rubocop 0.91.1 → 1.1.0

data/lib/rubocop/cop/lint/to_json.rb

@@ -31,7 +31,7 @@ module RuboCop
       class ToJSON < Base
         extend AutoCorrector
 
-        MSG = ' `#to_json` requires an optional argument to be parsable ' \
+        MSG = '`#to_json` requires an optional argument to be parsable ' \
           'via JSON.generate(obj).'
 
         def on_def(node)

data/lib/rubocop/cop/lint/unmodified_reduce_accumulator.rb

@@ -0,0 +1,185 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Lint
+      # Looks for `reduce` or `inject` blocks where the value returned (implicitly or
+      # explicitly) does not include the accumulator. A block is considered valid as
+      # long as at least one return value includes the accumulator.
+      #
+      # If the accumulator is not included in the return value, then the entire
+      # block will just return a transformation of the last element value, and
+      # could be rewritten as such without a loop.
+      #
+      # Also catches instances where an index of the accumulator is returned, as
+      # this may change the type of object being retained.
+      #
+      # NOTE: For the purpose of reducing false positives, this cop only flags
+      # returns in `reduce` blocks where the element is the only variable in
+      # the expression (since we will not be able to tell what other variables
+      # relate to via static analysis).
+      #
+      # @example
+      #
+      #   # bad
+      #   (1..4).reduce(0) do |acc, el|
+      #     el * 2
+      #   end
+      #
+      #   # bad, may raise a NoMethodError after the first iteration
+      #   %w(a b c).reduce({}) do |acc, letter|
+      #     acc[letter] = true
+      #   end
+      #
+      #   # good
+      #   (1..4).reduce(0) do |acc, el|
+      #     acc + el * 2
+      #   end
+      #
+      #   # good, element is returned but modified using the accumulator
+      #   values.reduce do |acc, el|
+      #     el << acc
+      #     el
+      #   end
+      #
+      #   # good, returns the accumulator instead of the index
+      #   %w(a b c).reduce({}) do |acc, letter|
+      #     acc[letter] = true
+      #     acc
+      #   end
+      #
+      #   # good, at least one branch returns the accumulator
+      #   values.reduce(nil) do |result, value|
+      #     break result if something?
+      #     value
+      #   end
+      #
+      #   # ignored as the return value cannot be determined
+      #   enum.reduce do |acc, el|
+      #     x = foo(acc, el)
+      #     bar(x)
+      #   end
+      class UnmodifiedReduceAccumulator < Base
+        MSG = 'Ensure the accumulator `%<accum>s` will be modified by `%<method>s`.'
+        MSG_INDEX = 'Do not return an element of the accumulator in `%<method>s`.'
+
+        def_node_matcher :reduce_with_block?, <<~PATTERN
+          (block (send _recv {:reduce :inject} ...) (args arg+) ...)
+        PATTERN
+
+        def_node_matcher :accumulator_index?, <<~PATTERN
+          (send (lvar %1) {:[] :[]=} ...)
+        PATTERN
+
+        def_node_search :element_modified?, <<~PATTERN
+          {
+            (send _receiver !{:[] :[]=} <`(lvar %1) `_ ...>)               # method(el, ...)
+            (send (lvar %1) _message <{ivar gvar cvar lvar send} ...>)     # el.method(...)
+            (lvasgn %1 _)                                                  # el = ...
+            (%RuboCop::AST::Node::SHORTHAND_ASSIGNMENTS (lvasgn %1) ... _) # el += ...
+          }
+        PATTERN
+
+        def_node_matcher :lvar_used?, <<~PATTERN
+          {
+            (lvar %1)
+            (lvasgn %1 ...)
+            (send (lvar %1) :<< ...)
+            (dstr (begin (lvar %1)))
+            (%RuboCop::AST::Node::SHORTHAND_ASSIGNMENTS (lvasgn %1))
+          }
+        PATTERN
+
+        def_node_search :expression_values, <<~PATTERN
+          {
+            (%RuboCop::AST::Node::VARIABLES $_)
+            (%RuboCop::AST::Node::EQUALS_ASSIGNMENTS $_ ...)
+            (send (%RuboCop::AST::Node::VARIABLES $_) :<< ...)
+            $(send _ _)
+            (dstr (begin {(%RuboCop::AST::Node::VARIABLES $_)}))
+            (%RuboCop::AST::Node::SHORTHAND_ASSIGNMENTS (%RuboCop::AST::Node::EQUALS_ASSIGNMENTS $_) ...)
+          }
+        PATTERN
+
+        def on_block(node)
+          return unless reduce_with_block?(node)
+
+          check_return_values(node)
+        end
+
+        private
+
+        # Return values in a block are either the value given to next,
+        # the last line of a multiline block, or the only line of the block
+        def return_values(block_body_node)
+          nodes = [block_body_node.begin_type? ? block_body_node.child_nodes.last : block_body_node]
+
+          block_body_node.each_descendant(:next, :break) do |n|
+            # Ignore `next`/`break` inside an inner block
+            next if n.each_ancestor(:block).first != block_body_node.parent
+            next unless n.first_argument
+
+            nodes << n.first_argument
+          end
+
+          nodes
+        end
+
+        def check_return_values(block_node)
+          return_values = return_values(block_node.body)
+          accumulator_name = block_arg_name(block_node, 0)
+          element_name = block_arg_name(block_node, 1)
+          message_opts = { method: block_node.method_name, accum: accumulator_name }
+
+          if (node = returned_accumulator_index(return_values, accumulator_name))
+            add_offense(node, message: format(MSG_INDEX, message_opts))
+          elsif potential_offense?(return_values, block_node.body, element_name, accumulator_name)
+            return_values.each do |return_val|
+              unless acceptable_return?(return_val, element_name)
+                add_offense(return_val, message: format(MSG, message_opts))
+              end
+            end
+          end
+        end
+
+        def block_arg_name(node, index)
+          node.arguments[index].node_parts[0]
+        end
+
+        # Look for an index of the accumulator being returned
+        # This is always an offense, in order to try to catch potential exceptions
+        # due to type mismatches
+        def returned_accumulator_index(return_values, accumulator_name)
+          return_values.detect { |val| accumulator_index?(val, accumulator_name) }
+        end
+
+        def potential_offense?(return_values, block_body, element_name, accumulator_name)
+          !(element_modified?(block_body, element_name) ||
+            returns_accumulator_anywhere?(return_values, accumulator_name))
+        end
+
+        # If the accumulator is used in any return value, the node is acceptable since
+        # the accumulator has a chance to change each iteration
+        def returns_accumulator_anywhere?(return_values, accumulator_name)
+          return_values.any? { |node| lvar_used?(node, accumulator_name) }
+        end
+
+        # Determine if a return value is acceptable for the purposes of this cop
+        # If it is an expression containing the accumulator, it is acceptable
+        # Otherwise, it is only unacceptable if it contains the iterated element, since we
+        # otherwise do not have enough information to prevent false positives.
+        def acceptable_return?(return_val, element_name)
+          vars = expression_values(return_val).uniq
+          return true if vars.none? || (vars - [element_name]).any?
+
+          false
+        end
+
+        # Exclude `begin` nodes inside a `dstr` from being collected by `return_values`
+        def allowed_type?(parent_node)
+          !parent_node.dstr_type?
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/lint/useless_access_modifier.rb

@@ -255,7 +255,7 @@ module RuboCop
               PATTERN
             end
 
-            send(matcher_name, child)
+            public_send(matcher_name, child)
           end
         end
 
@@ -279,7 +279,7 @@ module RuboCop
               PATTERN
             end
 
-            send(matcher_name, child)
+            public_send(matcher_name, child)
           end
         end
       end

data/lib/rubocop/cop/metrics/block_length.rb

@@ -29,6 +29,8 @@ module RuboCop
       #       content.
       #     HEREDOC
       #   end                 # 5 points
+      #
+      # NOTE: This cop does not apply for `Struct` definitions.
       class BlockLength < Base
         include CodeLength
 
@@ -36,7 +38,7 @@ module RuboCop
 
         def on_block(node)
           return if excluded_method?(node)
-          return if node.class_constructor?
+          return if node.class_constructor? || node.struct_constructor?
 
           check_code_length(node)
         end

data/lib/rubocop/cop/metrics/class_length.rb

@@ -29,6 +29,8 @@ module RuboCop
       #     HEREDOC
       #   end                 # 5 points
       #
+      #
+      # NOTE: This cop also applies for `Struct` definitions.
       class ClassLength < Base
         include CodeLength
 
@@ -37,17 +39,23 @@ module RuboCop
         end
 
         def on_casgn(node)
-          class_definition?(node) do
-            check_code_length(node)
+          parent = node.parent
+
+          if parent&.assignment?
+            block_node = parent.children[1]
+          elsif parent&.parent&.masgn_type?
+            block_node = parent.parent.children[1]
+          else
+            _scope, _name, block_node = *node
           end
+
+          return unless block_node.respond_to?(:class_definition?) && block_node.class_definition?
+
+          check_code_length(block_node)
         end
 
         private
 
-        def_node_matcher :class_definition?, <<~PATTERN
-          (casgn nil? _ (block (send (const {nil? cbase} :Class) :new) ...))
-        PATTERN
-
         def message(length, max_length)
           format('Class has too many lines. [%<length>d/%<max>d]',
                  length: length,

data/lib/rubocop/cop/metrics/parameter_lists.rb

@@ -12,6 +12,9 @@ module RuboCop
         MSG = 'Avoid parameter lists longer than %<max>d parameters. ' \
               '[%<count>d/%<max>d]'
 
+        NAMED_KEYWORD_TYPES = %i[kwoptarg kwarg].freeze
+        private_constant :NAMED_KEYWORD_TYPES
+
         def on_args(node)
           count = args_count(node)
           return unless count > max_params
@@ -33,7 +36,7 @@ module RuboCop
           if count_keyword_args?
             node.children.size
           else
-            node.children.count { |a| !%i[kwoptarg kwarg].include?(a.type) }
+            node.children.count { |a| !NAMED_KEYWORD_TYPES.include?(a.type) }
           end
         end
 

data/lib/rubocop/cop/mixin/hash_transform_method.rb

@@ -137,7 +137,7 @@ module RuboCop
       end
 
       # Internal helper class to hold autocorrect data
-      Autocorrection = Struct.new(:match, :block_node, :leading, :trailing) do # rubocop:disable Metrics/BlockLength
+      Autocorrection = Struct.new(:match, :block_node, :leading, :trailing) do
         def self.from_each_with_object(node, match)
           new(match, node, 0, 0)
         end

data/lib/rubocop/cop/mixin/line_length_help.rb

@@ -57,7 +57,7 @@ module RuboCop
       def indentation_difference(line)
         return 0 unless tab_indentation_width
 
-        line.match(/^\t*/)[0].size * (tab_indentation_width - 1)
+        (line.index(/[^\t]/) || 0) * (tab_indentation_width - 1)
       end
 
       def tab_indentation_width

data/lib/rubocop/cop/naming/binary_operator_parameter_name.rb

@@ -18,7 +18,7 @@ module RuboCop
               'name its argument `other`.'
 
         OP_LIKE_METHODS = %i[eql? equal?].freeze
-        EXCLUDED = %i[+@ -@ [] []= << === `].freeze
+        EXCLUDED = %i[+@ -@ [] []= << === ` =~].freeze
 
         def_node_matcher :op_method_candidate?, <<~PATTERN
           (def [#op_method? $_] (args $(arg [!:other !:_other])) _)

data/lib/rubocop/cop/naming/predicate_name.rb

@@ -67,7 +67,8 @@ module RuboCop
         private
 
         def allowed_method_name?(method_name, prefix)
-          !method_name.match?(/^#{prefix}[^0-9]/) ||
+          !(method_name.start_with?(prefix) && # cheap check to avoid allocating Regexp
+              method_name.match?(/^#{prefix}[^0-9]/)) ||
             method_name == expected_name(method_name, prefix) ||
             method_name.end_with?('=') ||
             allowed_method?(method_name)

data/lib/rubocop/cop/offense.rb

@@ -63,10 +63,23 @@ module RuboCop
       attr_reader :corrector
 
       PseudoSourceRange = Struct.new(:line, :column, :source_line, :begin_pos,
-                                     :end_pos)
+                                     :end_pos) do
+        alias_method :first_line, :line
+        alias_method :last_line, :line
+        alias_method :last_column, :column
+
+        def column_range
+          column...last_column
+        end
+
+        def size
+          end_pos - begin_pos
+        end
+        alias_method :length, :size
+      end
       private_constant :PseudoSourceRange
 
-      NO_LOCATION = PseudoSourceRange.new(1, 0, '', 0, 1).freeze
+      NO_LOCATION = PseudoSourceRange.new(1, 0, '', 0, 0).freeze
 
       # @api private
       def initialize(severity, location, message, cop_name, # rubocop:disable Metrics/ParameterLists
@@ -200,7 +213,7 @@ module RuboCop
       #   returns `true` if two offenses contain same attributes
       def ==(other)
         COMPARISON_ATTRIBUTES.all? do |attribute|
-          send(attribute) == other.send(attribute)
+          public_send(attribute) == other.public_send(attribute)
         end
       end
 
@@ -208,7 +221,7 @@ module RuboCop
 
       def hash
         COMPARISON_ATTRIBUTES.reduce(0) do |hash, attribute|
-          hash ^ send(attribute).hash
+          hash ^ public_send(attribute).hash
         end
       end
 
@@ -221,7 +234,7 @@ module RuboCop
       #   comparison result
       def <=>(other)
         COMPARISON_ATTRIBUTES.each do |attribute|
-          result = send(attribute) <=> other.send(attribute)
+          result = public_send(attribute) <=> other.public_send(attribute)
           return result unless result.zero?
         end
         0

data/lib/rubocop/cop/security/open.rb

@@ -3,35 +3,37 @@
 module RuboCop
   module Cop
     module Security
-      # This cop checks for the use of `Kernel#open`.
+      # This cop checks for the use of `Kernel#open` and `URI.open`.
       #
-      # `Kernel#open` enables not only file access but also process invocation
-      # by prefixing a pipe symbol (e.g., `open("| ls")`). So, it may lead to
-      # a serious security risk by using variable input to the argument of
-      # `Kernel#open`. It would be better to use `File.open`, `IO.popen` or
-      # `URI#open` explicitly.
+      # `Kernel#open` and `URI.open` enable not only file access but also process
+      # invocation by prefixing a pipe symbol (e.g., `open("| ls")`).
+      # So, it may lead to a serious security risk by using variable input to
+      # the argument of `Kernel#open` and `URI.open`. It would be better to use
+      # `File.open`, `IO.popen` or `URI.parse#open` explicitly.
       #
       # @example
       #   # bad
       #   open(something)
+      #   URI.open(something)
       #
       #   # good
       #   File.open(something)
       #   IO.popen(something)
       #   URI.parse(something).open
       class Open < Base
-        MSG = 'The use of `Kernel#open` is a serious security risk.'
+        MSG = 'The use of `%<receiver>sopen` is a serious security risk.'
         RESTRICT_ON_SEND = %i[open].freeze
 
         def_node_matcher :open?, <<~PATTERN
-          (send nil? :open $!str ...)
+          (send ${nil? (const {nil? cbase} :URI)} :open $!str ...)
         PATTERN
 
         def on_send(node)
-          open?(node) do |code|
+          open?(node) do |receiver, code|
             return if safe?(code)
 
-            add_offense(node.loc.selector)
+            message = format(MSG, receiver: receiver ? "#{receiver.source}." : 'Kernel#')
+            add_offense(node.loc.selector, message: message)
           end
         end
 

data/lib/rubocop/cop/style/access_modifier_declarations.rb

@@ -83,8 +83,8 @@ module RuboCop
 
         def on_send(node)
           return unless node.access_modifier?
-          return if node.parent.pair_type?
-          return if cop_config['AllowModifiersOnSymbols'] && access_modifier_with_symbol?(node)
+          return if node.parent&.pair_type?
+          return if allow_modifiers_on_symbols?(node)
 
           if offense?(node)
             add_offense(node.loc.selector) if opposite_style_detected
@@ -95,6 +95,10 @@ module RuboCop
 
         private
 
+        def allow_modifiers_on_symbols?(node)
+          cop_config['AllowModifiersOnSymbols'] && access_modifier_with_symbol?(node)
+        end
+
         def offense?(node)
           (group_style? && access_modifier_is_inlined?(node)) ||
             (inline_style? && access_modifier_is_not_inlined?(node))