rubocop-rails 2.35.3 → 2.35.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a93c373c0dc8f85fb3b81807cd6971588d148c6f02f4baac770c4a842cd59281
4
- data.tar.gz: b54098494c0900a297281fed2eb634e38867ed0e3e14f84536765d9ccdc8ed6d
3
+ metadata.gz: 5620166bbbdcac74d58be7dec4ea307fc841d7cd31ffd9684f422009d00b8754
4
+ data.tar.gz: 7c156916d1a363419097086b305baf6010361473443602ea477ff03894c5e350
5
5
  SHA512:
6
- metadata.gz: 9d3a419adf9b427d3cba678db098a08a0bbc69b8e7c5ec668108bede4217bdff67f1b8724e22e674ad653e2512dcb49483933f4b064d3f46a4c676d179bb0265
7
- data.tar.gz: e2da63cb8261679f1fd9333f78ef278fc46bd2f06120a66b1ff8f4ddde1562f008f07246cea76cd0cb67ed8ba44c5e575493a44bc9ef43e9050f2258f0039c72
6
+ metadata.gz: fccc029e306ebaf72e1809005110005d18416b9d314c347b24b2381bdd84fa70c9e2d175633501618881c883e205ae0e79ed9aef3dcee4d4b16f6b02fce51818
7
+ data.tar.gz: 704f46a2a6c8b53eeeb8ac8ac60bfb25c39aa096e3b99516b132405f604729f48a877066b0531697e6ab8f1f65a9638435013c6610c5be5767e0b955d7d17300
@@ -5,22 +5,34 @@ module RuboCop
5
5
  module Rails
6
6
  # Checks for usage of `Rails.env` which can be replaced with Feature Flags
7
7
  #
8
+ # The cop does not flag `Rails.env.local?`, the built-in alias for
9
+ # "development or test" introduced in Rails 7.1. Unlike per-environment
10
+ # predicates such as `development?` or `production?`, `local?` expresses
11
+ # the intent of guarding code that must only ever run in development or
12
+ # test (sanity checks, devtools, seed data) rather than gating an
13
+ # environment rollout, so a Feature Flag is not a suitable replacement.
14
+ #
8
15
  # @example
9
16
  #
10
17
  # # bad
11
- # Rails.env.production? || Rails.env.local?
18
+ # Rails.env.production? || Rails.env.development?
12
19
  #
13
20
  # # good
14
21
  # if FeatureFlag.enabled?(:new_feature)
15
22
  # # new feature code
16
23
  # end
17
24
  #
25
+ # # good
26
+ # raise 'This should never run in production' unless Rails.env.local?
27
+ #
18
28
  class Env < Base
19
29
  MSG = 'Use Feature Flags or config instead of `Rails.env`.'
20
30
  RESTRICT_ON_SEND = %i[env].freeze
21
31
  # This allow list is derived from:
22
32
  # (Rails.env.methods - Object.instance_methods).select { |m| m.to_s.end_with?('?') }
23
- # and then removing the environment specific methods like development?, test?, production?, local?
33
+ # and then removing the environment specific methods like development?, test?, and production?.
34
+ # `local?` is kept on the allow list because it intentionally expresses
35
+ # "development or test" rather than a single environment rollout.
24
36
  ALLOWED_LIST = Set.new(
25
37
  %i[
26
38
  unicode_normalized?
@@ -38,6 +50,7 @@ module RuboCop
38
50
  valid_encoding?
39
51
  ascii_only?
40
52
  between?
53
+ local?
41
54
  ]
42
55
  ).freeze
43
56
 
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ # rubocop:disable Metrics/ClassLength
3
4
  module RuboCop
4
5
  module Cop
5
6
  module Rails
@@ -303,13 +304,20 @@ module RuboCop
303
304
  def implicit_return?(node)
304
305
  return false unless cop_config['AllowImplicitReturn']
305
306
 
306
- node = assignable_node(node)
307
+ node = last_expression_in_begin(assignable_node(node))
307
308
  method, sibling_index = find_method_with_sibling_index(node.parent)
308
309
  return false unless method&.type?(:def, :any_block)
309
310
 
310
311
  method.children.size == node.sibling_index + sibling_index
311
312
  end
312
313
 
314
+ # A multiline method or block body is wrapped in a `begin` node, so climb
315
+ # to it when the node is the last expression, to detect the implicit return.
316
+ def last_expression_in_begin(node)
317
+ node = node.parent while node.parent&.begin_type? && node.right_sibling.nil?
318
+ node
319
+ end
320
+
313
321
  def find_method_with_sibling_index(node, sibling_index = 1)
314
322
  return node, sibling_index unless node&.or_type?
315
323
 
@@ -348,3 +356,4 @@ module RuboCop
348
356
  end
349
357
  end
350
358
  end
359
+ # rubocop:enable Metrics/ClassLength
@@ -23,6 +23,18 @@ module RuboCop
23
23
  # incompatibility introduced for valid reasons by the `expect` method, which aligns better with
24
24
  # strong parameter conventions.
25
25
  #
26
+ # It is also unsafe because `expect` is stricter about the structure of the parameters than
27
+ # `require`/`permit`. Nested attributes that hold an array of records need an extra array wrapper,
28
+ # such as `expect(user: [{ pets_attributes: [[:name]] }])`. The cop cannot tell a single nested hash
29
+ # from an array of nested hashes, so it always generates the single-hash form, which can turn
30
+ # a previously successful request into a failure.
31
+ #
32
+ # It is also unsafe when `params[:key]` is passed to a finder method such as `find`, because
33
+ # `find` accepts an array of IDs. `Model.find(params[:id])` loads every record for an array of IDs,
34
+ # but the corrected `Model.find(params.expect(:id))` raises `ActionController::ParameterMissing`
35
+ # for an array value, since `expect` requires a scalar. The cop cannot tell a scalar ID from
36
+ # an array of IDs, so the autocorrection can turn a previously successful request into a failure.
37
+ #
26
38
  # @example
27
39
  #
28
40
  # # bad
@@ -62,7 +74,7 @@ module RuboCop
62
74
  IGNORED_METHODS = %i[
63
75
  ! blank? compact compact! compact_blank compact_blank! deep_merge deep_merge!
64
76
  delete delete_if dig each except exclude? extract! fetch has_key? has_value?
65
- include? instance_of? is_a? keep_if key? keys kind_of? member? merge merge!
77
+ include? inspect instance_of? is_a? keep_if key? keys kind_of? member? merge merge!
66
78
  nil? presence present? reverse_merge reverse_merge! slice stringify_keys
67
79
  to_a to_f to_h to_hash to_i to_s to_unsafe_h to_unsafe_hash
68
80
  transform_keys transform_keys! transform_values transform_values! try try!
@@ -76,10 +88,18 @@ module RuboCop
76
88
  (send (send nil? :params) :[] $_)
77
89
  PATTERN
78
90
 
91
+ # `require` with an array literal expects multiple top-level keys and has no single `expect` equivalent,
92
+ # so such calls are excluded to avoid generating broken code.
93
+ # A single dynamic argument to `permit` (such as a method call or variable that may return an array)
94
+ # has no safe `expect` rewrite, because the cop cannot tell whether the value is a list of attributes
95
+ # or a nested hash. Such calls are excluded to avoid generating broken code.
79
96
  def_node_matcher :params_require_permit, <<~PATTERN
80
- $(call
97
+ [
81
98
  $(call
82
- (send nil? :params) :require _) :permit _+)
99
+ $(call
100
+ (send nil? :params) :require !array) :permit _+)
101
+ !(call _ :permit {call lvar ivar cvar gvar const})
102
+ ]
83
103
  PATTERN
84
104
 
85
105
  def_node_matcher :params_permit_require, <<~PATTERN
@@ -4,7 +4,7 @@ module RuboCop
4
4
  module Rails
5
5
  # This module holds the RuboCop Rails version information.
6
6
  module Version
7
- STRING = '2.35.3'
7
+ STRING = '2.35.5'
8
8
 
9
9
  def self.document_version
10
10
  STRING.match('\d+\.\d+').to_s
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rubocop-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.35.3
4
+ version: 2.35.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Bozhidar Batsov
@@ -287,7 +287,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
287
287
  - !ruby/object:Gem::Version
288
288
  version: '0'
289
289
  requirements: []
290
- rubygems_version: 4.0.3
290
+ rubygems_version: 4.0.10
291
291
  specification_version: 4
292
292
  summary: Automatic Rails code style checking tool.
293
293
  test_files: []