rubocop 0.93.0 → 1.3.0

data/lib/rubocop/cop/offense.rb

@@ -213,7 +213,7 @@ module RuboCop
       #   returns `true` if two offenses contain same attributes
       def ==(other)
         COMPARISON_ATTRIBUTES.all? do |attribute|
-          send(attribute) == other.send(attribute)
+          public_send(attribute) == other.public_send(attribute)
         end
       end
 
@@ -221,7 +221,7 @@ module RuboCop
 
       def hash
         COMPARISON_ATTRIBUTES.reduce(0) do |hash, attribute|
-          hash ^ send(attribute).hash
+          hash ^ public_send(attribute).hash
         end
       end
 
@@ -234,7 +234,7 @@ module RuboCop
       #   comparison result
       def <=>(other)
         COMPARISON_ATTRIBUTES.each do |attribute|
-          result = send(attribute) <=> other.send(attribute)
+          result = public_send(attribute) <=> other.public_send(attribute)
           return result unless result.zero?
         end
         0

data/lib/rubocop/cop/security/open.rb

@@ -3,35 +3,37 @@
 module RuboCop
   module Cop
     module Security
-      # This cop checks for the use of `Kernel#open`.
+      # This cop checks for the use of `Kernel#open` and `URI.open`.
       #
-      # `Kernel#open` enables not only file access but also process invocation
-      # by prefixing a pipe symbol (e.g., `open("| ls")`). So, it may lead to
-      # a serious security risk by using variable input to the argument of
-      # `Kernel#open`. It would be better to use `File.open`, `IO.popen` or
-      # `URI#open` explicitly.
+      # `Kernel#open` and `URI.open` enable not only file access but also process
+      # invocation by prefixing a pipe symbol (e.g., `open("| ls")`).
+      # So, it may lead to a serious security risk by using variable input to
+      # the argument of `Kernel#open` and `URI.open`. It would be better to use
+      # `File.open`, `IO.popen` or `URI.parse#open` explicitly.
       #
       # @example
       #   # bad
       #   open(something)
+      #   URI.open(something)
       #
       #   # good
       #   File.open(something)
       #   IO.popen(something)
       #   URI.parse(something).open
       class Open < Base
-        MSG = 'The use of `Kernel#open` is a serious security risk.'
+        MSG = 'The use of `%<receiver>sopen` is a serious security risk.'
         RESTRICT_ON_SEND = %i[open].freeze
 
         def_node_matcher :open?, <<~PATTERN
-          (send nil? :open $!str ...)
+          (send ${nil? (const {nil? cbase} :URI)} :open $!str ...)
         PATTERN
 
         def on_send(node)
-          open?(node) do |code|
+          open?(node) do |receiver, code|
             return if safe?(code)
 
-            add_offense(node.loc.selector)
+            message = format(MSG, receiver: receiver ? "#{receiver.source}." : 'Kernel#')
+            add_offense(node.loc.selector, message: message)
           end
         end
 

data/lib/rubocop/cop/style/accessor_grouping.rb

@@ -7,7 +7,7 @@ module RuboCop
       # By default it enforces accessors to be placed in grouped declarations,
       # but it can be configured to enforce separating them in multiple declarations.
       #
-      # Note: `Sorbet` is not compatible with "grouped" style. Consider "separated" style
+      # NOTE: `Sorbet` is not compatible with "grouped" style. Consider "separated" style
       # or disabling this cop.
       #
       # @example EnforcedStyle: grouped (default)

data/lib/rubocop/cop/style/and_or.rb

@@ -66,9 +66,7 @@ module RuboCop
             node.each_child_node do |expr|
               if expr.send_type?
                 correct_send(expr, corrector)
-              elsif expr.return_type?
-                correct_other(expr, corrector)
-              elsif expr.assignment?
+              elsif expr.return_type? || expr.assignment?
                 correct_other(expr, corrector)
               end
             end

data/lib/rubocop/cop/style/arguments_forwarding.rb

@@ -0,0 +1,142 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Style
+      # In Ruby 2.7, arguments forwarding has been added.
+      #
+      # This cop identifies places where `do_something(*args, &block)`
+      # can be replaced by `do_something(...)`.
+      #
+      # @example
+      #   # bad
+      #   def foo(*args, &block)
+      #     bar(*args, &block)
+      #   end
+      #
+      #   # bad
+      #   def foo(*args, **kwargs, &block)
+      #     bar(*args, **kwargs, &block)
+      #   end
+      #
+      #   # good
+      #   def foo(...)
+      #     bar(...)
+      #   end
+      #
+      # @example AllowOnlyRestArgument: true (default)
+      #   # good
+      #   def foo(*args)
+      #     bar(*args)
+      #   end
+      #
+      # @example AllowOnlyRestArgument: false
+      #   # bad
+      #   # The following code can replace the arguments with `...`,
+      #   # but it will change the behavior. Because `...` forwards block also.
+      #   def foo(*args)
+      #     bar(*args)
+      #   end
+      #
+      class ArgumentsForwarding < Base
+        include RangeHelp
+        extend AutoCorrector
+        extend TargetRubyVersion
+
+        minimum_target_ruby_version 2.7
+
+        MSG = 'Use arguments forwarding.'
+
+        def_node_matcher :use_rest_arguments?, <<~PATTERN
+          (args (restarg $_) $...)
+        PATTERN
+
+        def_node_matcher :only_rest_arguments?, <<~PATTERN
+          (send _ _ (splat (lvar %1)))
+        PATTERN
+
+        def_node_matcher :forwarding_method_arguments?, <<~PATTERN
+          {
+            (send _ _
+              (splat (lvar %1))
+              (block-pass (lvar %2)))
+            (send _ _
+              (splat (lvar %1))
+              (hash (kwsplat (lvar %3)))
+              (block-pass (lvar %2)))
+          }
+        PATTERN
+
+        def on_def(node)
+          return unless node.body
+          return unless (rest_args_name, args = use_rest_arguments?(node.arguments))
+
+          node.each_descendant(:send) do |send_node|
+            kwargs_name, block_name = extract_argument_names_from(args)
+
+            next unless forwarding_method?(send_node, rest_args_name, kwargs_name, block_name) &&
+                        all_lvars_as_forwarding_method_arguments?(node, send_node)
+
+            register_offense_to_forwarding_method_arguments(send_node)
+            register_offense_to_method_definition_arguments(node)
+          end
+        end
+        alias on_defs on_def
+
+        private
+
+        def extract_argument_names_from(args)
+          kwargs_name = args.first.source.delete('**') if args.first&.kwrestarg_type?
+          block_arg_name = args.last.source.delete('&') if args.last&.blockarg_type?
+
+          [kwargs_name, block_arg_name].map { |name| name&.to_sym }
+        end
+
+        def forwarding_method?(node, rest_arg, kwargs, block_arg)
+          return only_rest_arguments?(node, rest_arg) unless allow_only_rest_arguments?
+
+          forwarding_method_arguments?(node, rest_arg, block_arg, kwargs)
+        end
+
+        def all_lvars_as_forwarding_method_arguments?(def_node, forwarding_method)
+          lvars = def_node.body.each_descendant(:lvar, :lvasgn)
+
+          begin_pos = forwarding_method.source_range.begin_pos
+          end_pos = forwarding_method.source_range.end_pos
+
+          lvars.all? do |lvar|
+            lvar.source_range.begin_pos.between?(begin_pos, end_pos)
+          end
+        end
+
+        def register_offense_to_forwarding_method_arguments(forwarding_method)
+          add_offense(arguments_range(forwarding_method)) do |corrector|
+            range = range_between(
+              forwarding_method.loc.selector.end_pos, forwarding_method.source_range.end_pos
+            )
+            corrector.replace(range, '(...)')
+          end
+        end
+
+        def register_offense_to_method_definition_arguments(method_definition)
+          add_offense(arguments_range(method_definition)) do |corrector|
+            arguments_range = range_with_surrounding_space(
+              range: method_definition.arguments.source_range, side: :left
+            )
+            corrector.replace(arguments_range, '(...)')
+          end
+        end
+
+        def arguments_range(node)
+          arguments = node.arguments
+
+          range_between(arguments.first.source_range.begin_pos, arguments.last.source_range.end_pos)
+        end
+
+        def allow_only_rest_arguments?
+          cop_config.fetch('AllowOnlyRestArgument', true)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/style/bisected_attr_accessor.rb

@@ -131,10 +131,6 @@ module RuboCop
             "#{indent(macro)}#{macro.method_name} #{rest_args.map(&:source).join(', ')}"
           end
         end
-
-        def indent(node)
-          ' ' * node.loc.column
-        end
       end
     end
   end

data/lib/rubocop/cop/style/case_like_if.rb

@@ -227,10 +227,6 @@ module RuboCop
           range_between(node.parent.loc.keyword.begin_pos, node.loc.expression.end_pos)
         end
 
-        def indent(node)
-          ' ' * node.loc.column
-        end
-
         # Named captures work with `=~` (if regexp is on lhs) and with `match` (both sides)
         def regexp_with_working_captures?(node)
           case node.type

data/lib/rubocop/cop/style/class_equality_comparison.rb

@@ -21,7 +21,7 @@ module RuboCop
         include IgnoredMethods
         extend AutoCorrector
 
-        MSG = 'Use `Object.instance_of?` instead of comparing classes.'
+        MSG = 'Use `instance_of?(%<class_name>s)` instead of comparing classes.'
 
         RESTRICT_ON_SEND = %i[== equal? eql?].freeze
 
@@ -36,13 +36,28 @@ module RuboCop
           return if def_node && ignored_method?(def_node.method_name)
 
           class_comparison_candidate?(node) do |receiver_node, class_node|
-            range = range_between(receiver_node.loc.selector.begin_pos, node.source_range.end_pos)
+            range = offense_range(receiver_node, node)
+            class_name = class_name(class_node, node)
 
-            add_offense(range) do |corrector|
-              corrector.replace(range, "instance_of?(#{class_node.source})")
+            add_offense(range, message: format(MSG, class_name: class_name)) do |corrector|
+              corrector.replace(range, "instance_of?(#{class_name})")
             end
           end
         end
+
+        private
+
+        def class_name(class_node, node)
+          if node.children.first.method?(:name)
+            class_node.source.delete('"').delete("'")
+          else
+            class_node.source
+          end
+        end
+
+        def offense_range(receiver_node, node)
+          range_between(receiver_node.loc.selector.begin_pos, node.source_range.end_pos)
+        end
       end
     end
   end

data/lib/rubocop/cop/style/collection_compact.rb

@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Style
+      # This cop checks for places where custom logic on rejection nils from arrays
+      # and hashes can be replaced with `{Array,Hash}#{compact,compact!}`.
+      #
+      # It is marked as unsafe by default because false positives may occur in the
+      # nil check of block arguments to the receiver object.
+      # For example, `[[1, 2], [3, nil]].reject { |first, second| second.nil? }`
+      # and `[[1, 2], [3, nil]].compact` are not compatible. This will work fine
+      # when the receiver is a hash object.
+      #
+      # @example
+      #   # bad
+      #   array.reject { |e| e.nil? }
+      #   array.select { |e| !e.nil? }
+      #
+      #   # good
+      #   array.compact
+      #
+      #   # bad
+      #   hash.reject! { |k, v| v.nil? }
+      #   hash.select! { |k, v| !v.nil? }
+      #
+      #   # good
+      #   hash.compact!
+      #
+      class CollectionCompact < Base
+        include RangeHelp
+        extend AutoCorrector
+
+        MSG = 'Use `%<good>s` instead of `%<bad>s`.'
+
+        RESTRICT_ON_SEND = %i[reject reject! select select!].freeze
+
+        def_node_matcher :reject_method?, <<~PATTERN
+          (block
+            (send
+              _ ${:reject :reject!})
+            $(args ...)
+            (send
+              $(lvar _) :nil?))
+        PATTERN
+
+        def_node_matcher :select_method?, <<~PATTERN
+          (block
+            (send
+              _ ${:select :select!})
+            $(args ...)
+            (send
+              (send
+                $(lvar _) :nil?) :!))
+        PATTERN
+
+        def on_send(node)
+          block_node = node.parent
+          return unless block_node&.block_type?
+
+          return unless (method_name, args, receiver =
+                           reject_method?(block_node) || select_method?(block_node))
+
+          return unless args.last.source == receiver.source
+
+          range = offense_range(node, block_node)
+          good = good_method_name(method_name)
+          message = format(MSG, good: good, bad: range.source)
+
+          add_offense(range, message: message) do |corrector|
+            corrector.replace(range, good)
+          end
+        end
+
+        private
+
+        def good_method_name(method_name)
+          if method_name.to_s.end_with?('!')
+            'compact!'
+          else
+            'compact'
+          end
+        end
+
+        def offense_range(send_node, block_node)
+          range_between(send_node.loc.selector.begin_pos, block_node.loc.end.end_pos)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/style/document_dynamic_eval_definition.rb

@@ -0,0 +1,162 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Style
+      # When using `class_eval` (or other `eval`) with string interpolation,
+      # add a comment block showing its appearance if interpolated (a practice used in Rails code).
+      #
+      # @example
+      #   # from activesupport/lib/active_support/core_ext/string/output_safety.rb
+      #
+      #   # bad
+      #   UNSAFE_STRING_METHODS.each do |unsafe_method|
+      #     if 'String'.respond_to?(unsafe_method)
+      #       class_eval <<-EOT, __FILE__, __LINE__ + 1
+      #         def #{unsafe_method}(*params, &block)
+      #           to_str.#{unsafe_method}(*params, &block)
+      #         end
+      #
+      #         def #{unsafe_method}!(*params)
+      #           @dirty = true
+      #           super
+      #         end
+      #       EOT
+      #     end
+      #   end
+      #
+      #   # good, inline comments in heredoc
+      #   UNSAFE_STRING_METHODS.each do |unsafe_method|
+      #     if 'String'.respond_to?(unsafe_method)
+      #       class_eval <<-EOT, __FILE__, __LINE__ + 1
+      #         def #{unsafe_method}(*params, &block)       # def capitalize(*params, &block)
+      #           to_str.#{unsafe_method}(*params, &block)  #   to_str.capitalize(*params, &block)
+      #         end                                         # end
+      #
+      #         def #{unsafe_method}!(*params)              # def capitalize!(*params)
+      #           @dirty = true                             #   @dirty = true
+      #           super                                     #   super
+      #         end                                         # end
+      #       EOT
+      #     end
+      #   end
+      #
+      #   # good, block comments in heredoc
+      #   class_eval <<-EOT, __FILE__, __LINE__ + 1
+      #     # def capitalize!(*params)
+      #     #   @dirty = true
+      #     #   super
+      #     # end
+      #
+      #     def #{unsafe_method}!(*params)
+      #       @dirty = true
+      #       super
+      #     end
+      #   EOT
+      #
+      #   # good, block comments before heredoc
+      #   class_eval(
+      #     # def capitalize!(*params)
+      #     #   @dirty = true
+      #     #   super
+      #     # end
+      #
+      #     <<-EOT, __FILE__, __LINE__ + 1
+      #       def #{unsafe_method}!(*params)
+      #         @dirty = true
+      #         super
+      #       end
+      #     EOT
+      #   )
+      class DocumentDynamicEvalDefinition < Base
+        BLOCK_COMMENT_REGEXP = /^\s*#(?!{)/.freeze
+        COMMENT_REGEXP = /\s*#(?!{).*/.freeze
+        MSG = 'Add a comment block showing its appearance if interpolated.'
+
+        RESTRICT_ON_SEND = %i[eval class_eval module_eval instance_eval].freeze
+
+        def on_send(node)
+          arg_node = node.first_argument
+
+          return unless arg_node&.dstr_type? && interpolated?(arg_node)
+          return if inline_comment_docs?(arg_node) || comment_block_docs?(arg_node)
+
+          add_offense(node.loc.selector)
+        end
+
+        private
+
+        def interpolated?(arg_node)
+          arg_node.each_child_node(:begin).any?
+        end
+
+        def inline_comment_docs?(node)
+          node.each_child_node(:begin).all? do |begin_node|
+            source_line = processed_source.lines[begin_node.first_line - 1]
+            source_line.match?(COMMENT_REGEXP)
+          end
+        end
+
+        def comment_block_docs?(arg_node)
+          comments = heredoc_comment_blocks(arg_node.loc.heredoc_body.line_span)
+                     .concat(preceding_comment_blocks(arg_node.parent))
+
+          return if comments.none?
+
+          regexp = comment_regexp(arg_node)
+          comments.any? { |comment| regexp.match?(comment) } || regexp.match?(comments.join)
+        end
+
+        def preceding_comment_blocks(node)
+          # Collect comments in the method call, but outside the heredoc
+          comments = processed_source.each_comment_in_lines(node.loc.expression.line_span)
+
+          comments.each_with_object({}) do |comment, hash|
+            merge_adjacent_comments(comment.text, comment.loc.line, hash)
+          end.values
+        end
+
+        def heredoc_comment_blocks(heredoc_body)
+          # Collect comments inside the heredoc
+          line_range = (heredoc_body.begin - 1)..(heredoc_body.end - 1)
+          lines = processed_source.lines[line_range]
+
+          lines.each_with_object({}).with_index(line_range.begin) do |(line, hash), index|
+            merge_adjacent_comments(line, index, hash)
+          end.values
+        end
+
+        def merge_adjacent_comments(line, index, hash)
+          # Combine adjacent comment lines into a single string
+          return unless (line = line.dup.gsub!(BLOCK_COMMENT_REGEXP, ''))
+
+          hash[index] = if hash.keys.last == index - 1
+                          [hash.delete(index - 1), line].join("\n")
+                        else
+                          line
+                        end
+        end
+
+        def comment_regexp(arg_node)
+          # Replace the interpolations with wildcards
+          regexp_parts = arg_node.child_nodes.map do |n|
+            n.begin_type? ? /.+/ : source_to_regexp(n.source)
+          end
+
+          Regexp.new(regexp_parts.join)
+        end
+
+        def source_to_regexp(source)
+          # Get the source in the heredoc being `eval`ed, without any comments
+          # and turn it into a regexp
+          return /\s+/ if source.blank?
+
+          source = source.gsub(COMMENT_REGEXP, '')
+          return if source.blank?
+
+          /\s*#{Regexp.escape(source.strip)}/
+        end
+      end
+    end
+  end
+end