
+
28
+ private
29
+
30
+ def unsafe_names?(node)
31
+ node.arguments.any? do |arg|
32
+ arg.source.end_with?('_id')
33
+ end
34
+ end
35
+ end
36
+ end
37
+ end
38
+ end
data/rubocop.yml ADDED
@@ -0,0 +1,58 @@
1
+ AllCops:
2
+ DisabledByDefault: true
3
+
4
+ # Enforce that there are no `debugger` or `binding.pry`.
5
+ Lint/Debugger:
6
+ Enabled: true
7
+
8
+ # Enforce not duplicating methods.
9
+ Lint/DuplicateMethods:
10
+ Enabled: true
11
+
12
+ # Enforce not duplicating hash keys.
13
+ Lint/DuplicatedKey:
14
+ Enabled: true
15
+
16
+ # Ensure that we don't use `private` and `protected` on class methods, which doesn't work.
17
+ Lint/IneffectiveAccessModifier:
18
+ Enabled: true
19
+
20
+ # Ensure that custom errors do not inherit Exception. Instead, they should inherit StandardError.
21
+ Lint/InheritException:
22
+ Enabled: true
23
+
24
+ # Ensure that we don't rescue `Exception`, which will eat syntax errors.
25
+ Lint/RescueException:
26
+ Enabled: true
27
+
28
+ # Ensure that we don't have useless or redudant access modifiers (`private` or `protected`).
29
+ Lint/UselessAccessModifier:
30
+ Enabled: true
31
+
32
+ # Ensure that we're not assigning to variables that we're not using.
33
+ Lint/UselessAssignment:
34
+ Enabled: true
35
+
36
+ # Enforce not using `eval`.
37
+ Security/Eval:
38
+ Enabled: true
39
+
40
+ # Ensure that methods have an empty line between them.
41
+ Layout/EmptyLineBetweenDefs:
42
+ Enabled: true
43
+
44
+ # Ensure that we don't have multiple newlines in a row.
45
+ Layout/EmptyLines:
46
+ Enabled: true
47
+
48
+ # Ensure that access modifiers (`private` and `protected`) have empty lines around them.
49
+ Layout/EmptyLinesAroundAccessModifier:
50
+ Enabled: true
51
+
52
+ # Ensure that there isn't extra newlines within method bodies.
53
+ Layout/EmptyLinesAroundMethodBody:
54
+ Enabled: true
55
+
56
+ # Ensure that two spaces are used for indentation.
57
+ Layout/IndentationWidth:
58
+ Enabled: true
metadata ADDED
@@ -0,0 +1,89 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: mavenlint
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.1.1
5
+ platform: ruby
6
+ authors:
7
+ - Mavenlnk
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2018-03-26 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rake
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '12'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '12'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rspec
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '='
32
+ - !ruby/object:Gem::Version
33
+ version: 3.7.0
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '='
39
+ - !ruby/object:Gem::Version
40
+ version: 3.7.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: rubocop
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '0.49'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '0.49'
55
+ description:
56
+ email:
57
+ - ahuth@mavenlink.com
58
+ executables: []
59
+ extensions: []
60
+ extra_rdoc_files: []
61
+ files:
62
+ - lib/mavenlint.rb
63
+ - lib/rubocop/cop/mavenlint/unsafe-mass-assignment.rb
64
+ - rubocop.yml
65
+ homepage: https://github.com/mavenlink/mavenlint
66
+ licenses:
67
+ - MIT
68
+ metadata: {}
69
+ post_install_message:
70
+ rdoc_options: []
71
+ require_paths:
72
+ - lib
73
+ required_ruby_version: !ruby/object:Gem::Requirement
74
+ requirements:
75
+ - - ">="
76
+ - !ruby/object:Gem::Version
77
+ version: '0'
78
+ required_rubygems_version: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ requirements: []
84
+ rubyforge_project:
85
+ rubygems_version: 2.6.13
86
+ signing_key:
87
+ specification_version: 4
88
+ summary: Mavenlink Rubocop config
89
+ test_files: []