RubyGems - rubocop-neeto - Versions diffs - 0.1.15 → 0.1.16 - Mend

rubocop-neeto 0.1.15 → 0.1.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/config/default.yml +5 -6
data/lib/rubocop/cop/neeto/direct_env_access.rb +10 -11
data/lib/rubocop/neeto/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: adbaf8298c1804456d5050900f7e9c1d0688ad5f10e8b66c3db71bf90ad4fd81
-  data.tar.gz: 7f8b07c600c15ae128f6f11586f349aa6376be85fdeda1105568873a518228e5
+  metadata.gz: fef927f6b5a152b14ff20ef805c7827e613f8daa8328545d523c9d9835d7aa54
+  data.tar.gz: 7042247a4a2f2c6a67ade4f63ef09269fae0ada7eea76ed0994fac82fb4d8e51
 SHA512:
-  metadata.gz: ac72b53c76cb5e555c22a7a33af51a2de10bc3b552e0d6f0bbe57527c3023088f08342744ccb99636a0bca4f4f1a1a8b0c40bf08f6a47a3ea976d21d3a56da38
-  data.tar.gz: 52b490198a4a344ce20397f18bd5518ec76261673f32bfe83ec2236e23f40045a8c4a9cff6fabbdead8d36e7661671e8b0e075a27facac892b9a9be28db93810
+  metadata.gz: 78bb3316b19e1711485815504076819bb08f336af7ae7b780dc4beb40f816ae71a54d5c11de2bf7144f3eeb970fd4e0297e530a61ac865e406329a9c57e50d1d
+  data.tar.gz: 6994e654164b41c70e859fe75517c6650be12ec56ff4d84508cd4de13bc888e8fe6b1278c58c163a8b17d67eab22a623bd413d5f55b2733b97a549686021c13b

data/config/default.yml CHANGED Viewed

@@ -26,12 +26,11 @@ Neeto/UnsafeColumnDeletion:
 Neeto/DirectEnvAccess:
   Description: >-
-    Rails had `secrets.yml` which provided a single source of truth for all
-    environment variables and their fallback values. Rails deprecated this in
-    favor of encrypted credentials, so we created Secvault to maintain
-    centralized configuration. Direct usage of `ENV` bypasses this system,
-    making it harder to track what environment variables are being used and
-    their defaults. Use `Secvault.secrets` instead.
+    `config/secrets.yml` provides a single source of truth for all environment
+    variables and their fallback values, loaded via Rails' built-in
+    `config_for`. Direct usage of `ENV` bypasses this system, making it harder
+    to track what environment variables are being used and their defaults.
+    Use `Rails.application.secrets` instead.
   Enabled: true
   Severity: refactor
   VersionAdded: '0.1'

data/lib/rubocop/cop/neeto/direct_env_access.rb CHANGED Viewed

@@ -3,16 +3,15 @@
 module RuboCop
   module Cop
     module Neeto
-      # Rails had `secrets.yml` which provided a single source of truth for all
-      # environment variables and their fallback values. Rails deprecated this in
-      # favor of encrypted credentials, so we created Secvault
-      # (https://github.com/neetozone/secvault) to maintain centralized configuration.
-      # Direct usage of `ENV` bypasses this system, making it harder to track what
-      # environment variables are being used and their defaults. This cop enforces
-      # that all environment variable access goes through `Secvault.secrets`.
+      # `config/secrets.yml` provides a single source of truth for all
+      # environment variables and their fallback values, loaded via Rails'
+      # built-in `config_for`. Direct usage of `ENV` bypasses this system,
+      # making it harder to track what environment variables are being used
+      # and their defaults. This cop enforces that all environment variable
+      # access goes through `Rails.application.secrets`.
       #
       # @example DirectEnvAccess: true (default)
-      #   # Enforces the usage of `Secvault.secrets` over direct `ENV` access.
+      #   # Enforces the usage of `Rails.application.secrets` over direct `ENV` access.
       #
       #   # bad
       #   api_key = ENV['STRIPE_API_KEY']
@@ -21,17 +20,17 @@ module RuboCop
       #   default_timezone = ENV['DEFAULT_TIMEZONE'] || 'UTC'
       #
       #   # good
-      #   api_key = Secvault.secrets.stripe_api_key
+      #   api_key = Rails.application.secrets.stripe_api_key
       #
       #   # good
-      #   default_timezone = Secvault.secrets.default_timezone
+      #   default_timezone = Rails.application.secrets.default_timezone
       #
       #   # good (ENV access is permitted in directories other than the app directory)
       #   config.log_level = ENV.fetch('LOG_LEVEL', 'info')
       #
       class DirectEnvAccess < Base
         MSG = "Do not use ENV directly. " \
-              "Use Secvault.secrets to maintain a single source of truth for configuration."
+              "Use Rails.application.secrets to maintain a single source of truth for configuration."
         def_node_matcher :env_access?, <<~PATTERN
           (const {nil? cbase} :ENV)

data/lib/rubocop/neeto/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module RuboCop
   module Neeto
-    VERSION = "0.1.15"
+    VERSION = "0.1.16"
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rubocop-neeto
 version: !ruby/object:Gem::Version
-  version: 0.1.15
+  version: 0.1.16
 platform: ruby
 authors:
 - Abhay V Ashokan
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2026-04-02 00:00:00.000000000 Z
+date: 2026-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop