rubocop 0.87.1

data/lib/rubocop/cop/security/eval.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Security
+      # This cop checks for the use of `Kernel#eval` and `Binding#eval`.
+      #
+      # @example
+      #
+      #   # bad
+      #
+      #   eval(something)
+      #   binding.eval(something)
+      class Eval < Cop
+        MSG = 'The use of `eval` is a serious security risk.'
+
+        def_node_matcher :eval?, <<~PATTERN
+          (send {nil? (send nil? :binding)} :eval $!str ...)
+        PATTERN
+
+        def on_send(node)
+          eval?(node) do |code|
+            return if code.dstr_type? && code.recursive_literal?
+
+            add_offense(node, location: :selector)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/security/json_load.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Security
+      # This cop checks for the use of JSON class methods which have potential
+      # security issues.
+      #
+      # Autocorrect is disabled by default because it's potentially dangerous.
+      # If using a stream, like `JSON.load(open('file'))`, it will need to call
+      # `#read` manually, like `JSON.parse(open('file').read)`.
+      # If reading single values (rather than proper JSON objects), like
+      # `JSON.load('false')`, it will need to pass the `quirks_mode: true`
+      # option, like `JSON.parse('false', quirks_mode: true)`.
+      # Other similar issues may apply.
+      #
+      # @example
+      #   # bad
+      #   JSON.load("{}")
+      #   JSON.restore("{}")
+      #
+      #   # good
+      #   JSON.parse("{}")
+      #
+      class JSONLoad < Cop
+        MSG = 'Prefer `JSON.parse` over `JSON.%<method>s`.'
+
+        def_node_matcher :json_load, <<~PATTERN
+          (send (const {nil? cbase} :JSON) ${:load :restore} ...)
+        PATTERN
+
+        def on_send(node)
+          json_load(node) do |method|
+            add_offense(node,
+                        location: :selector,
+                        message: format(MSG, method: method))
+          end
+        end
+
+        def autocorrect(node)
+          ->(corrector) { corrector.replace(node.loc.selector, 'parse') }
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/security/marshal_load.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Security
+      # This cop checks for the use of Marshal class methods which have
+      # potential security issues leading to remote code execution when
+      # loading from an untrusted source.
+      #
+      # @example
+      #   # bad
+      #   Marshal.load("{}")
+      #   Marshal.restore("{}")
+      #
+      #   # good
+      #   Marshal.dump("{}")
+      #
+      #   # okish - deep copy hack
+      #   Marshal.load(Marshal.dump({}))
+      #
+      class MarshalLoad < Cop
+        MSG = 'Avoid using `Marshal.%<method>s`.'
+
+        def_node_matcher :marshal_load, <<~PATTERN
+          (send (const {nil? cbase} :Marshal) ${:load :restore}
+          !(send (const {nil? cbase} :Marshal) :dump ...))
+        PATTERN
+
+        def on_send(node)
+          marshal_load(node) do |method|
+            add_offense(node,
+                        location: :selector,
+                        message: format(MSG, method: method))
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/security/open.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Security
+      # This cop checks for the use of `Kernel#open`.
+      #
+      # `Kernel#open` enables not only file access but also process invocation
+      # by prefixing a pipe symbol (e.g., `open("| ls")`). So, it may lead to
+      # a serious security risk by using variable input to the argument of
+      # `Kernel#open`. It would be better to use `File.open`, `IO.popen` or
+      # `URI#open` explicitly.
+      #
+      # @example
+      #   # bad
+      #   open(something)
+      #
+      #   # good
+      #   File.open(something)
+      #   IO.popen(something)
+      #   URI.parse(something).open
+      class Open < Cop
+        MSG = 'The use of `Kernel#open` is a serious security risk.'
+
+        def_node_matcher :open?, <<~PATTERN
+          (send nil? :open $!str ...)
+        PATTERN
+
+        def on_send(node)
+          open?(node) do |code|
+            return if safe?(code)
+
+            add_offense(node, location: :selector)
+          end
+        end
+
+        private
+
+        def safe?(node)
+          if simple_string?(node)
+            safe_argument?(node.str_content)
+          elsif composite_string?(node)
+            safe?(node.children.first)
+          else
+            false
+          end
+        end
+
+        def safe_argument?(argument)
+          !argument.empty? && !argument.start_with?('|')
+        end
+
+        def simple_string?(node)
+          node.str_type?
+        end
+
+        def composite_string?(node)
+          interpolated_string?(node) || concatenated_string?(node)
+        end
+
+        def interpolated_string?(node)
+          node.dstr_type?
+        end
+
+        def concatenated_string?(node)
+          node.send_type? && node.method?(:+) && node.receiver.str_type?
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/security/yaml_load.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Security
+      # This cop checks for the use of YAML class methods which have
+      # potential security issues leading to remote code execution when
+      # loading from an untrusted source.
+      #
+      # @example
+      #   # bad
+      #   YAML.load("--- foo")
+      #
+      #   # good
+      #   YAML.safe_load("--- foo")
+      #   YAML.dump("foo")
+      #
+      class YAMLLoad < Cop
+        MSG = 'Prefer using `YAML.safe_load` over `YAML.load`.'
+
+        def_node_matcher :yaml_load, <<~PATTERN
+          (send (const {nil? cbase} :YAML) :load ...)
+        PATTERN
+
+        def on_send(node)
+          yaml_load(node) do
+            add_offense(node, location: :selector)
+          end
+        end
+
+        def autocorrect(node)
+          ->(corrector) { corrector.replace(node.loc.selector, 'safe_load') }
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/severity.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    # Severity class is simple value object about severity
+    class Severity
+      include Comparable
+
+      # @api private
+      NAMES = %i[refactor convention warning error fatal].freeze
+
+      # @api private
+      CODE_TABLE = { R: :refactor, C: :convention,
+                     W: :warning, E: :error, F: :fatal }.freeze
+
+      # @api public
+      #
+      # @!attribute [r] name
+      #
+      # @return [Symbol]
+      #   severity.
+      #   any of `:refactor`, `:convention`, `:warning`, `:error` or `:fatal`.
+      attr_reader :name
+
+      # @api private
+      def self.name_from_code(code)
+        name = code.to_sym
+        CODE_TABLE[name] || name
+      end
+
+      # @api private
+      def initialize(name_or_code)
+        name = Severity.name_from_code(name_or_code)
+        raise ArgumentError, "Unknown severity: #{name}" unless NAMES.include?(name)
+
+        @name = name.freeze
+        freeze
+      end
+
+      # @api private
+      def to_s
+        @name.to_s
+      end
+
+      # @api private
+      def code
+        @name.to_s[0].upcase
+      end
+
+      # @api private
+      def level
+        NAMES.index(name) + 1
+      end
+
+      # @api private
+      def ==(other)
+        @name == if other.is_a?(Symbol)
+                   other
+                 else
+                   other.name
+                 end
+      end
+
+      # @api private
+      def hash
+        @name.hash
+      end
+
+      # @api private
+      def <=>(other)
+        level <=> other.level
+      end
+    end
+  end
+end

data/lib/rubocop/cop/style/access_modifier_declarations.rb

@@ -0,0 +1,132 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Style
+      # Access modifiers should be declared to apply to a group of methods
+      # or inline before each method, depending on configuration.
+      # EnforcedStyle config covers only method definitions.
+      # Applications of visibility methods to symbols can be controlled
+      # using AllowModifiersOnSymbols config.
+      #
+      # @example EnforcedStyle: group (default)
+      #   # bad
+      #   class Foo
+      #
+      #     private def bar; end
+      #     private def baz; end
+      #
+      #   end
+      #
+      #   # good
+      #   class Foo
+      #
+      #     private
+      #
+      #     def bar; end
+      #     def baz; end
+      #
+      #   end
+      #
+      # @example EnforcedStyle: inline
+      #   # bad
+      #   class Foo
+      #
+      #     private
+      #
+      #     def bar; end
+      #     def baz; end
+      #
+      #   end
+      #
+      #   # good
+      #   class Foo
+      #
+      #     private def bar; end
+      #     private def baz; end
+      #
+      #   end
+      #
+      # @example AllowModifiersOnSymbols: true
+      #   # good
+      #   class Foo
+      #
+      #     private :bar, :baz
+      #
+      #   end
+      #
+      # @example AllowModifiersOnSymbols: false
+      #   # bad
+      #   class Foo
+      #
+      #     private :bar, :baz
+      #
+      #   end
+      class AccessModifierDeclarations < Cop
+        include ConfigurableEnforcedStyle
+
+        GROUP_STYLE_MESSAGE = [
+          '`%<access_modifier>s` should not be',
+          'inlined in method definitions.'
+        ].join(' ')
+
+        INLINE_STYLE_MESSAGE = [
+          '`%<access_modifier>s` should be',
+          'inlined in method definitions.'
+        ].join(' ')
+
+        def_node_matcher :access_modifier_with_symbol?, <<~PATTERN
+          (send nil? {:private :protected :public} (sym _))
+        PATTERN
+
+        def on_send(node)
+          return unless node.access_modifier?
+          return if node.parent.pair_type?
+          return if cop_config['AllowModifiersOnSymbols'] &&
+                    access_modifier_with_symbol?(node)
+
+          if offense?(node)
+            add_offense(node, location: :selector) do
+              opposite_style_detected
+            end
+          else
+            correct_style_detected
+          end
+        end
+
+        private
+
+        def offense?(node)
+          (group_style? && access_modifier_is_inlined?(node)) ||
+            (inline_style? && access_modifier_is_not_inlined?(node))
+        end
+
+        def group_style?
+          style == :group
+        end
+
+        def inline_style?
+          style == :inline
+        end
+
+        def access_modifier_is_inlined?(node)
+          node.arguments.any?
+        end
+
+        def access_modifier_is_not_inlined?(node)
+          !access_modifier_is_inlined?(node)
+        end
+
+        def message(node)
+          access_modifier = node.loc.selector.source
+
+          if group_style?
+            format(GROUP_STYLE_MESSAGE, access_modifier: access_modifier)
+          elsif inline_style?
+            format(INLINE_STYLE_MESSAGE, access_modifier: access_modifier)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/style/accessor_grouping.rb

@@ -0,0 +1,140 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Style
+      # This cop checks for grouping of accessors in `class` and `module` bodies.
+      # By default it enforces accessors to be placed in grouped declarations,
+      # but it can be configured to enforce separating them in multiple declarations.
+      #
+      # @example EnforcedStyle: grouped (default)
+      #   # bad
+      #   class Foo
+      #     attr_reader :bar
+      #     attr_reader :baz
+      #   end
+      #
+      #   # good
+      #   class Foo
+      #     attr_reader :bar, :baz
+      #   end
+      #
+      # @example EnforcedStyle: separated
+      #   # bad
+      #   class Foo
+      #     attr_reader :bar, :baz
+      #   end
+      #
+      #   # good
+      #   class Foo
+      #     attr_reader :bar
+      #     attr_reader :baz
+      #   end
+      #
+      class AccessorGrouping < Cop
+        include ConfigurableEnforcedStyle
+        include VisibilityHelp
+
+        GROUPED_MSG = 'Group together all `%<accessor>s` attributes.'
+        SEPARATED_MSG = 'Use one attribute per `%<accessor>s`.'
+
+        ACCESSOR_METHODS = %i[attr_reader attr_writer attr_accessor attr].freeze
+
+        def on_class(node)
+          class_send_elements(node).each do |macro|
+            next unless accessor?(macro)
+
+            check(macro)
+          end
+        end
+        alias on_sclass on_class
+        alias on_module on_class
+
+        def autocorrect(node)
+          lambda do |corrector|
+            corrector.replace(node, correction(node))
+          end
+        end
+
+        private
+
+        def class_send_elements(class_node)
+          class_def = class_node.body
+
+          if !class_def || class_def.def_type?
+            []
+          elsif class_def.send_type?
+            [class_def]
+          else
+            class_def.each_child_node(:send).to_a
+          end
+        end
+
+        def accessor?(send_node)
+          send_node.macro? && ACCESSOR_METHODS.include?(send_node.method_name)
+        end
+
+        def check(send_node)
+          if grouped_style? && sibling_accessors(send_node).size > 1
+            add_offense(send_node)
+          elsif separated_style? && send_node.arguments.size > 1
+            add_offense(send_node)
+          end
+        end
+
+        def grouped_style?
+          style == :grouped
+        end
+
+        def separated_style?
+          style == :separated
+        end
+
+        def sibling_accessors(send_node)
+          send_node.parent.each_child_node(:send).select do |sibling|
+            accessor?(sibling) &&
+              sibling.method?(send_node.method_name) &&
+              node_visibility(sibling) == node_visibility(send_node)
+          end
+        end
+
+        def message(send_node)
+          msg = grouped_style? ? GROUPED_MSG : SEPARATED_MSG
+          format(msg, accessor: send_node.method_name)
+        end
+
+        def correction(node)
+          if grouped_style?
+            accessors = sibling_accessors(node)
+            if node == accessors.first
+              group_accessors(node, accessors)
+            else
+              ''
+            end
+          else
+            separate_accessors(node)
+          end
+        end
+
+        def group_accessors(node, accessors)
+          accessor_names = accessors.flat_map do |accessor|
+            accessor.arguments.map(&:source)
+          end
+
+          "#{node.method_name} #{accessor_names.join(', ')}"
+        end
+
+        def separate_accessors(node)
+          node.arguments.map do |arg|
+            if arg == node.arguments.first
+              "#{node.method_name} #{arg.source}"
+            else
+              indent = ' ' * node.loc.column
+              "#{indent}#{node.method_name} #{arg.source}"
+            end
+          end.join("\n")
+        end
+      end
+    end
+  end
+end