rubocop-vendor 0.6.1 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5c7f95e01811c3177f6f45897a3637053eb5b511e374551b97d1130e4032ad6d
|
|
4
|
+
data.tar.gz: eba723e710aee712fe9fb0772b723f816868e949ad011d42285e7c0229250731
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b669cc4e4852b7c56a3206ac1c90557c56ea43f7c717ff01a7445af3e305e5a4f3c55349381d2ac3840e5a05955fa2364b7bef10c446659ecc73b72e04751f52
|
|
7
|
+
data.tar.gz: f3c87ffe11f4e0e496ab9975e015c0ec1ed780c600712834403896e871826e5ede0e5798c3f39e16cf543d2c2eacff64e124c1660f35fdfbbfc608da2db104d7
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module RuboCop
|
|
4
|
+
module Cop
|
|
5
|
+
module Vendor
|
|
6
|
+
# This cop flags uses of the recursive-open-struct gem.
|
|
7
|
+
#
|
|
8
|
+
# RecursiveOpenStruct inherits from OpenStruct, which is now officially discouraged to be used
|
|
9
|
+
# for performance, version compatibility, and security issues.
|
|
10
|
+
#
|
|
11
|
+
# https://ruby-doc.org/stdlib-3.0.1/libdoc/ostruct/rdoc/OpenStruct.html#class-OpenStruct-label-Caveats
|
|
12
|
+
class RecursiveOpenStructGem < Base
|
|
13
|
+
MSG = <<~MSG.strip
|
|
14
|
+
Do not use the recursive-open-struct gem. RecursiveOpenStruct inherits from OpenStruct, which is now officially discouraged from usage due to performance, version compatibility, and security issues.
|
|
15
|
+
MSG
|
|
16
|
+
|
|
17
|
+
def on_new_investigation
|
|
18
|
+
return if processed_source.blank?
|
|
19
|
+
|
|
20
|
+
gem_declarations(processed_source.ast).each do |declaration|
|
|
21
|
+
next unless declaration.first_argument.str_content.match?('recursive-open-struct')
|
|
22
|
+
|
|
23
|
+
add_offense(declaration)
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
# @!method gem_declarations(node)
|
|
28
|
+
def_node_search :gem_declarations, <<~PATTERN
|
|
29
|
+
(:send nil? :gem str ...)
|
|
30
|
+
PATTERN
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module RuboCop
|
|
4
|
+
module Cop
|
|
5
|
+
module Vendor
|
|
6
|
+
# This cop flags uses of RecursiveOpenStruct. RecursiveOpenStruct is a library used in the
|
|
7
|
+
# Wealthsimple ecosystem that is being phased out due to security issues.
|
|
8
|
+
#
|
|
9
|
+
# RecursiveOpenStruct inherits from OpenStruct, which is now officially discouraged to be used
|
|
10
|
+
# for performance, version compatibility, and security issues.
|
|
11
|
+
#
|
|
12
|
+
# @safety
|
|
13
|
+
#
|
|
14
|
+
# Note that this cop may flag false positives; for instance, the following legal
|
|
15
|
+
# use of a hand-rolled `RecursiveOpenStruct` type would be considered an offense:
|
|
16
|
+
#
|
|
17
|
+
# ```
|
|
18
|
+
# module MyNamespace
|
|
19
|
+
# class RecursiveOpenStruct # not the RecursiveOpenStruct we're looking for
|
|
20
|
+
# end
|
|
21
|
+
#
|
|
22
|
+
# def new_struct
|
|
23
|
+
# RecursiveOpenStruct.new # resolves to MyNamespace::RecursiveOpenStruct
|
|
24
|
+
# end
|
|
25
|
+
# end
|
|
26
|
+
# ```
|
|
27
|
+
#
|
|
28
|
+
# @example
|
|
29
|
+
#
|
|
30
|
+
# # bad
|
|
31
|
+
# point = RecursiveOpenStruct.new(x: 0, y: 1)
|
|
32
|
+
#
|
|
33
|
+
# # good
|
|
34
|
+
# Point = Struct.new(:x, :y)
|
|
35
|
+
# point = Point.new(0, 1)
|
|
36
|
+
#
|
|
37
|
+
# # also good
|
|
38
|
+
# point = { x: 0, y: 1 }
|
|
39
|
+
#
|
|
40
|
+
# # bad
|
|
41
|
+
# test_double = RecursiveOpenStruct.new(a: 'b')
|
|
42
|
+
#
|
|
43
|
+
# # good (assumes test using rspec-mocks)
|
|
44
|
+
# test_double = double
|
|
45
|
+
# allow(test_double).to receive(:a).and_return('b')
|
|
46
|
+
#
|
|
47
|
+
class RecursiveOpenStructUse < Cop
|
|
48
|
+
MSG = <<~MSG.strip
|
|
49
|
+
Avoid using `RecursiveOpenStruct`; use `Struct`, `Hash`, a class or test doubles instead.
|
|
50
|
+
MSG
|
|
51
|
+
|
|
52
|
+
# @!method uses_recursive_open_struct?(node)
|
|
53
|
+
def_node_matcher :uses_recursive_open_struct?, <<-PATTERN
|
|
54
|
+
(const {nil? (cbase)} :RecursiveOpenStruct)
|
|
55
|
+
PATTERN
|
|
56
|
+
|
|
57
|
+
def on_const(node)
|
|
58
|
+
return unless uses_recursive_open_struct?(node)
|
|
59
|
+
return if custom_class_or_module_definition?(node)
|
|
60
|
+
|
|
61
|
+
add_offense(node)
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
private
|
|
65
|
+
|
|
66
|
+
def custom_class_or_module_definition?(node)
|
|
67
|
+
parent = node.parent
|
|
68
|
+
|
|
69
|
+
(parent.class_type? || parent.module_type?) && node.left_siblings.empty?
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
end
|
|
@@ -3,6 +3,8 @@
|
|
|
3
3
|
module RuboCop
|
|
4
4
|
end
|
|
5
5
|
|
|
6
|
+
require_relative 'vendor/recursive_open_struct_gem'
|
|
7
|
+
require_relative 'vendor/recursive_open_struct_use'
|
|
6
8
|
require_relative 'vendor/rollbar_inside_rescue'
|
|
7
9
|
require_relative 'vendor/rollbar_interpolation'
|
|
8
10
|
require_relative 'vendor/rollbar_log'
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rubocop-vendor
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Danilo Cabello
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2021-
|
|
13
|
+
date: 2021-12-06 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: rubocop
|
|
@@ -82,6 +82,8 @@ files:
|
|
|
82
82
|
- README.md
|
|
83
83
|
- config/default.yml
|
|
84
84
|
- lib/rubocop-vendor.rb
|
|
85
|
+
- lib/rubocop/cop/vendor/recursive_open_struct_gem.rb
|
|
86
|
+
- lib/rubocop/cop/vendor/recursive_open_struct_use.rb
|
|
85
87
|
- lib/rubocop/cop/vendor/rollbar_inside_rescue.rb
|
|
86
88
|
- lib/rubocop/cop/vendor/rollbar_interpolation.rb
|
|
87
89
|
- lib/rubocop/cop/vendor/rollbar_log.rb
|