rubocop-gusto 10.0.0

data/lib/rubocop/cop/gusto/polymorphic_type_validation.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+# This cop enforces that polymorphic relations have a corresponding validation
+# for their type field with an inclusion validation. This is required in order for Tapioca
+# to generate correct Sorbet types
+module RuboCop
+  module Cop
+    module Gusto
+      class PolymorphicTypeValidation < Base
+        RESTRICT_ON_SEND = %i(belongs_to validates polymorphic_methods_for).freeze
+
+        MSG = <<~MESSAGE
+          Polymorphic relations must validate their corresponding type field with "validates .. inclusion: { in: .. }", or using polymorphic_methods_for
+
+          Example:
+            # bad
+            belongs_to :subscription_detail, polymorphic: true
+
+            # good
+            VALID_TYPES = T.let([LidiSubscriptionDetail.polymorphic_name, LegacyActiveBenefits::VoluntaryLifeSubscriptionDetail.polymorphic_name].freeze, T::Array[String])
+            belongs_to :subscription_detail, polymorphic: true
+            validates :subscription_detail_type, presence: true, inclusion: { in: VALID_TYPES }
+
+            # also good (in ZP/HI, at least)
+            include PolymorphicCallable
+            VALID_TYPES = T.let([LidiSubscriptionDetail.polymorphic_name, LegacyActiveBenefits::VoluntaryLifeSubscriptionDetail.polymorphic_name].freeze, T::Array[String])
+            belongs_to :subscription_detail, polymorphic: true
+            polymorphic_methods_for :subscription_detail, VALID_TYPES
+        MESSAGE
+
+        ALLOW_BLANK_MSG = 'Polymorphic type validations cannot use allow_blank: true'
+
+        # @!method polymorphic_relation?(node)
+        def_node_matcher :polymorphic_relation?, <<~PATTERN
+          (send nil? :belongs_to _ (hash <(pair (sym :polymorphic) (true)) ...>))
+        PATTERN
+
+        # @!method type_validation?(node)
+        def_node_matcher :type_validation?, <<~PATTERN
+          (send nil? :validates (sym _) (hash <#inclusion_in? ...>))
+        PATTERN
+
+        # @!method inclusion_in?(node)
+        def_node_matcher :inclusion_in?, <<~PATTERN
+          (pair (sym :inclusion) (hash <(pair (sym :in) _) ...>))
+        PATTERN
+
+        # @!method polymorphic_methods_for?(node)
+        def_node_matcher :polymorphic_methods_for?, <<~PATTERN
+          (send nil? :polymorphic_methods_for (sym _) _)
+        PATTERN
+
+        # @!method allow_blank?(node)
+        def_node_matcher :allow_blank?, <<~PATTERN
+          (pair (sym :allow_blank) (true))
+        PATTERN
+
+        def on_send(node)
+          return unless polymorphic_relation?(node)
+
+          relation_name = node.first_argument.value
+          type_field = :"#{relation_name}_type"
+
+          # Look for either a validation of the type field or polymorphic_methods_for
+          has_validation = false
+          has_allow_blank = false
+
+          node.parent.each_node(:send) do |validation_node|
+            if type_validation?(validation_node) && validation_node.first_argument.value == type_field
+              has_validation = true
+              # Check for allow_blank in the validation options
+              validation_node.arguments[1].each_node(:pair) do |pair_node|
+                has_allow_blank = true if allow_blank?(pair_node)
+              end
+            elsif polymorphic_methods_for?(validation_node) && validation_node.first_argument.value == relation_name
+              has_validation = true
+            end
+          end
+
+          if has_allow_blank
+            add_offense(node, message: ALLOW_BLANK_MSG)
+          elsif !has_validation
+            add_offense(node)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/gusto/prefer_process_last_status.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Gusto
+      # Don't use the `$?` or `$CHILD_STATUS` global variables. Instead, use `Process.last_status`
+      #
+      # @example
+      #   # bad
+      #   $?.exitstatus
+      #   $CHILD_STATUS.success?
+      #
+      #   # good
+      #   Process.last_status.exit_status
+      #   Process.last_status.success?
+      #
+      class PreferProcessLastStatus < Base
+        extend AutoCorrector
+
+        MSG = 'Prefer using `Process.last_status` instead of the global variables: `$?` and `$CHILD_STATUS`.'
+        OFFENDERS = Set[:$?, :$CHILD_STATUS].freeze
+
+        def on_gvar(node)
+          return unless OFFENDERS.include?(node.node_parts.first)
+
+          add_offense(node) { |corrector| autocorrect(corrector, node) }
+        end
+
+        def autocorrect(corrector, node)
+          corrector.replace(node, 'Process.last_status')
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/gusto/rabl_extends.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Gusto
+      # Disallows the use of `extends` in Rabl templates due to poor caching performance.
+      # Inline the templating to generate your JSON instead.
+      #
+      # @example
+      #   # bad
+      #   extends 'path/to/template'
+      #
+      #   # bad - but not covered by this rule
+      #   partial 'path/to/template'
+      #
+      #   # good - inline your templating
+      #   node 'some_node'
+      #   attributes :foo, :bar
+      #   child(:baz) { attributes :qux }
+      #
+      class RablExtends < Base
+        MSG = 'Avoid using Rabl extends as it has poor caching performance. Inline your JSON instead.'
+        RABL_EXTENSION = '.rabl'
+        RESTRICT_ON_SEND = %i(extends).freeze
+
+        # @!method rabl_extends?(node)
+        def_node_matcher :rabl_extends?, <<~PATTERN
+          (send nil? :extends (str _) ...)
+        PATTERN
+
+        def on_send(node)
+          return unless rabl_extends?(node)
+
+          add_offense(node)
+        end
+
+        def relevant_file?(file)
+          file.end_with?(RABL_EXTENSION)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/gusto/rails_env.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Gusto
+      # NOTE: Being pushed upstream here: https://github.com/rubocop/rubocop-rails/pull/1375
+      # Checks for usage of `Rails.env` which can be replaced with Feature Flags
+      #
+      # Although `local?` is a form of an environment-specific check, it is allowed because
+      # it cannot be used to control overall environment rollout, but it can be helpful to
+      # distinguish or protect code that is explicitly written to only ever execute in a
+      # dev or test environment. `local?` is also a form of a feature flag.
+      #
+      # @example
+      #
+      #   # bad
+      #   Rails.env.production? || Rails.env.demo?
+      #
+      #   # good
+      #   if FeatureFlag.enabled?(:new_feature)
+      #     # new feature code
+      #   end
+      #
+      #   # good
+      #   raise unless Rails.env.local?
+      #
+      #   # good
+      #   abort ("The Rails environment is running in production mode!") unless Rails.env.local?
+      #
+      class RailsEnv < Base
+        # This allow list is derived from:
+        # (Rails.env.methods - Object.instance_methods).select { |m| m.to_s.end_with?('?') }
+        # and then removing the environment specific methods like development?, test?, production?
+        ALLOWED_LIST = Set.new(
+          %i(
+            unicode_normalized?
+            exclude?
+            empty?
+            acts_like_string?
+            include?
+            is_utf8?
+            casecmp?
+            match?
+            starts_with?
+            ends_with?
+            start_with?
+            end_with?
+            valid_encoding?
+            ascii_only?
+            between?
+            local?
+          )
+        ).freeze
+        MSG = 'Use Feature Flags or config instead of `Rails.env`.'
+        PROHIBITED_CLASS = 'Rails'
+        RESTRICT_ON_SEND = %i(env).freeze
+
+        def on_send(node)
+          return unless node.receiver&.const_name == PROHIBITED_CLASS
+
+          return unless (parent = node.parent)
+          return unless parent.send_type?
+          return unless parent.predicate_method?
+
+          return if ALLOWED_LIST.include?(parent.method_name)
+
+          add_offense(parent)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/gusto/rake_constants.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Gusto
+      # Detects constants in a rake file because they are defined at the top level.
+      # It is confusing because the scope looks like it would be in the task or namespace,
+      # but actually it is defined at the top level.
+      #
+      # @example
+      #   # bad
+      #   task :foo do
+      #     class C
+      #     end
+      #   end
+      #
+      #   # bad
+      #   namespace :foo do
+      #     module M
+      #     end
+      #   end
+      #
+      #   # good - It is also defined at the top level,
+      #   #        but it looks like intended behavior.
+      #   class C
+      #   end
+      #   task :foo do
+      #   end
+      #
+      class RakeConstants < Base
+        MSG = 'Do not define a constant in rake file, because they are sometimes `load`ed, instead of `require`d which can lead to warnings about redefining constants'
+
+        # @!method task_or_namespace?(node)
+        def_node_matcher :task_or_namespace?, <<-PATTERN
+            (block
+              (send _ {:task :namespace} ...)
+              args
+              _
+            )
+        PATTERN
+
+        def on_casgn(node)
+          return unless in_task_or_namespace?(node)
+
+          add_offense(node)
+        end
+
+        def on_class(node)
+          return unless in_task_or_namespace?(node)
+
+          add_offense(node)
+        end
+
+        def on_module(node)
+          return unless in_task_or_namespace?(node)
+
+          add_offense(node)
+        end
+
+        private
+
+        def in_task_or_namespace?(node)
+          node.each_ancestor(:block).any? { |ancestor| task_or_namespace?(ancestor) }
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/gusto/regexp_bypass.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Gusto
+      # Ensures that regular expressions use `\A` and `\z` anchors instead
+      # of `^` and `$` when matching the start or end of a string. This is
+      # critical for security validations as `^` and `$` will match the start/end
+      # of any line in a string, not just the start/end of the entire string.
+      #
+      # @example
+      #   # bad - validating only a single line of input which could be split across multiple lines
+      #   /^foo/
+      #   /foo$/
+      #   /^foo$/
+      #
+      #   # good
+      #   /\Afoo/
+      #   /foo\z/
+      #   /\Afoo\z/
+      #
+      #   # good - multiline mode is allowed
+      #   /^foo/m
+      #   /foo$/m
+      #
+      #   # okay - anchors in the middle of the pattern are not flagged
+      #   /foo^bar/
+      #   /foo$bar/
+      #
+      # @safety
+      #   We choose to consider this cop safe even though the code is not equivalent.
+      #   Replacing `^` and `$` with `\A` and `\z` will make the regex more strict,
+      #   which is the intended behavior for securely validating input.
+      #
+      # @see https://ruby-doc.org/core/Regexp.html
+      # @see https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
+      #
+      class RegexpBypass < Base
+        extend AutoCorrector
+
+        MSG = 'Regular expressions matching a single line should use \A instead of ^ and \z instead of $'
+        PROHIBITED_ANCHOR = '^'
+        PROHIBITED_END_ANCHOR = '$'
+
+        def on_regexp(node)
+          return if node.children.find(&:regopt_type?)&.source&.include?('m')
+
+          first_child = node.children.first
+          return unless first_child && !first_child.regopt_type?
+
+          captureless_source = first_child.source.delete('()') # Remove parentheses to check actual content
+          return unless captureless_source.start_with?(PROHIBITED_ANCHOR) || captureless_source.end_with?(PROHIBITED_END_ANCHOR)
+
+          add_offense(first_child) do |corrector|
+            source_buffer = first_child.source_range.source_buffer
+            actual_source = first_child.source
+
+            if captureless_source.start_with?(PROHIBITED_ANCHOR)
+              # Find the position of ^ within the source, accounting for parentheses
+              caret_pos = actual_source.index(PROHIBITED_ANCHOR)
+              start_pos = first_child.source_range.begin_pos + caret_pos
+              corrector.replace(
+                Parser::Source::Range.new(
+                  source_buffer,
+                  start_pos,
+                  start_pos + 1
+                ),
+                '\A'
+              )
+            end
+
+            if captureless_source.end_with?(PROHIBITED_END_ANCHOR)
+              # Find the position of $ within the source, accounting for parentheses
+              dollar_pos = actual_source.rindex(PROHIBITED_END_ANCHOR)
+              end_pos = first_child.source_range.begin_pos + dollar_pos + 1
+              corrector.replace(
+                Parser::Source::Range.new(
+                  source_buffer,
+                  end_pos - 1,
+                  end_pos
+                ),
+                '\z'
+              )
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/gusto/sidekiq_params.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Gusto
+      class SidekiqParams < Base
+        MSG = 'Sidekiq perform methods cannot take keyword arguments'
+        PROHIBITED_ARG_TYPES = Set.new(%i(kwoptarg kwarg)).freeze
+
+        def on_def(node)
+          return unless node.method?(:perform)
+          return if node.arguments.empty?
+
+          node.arguments.each_child_node do |arg|
+            add_offense(node) if PROHIBITED_ARG_TYPES.include?(arg.type)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/gusto/toplevel_constants.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Gusto
+      # Checks that no top-level constants (excluding classes and modules)
+      # are defined. This rule exists to prevent accidental pollution of the
+      # global namespace as well as cases where application code has
+      # accidentally depended on test code.
+      #
+      # By default, this check is limited to files in `app/`, `lib/`, and
+      # `spec/` directories, except in the root of `lib/` and in support files
+      # in `spec/support/`.
+      #
+      # @example when in a checked directory
+      #   # bad
+      #   FOO = 'bar' # lib/foo/bar.rb
+      #
+      #   # bad
+      #   FOO = 'bar' # app/models/foo.rb
+      #
+      #   # bad
+      #   FOO = 'bar' # spec/foo.rb
+      #
+      #   # good
+      #   FOO = 'bar' # spec/spec_helper.rb
+      #
+      #   # good
+      #   class MyClass # lib/foo/bar.rb
+      #     FOO = 'bar'
+      #   end
+      #
+      # @example when in a `spec/support/` file
+      #   # good
+      #   FOO = 'bar' # spec/support/foo/bar.rb
+      #
+      # @example when in a `config/` file
+      #   # good
+      #   FOO = 'bar' # config/initializers/foo.rb
+      #
+      class ToplevelConstants < Base
+        MSG = 'Top-level constants should be defined in an initializer. See https://github.com/Gusto/rubocop-gusto/blob/main/lib/rubocop/cop/gusto/toplevel_constants.rb'
+
+        def on_casgn(node)
+          # Allow nested constants
+          return unless node.parent.nil? || node.ancestors.all?(&:begin_type?)
+          # Allow one-liners like `MyClass::MY_CONSTANT = 10`
+          return unless node.children.first.nil?
+
+          add_offense(node)
+        end
+      end
+    end
+  end
+end