rubocop-thread_safety 0.5.1 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c4f37c2216cfdace60b7ef3f2e2f0b5bb743b9b8a3ee2543bb3a2ed10c90de1a
-  data.tar.gz: 2cfa26d1da425d7d39ee0897d8137d24a5af25cd8911637dfd8093c7097b5a30
+  metadata.gz: 440e483486f3d67ad21fa72aa04eb47535020324672c3e08646894cec3517450
+  data.tar.gz: 50fe186da5956ee780dd5c2839d7792fc57f10ed4860d0781d2f0d68180d635d
 SHA512:
-  metadata.gz: 405f5f9007c0d1aef55173a0ee4aefb44d16ec4ae5113acdb05750a8792fcbc7759ceab4267132f47906ac999194f2a550b2ce63eef2d117a35c5c9cd1c7d438
-  data.tar.gz: 78e4b72c55d6745a979bff3acf5bf4b393534ca448dfec5aaa765f77dd32a66db5b0291a5fb55d8fa02044407ec95c72185b7e28add1801b456b1eb1f0be904a
+  metadata.gz: bb89cc31949d9803344f78556dc6f3351369bd2936ee8b26f93e6caa477b3bcfa6b7db9e8d78dade90eca9003455af4411c3ef064c9399f63455d6c7cd45c36c
+  data.tar.gz: b03de48386d763afe6d7a66aa2f604bcfc1fda637dfd864c2f09b52122fb8637c26f9a675299fe85fae464804e4e8cc2b569ba9fa8104cca2a592ef6fcb6c8c1

data/CHANGELOG.md

@@ -0,0 +1,22 @@
+# Change log
+
+## master
+
+## 0.7.0
+
+- [#80](https://github.com/rubocop/rubocop-thread_safety/pull/80) Make RuboCop ThreadSafety work as a RuboCop plugin. ([@bquorning](https://github.com/bquorning))
+- [#76](https://github.com/rubocop/rubocop-thread_safety/pull/76): Detect offenses when using safe navigation for `ThreadSafety/DirChdir`, `ThreadSafety/NewThread` and `ThreadSafety/RackMiddlewareInstanceVariable` cops. ([@viralpraxis](https://github.com/viralpraxis))
+- [#73](https://github.com/rubocop/rubocop-thread_safety/pull/73): Add `AllowCallWithBlock` option to `ThreadSafety/DirChdir` cop. ([@viralpraxis](https://github.com/viralpraxis))
+
+## 0.6.0
+
+* [#59](https://github.com/rubocop/rubocop-thread_safety/pull/59): Rename `ThreadSafety::InstanceVariableInClassMethod` cop to `ThreadSafety::ClassInstanceVariable` to better reflect its purpose. ([@viralpraxis](https://github.com/viralpraxis))
+* [#55](https://github.com/rubocop/rubocop-thread_safety/pull/55): Enhance `ThreadSafety::InstanceVariableInClassMethod` cop to detect offenses within `class_eval/exec` blocks. ([@viralpraxis](https://github.com/viralpraxis))
+* [#54](https://github.com/rubocop/rubocop-thread_safety/pull/54): Drop support for RuboCop older than 1.48. ([@viralpraxis](https://github.com/viralpraxis))
+* [#52](https://github.com/rubocop/rubocop-thread_safety/pull/52): Add new `RackMiddlewareInstanceVariable` cop to detect instance variables in Rack middleware. ([@viralpraxis](https://github.com/viralpraxis))
+* [#48](https://github.com/rubocop/rubocop-thread_safety/pull/48): Do not report instance variables in `ActionDispatch` callbacks in singleton methods. ([@viralpraxis](https://github.com/viralpraxis))
+* [#43](https://github.com/rubocop/rubocop-thread_safety/pull/43): Make detection of ActiveSupport's `class_attribute` configurable. ([@viralpraxis](https://github.com/viralpraxis))
+* [#42](https://github.com/rubocop/rubocop-thread_safety/pull/42): Fix some `InstanceVariableInClassMethod` cop false positive offenses. ([@viralpraxis](https://github.com/viralpraxis))
+* [#41](https://github.com/rubocop/rubocop-thread_safety/pull/41): Drop support for MRI older than 2.7. ([@viralpraxis](https://github.com/viralpraxis))
+* [#38](https://github.com/rubocop/rubocop-thread_safety/pull/38): Fix `NewThread` cop detection is case of `Thread.start`, `Thread.fork`, or `Thread.new` with arguments. ([@viralpraxis](https://github.com/viralpraxis))
+* [#36](https://github.com/rubocop/rubocop-thread_safety/pull/36): Add new `DirChdir` cop to detect `Dir.chdir` calls. ([@viralpraxis](https://github.com/viralpraxis))

data/README.md

@@ -1,7 +1,7 @@
 # RuboCop::ThreadSafety
 
 Thread-safety analysis for your projects, as an extension to
-[RuboCop](https://github.com/bbatsov/rubocop).
+[RuboCop](https://github.com/rubocop/rubocop).
 
 ## Installation and Usage
 
@@ -19,11 +19,14 @@ Install it with Bundler by invoking:
 
 Add this line to your application's `.rubocop.yml`:
 
-    require: rubocop-thread_safety
+    plugins: rubocop-thread_safety
 
 Now you can run `rubocop` and it will automatically load the RuboCop
 Thread-Safety cops together with the standard cops.
 
+> [!NOTE]
+> The plugin system is supported in RuboCop 1.72+. In earlier versions, use `require` instead of `plugins`.
+
 ### Scanning an application without adding it to the Gemfile
 
 Install the gem:
@@ -32,7 +35,7 @@ Install the gem:
 
 Scan the application for just thread-safety issues:
 
-    $ rubocop -r rubocop-thread_safety --only ThreadSafety,Style/GlobalVars,Style/ClassVars,Style/MutableConstant
+    $ rubocop --plugin rubocop-thread_safety --only ThreadSafety,Style/GlobalVars,Style/ClassVars,Style/MutableConstant
 
 ### Configuration
 
@@ -60,6 +63,8 @@ Improvements that would make shared state thread-safe include:
 * Use [`RequestStore`](https://github.com/steveklabnik/request_store)
 * Use `Thread.current[:name]`
 
+Certain system calls, such as `chdir`, affect the entire process. To avoid potential thread-safety issues, it's preferable to use (if possible) the `chdir` option in methods like `Kernel.system` and `IO.popen` rather than relying on `Dir.chdir`.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/config/default.yml

@@ -5,6 +5,7 @@
 ThreadSafety/ClassAndModuleAttributes:
   Description: 'Avoid mutating class and module attributes.'
   Enabled: true
+  ActiveSupportClassAttributeAllowed: false
 
 ThreadSafety/InstanceVariableInClassMethod:
   Description: 'Avoid using instance variables in class methods.'
@@ -30,3 +31,18 @@ ThreadSafety/NewThread:
                  Avoid starting new threads.
                  Let a framework like Sidekiq handle the threads.
   Enabled: true
+
+ThreadSafety/DirChdir:
+  Description: Avoid using `Dir.chdir` due to its process-wide effect.
+  Enabled: true
+  AllowCallWithBlock: false
+
+ThreadSafety/RackMiddlewareInstanceVariable:
+  Description: Avoid instance variables in Rack middleware.
+  Enabled: true
+  Include:
+    - 'app/middleware/**/*.rb'
+    - 'lib/middleware/**/*.rb'
+    - 'app/middlewares/**/*.rb'
+    - 'lib/middlewares/**/*.rb'
+  AllowedIdentifiers: []

data/config/obsoletion.yml

@@ -0,0 +1,2 @@
+renamed:
+  ThreadSafety/InstanceVariableInClassMethod: ThreadSafety/ClassInstanceVariable

data/lib/rubocop/cop/mixin/operation_with_threadsafe_result.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    # Common functionality for checking if a well-known operation
+    # produces an object with thread-safe semantics.
+    module OperationWithThreadsafeResult
+      extend NodePattern::Macros
+
+      # @!method operation_produces_threadsafe_object?(node)
+      def_node_matcher :operation_produces_threadsafe_object?, <<~PATTERN
+        {
+          (send (const {nil? cbase} :Queue) :new ...)
+          (send
+            (const (const {nil? cbase} :ThreadSafe) {:Hash :Array})
+            :new ...)
+          (block
+            (send
+              (const (const {nil? cbase} :ThreadSafe) {:Hash :Array})
+              :new ...)
+            ...)
+          (send (const (const {nil? cbase} :Concurrent) _) :new ...)
+          (block
+            (send (const (const {nil? cbase} :Concurrent) _) :new ...)
+            ...)
+          (send (const (const (const {nil? cbase} :Concurrent) _) _) :new ...)
+          (block
+            (send
+              (const (const (const {nil? cbase} :Concurrent) _) _)
+              :new ...)
+            ...)
+          (send
+            (const (const (const (const {nil? cbase} :Concurrent) _) _) _)
+            :new ...)
+          (block
+            (send
+              (const (const (const (const {nil? cbase} :Concurrent) _) _) _)
+              :new ...)
+            ...)
+        }
+      PATTERN
+    end
+  end
+end

data/lib/rubocop/cop/thread_safety/class_and_module_attributes.rb

@@ -49,9 +49,8 @@ module RuboCop
             ...)
         MATCHER
 
-        def on_send(node)
-          return unless mattr?(node) || class_attr?(node) ||
-                        singleton_attr?(node)
+        def on_send(node) # rubocop:disable InternalAffairs/OnSendWithoutOnCSend
+          return unless mattr?(node) || (!class_attribute_allowed? && class_attr?(node)) || singleton_attr?(node)
 
           add_offense(node)
         end
@@ -74,6 +73,10 @@ module RuboCop
 
           false
         end
+
+        def class_attribute_allowed?
+          cop_config['ActiveSupportClassAttributeAllowed']
+        end
       end
     end
   end

data/lib/rubocop/cop/thread_safety/{instance_variable_in_class_method.rb → class_instance_variable.rb}

@@ -3,7 +3,7 @@
 module RuboCop
   module Cop
     module ThreadSafety
-      # Avoid instance variables in class methods.
+      # Avoid class instance variables.
       #
       # @example
       #   # bad
@@ -61,8 +61,8 @@ module RuboCop
       #
       #     module_function :test
       #   end
-      class InstanceVariableInClassMethod < Base
-        MSG = 'Avoid instance variables in class methods.'
+      class ClassInstanceVariable < Base
+        MSG = 'Avoid class instance variables.'
         RESTRICT_ON_SEND = %i[
           instance_variable_set
           instance_variable_get
@@ -87,7 +87,7 @@ module RuboCop
         end
         alias on_ivasgn on_ivar
 
-        def on_send(node)
+        def on_send(node) # rubocop:disable InternalAffairs/OnSendWithoutOnCSend
           return unless instance_variable_call?(node)
           return unless class_method_definition?(node)
           return if method_definition?(node)
@@ -99,21 +99,28 @@ module RuboCop
         private
 
         def class_method_definition?(node)
-          return false if method_definition?(node)
-
           in_defs?(node) ||
             in_def_sclass?(node) ||
             in_def_class_methods?(node) ||
             in_def_module_function?(node) ||
+            in_class_eval?(node) ||
             singleton_method_definition?(node)
         end
 
         def in_defs?(node)
-          node.ancestors.any?(&:defs_type?)
+          node.ancestors.any? do |ancestor|
+            break false if new_lexical_scope?(ancestor)
+
+            ancestor.defs_type?
+          end
         end
 
         def in_def_sclass?(node)
-          defn = node.ancestors.find(&:def_type?)
+          defn = node.ancestors.find do |ancestor|
+            break if new_lexical_scope?(ancestor)
+
+            ancestor.def_type?
+          end
 
           defn&.ancestors&.any?(&:sclass_type?)
         end
@@ -124,35 +131,51 @@ module RuboCop
 
         def in_def_class_methods_dsl?(node)
           node.ancestors.any? do |ancestor|
+            break if new_lexical_scope?(ancestor)
             next unless ancestor.block_type?
-            next unless ancestor.children.first.is_a? AST::SendNode
 
             ancestor.children.first.command? :class_methods
           end
         end
 
         def in_def_class_methods_module?(node)
-          defn = node.ancestors.find(&:def_type?)
-          return unless defn
+          defn = node.ancestors.find do |ancestor|
+            break if new_lexical_scope?(ancestor)
+
+            ancestor.def_type?
+          end
+          return false unless defn
 
           mod = defn.ancestors.find do |ancestor|
             %i[class module].include?(ancestor.type)
           end
-          return unless mod
+          return false unless mod
 
           class_methods_module?(mod)
         end
 
         def in_def_module_function?(node)
           defn = node.ancestors.find(&:def_type?)
-          return unless defn
+          return false unless defn
 
           defn.left_siblings.any? { |sibling| module_function_bare_access_modifier?(sibling) } ||
             defn.right_siblings.any? { |sibling| module_function_for?(sibling, defn.method_name) }
         end
 
+        def in_class_eval?(node)
+          defn = node.ancestors.find do |ancestor|
+            break if ancestor.def_type? || new_lexical_scope?(ancestor)
+
+            ancestor.block_type?
+          end
+          return false unless defn
+
+          class_eval_scope?(defn)
+        end
+
         def singleton_method_definition?(node)
           node.ancestors.any? do |ancestor|
+            break if new_lexical_scope?(ancestor)
             next unless ancestor.children.first.is_a? AST::SendNode
 
             ancestor.children.first.command? :define_singleton_method
@@ -161,6 +184,7 @@ module RuboCop
 
         def method_definition?(node)
           node.ancestors.any? do |ancestor|
+            break if new_lexical_scope?(ancestor)
             next unless ancestor.children.first.is_a? AST::SendNode
 
             ancestor.children.first.command? :define_method
@@ -199,6 +223,36 @@ module RuboCop
         def_node_matcher :module_function_for?, <<~PATTERN
           (send nil? {:module_function} ({sym str} #match_name?(%1)))
         PATTERN
+
+        # @!method new_lexical_scope?(node)
+        def_node_matcher :new_lexical_scope?, <<~PATTERN
+          {
+            (block (send (const nil? :Struct) :new ...) _ ({def defs} ...))
+            (block (send (const nil? :Class) :new ...) _ ({def defs} ...))
+            (block (send (const nil? :Data) :define ...) _ ({def defs} ...))
+            (block
+              (send nil?
+                {
+                  :prepend_around_action
+                  :prepend_before_action
+                  :before_action
+                  :append_before_action
+                  :around_action
+                  :append_around_action
+                  :append_after_action
+                  :after_action
+                  :prepend_after_action
+                }
+              )
+              ...
+            )
+          }
+        PATTERN
+
+        # @!method class_eval_scope?(node)
+        def_node_matcher :class_eval_scope?, <<~PATTERN
+          (block (send (const {nil? cbase} _) {:class_eval :class_exec}) ...)
+        PATTERN
       end
     end
   end

data/lib/rubocop/cop/thread_safety/dir_chdir.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module ThreadSafety
+      # Avoid using `Dir.chdir` due to its process-wide effect.
+      # If `AllowCallWithBlock` (disabled by default) option is enabled,
+      # calling `Dir.chdir` with block will be allowed.
+      #
+      # @example
+      #   # bad
+      #   Dir.chdir("/var/run")
+      #
+      #   # bad
+      #   FileUtils.chdir("/var/run")
+      #
+      # @example AllowCallWithBlock: false (default)
+      #   # good
+      #   Dir.chdir("/var/run") do
+      #     puts Dir.pwd
+      #   end
+      #
+      # @example AllowCallWithBlock: true
+      #   # bad
+      #   Dir.chdir("/var/run") do
+      #     puts Dir.pwd
+      #   end
+      #
+      class DirChdir < Base
+        MESSAGE = 'Avoid using `%<module>s%<dot>s%<method>s` due to its process-wide effect.'
+        RESTRICT_ON_SEND = %i[chdir cd].freeze
+
+        # @!method chdir?(node)
+        def_node_matcher :chdir?, <<~MATCHER
+          {
+            (call (const {nil? cbase} {:Dir :FileUtils}) :chdir ...)
+            (call (const {nil? cbase} :FileUtils) :cd ...)
+          }
+        MATCHER
+
+        def on_send(node)
+          return unless chdir?(node)
+          return if allow_call_with_block? && (node.block_argument? || node.parent&.block_type?)
+
+          add_offense(
+            node,
+            message: format(
+              MESSAGE,
+              module: node.receiver.short_name,
+              method: node.method_name,
+              dot: node.loc.dot.source
+            )
+          )
+        end
+        alias on_csend on_send
+
+        private
+
+        def allow_call_with_block?
+          !!cop_config['AllowCallWithBlock']
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/thread_safety/mutable_class_instance_variable.rb

@@ -7,7 +7,7 @@ module RuboCop
       # mutable literal (e.g. array or hash).
       #
       # It is based on Style/MutableConstant from RuboCop.
-      # See https://github.com/rubocop-hq/rubocop/blob/master/lib/rubocop/cop/style/mutable_constant.rb
+      # See https://github.com/rubocop/rubocop/blob/master/lib/rubocop/cop/style/mutable_constant.rb
       #
       # Class instance variables are a risk to threaded code as they are shared
       # between threads. A mutable object such as an array or hash may be
@@ -74,8 +74,10 @@ module RuboCop
       #   end
       class MutableClassInstanceVariable < Base
         extend AutoCorrector
+
         include FrozenStringLiteral
         include ConfigurableEnforcedStyle
+        include OperationWithThreadsafeResult
 
         MSG = 'Freeze mutable objects assigned to class instance variables.'
         FROZEN_STRING_LITERAL_TYPES_RUBY27 = %i[str dstr].freeze
@@ -84,22 +86,20 @@ module RuboCop
         def on_ivasgn(node)
           return unless in_class?(node)
 
-          _, value = *node
-          on_assignment(value)
+          on_assignment(node.expression)
         end
 
         def on_or_asgn(node)
-          lhs, value = *node
-          return unless lhs&.ivasgn_type?
+          return unless node.assignment_node.ivasgn_type?
           return unless in_class?(node)
 
-          on_assignment(value)
+          on_assignment(node.expression)
         end
 
         def on_masgn(node)
           return unless in_class?(node)
 
-          mlhs, values = *node
+          mlhs, values = *node # rubocop:disable InternalAffairs/NodeDestructuring
           return unless values.array_type?
 
           mlhs.to_a.zip(values.to_a).each do |lhs, value|
@@ -183,7 +183,7 @@ module RuboCop
         end
 
         def mutable_literal?(node)
-          return if node.nil?
+          return false if node.nil?
 
           node.mutable_literal? || range_type?(node)
         end
@@ -198,7 +198,7 @@ module RuboCop
         end
 
         def range_type?(node)
-          node.erange_type? || node.irange_type?
+          node.type?(:erange, :irange)
         end
 
         def correct_splat_expansion(corrector, expr, splat_value)
@@ -243,42 +243,9 @@ module RuboCop
           }
         PATTERN
 
-        # @!method operation_produces_threadsafe_object?(node)
-        def_node_matcher :operation_produces_threadsafe_object?, <<~PATTERN
-          {
-            (send (const {nil? cbase} :Queue) :new ...)
-            (send
-              (const (const {nil? cbase} :ThreadSafe) {:Hash :Array})
-              :new ...)
-            (block
-              (send
-                (const (const {nil? cbase} :ThreadSafe) {:Hash :Array})
-                :new ...)
-              ...)
-            (send (const (const {nil? cbase} :Concurrent) _) :new ...)
-            (block
-              (send (const (const {nil? cbase} :Concurrent) _) :new ...)
-              ...)
-            (send (const (const (const {nil? cbase} :Concurrent) _) _) :new ...)
-            (block
-              (send
-                (const (const (const {nil? cbase} :Concurrent) _) _)
-                :new ...)
-              ...)
-            (send
-              (const (const (const (const {nil? cbase} :Concurrent) _) _) _)
-              :new ...)
-            (block
-              (send
-                (const (const (const (const {nil? cbase} :Concurrent) _) _) _)
-                :new ...)
-              ...)
-          }
-        PATTERN
-
         # @!method range_enclosed_in_parentheses?(node)
         def_node_matcher :range_enclosed_in_parentheses?, <<~PATTERN
-          (begin ({irange erange} _ _))
+          (begin (range _ _))
         PATTERN
       end
     end

data/lib/rubocop/cop/thread_safety/new_thread.rb

@@ -12,18 +12,17 @@ module RuboCop
       #   Thread.new { do_work }
       class NewThread < Base
         MSG = 'Avoid starting new threads.'
-        RESTRICT_ON_SEND = %i[new].freeze
+        RESTRICT_ON_SEND = %i[new fork start].freeze
 
         # @!method new_thread?(node)
         def_node_matcher :new_thread?, <<~MATCHER
-          (send (const {nil? cbase} :Thread) :new)
+          (call (const {nil? cbase} :Thread) {:new :fork :start} ...)
         MATCHER
 
         def on_send(node)
-          return unless new_thread?(node)
-
-          add_offense(node)
+          new_thread?(node) { add_offense(node) }
         end
+        alias on_csend on_send
       end
     end
   end

data/lib/rubocop/cop/thread_safety/rack_middleware_instance_variable.rb

@@ -0,0 +1,121 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module ThreadSafety
+      # Avoid instance variables in rack middleware.
+      #
+      # Middlewares are initialized once, meaning any instance variables are shared between executor threads.
+      # To avoid potential race conditions, it's recommended to design middlewares to be stateless
+      # or to implement proper synchronization mechanisms.
+      #
+      # @example
+      #   # bad
+      #   class CounterMiddleware
+      #     def initialize(app)
+      #       @app = app
+      #       @counter = 0
+      #     end
+      #
+      #     def call(env)
+      #       app.call(env)
+      #     ensure
+      #       @counter += 1
+      #     end
+      #   end
+      #
+      #   # good
+      #   class CounterMiddleware
+      #     def initialize(app)
+      #       @app = app
+      #       @counter = Concurrent::AtomicReference.new(0)
+      #     end
+      #
+      #     def call(env)
+      #       app.call(env)
+      #     ensure
+      #       @counter.update { |ref| ref + 1 }
+      #     end
+      #   end
+      #
+      #   class IdentityMiddleware
+      #     def initialize(app)
+      #       @app = app
+      #     end
+      #
+      #     def call(env)
+      #       app.call(env)
+      #     end
+      #   end
+      class RackMiddlewareInstanceVariable < Base
+        include AllowedIdentifiers
+        include OperationWithThreadsafeResult
+
+        MSG = 'Avoid instance variables in Rack middleware.'
+
+        RESTRICT_ON_SEND = %i[instance_variable_get instance_variable_set].freeze
+
+        # @!method rack_middleware_like_class?(node)
+        def_node_matcher :rack_middleware_like_class?, <<~MATCHER
+          (class (const nil? _) nil? (begin <(def :initialize (args (arg _)+) ...) (def :call (args (arg _)) ...) ...>))
+        MATCHER
+
+        # @!method app_variable(node)
+        def_node_search :app_variable, <<~MATCHER
+          (def :initialize (args (arg $_) ...) `(ivasgn $_ (lvar $_)))
+        MATCHER
+
+        def on_class(node)
+          return unless rack_middleware_like_class?(node)
+
+          constructor_method = find_constructor_method(node)
+          return unless (application_variable = extract_application_variable_from_contructor_method(constructor_method))
+
+          safe_variables = extract_safe_variables_from_constructor_method(constructor_method)
+
+          node.each_node(:def) do |def_node|
+            def_node.each_node(:ivasgn, :ivar) do |ivar_node|
+              variable, = ivar_node.to_a
+              if variable == application_variable || safe_variables.include?(variable) || allowed_identifier?(variable)
+                next
+              end
+
+              add_offense ivar_node
+            end
+          end
+        end
+
+        def on_send(node)
+          argument = node.first_argument
+
+          return unless argument&.type?(:sym, :str)
+          return if allowed_identifier?(argument.value)
+
+          add_offense node
+        end
+        alias on_csend on_send
+
+        private
+
+        def find_constructor_method(class_node)
+          class_node
+            .each_node(:def)
+            .find { |node| node.method?(:initialize) && node.arguments.size >= 1 }
+        end
+
+        def extract_application_variable_from_contructor_method(constructor_method)
+          constructor_method
+            .then { |node| app_variable(node) }
+            .then { |variables| variables.first[1] if variables.first }
+        end
+
+        def extract_safe_variables_from_constructor_method(constructor_method)
+          constructor_method
+            .each_node(:ivasgn)
+            .select { |ivasgn_node| operation_produces_threadsafe_object?(ivasgn_node.to_a[1]) }
+            .map { _1.to_a[0] }
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/thread_safety/plugin.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'lint_roller'
+
+module RuboCop
+  module ThreadSafety
+    # A plugin that integrates RuboCop ThreadSafety with RuboCop's plugin system.
+    class Plugin < LintRoller::Plugin
+      # :nocov:
+      def about
+        LintRoller::About.new(
+          name: 'rubocop-thread_safety',
+          version: Version::STRING,
+          homepage: 'https://github.com/rubocop/rubocop-thread_safety',
+          description: 'Thread-safety checks via static analysis.'
+        )
+      end
+      # :nocov:
+
+      def supported?(context)
+        context.engine == :rubocop
+      end
+
+      def rules(_context)
+        project_root = Pathname.new(__dir__).join('../../..')
+
+        obsoletion = project_root.join('config', 'obsoletion.yml')
+        ConfigObsoletion.files << obsoletion
+
+        LintRoller::Rules.new(
+          type: :path,
+          config_format: :rubocop,
+          value: project_root.join('config/default.yml')
+        )
+      end
+    end
+  end
+end

data/lib/rubocop/thread_safety/version.rb

@@ -2,6 +2,6 @@
 
 module RuboCop
   module ThreadSafety
-    VERSION = '0.5.1'
+    VERSION = '0.7.0'
   end
 end

data/lib/rubocop/thread_safety.rb

@@ -3,10 +3,5 @@
 module RuboCop
   # RuboCop::ThreadSafety detects some potential thread safety issues.
   module ThreadSafety
-    PROJECT_ROOT = Pathname.new(File.expand_path('../../', __dir__))
-    CONFIG_DEFAULT = PROJECT_ROOT.join('config', 'default.yml').freeze
-    CONFIG = YAML.safe_load(CONFIG_DEFAULT.read).freeze
-
-    private_constant(:CONFIG_DEFAULT, :PROJECT_ROOT)
   end
 end

data/lib/rubocop-thread_safety.rb

@@ -4,11 +4,13 @@ require 'rubocop'
 
 require 'rubocop/thread_safety'
 require 'rubocop/thread_safety/version'
-require 'rubocop/thread_safety/inject'
+require 'rubocop/thread_safety/plugin'
 
-RuboCop::ThreadSafety::Inject.defaults!
+require 'rubocop/cop/mixin/operation_with_threadsafe_result'
 
-require 'rubocop/cop/thread_safety/instance_variable_in_class_method'
+require 'rubocop/cop/thread_safety/class_instance_variable'
 require 'rubocop/cop/thread_safety/class_and_module_attributes'
 require 'rubocop/cop/thread_safety/mutable_class_instance_variable'
 require 'rubocop/cop/thread_safety/new_thread'
+require 'rubocop/cop/thread_safety/dir_chdir'
+require 'rubocop/cop/thread_safety/rack_middleware_instance_variable'

metadata

@@ -1,105 +1,48 @@
 --- !ruby/object:Gem::Specification
 name: rubocop-thread_safety
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.7.0
 platform: ruby
 authors:
 - Michael Gee
-autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-03-29 00:00:00.000000000 Z
+date: 2025-02-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: lint_roller
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.90.0
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.90.0
-- !ruby/object:Gem::Dependency
-  name: appraisal
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.10'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '3'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.10'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
+        version: '1.72'
     - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
-  type: :development
+        version: 1.72.1
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '10.0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
+        version: '1.72'
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 1.72.1
 description: |2
       Thread-safety checks via static analysis.
       A plugin for the RuboCop code style enforcing & linting tool.
@@ -109,37 +52,31 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".github/dependabot.yml"
-- ".github/workflows/ci.yml"
-- ".github/workflows/lint.yml"
-- ".gitignore"
-- ".rspec"
-- ".rubocop.yml"
-- ".rubocop_todo.yml"
-- Appraisals
-- Gemfile
+- CHANGELOG.md
 - LICENSE.txt
 - README.md
-- Rakefile
-- bin/console
-- bin/setup
 - config/default.yml
-- gemfiles/rubocop_0.90.gemfile
-- gemfiles/rubocop_1.20.gemfile
+- config/obsoletion.yml
 - lib/rubocop-thread_safety.rb
+- lib/rubocop/cop/mixin/operation_with_threadsafe_result.rb
 - lib/rubocop/cop/thread_safety/class_and_module_attributes.rb
-- lib/rubocop/cop/thread_safety/instance_variable_in_class_method.rb
+- lib/rubocop/cop/thread_safety/class_instance_variable.rb
+- lib/rubocop/cop/thread_safety/dir_chdir.rb
 - lib/rubocop/cop/thread_safety/mutable_class_instance_variable.rb
 - lib/rubocop/cop/thread_safety/new_thread.rb
+- lib/rubocop/cop/thread_safety/rack_middleware_instance_variable.rb
 - lib/rubocop/thread_safety.rb
-- lib/rubocop/thread_safety/inject.rb
+- lib/rubocop/thread_safety/plugin.rb
 - lib/rubocop/thread_safety/version.rb
-- rubocop-thread_safety.gemspec
 homepage: https://github.com/rubocop/rubocop-thread_safety
 licenses:
 - MIT
-metadata: {}
-post_install_message: 
+metadata:
+  changelog_uri: https://github.com/rubocop/rubocop-thread_safety/blob/master/CHANGELOG.md
+  source_code_uri: https://github.com/rubocop/rubocop-thread_safety
+  bug_tracker_uri: https://github.com/rubocop/rubocop-thread_safety/issues
+  rubygems_mfa_required: 'true'
+  default_lint_roller_plugin: RuboCop::ThreadSafety::Plugin
 rdoc_options: []
 require_paths:
 - lib
@@ -147,15 +84,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.5.0
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
-signing_key: 
+rubygems_version: 3.6.3
 specification_version: 4
 summary: Thread-safety checks via static analysis
 test_files: []

data/.github/dependabot.yml

@@ -1,6 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: 'github-actions'
-    directory: '/'
-    schedule:
-      interval: 'weekly'

data/.github/workflows/ci.yml

@@ -1,26 +0,0 @@
-name: CI
-
-on: [push, pull_request]
-
-jobs:
-  test:
-
-    runs-on: ubuntu-latest
-
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby: ["2.5", "2.6", "2.7", "3.0", "3.1", "3.2", ruby-head, jruby-9.2, jruby-9.3]
-        rubocop_version: ["0.90", "1.20"]
-    env:
-      BUNDLE_GEMFILE: "gemfiles/rubocop_${{ matrix.rubocop_version }}.gemfile"
-    steps:
-    - uses: actions/checkout@v3
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        bundler-cache: true # 'bundle install' and cache gems
-        ruby-version: ${{ matrix.ruby }}
-        bundler: 2.3.26
-    - name: Run tests
-      run: bundle exec rspec

data/.github/workflows/lint.yml

@@ -1,19 +0,0 @@
-name: Lint 
-
-on: [push, pull_request]
-
-jobs:
-  lint:
-
-    runs-on: ubuntu-latest
-    name: Rubocop
-
-    steps:
-    - uses: actions/checkout@v3
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        bundler-cache: true # 'bundle install' and cache gems
-        ruby-version: "2.7" 
-    - name: Run Rubocop 
-      run: bundle exec rubocop

data/.gitignore

@@ -1,10 +0,0 @@
-/.bundle/
-/.yardoc
-/Gemfile.lock
-/gemfiles/*.lock
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/

data/.rspec

@@ -1,2 +0,0 @@
---color
---require spec_helper

data/.rubocop.yml

@@ -1,79 +0,0 @@
-inherit_from: .rubocop_todo.yml
-
-require:
-  - rubocop/cop/internal_affairs
-
-AllCops:
-  DisplayCopNames: true
-  TargetRubyVersion: 2.5
-
-Lint/RaiseException:
-  Enabled: true
-
-Lint/StructNewOverride:
-  Enabled: true
-
-Metrics/BlockLength:
-  Exclude:
-    - "spec/**/*"
-
-Metrics/ClassLength:
-  Enabled: false
-
-Metrics/MethodLength:
-  Max: 14
-
-Naming/FileName:
-  Exclude:
-    - lib/rubocop-thread_safety.rb
-    - rubocop-thread_safety.gemspec
-
-# Enable more cops that are disabled by default:
-
-Style/AutoResourceCleanup:
-  Enabled: true
-
-Style/CollectionMethods:
-  Enabled: true
-
-Style/FormatStringToken:
-  Exclude:
-    - spec/**/*
-
-Style/FrozenStringLiteralComment:
-  Exclude:
-    - "gemfiles/*.gemfile"
-
-Style/HashEachMethods:
-  Enabled: true
-
-Style/HashTransformKeys:
-  Enabled: false
-
-Style/HashTransformValues:
-  Enabled: false
-
-Style/MethodCalledOnDoEndBlock:
-  Enabled: true
-  Exclude:
-    - spec/**/*
-
-Style/MissingElse:
-  Enabled: true
-  EnforcedStyle: case
-
-Style/OptionHash:
-  Enabled: true
-
-Style/Send:
-  Enabled: true
-
-Style/StringLiterals:
-  Exclude:
-    - "gemfiles/*.gemfile"
-
-Style/StringMethods:
-  Enabled: true
-
-Style/SymbolArray:
-  Enabled: true

data/.rubocop_todo.yml

@@ -1,12 +0,0 @@
-# This configuration was generated by
-# `rubocop --auto-gen-config --no-auto-gen-timestamp`
-# using RuboCop version 1.12.1.
-# The point is for the user to remove these configuration records
-# one by one as the offenses are removed from the code base.
-# Note that changes in the inspected code, or installation of new
-# versions of RuboCop, may require this file to be generated again.
-
-# Offense count: 3
-InternalAffairs/NodeDestructuring:
-  Exclude:
-    - 'lib/rubocop/cop/thread_safety/mutable_class_instance_variable.rb'

data/Appraisals

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-appraise 'rubocop-0.90' do
-  gem 'rubocop', '~> 0.90.0'
-end
-
-appraise 'rubocop-1.20' do
-  gem 'rubocop', '~> 1.20.0'
-end

data/Gemfile

@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-source 'https://rubygems.org'
-
-# Specify your gem's dependencies in rubocop-thread_safety.gemspec
-gemspec

data/Rakefile

@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-require 'bundler/gem_tasks'
-require 'rspec/core/rake_task'
-
-RSpec::Core::RakeTask.new(:spec)
-
-task default: :spec

data/bin/console

@@ -1,15 +0,0 @@
-#!/usr/bin/env ruby
-
-# frozen_string_literal: true
-
-require 'bundler/setup'
-require 'rubocop-thread_safety'
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-require 'pry'
-Pry.start
-
-# require "irb"
-# IRB.start

data/bin/setup

@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install

data/gemfiles/rubocop_0.90.gemfile

@@ -1,7 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "rubocop", "~> 0.90.0"
-
-gemspec path: "../"

data/gemfiles/rubocop_1.20.gemfile

@@ -1,7 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "rubocop", "~> 1.20.0"
-
-gemspec path: "../"

data/lib/rubocop/thread_safety/inject.rb

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-# The original code is from https://github.com/rubocop-hq/rubocop-rspec/blob/master/lib/rubocop/rspec/inject.rb
-# See https://github.com/rubocop-hq/rubocop-rspec/blob/master/MIT_LICENSE.md
-module RuboCop
-  module ThreadSafety
-    # Because RuboCop doesn't yet support plugins, we have to monkey patch in a
-    # bit of our configuration.
-    module Inject
-      def self.defaults!
-        path = CONFIG_DEFAULT.to_s
-        hash = ConfigLoader.__send__(:load_yaml_configuration, path)
-        config = Config.new(hash, path).tap(&:make_excludes_absolute)
-        puts "configuration from \#{path}" if ConfigLoader.debug?
-        config = ConfigLoader.merge_with_default(config, path)
-        ConfigLoader.instance_variable_set(:@default_configuration, config)
-      end
-    end
-  end
-end

data/rubocop-thread_safety.gemspec

@@ -1,38 +0,0 @@
-# frozen_string_literal: true
-
-lib = File.expand_path('lib', __dir__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'rubocop/thread_safety/version'
-
-Gem::Specification.new do |spec|
-  spec.name          = 'rubocop-thread_safety'
-  spec.version       = RuboCop::ThreadSafety::VERSION
-  spec.authors       = ['Michael Gee']
-  spec.email         = ['michaelpgee@gmail.com']
-
-  spec.summary       = 'Thread-safety checks via static analysis'
-  spec.description   = <<-DESCRIPTION
-    Thread-safety checks via static analysis.
-    A plugin for the RuboCop code style enforcing & linting tool.
-  DESCRIPTION
-  spec.homepage = 'https://github.com/rubocop/rubocop-thread_safety'
-  spec.licenses = ['MIT']
-
-  spec.files = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
-  end
-
-  spec.bindir        = 'exe'
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ['lib']
-
-  spec.required_ruby_version = '>= 2.5.0'
-
-  spec.add_runtime_dependency 'rubocop', '>= 0.90.0'
-
-  spec.add_development_dependency 'appraisal'
-  spec.add_development_dependency 'bundler', '>= 1.10', '< 3'
-  spec.add_development_dependency 'pry' unless ENV['CI']
-  spec.add_development_dependency 'rake', '>= 10.0'
-  spec.add_development_dependency 'rspec', '~> 3.0'
-end