RubyGems - rubbycop - Versions diffs - 0.49.0 - Mend

rubbycop 0.49.0

Files changed (499) hide show

checksums.yaml +7 -0
data/LICENSE.txt +21 -0
data/README.md +211 -0
data/assets/logo.png +0 -0
data/assets/output.html.erb +261 -0
data/bin/rubbycop +17 -0
data/config/default.yml +1548 -0
data/config/disabled.yml +119 -0
data/config/enabled.yml +1734 -0
data/lib/rubbycop.rb +510 -0
data/lib/rubbycop/ast/builder.rb +64 -0
data/lib/rubbycop/ast/node.rb +610 -0
data/lib/rubbycop/ast/node/and_node.rb +37 -0
data/lib/rubbycop/ast/node/array_node.rb +48 -0
data/lib/rubbycop/ast/node/case_node.rb +64 -0
data/lib/rubbycop/ast/node/ensure_node.rb +25 -0
data/lib/rubbycop/ast/node/for_node.rb +53 -0
data/lib/rubbycop/ast/node/hash_node.rb +109 -0
data/lib/rubbycop/ast/node/if_node.rb +138 -0
data/lib/rubbycop/ast/node/keyword_splat_node.rb +45 -0
data/lib/rubbycop/ast/node/mixin/binary_operator_node.rb +23 -0
data/lib/rubbycop/ast/node/mixin/conditional_node.rb +45 -0
data/lib/rubbycop/ast/node/mixin/hash_element_node.rb +125 -0
data/lib/rubbycop/ast/node/mixin/modifier_node.rb +17 -0
data/lib/rubbycop/ast/node/mixin/predicate_operator_node.rb +35 -0
data/lib/rubbycop/ast/node/or_node.rb +37 -0
data/lib/rubbycop/ast/node/pair_node.rb +64 -0
data/lib/rubbycop/ast/node/resbody_node.rb +25 -0
data/lib/rubbycop/ast/node/send_node.rb +209 -0
data/lib/rubbycop/ast/node/until_node.rb +43 -0
data/lib/rubbycop/ast/node/when_node.rb +61 -0
data/lib/rubbycop/ast/node/while_node.rb +43 -0
data/lib/rubbycop/ast/sexp.rb +16 -0
data/lib/rubbycop/ast/traversal.rb +171 -0
data/lib/rubbycop/cached_data.rb +63 -0
data/lib/rubbycop/cli.rb +199 -0
data/lib/rubbycop/comment_config.rb +155 -0
data/lib/rubbycop/config.rb +444 -0
data/lib/rubbycop/config_loader.rb +244 -0
data/lib/rubbycop/config_loader_resolver.rb +43 -0
data/lib/rubbycop/config_store.rb +48 -0
data/lib/rubbycop/cop/autocorrect_logic.rb +26 -0
data/lib/rubbycop/cop/badge.rb +73 -0
data/lib/rubbycop/cop/bundler/duplicated_gem.rb +69 -0
data/lib/rubbycop/cop/bundler/ordered_gems.rb +113 -0
data/lib/rubbycop/cop/commissioner.rb +118 -0
data/lib/rubbycop/cop/cop.rb +222 -0
data/lib/rubbycop/cop/corrector.rb +135 -0
data/lib/rubbycop/cop/force.rb +41 -0
data/lib/rubbycop/cop/ignored_node.rb +38 -0
data/lib/rubbycop/cop/layout/access_modifier_indentation.rb +109 -0
data/lib/rubbycop/cop/layout/align_array.rb +35 -0
data/lib/rubbycop/cop/layout/align_hash.rb +235 -0
data/lib/rubbycop/cop/layout/align_parameters.rb +97 -0
data/lib/rubbycop/cop/layout/block_end_newline.rb +56 -0
data/lib/rubbycop/cop/layout/case_indentation.rb +163 -0
data/lib/rubbycop/cop/layout/closing_parenthesis_indentation.rb +88 -0
data/lib/rubbycop/cop/layout/comment_indentation.rb +71 -0
data/lib/rubbycop/cop/layout/dot_position.rb +84 -0
data/lib/rubbycop/cop/layout/else_alignment.rb +105 -0
data/lib/rubbycop/cop/layout/empty_line_after_magic_comment.rb +63 -0
data/lib/rubbycop/cop/layout/empty_line_between_defs.rb +143 -0
data/lib/rubbycop/cop/layout/empty_lines.rb +60 -0
data/lib/rubbycop/cop/layout/empty_lines_around_access_modifier.rb +90 -0
data/lib/rubbycop/cop/layout/empty_lines_around_begin_body.rb +42 -0
data/lib/rubbycop/cop/layout/empty_lines_around_block_body.rb +41 -0
data/lib/rubbycop/cop/layout/empty_lines_around_class_body.rb +39 -0
data/lib/rubbycop/cop/layout/empty_lines_around_exception_handling_keywords.rb +127 -0
data/lib/rubbycop/cop/layout/empty_lines_around_method_body.rb +41 -0
data/lib/rubbycop/cop/layout/empty_lines_around_module_body.rb +44 -0
data/lib/rubbycop/cop/layout/end_of_line.rb +52 -0
data/lib/rubbycop/cop/layout/extra_spacing.rb +237 -0
data/lib/rubbycop/cop/layout/first_array_element_line_break.rb +41 -0
data/lib/rubbycop/cop/layout/first_hash_element_line_break.rb +33 -0
data/lib/rubbycop/cop/layout/first_method_argument_line_break.rb +49 -0
data/lib/rubbycop/cop/layout/first_method_parameter_line_break.rb +42 -0
data/lib/rubbycop/cop/layout/first_parameter_indentation.rb +109 -0
data/lib/rubbycop/cop/layout/indent_array.rb +114 -0
data/lib/rubbycop/cop/layout/indent_assignment.rb +42 -0
data/lib/rubbycop/cop/layout/indent_hash.rb +134 -0
data/lib/rubbycop/cop/layout/indent_heredoc.rb +173 -0
data/lib/rubbycop/cop/layout/indentation_consistency.rb +51 -0
data/lib/rubbycop/cop/layout/indentation_width.rb +303 -0
data/lib/rubbycop/cop/layout/initial_indentation.rb +42 -0
data/lib/rubbycop/cop/layout/leading_comment_space.rb +43 -0
data/lib/rubbycop/cop/layout/multiline_array_brace_layout.rb +81 -0
data/lib/rubbycop/cop/layout/multiline_assignment_layout.rb +88 -0
data/lib/rubbycop/cop/layout/multiline_block_layout.rb +134 -0
data/lib/rubbycop/cop/layout/multiline_hash_brace_layout.rb +81 -0
data/lib/rubbycop/cop/layout/multiline_method_call_brace_layout.rb +97 -0
data/lib/rubbycop/cop/layout/multiline_method_call_indentation.rb +215 -0
data/lib/rubbycop/cop/layout/multiline_method_definition_brace_layout.rb +82 -0
data/lib/rubbycop/cop/layout/multiline_operation_indentation.rb +89 -0
data/lib/rubbycop/cop/layout/rescue_ensure_alignment.rb +86 -0
data/lib/rubbycop/cop/layout/space_after_colon.rb +40 -0
data/lib/rubbycop/cop/layout/space_after_comma.rb +21 -0
data/lib/rubbycop/cop/layout/space_after_method_name.rb +37 -0
data/lib/rubbycop/cop/layout/space_after_not.rb +38 -0
data/lib/rubbycop/cop/layout/space_after_semicolon.rb +21 -0
data/lib/rubbycop/cop/layout/space_around_block_parameters.rb +109 -0
data/lib/rubbycop/cop/layout/space_around_equals_in_parameter_default.rb +68 -0
data/lib/rubbycop/cop/layout/space_around_keyword.rb +224 -0
data/lib/rubbycop/cop/layout/space_around_operators.rb +142 -0
data/lib/rubbycop/cop/layout/space_before_block_braces.rb +54 -0
data/lib/rubbycop/cop/layout/space_before_comma.rb +16 -0
data/lib/rubbycop/cop/layout/space_before_comment.rb +27 -0
data/lib/rubbycop/cop/layout/space_before_first_arg.rb +64 -0
data/lib/rubbycop/cop/layout/space_before_semicolon.rb +16 -0
data/lib/rubbycop/cop/layout/space_in_lambda_literal.rb +87 -0
data/lib/rubbycop/cop/layout/space_inside_array_percent_literal.rb +53 -0
data/lib/rubbycop/cop/layout/space_inside_block_braces.rb +158 -0
data/lib/rubbycop/cop/layout/space_inside_brackets.rb +20 -0
data/lib/rubbycop/cop/layout/space_inside_hash_literal_braces.rb +150 -0
data/lib/rubbycop/cop/layout/space_inside_parens.rb +16 -0
data/lib/rubbycop/cop/layout/space_inside_percent_literal_delimiters.rb +64 -0
data/lib/rubbycop/cop/layout/space_inside_range_literal.rb +63 -0
data/lib/rubbycop/cop/layout/space_inside_string_interpolation.rb +65 -0
data/lib/rubbycop/cop/layout/tab.rb +57 -0
data/lib/rubbycop/cop/layout/trailing_blank_lines.rb +78 -0
data/lib/rubbycop/cop/layout/trailing_whitespace.rb +28 -0
data/lib/rubbycop/cop/lint/ambiguous_block_association.rb +66 -0
data/lib/rubbycop/cop/lint/ambiguous_operator.rb +55 -0
data/lib/rubbycop/cop/lint/ambiguous_regexp_literal.rb +43 -0
data/lib/rubbycop/cop/lint/assignment_in_condition.rb +80 -0
data/lib/rubbycop/cop/lint/block_alignment.rb +229 -0
data/lib/rubbycop/cop/lint/circular_argument_reference.rb +83 -0
data/lib/rubbycop/cop/lint/condition_position.rb +52 -0
data/lib/rubbycop/cop/lint/debugger.rb +72 -0
data/lib/rubbycop/cop/lint/def_end_alignment.rb +78 -0
data/lib/rubbycop/cop/lint/deprecated_class_methods.rb +90 -0
data/lib/rubbycop/cop/lint/duplicate_case_condition.rb +53 -0
data/lib/rubbycop/cop/lint/duplicate_methods.rb +151 -0
data/lib/rubbycop/cop/lint/duplicated_key.rb +38 -0
data/lib/rubbycop/cop/lint/each_with_object_argument.rb +39 -0
data/lib/rubbycop/cop/lint/else_layout.rb +65 -0
data/lib/rubbycop/cop/lint/empty_ensure.rb +60 -0
data/lib/rubbycop/cop/lint/empty_expression.rb +42 -0
data/lib/rubbycop/cop/lint/empty_interpolation.rb +36 -0
data/lib/rubbycop/cop/lint/empty_when.rb +38 -0
data/lib/rubbycop/cop/lint/end_alignment.rb +157 -0
data/lib/rubbycop/cop/lint/end_in_method.rb +40 -0
data/lib/rubbycop/cop/lint/ensure_return.rb +43 -0
data/lib/rubbycop/cop/lint/float_out_of_range.rb +35 -0
data/lib/rubbycop/cop/lint/format_parameter_mismatch.rb +182 -0
data/lib/rubbycop/cop/lint/handle_exceptions.rb +56 -0
data/lib/rubbycop/cop/lint/implicit_string_concatenation.rb +95 -0
data/lib/rubbycop/cop/lint/ineffective_access_modifier.rb +143 -0
data/lib/rubbycop/cop/lint/inherit_exception.rb +83 -0
data/lib/rubbycop/cop/lint/invalid_character_literal.rb +41 -0
data/lib/rubbycop/cop/lint/literal_in_condition.rb +127 -0
data/lib/rubbycop/cop/lint/literal_in_interpolation.rb +76 -0
data/lib/rubbycop/cop/lint/loop.rb +63 -0
data/lib/rubbycop/cop/lint/multiple_compare.rb +48 -0
data/lib/rubbycop/cop/lint/nested_method_definition.rb +105 -0
data/lib/rubbycop/cop/lint/next_without_accumulator.rb +50 -0
data/lib/rubbycop/cop/lint/non_local_exit_from_iterator.rb +85 -0
data/lib/rubbycop/cop/lint/parentheses_as_grouped_expression.rb +60 -0
data/lib/rubbycop/cop/lint/percent_string_array.rb +84 -0
data/lib/rubbycop/cop/lint/percent_symbol_array.rb +66 -0
data/lib/rubbycop/cop/lint/rand_one.rb +39 -0
data/lib/rubbycop/cop/lint/require_parentheses.rb +61 -0
data/lib/rubbycop/cop/lint/rescue_exception.rb +45 -0
data/lib/rubbycop/cop/lint/safe_navigation_chain.rb +70 -0
data/lib/rubbycop/cop/lint/shadowed_exception.rb +132 -0
data/lib/rubbycop/cop/lint/shadowing_outer_local_variable.rb +53 -0
data/lib/rubbycop/cop/lint/string_conversion_in_interpolation.rb +58 -0
data/lib/rubbycop/cop/lint/syntax.rb +55 -0
data/lib/rubbycop/cop/lint/underscore_prefixed_variable_name.rb +62 -0
data/lib/rubbycop/cop/lint/unified_integer.rb +42 -0
data/lib/rubbycop/cop/lint/unneeded_disable.rb +231 -0
data/lib/rubbycop/cop/lint/unneeded_splat_expansion.rb +141 -0
data/lib/rubbycop/cop/lint/unreachable_code.rb +52 -0
data/lib/rubbycop/cop/lint/unused_block_argument.rb +145 -0
data/lib/rubbycop/cop/lint/unused_method_argument.rb +61 -0
data/lib/rubbycop/cop/lint/useless_access_modifier.rb +229 -0
data/lib/rubbycop/cop/lint/useless_assignment.rb +132 -0
data/lib/rubbycop/cop/lint/useless_comparison.rb +28 -0
data/lib/rubbycop/cop/lint/useless_else_without_rescue.rb +46 -0
data/lib/rubbycop/cop/lint/useless_setter_call.rb +162 -0
data/lib/rubbycop/cop/lint/void.rb +108 -0
data/lib/rubbycop/cop/message_annotator.rb +116 -0
data/lib/rubbycop/cop/metrics/abc_size.rb +39 -0
data/lib/rubbycop/cop/metrics/block_length.rb +32 -0
data/lib/rubbycop/cop/metrics/block_nesting.rb +64 -0
data/lib/rubbycop/cop/metrics/class_length.rb +24 -0
data/lib/rubbycop/cop/metrics/cyclomatic_complexity.rb +31 -0
data/lib/rubbycop/cop/metrics/line_length.rb +168 -0
data/lib/rubbycop/cop/metrics/method_length.rb +27 -0
data/lib/rubbycop/cop/metrics/module_length.rb +24 -0
data/lib/rubbycop/cop/metrics/parameter_lists.rb +45 -0
data/lib/rubbycop/cop/metrics/perceived_complexity.rb +61 -0
data/lib/rubbycop/cop/mixin/access_modifier_node.rb +41 -0
data/lib/rubbycop/cop/mixin/annotation_comment.rb +36 -0
data/lib/rubbycop/cop/mixin/array_hash_indentation.rb +82 -0
data/lib/rubbycop/cop/mixin/array_min_size.rb +59 -0
data/lib/rubbycop/cop/mixin/array_syntax.rb +15 -0
data/lib/rubbycop/cop/mixin/autocorrect_alignment.rb +149 -0
data/lib/rubbycop/cop/mixin/check_assignment.rb +40 -0
data/lib/rubbycop/cop/mixin/classish_length.rb +36 -0
data/lib/rubbycop/cop/mixin/code_length.rb +32 -0
data/lib/rubbycop/cop/mixin/configurable_enforced_style.rb +97 -0
data/lib/rubbycop/cop/mixin/configurable_formatting.rb +48 -0
data/lib/rubbycop/cop/mixin/configurable_max.rb +19 -0
data/lib/rubbycop/cop/mixin/configurable_naming.rb +16 -0
data/lib/rubbycop/cop/mixin/configurable_numbering.rb +17 -0
data/lib/rubbycop/cop/mixin/def_node.rb +27 -0
data/lib/rubbycop/cop/mixin/documentation_comment.rb +46 -0
data/lib/rubbycop/cop/mixin/duplication.rb +46 -0
data/lib/rubbycop/cop/mixin/empty_lines_around_body.rb +161 -0
data/lib/rubbycop/cop/mixin/end_keyword_alignment.rb +85 -0
data/lib/rubbycop/cop/mixin/enforce_superclass.rb +36 -0
data/lib/rubbycop/cop/mixin/first_element_line_break.rb +41 -0
data/lib/rubbycop/cop/mixin/frozen_string_literal.rb +37 -0
data/lib/rubbycop/cop/mixin/hash_alignment.rb +116 -0
data/lib/rubbycop/cop/mixin/ignored_pattern.rb +27 -0
data/lib/rubbycop/cop/mixin/integer_node.rb +12 -0
data/lib/rubbycop/cop/mixin/match_range.rb +22 -0
data/lib/rubbycop/cop/mixin/method_complexity.rb +30 -0
data/lib/rubbycop/cop/mixin/method_preference.rb +30 -0
data/lib/rubbycop/cop/mixin/min_body_length.rb +19 -0
data/lib/rubbycop/cop/mixin/multiline_expression_indentation.rb +183 -0
data/lib/rubbycop/cop/mixin/multiline_literal_brace_layout.rb +152 -0
data/lib/rubbycop/cop/mixin/negative_conditional.rb +43 -0
data/lib/rubbycop/cop/mixin/on_method_def.rb +44 -0
data/lib/rubbycop/cop/mixin/on_normal_if_unless.rb +14 -0
data/lib/rubbycop/cop/mixin/parentheses.rb +22 -0
data/lib/rubbycop/cop/mixin/parser_diagnostic.rb +34 -0
data/lib/rubbycop/cop/mixin/percent_literal.rb +100 -0
data/lib/rubbycop/cop/mixin/preceding_following_alignment.rb +89 -0
data/lib/rubbycop/cop/mixin/rescue_node.rb +21 -0
data/lib/rubbycop/cop/mixin/safe_assignment.rb +20 -0
data/lib/rubbycop/cop/mixin/safe_mode.rb +22 -0
data/lib/rubbycop/cop/mixin/space_after_punctuation.rb +55 -0
data/lib/rubbycop/cop/mixin/space_before_punctuation.rb +48 -0
data/lib/rubbycop/cop/mixin/space_inside.rb +76 -0
data/lib/rubbycop/cop/mixin/statement_modifier.rb +69 -0
data/lib/rubbycop/cop/mixin/string_help.rb +33 -0
data/lib/rubbycop/cop/mixin/string_literals_help.rb +33 -0
data/lib/rubbycop/cop/mixin/surrounding_space.rb +40 -0
data/lib/rubbycop/cop/mixin/target_rails_version.rb +16 -0
data/lib/rubbycop/cop/mixin/target_ruby_version.rb +16 -0
data/lib/rubbycop/cop/mixin/too_many_lines.rb +39 -0
data/lib/rubbycop/cop/mixin/trailing_comma.rb +161 -0
data/lib/rubbycop/cop/mixin/unused_argument.rb +42 -0
data/lib/rubbycop/cop/offense.rb +188 -0
data/lib/rubbycop/cop/performance/caller.rb +41 -0
data/lib/rubbycop/cop/performance/case_when_splat.rb +176 -0
data/lib/rubbycop/cop/performance/casecmp.rb +107 -0
data/lib/rubbycop/cop/performance/compare_with_block.rb +107 -0
data/lib/rubbycop/cop/performance/count.rb +98 -0
data/lib/rubbycop/cop/performance/detect.rb +107 -0
data/lib/rubbycop/cop/performance/double_start_end_with.rb +102 -0
data/lib/rubbycop/cop/performance/end_with.rb +55 -0
data/lib/rubbycop/cop/performance/fixed_size.rb +56 -0
data/lib/rubbycop/cop/performance/flat_map.rb +73 -0
data/lib/rubbycop/cop/performance/hash_each_methods.rb +84 -0
data/lib/rubbycop/cop/performance/lstrip_rstrip.rb +41 -0
data/lib/rubbycop/cop/performance/range_include.rb +41 -0
data/lib/rubbycop/cop/performance/redundant_block_call.rb +93 -0
data/lib/rubbycop/cop/performance/redundant_match.rb +55 -0
data/lib/rubbycop/cop/performance/redundant_merge.rb +149 -0
data/lib/rubbycop/cop/performance/redundant_sort_by.rb +45 -0
data/lib/rubbycop/cop/performance/regexp_match.rb +215 -0
data/lib/rubbycop/cop/performance/reverse_each.rb +40 -0
data/lib/rubbycop/cop/performance/sample.rb +140 -0
data/lib/rubbycop/cop/performance/size.rb +71 -0
data/lib/rubbycop/cop/performance/start_with.rb +58 -0
data/lib/rubbycop/cop/performance/string_replacement.rb +170 -0
data/lib/rubbycop/cop/performance/times_map.rb +61 -0
data/lib/rubbycop/cop/rails/action_filter.rb +96 -0
data/lib/rubbycop/cop/rails/active_support_aliases.rb +68 -0
data/lib/rubbycop/cop/rails/application_job.rb +32 -0
data/lib/rubbycop/cop/rails/application_record.rb +32 -0
data/lib/rubbycop/cop/rails/blank.rb +138 -0
data/lib/rubbycop/cop/rails/date.rb +127 -0
data/lib/rubbycop/cop/rails/delegate.rb +106 -0
data/lib/rubbycop/cop/rails/delegate_allow_blank.rb +51 -0
data/lib/rubbycop/cop/rails/dynamic_find_by.rb +81 -0
data/lib/rubbycop/cop/rails/enum_uniqueness.rb +43 -0
data/lib/rubbycop/cop/rails/exit.rb +61 -0
data/lib/rubbycop/cop/rails/file_path.rb +75 -0
data/lib/rubbycop/cop/rails/find_by.rb +51 -0
data/lib/rubbycop/cop/rails/find_each.rb +47 -0
data/lib/rubbycop/cop/rails/has_and_belongs_to_many.rb +18 -0
data/lib/rubbycop/cop/rails/http_positional_arguments.rb +106 -0
data/lib/rubbycop/cop/rails/not_null_column.rb +67 -0
data/lib/rubbycop/cop/rails/output.rb +23 -0
data/lib/rubbycop/cop/rails/output_safety.rb +58 -0
data/lib/rubbycop/cop/rails/pluralization_grammar.rb +106 -0
data/lib/rubbycop/cop/rails/present.rb +143 -0
data/lib/rubbycop/cop/rails/read_write_attribute.rb +65 -0
data/lib/rubbycop/cop/rails/relative_date_constant.rb +88 -0
data/lib/rubbycop/cop/rails/request_referer.rb +56 -0
data/lib/rubbycop/cop/rails/reversible_migration.rb +216 -0
data/lib/rubbycop/cop/rails/safe_navigation.rb +91 -0
data/lib/rubbycop/cop/rails/save_bang.rb +160 -0
data/lib/rubbycop/cop/rails/scope_args.rb +29 -0
data/lib/rubbycop/cop/rails/skips_model_validations.rb +63 -0
data/lib/rubbycop/cop/rails/time_zone.rb +197 -0
data/lib/rubbycop/cop/rails/uniq_before_pluck.rb +93 -0
data/lib/rubbycop/cop/rails/validation.rb +64 -0
data/lib/rubbycop/cop/registry.rb +171 -0
data/lib/rubbycop/cop/security/eval.rb +30 -0
data/lib/rubbycop/cop/security/json_load.rb +44 -0
data/lib/rubbycop/cop/security/marshal_load.rb +37 -0
data/lib/rubbycop/cop/security/yaml_load.rb +37 -0
data/lib/rubbycop/cop/severity.rb +76 -0
data/lib/rubbycop/cop/style/accessor_method_name.rb +45 -0
data/lib/rubbycop/cop/style/alias.rb +119 -0
data/lib/rubbycop/cop/style/and_or.rb +125 -0
data/lib/rubbycop/cop/style/array_join.rb +30 -0
data/lib/rubbycop/cop/style/ascii_comments.rb +38 -0
data/lib/rubbycop/cop/style/ascii_identifiers.rb +36 -0
data/lib/rubbycop/cop/style/attr.rb +50 -0
data/lib/rubbycop/cop/style/auto_resource_cleanup.rb +42 -0
data/lib/rubbycop/cop/style/bare_percent_literals.rb +57 -0
data/lib/rubbycop/cop/style/begin_block.rb +16 -0
data/lib/rubbycop/cop/style/block_comments.rb +46 -0
data/lib/rubbycop/cop/style/block_delimiters.rb +228 -0
data/lib/rubbycop/cop/style/braces_around_hash_parameters.rb +138 -0
data/lib/rubbycop/cop/style/case_equality.rb +18 -0
data/lib/rubbycop/cop/style/character_literal.rb +43 -0
data/lib/rubbycop/cop/style/class_and_module_camel_case.rb +29 -0
data/lib/rubbycop/cop/style/class_and_module_children.rb +69 -0
data/lib/rubbycop/cop/style/class_check.rb +40 -0
data/lib/rubbycop/cop/style/class_methods.rb +67 -0
data/lib/rubbycop/cop/style/class_vars.rb +23 -0
data/lib/rubbycop/cop/style/collection_methods.rb +51 -0
data/lib/rubbycop/cop/style/colon_method_call.rb +33 -0
data/lib/rubbycop/cop/style/command_literal.rb +119 -0
data/lib/rubbycop/cop/style/comment_annotation.rb +62 -0
data/lib/rubbycop/cop/style/conditional_assignment.rb +691 -0
data/lib/rubbycop/cop/style/constant_name.rb +29 -0
data/lib/rubbycop/cop/style/copyright.rb +89 -0
data/lib/rubbycop/cop/style/def_with_parentheses.rb +31 -0
data/lib/rubbycop/cop/style/documentation.rb +79 -0
data/lib/rubbycop/cop/style/documentation_method.rb +80 -0
data/lib/rubbycop/cop/style/double_negation.rb +35 -0
data/lib/rubbycop/cop/style/each_for_simple_loop.rb +57 -0
data/lib/rubbycop/cop/style/each_with_object.rb +91 -0
data/lib/rubbycop/cop/style/empty_case_condition.rb +84 -0
data/lib/rubbycop/cop/style/empty_else.rb +138 -0
data/lib/rubbycop/cop/style/empty_literal.rb +108 -0
data/lib/rubbycop/cop/style/empty_method.rb +102 -0
data/lib/rubbycop/cop/style/encoding.rb +92 -0
data/lib/rubbycop/cop/style/end_block.rb +17 -0
data/lib/rubbycop/cop/style/even_odd.rb +56 -0
data/lib/rubbycop/cop/style/file_name.rb +183 -0
data/lib/rubbycop/cop/style/flip_flop.rb +20 -0
data/lib/rubbycop/cop/style/for.rb +50 -0
data/lib/rubbycop/cop/style/format_string.rb +46 -0
data/lib/rubbycop/cop/style/format_string_token.rb +141 -0
data/lib/rubbycop/cop/style/frozen_string_literal_comment.rb +96 -0
data/lib/rubbycop/cop/style/global_vars.rb +70 -0
data/lib/rubbycop/cop/style/guard_clause.rb +90 -0
data/lib/rubbycop/cop/style/hash_syntax.rb +214 -0
data/lib/rubbycop/cop/style/identical_conditional_branches.rb +130 -0
data/lib/rubbycop/cop/style/if_inside_else.rb +45 -0
data/lib/rubbycop/cop/style/if_unless_modifier.rb +80 -0
data/lib/rubbycop/cop/style/if_unless_modifier_of_if_unless.rb +38 -0
data/lib/rubbycop/cop/style/if_with_semicolon.rb +20 -0
data/lib/rubbycop/cop/style/implicit_runtime_error.rb +31 -0
data/lib/rubbycop/cop/style/infinite_loop.rb +91 -0
data/lib/rubbycop/cop/style/inline_comment.rb +32 -0
data/lib/rubbycop/cop/style/inverse_methods.rb +130 -0
data/lib/rubbycop/cop/style/lambda.rb +209 -0
data/lib/rubbycop/cop/style/lambda_call.rb +66 -0
data/lib/rubbycop/cop/style/line_end_concatenation.rb +115 -0
data/lib/rubbycop/cop/style/method_call_with_args_parentheses.rb +107 -0
data/lib/rubbycop/cop/style/method_call_without_args_parentheses.rb +75 -0
data/lib/rubbycop/cop/style/method_called_on_do_end_block.rb +44 -0
data/lib/rubbycop/cop/style/method_def_parentheses.rb +83 -0
data/lib/rubbycop/cop/style/method_missing.rb +81 -0
data/lib/rubbycop/cop/style/method_name.rb +28 -0
data/lib/rubbycop/cop/style/missing_else.rb +100 -0
data/lib/rubbycop/cop/style/mixin_grouping.rb +135 -0
data/lib/rubbycop/cop/style/module_function.rb +64 -0
data/lib/rubbycop/cop/style/multiline_block_chain.rb +42 -0
data/lib/rubbycop/cop/style/multiline_if_modifier.rb +63 -0
data/lib/rubbycop/cop/style/multiline_if_then.rb +47 -0
data/lib/rubbycop/cop/style/multiline_memoization.rb +77 -0
data/lib/rubbycop/cop/style/multiline_ternary_operator.rb +19 -0
data/lib/rubbycop/cop/style/mutable_constant.rb +68 -0
data/lib/rubbycop/cop/style/negated_if.rb +103 -0
data/lib/rubbycop/cop/style/negated_while.rb +32 -0
data/lib/rubbycop/cop/style/nested_modifier.rb +87 -0
data/lib/rubbycop/cop/style/nested_parenthesized_calls.rb +61 -0
data/lib/rubbycop/cop/style/nested_ternary_operator.rb +21 -0
data/lib/rubbycop/cop/style/next.rb +225 -0
data/lib/rubbycop/cop/style/nil_comparison.rb +35 -0
data/lib/rubbycop/cop/style/non_nil_check.rb +121 -0
data/lib/rubbycop/cop/style/not.rb +69 -0
data/lib/rubbycop/cop/style/numeric_literal_prefix.rb +97 -0
data/lib/rubbycop/cop/style/numeric_literals.rb +101 -0
data/lib/rubbycop/cop/style/numeric_predicate.rb +140 -0
data/lib/rubbycop/cop/style/one_line_conditional.rb +75 -0
data/lib/rubbycop/cop/style/op_method.rb +41 -0
data/lib/rubbycop/cop/style/option_hash.rb +58 -0
data/lib/rubbycop/cop/style/optional_arguments.rb +62 -0
data/lib/rubbycop/cop/style/parallel_assignment.rb +287 -0
data/lib/rubbycop/cop/style/parentheses_around_condition.rb +56 -0
data/lib/rubbycop/cop/style/percent_literal_delimiters.rb +100 -0
data/lib/rubbycop/cop/style/percent_q_literals.rb +52 -0
data/lib/rubbycop/cop/style/perl_backrefs.rb +31 -0
data/lib/rubbycop/cop/style/predicate_name.rb +67 -0
data/lib/rubbycop/cop/style/preferred_hash_methods.rb +78 -0
data/lib/rubbycop/cop/style/proc.rb +26 -0
data/lib/rubbycop/cop/style/raise_args.rb +140 -0
data/lib/rubbycop/cop/style/redundant_begin.rb +47 -0
data/lib/rubbycop/cop/style/redundant_exception.rb +55 -0
data/lib/rubbycop/cop/style/redundant_freeze.rb +45 -0
data/lib/rubbycop/cop/style/redundant_parentheses.rb +199 -0
data/lib/rubbycop/cop/style/redundant_return.rb +121 -0
data/lib/rubbycop/cop/style/redundant_self.rb +144 -0
data/lib/rubbycop/cop/style/regexp_literal.rb +114 -0
data/lib/rubbycop/cop/style/rescue_modifier.rb +37 -0
data/lib/rubbycop/cop/style/safe_navigation.rb +145 -0
data/lib/rubbycop/cop/style/self_assignment.rb +93 -0
data/lib/rubbycop/cop/style/semicolon.rb +70 -0
data/lib/rubbycop/cop/style/send.rb +21 -0
data/lib/rubbycop/cop/style/signal_exception.rb +109 -0
data/lib/rubbycop/cop/style/single_line_block_params.rb +68 -0
data/lib/rubbycop/cop/style/single_line_methods.rb +77 -0
data/lib/rubbycop/cop/style/special_global_vars.rb +156 -0
data/lib/rubbycop/cop/style/stabby_lambda_parentheses.rb +113 -0
data/lib/rubbycop/cop/style/string_literals.rb +102 -0
data/lib/rubbycop/cop/style/string_literals_in_interpolation.rb +30 -0
data/lib/rubbycop/cop/style/string_methods.rb +34 -0
data/lib/rubbycop/cop/style/struct_inheritance.rb +32 -0
data/lib/rubbycop/cop/style/symbol_array.rb +109 -0
data/lib/rubbycop/cop/style/symbol_literal.rb +32 -0
data/lib/rubbycop/cop/style/symbol_proc.rb +143 -0
data/lib/rubbycop/cop/style/ternary_parentheses.rb +200 -0
data/lib/rubbycop/cop/style/trailing_comma_in_arguments.rb +64 -0
data/lib/rubbycop/cop/style/trailing_comma_in_literal.rb +56 -0
data/lib/rubbycop/cop/style/trailing_underscore_variable.rb +113 -0
data/lib/rubbycop/cop/style/trivial_accessors.rb +176 -0
data/lib/rubbycop/cop/style/unless_else.rb +39 -0
data/lib/rubbycop/cop/style/unneeded_capital_w.rb +41 -0
data/lib/rubbycop/cop/style/unneeded_interpolation.rb +98 -0
data/lib/rubbycop/cop/style/unneeded_percent_q.rb +96 -0
data/lib/rubbycop/cop/style/variable_interpolation.rb +44 -0
data/lib/rubbycop/cop/style/variable_name.rb +39 -0
data/lib/rubbycop/cop/style/variable_number.rb +78 -0
data/lib/rubbycop/cop/style/when_then.rb +24 -0
data/lib/rubbycop/cop/style/while_until_do.rb +36 -0
data/lib/rubbycop/cop/style/while_until_modifier.rb +41 -0
data/lib/rubbycop/cop/style/word_array.rb +114 -0
data/lib/rubbycop/cop/style/zero_length_predicate.rb +90 -0
data/lib/rubbycop/cop/team.rb +193 -0
data/lib/rubbycop/cop/util.rb +309 -0
data/lib/rubbycop/cop/variable_force.rb +458 -0
data/lib/rubbycop/cop/variable_force/assignment.rb +90 -0
data/lib/rubbycop/cop/variable_force/branch.rb +318 -0
data/lib/rubbycop/cop/variable_force/branchable.rb +21 -0
data/lib/rubbycop/cop/variable_force/reference.rb +49 -0
data/lib/rubbycop/cop/variable_force/scope.rb +107 -0
data/lib/rubbycop/cop/variable_force/variable.rb +103 -0
data/lib/rubbycop/cop/variable_force/variable_table.rb +128 -0
data/lib/rubbycop/error.rb +11 -0
data/lib/rubbycop/formatter/base_formatter.rb +123 -0
data/lib/rubbycop/formatter/clang_style_formatter.rb +54 -0
data/lib/rubbycop/formatter/colorizable.rb +41 -0
data/lib/rubbycop/formatter/disabled_config_formatter.rb +181 -0
data/lib/rubbycop/formatter/disabled_lines_formatter.rb +57 -0
data/lib/rubbycop/formatter/emacs_style_formatter.rb +24 -0
data/lib/rubbycop/formatter/file_list_formatter.rb +19 -0
data/lib/rubbycop/formatter/formatter_set.rb +102 -0
data/lib/rubbycop/formatter/fuubar_style_formatter.rb +80 -0
data/lib/rubbycop/formatter/html_formatter.rb +134 -0
data/lib/rubbycop/formatter/json_formatter.rb +74 -0
data/lib/rubbycop/formatter/offense_count_formatter.rb +55 -0
data/lib/rubbycop/formatter/progress_formatter.rb +63 -0
data/lib/rubbycop/formatter/simple_text_formatter.rb +136 -0
data/lib/rubbycop/formatter/text_util.rb +20 -0
data/lib/rubbycop/formatter/worst_offenders_formatter.rb +60 -0
data/lib/rubbycop/magic_comment.rb +210 -0
data/lib/rubbycop/name_similarity.rb +21 -0
data/lib/rubbycop/node_pattern.rb +543 -0
data/lib/rubbycop/options.rb +355 -0
data/lib/rubbycop/path_util.rb +36 -0
data/lib/rubbycop/platform.rb +11 -0
data/lib/rubbycop/processed_source.rb +151 -0
data/lib/rubbycop/rake_task.rb +86 -0
data/lib/rubbycop/remote_config.rb +78 -0
data/lib/rubbycop/result_cache.rb +176 -0
data/lib/rubbycop/rspec/cop_helper.rb +98 -0
data/lib/rubbycop/rspec/host_environment_simulation_helper.rb +32 -0
data/lib/rubbycop/rspec/shared_contexts.rb +98 -0
data/lib/rubbycop/rspec/shared_examples.rb +92 -0
data/lib/rubbycop/rspec/support.rb +8 -0
data/lib/rubbycop/runner.rb +338 -0
data/lib/rubbycop/string_interpreter.rb +57 -0
data/lib/rubbycop/string_util.rb +156 -0
data/lib/rubbycop/target_finder.rb +201 -0
data/lib/rubbycop/token.rb +25 -0
data/lib/rubbycop/version.rb +19 -0
data/lib/rubbycop/warning.rb +11 -0
metadata +663 -0

data/lib/rubbycop/cop/rails/uniq_before_pluck.rb ADDED

@@ -0,0 +1,93 @@
+# frozen_string_literal: true
+module RubbyCop
+  module Cop
+    module Rails
+      # Prefer the use of uniq (or distinct), before pluck instead of after.
+      #
+      # The use of uniq before pluck is preferred because it executes within
+      # the database.
+      #
+      # @example
+      #   # bad
+      #   Model.pluck(:id).uniq
+      #
+      #   # good
+      #   Model.uniq.pluck(:id)
+      #
+      # This cop has two different enforcement modes. When the EnforcedStyle
+      # is conservative (the default) then only calls to pluck on a constant
+      # (i.e. a model class) before uniq are added as offenses.
+      #
+      # When the EnforcedStyle is aggressive then all calls to pluck before
+      # uniq are added as offenses. This may lead to false positives as the cop
+      # cannot distinguish between calls to pluck on an ActiveRecord::Relation
+      # vs a call to pluck on an ActiveRecord::Associations::CollectionProxy.
+      #
+      # @example
+      #   # this will return a Relation that pluck is called on
+      #   Model.where(...).pluck(:id).uniq
+      #
+      #   # an association on an instance will return a CollectionProxy
+      #   instance.assoc.pluck(:id).uniq
+      #
+      # Autocorrect is disabled by default for this cop since it may generate
+      # false positives.
+      #
+      class UniqBeforePluck < RubbyCop::Cop::Cop
+        include ConfigurableEnforcedStyle
+        MSG = 'Use `%s` before `pluck`.'.freeze
+        NEWLINE = "\n".freeze
+        PATTERN = '[!^block (send (send %s :pluck ...) ${:uniq :distinct} ...)]'
+                  .freeze
+        def_node_matcher :conservative_node_match,
+                         format(PATTERN, 'const')
+        def_node_matcher :aggressive_node_match,
+                         format(PATTERN, '_')
+        def on_send(node)
+          method = if style == :conservative
+                     conservative_node_match(node)
+                   else
+                     aggressive_node_match(node)
+                   end
+          add_offense(node, :selector, format(MSG, method)) if method
+        end
+        def autocorrect(node)
+          lambda do |corrector|
+            method = node.method_name
+            corrector.remove(dot_method_with_whitespace(method, node))
+            corrector.insert_before(node.receiver.loc.dot.begin, ".#{method}")
+          end
+        end
+        private
+        def style_parameter_name
+          'EnforcedStyle'
+        end
+        def dot_method_with_whitespace(method, node)
+          range_between(dot_method_begin_pos(method, node),
+                        node.loc.selector.end_pos)
+        end
+        def dot_method_begin_pos(method, node)
+          lines = node.source.split(NEWLINE)
+          if lines.last.strip == ".#{method}"
+            node.source.rindex(NEWLINE)
+          else
+            node.loc.dot.begin_pos
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubbycop/cop/rails/validation.rb ADDED

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+module RubbyCop
+  module Cop
+    module Rails
+      # This cop checks for the use of old-style attribute validation macros.
+      class Validation < Cop
+        MSG = 'Prefer the new style validations `%s` over `%s`.'.freeze
+        TYPES = %w[
+          acceptance
+          confirmation
+          exclusion
+          format
+          inclusion
+          length
+          numericality
+          presence
+          size
+          uniqueness
+        ].freeze
+        BLACKLIST = TYPES.map { |p| "validates_#{p}_of".to_sym }.freeze
+        WHITELIST = TYPES.map { |p| "validates :column, #{p}: value" }.freeze
+        def on_send(node)
+          return unless !node.receiver && BLACKLIST.include?(node.method_name)
+          add_offense(node, :selector)
+        end
+        private
+        def message(node)
+          format(MSG, preferred_method(node.method_name), node.method_name)
+        end
+        def preferred_method(method)
+          WHITELIST[BLACKLIST.index(method.to_sym)]
+        end
+        def autocorrect(node)
+          lambda do |corrector|
+            corrector.replace(node.loc.selector, 'validates')
+            correct_validate_type(corrector, node)
+          end
+        end
+        def correct_validate_type(corrector, node)
+          options = node.arguments.find { |arg| !arg.sym_type? }
+          validate_type = node.method_name.to_s.split('_')[1]
+          if options
+            corrector.replace(options.loc.expression,
+                              "#{validate_type}: { #{options.source} }")
+          else
+            corrector.insert_after(node.loc.expression,
+                                   ", #{validate_type}: true")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubbycop/cop/registry.rb ADDED

@@ -0,0 +1,171 @@
+# frozen_string_literal: true
+module RubbyCop
+  module Cop
+    # Error raised when an unqualified cop name is used that could
+    # refer to two or more cops under different departments
+    class AmbiguousCopName < RubbyCop::Error
+      MSG = 'Ambiguous cop name `%<name>s` used in %<origin>s needs ' \
+            'department qualifier. Did you mean %<options>s?'.freeze
+      def initialize(name, origin, badges)
+        super(
+          format(
+            MSG,
+            name: name,
+            origin: origin,
+            options: badges.to_a.join(' or ')
+          )
+        )
+      end
+    end
+    # Registry that tracks all cops by their badge and department.
+    class Registry
+      def initialize(cops = [])
+        @registry    = {}
+        @departments = {}
+        cops.each { |cop| enlist(cop) }
+      end
+      def enlist(cop)
+        @registry[cop.badge] = cop
+        @departments[cop.department] ||= []
+        @departments[cop.department] << cop
+      end
+      # @return [Array<Symbol>] list of departments for current cops.
+      def departments
+        @departments.keys
+      end
+      # @return [Registry] Cops for that specific department.
+      def with_department(department)
+        with(@departments.fetch(department, []))
+      end
+      # @return [Registry] Cops not for a specific department.
+      def without_department(department)
+        without_department = @departments.dup
+        without_department.delete(department)
+        with(without_department.values.flatten)
+      end
+      def contains_cop_matching?(names)
+        cops.any? { |cop| cop.match?(names) }
+      end
+      # Convert a user provided cop name into a properly namespaced name
+      #
+      # @example gives back a correctly qualified cop name
+      #
+      #   cops = RubbyCop::Cop::Cop.all
+      #   cops.
+      #     qualified_cop_name('Layout/IndentArray') # => 'Layout/IndentArray'
+      #
+      # @example fixes incorrect namespaces
+      #
+      #   cops = RubbyCop::Cop::Cop.all
+      #   cops.qualified_cop_name('Lint/IndentArray') # => 'Layout/IndentArray'
+      #
+      # @example namespaces bare cop identifiers
+      #
+      #   cops = RubbyCop::Cop::Cop.all
+      #   cops.qualified_cop_name('IndentArray') # => 'Layout/IndentArray'
+      #
+      # @example passes back unrecognized cop names
+      #
+      #   cops = RubbyCop::Cop::Cop.all
+      #   cops.qualified_cop_name('NotACop') # => 'NotACop'
+      #
+      # @param name [String] Cop name extracted from config
+      # @param path [String, nil] Path of file that `name` was extracted from
+      #
+      # @raise [AmbiguousCopName]
+      #   if a bare identifier with two possible namespaces is provided
+      #
+      # @note Emits a warning if the provided name has an incorrect namespace
+      #
+      # @return [String] Qualified cop name
+      def qualified_cop_name(name, path)
+        badge = Badge.parse(name)
+        return name if registered?(badge)
+        potential_badges = qualify_badge(badge)
+        case potential_badges.size
+        when 0 then name # No namespace found. Deal with it later in caller.
+        when 1 then resolve_badge(badge, potential_badges.first, path)
+        else raise AmbiguousCopName.new(badge, path, potential_badges)
+        end
+      end
+      def to_h
+        cops.group_by(&:cop_name)
+      end
+      def cops
+        @registry.values
+      end
+      def length
+        @registry.size
+      end
+      def enabled(config, only)
+        select do |cop|
+          config.for_cop(cop).fetch('Enabled') || only.include?(cop.cop_name)
+        end
+      end
+      def names
+        cops.map(&:cop_name)
+      end
+      def ==(other)
+        cops == other.cops
+      end
+      def sort!
+        @registry = Hash[@registry.sort_by { |badge, _| badge.cop_name }]
+        self
+      end
+      def select(&block)
+        cops.select(&block)
+      end
+      def each(&block)
+        cops.each(&block)
+      end
+      private
+      def with(cops)
+        self.class.new(cops)
+      end
+      def qualify_badge(badge)
+        @departments
+          .map { |department, _| badge.with_department(department) }
+          .select { |potential_badge| registered?(potential_badge) }
+      end
+      def resolve_badge(given_badge, real_badge, source_path)
+        unless given_badge.match?(real_badge)
+          warn "#{source_path}: #{given_badge} has the wrong namespace - " \
+               "should be #{real_badge.department}"
+        end
+        real_badge.to_s
+      end
+      def registered?(badge)
+        @registry.key?(badge)
+      end
+    end
+  end
+end

data/lib/rubbycop/cop/security/eval.rb ADDED

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+module RubbyCop
+  module Cop
+    module Security
+      # This cop checks for the use of `Kernel#eval` and `Binding#eval`.
+      #
+      # @example
+      #
+      #   # bad
+      #
+      #   eval(something)
+      #   binding.eval(something)
+      class Eval < Cop
+        MSG = 'The use of `eval` is a serious security risk.'.freeze
+        def_node_matcher :eval?, <<-END
+          (send {nil (send nil :binding)} :eval $!str ...)
+        END
+        def on_send(node)
+          eval?(node) do |code|
+            return if code.dstr_type? && code.recursive_literal?
+            add_offense(node, :selector)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubbycop/cop/security/json_load.rb ADDED

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+module RubbyCop
+  module Cop
+    module Security
+      # This cop checks for the use of JSON class methods which have potential
+      # security issues.
+      #
+      # Autocorrect is disabled by default because it's potentially dangerous.
+      # If using a stream, like `JSON.load(open('file'))`, it will need to call
+      # `#read` manually, like `JSON.parse(open('file').read)`.
+      # If reading single values (rather than proper JSON objects), like
+      # `JSON.load('false')`, it will need to pass the `quirks_mode: true`
+      # option, like `JSON.parse('false', quirks_mode: true)`.
+      # Other similar issues may apply.
+      #
+      # @example
+      #   # always offense
+      #   JSON.load("{}")
+      #   JSON.restore("{}")
+      #
+      #   # no offense
+      #   JSON.parse("{}")
+      #
+      class JSONLoad < Cop
+        MSG = 'Prefer `JSON.parse` over `JSON.%s`.'.freeze
+        def_node_matcher :json_load, <<-END
+          (send (const {nil cbase} :JSON) ${:load :restore} ...)
+        END
+        def on_send(node)
+          json_load(node) do |method|
+            add_offense(node, :selector, format(MSG, method))
+          end
+        end
+        def autocorrect(node)
+          ->(corrector) { corrector.replace(node.loc.selector, 'parse') }
+        end
+      end
+    end
+  end
+end

data/lib/rubbycop/cop/security/marshal_load.rb ADDED

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+module RubbyCop
+  module Cop
+    module Security
+      # This cop checks for the use of Marshal class methods which have
+      # potential security issues leading to remote code execution when
+      # loading from an untrusted source.
+      #
+      # @example
+      #   # bad
+      #   Marshal.load("{}")
+      #   Marshal.restore("{}")
+      #
+      #   # good
+      #   Marshal.dump("{}")
+      #
+      #   # okish - deep copy hack
+      #   Marshal.load(Marshal.dump({}))
+      #
+      class MarshalLoad < Cop
+        MSG = 'Avoid using `Marshal.%s`.'.freeze
+        def_node_matcher :marshal_load, <<-END
+          (send (const {nil cbase} :Marshal) ${:load :restore}
+          !(send (const {nil cbase} :Marshal) :dump ...))
+        END
+        def on_send(node)
+          marshal_load(node) do |method|
+            add_offense(node, :selector, format(MSG, method))
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubbycop/cop/security/yaml_load.rb ADDED

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+module RubbyCop
+  module Cop
+    module Security
+      # This cop checks for the use of YAML class methods which have
+      # potential security issues leading to remote code execution when
+      # loading from an untrusted source.
+      #
+      # @example
+      #   # bad
+      #   YAML.load("--- foo")
+      #
+      #   # good
+      #   YAML.safe_load("--- foo")
+      #   YAML.dump("foo")
+      #
+      class YAMLLoad < Cop
+        MSG = 'Prefer using `YAML.safe_load` over `YAML.load`.'.freeze
+        def_node_matcher :yaml_load, <<-END
+          (send (const {nil cbase} :YAML) :load ...)
+        END
+        def on_send(node)
+          yaml_load(node) do
+            add_offense(node, :selector)
+          end
+        end
+        def autocorrect(node)
+          ->(corrector) { corrector.replace(node.loc.selector, 'safe_load') }
+        end
+      end
+    end
+  end
+end