rubocop 1.79.2 → 1.82.1

data/lib/rubocop/cop/lint/useless_or.rb

@@ -9,6 +9,13 @@ module RuboCop
       # on `nil` (e.g. `nil.to_i` evaluates to `0`). Therefore, OR expressions
       # appended after these methods will never evaluate.
       #
+      # @safety
+      #   As shown in the examples below, there are generally two possible ways to correct the
+      #   offense, but this cop’s autocorrection always chooses the option that preserves the
+      #   current behavior. While this does not change how the code behaves, that option is not
+      #   necessarily the appropriate fix in every situation. For this reason, the autocorrection
+      #   provided by this cop is considered unsafe.
+      #
       # @example
       #
       #   # bad
@@ -64,6 +71,8 @@ module RuboCop
       #   x&.to_s or fallback
       #
       class UselessOr < Base
+        extend AutoCorrector
+
         MSG = '`%<rhs>s` will never evaluate because `%<lhs>s` always returns a truthy value.'
 
         TRUTHY_RETURN_VALUE_METHODS = Set[:to_a, :to_c, :to_d, :to_i, :to_f, :to_h, :to_r,
@@ -89,8 +98,12 @@ module RuboCop
         private
 
         def report_offense(or_node, truthy_node)
-          add_offense(or_node.loc.operator.join(or_node.rhs.source_range),
-                      message: format(MSG, lhs: truthy_node.source, rhs: or_node.rhs.source))
+          add_offense(
+            or_node.loc.operator.join(or_node.rhs.source_range),
+            message: format(MSG, lhs: truthy_node.source, rhs: or_node.rhs.source)
+          ) do |corrector|
+            corrector.replace(or_node, or_node.lhs.source)
+          end
         end
       end
     end

data/lib/rubocop/cop/lint/utils/nil_receiver_checker.rb

@@ -31,7 +31,7 @@ module RuboCop
             @checked_nodes[node] = true
 
             case node.type
-            when :def, :class, :module, :sclass
+            when :def, :defs, :class, :module, :sclass
               return false
             when :send
               return non_nil_method?(node.method_name) if node.receiver == receiver

data/lib/rubocop/cop/lint/void.rb

@@ -16,6 +16,12 @@ module RuboCop
       # enumerator.each { |item| item >= 2 } #=> [2, 3]
       # ----
       #
+      # NOTE: Return values in assignment method definitions such as `def foo=(arg)` are
+      # detected because they are in a void context. However, autocorrection does not remove
+      # the return value, as that would change behavior. In such cases, whether to remove
+      # the return value or rename the method to something more appropriate should be left to
+      # the user.
+      #
       # @example CheckForMethodsWithNoSideEffects: false (default)
       #   # bad
       #   def some_method
@@ -233,6 +239,7 @@ module RuboCop
 
         def autocorrect_void_expression(corrector, node)
           return if node.parent.if_type?
+          return if (def_node = node.each_ancestor(:any_def).first) && def_node.assignment_method?
 
           corrector.remove(range_with_surrounding_space(range: node.source_range, side: :left))
         end

data/lib/rubocop/cop/message_annotator.rb

@@ -102,7 +102,7 @@ module RuboCop
       def reference_urls
         urls = cop_config
                .values_at('References', 'Reference') # Support legacy Reference key
-               .flat_map { Array(_1) }
+               .flat_map { |url| Array(url) }
                .reject(&:empty?)
 
         urls unless urls.empty?

data/lib/rubocop/cop/metrics/utils/abc_size_calculator.rb

@@ -84,7 +84,10 @@ module RuboCop
           end
 
           def assignment?(node)
-            return compound_assignment(node) if node.masgn_type? || node.shorthand_asgn?
+            if node.masgn_type? || node.shorthand_asgn?
+              compound_assignment(node)
+              return false
+            end
 
             node.for_type? ||
               (node.respond_to?(:setter_method?) && node.setter_method?) ||
@@ -101,8 +104,6 @@ module RuboCop
               child.respond_to?(:setter_method?) && !child.setter_method?
             end
             @assignment += will_be_miscounted
-
-            false
           end
 
           def simple_assignment?(node)

data/lib/rubocop/cop/mixin/check_line_breakable.rb

@@ -227,7 +227,7 @@ module RuboCop
 
       def chained_to_heredoc?(node)
         while (node = node.receiver)
-          return true if node.type?(:str, :dstr, :xstr) && node.heredoc?
+          return true if node.any_str_type? && node.heredoc?
         end
 
         false

data/lib/rubocop/cop/mixin/check_single_line_suitability.rb

@@ -14,6 +14,8 @@ module RuboCop
       private
 
       def too_long?(node)
+        return false unless max_line_length
+
         lines = processed_source.lines[(node.first_line - 1)...node.last_line]
         to_single_line(lines.join("\n")).length > max_line_length
       end
@@ -27,10 +29,6 @@ module RuboCop
           .gsub(/\s*\\?\n\s*/, ' ')       # Any other line break, with or without backslash
       end
 
-      def max_line_length
-        config.for_cop('Layout/LineLength')['Max']
-      end
-
       def comment_within?(node)
         comment_line_numbers = processed_source.comments.map { |comment| comment.loc.line }
 

data/lib/rubocop/cop/mixin/code_length.rb

@@ -59,7 +59,7 @@ module RuboCop
         return node.loc.name if node.casgn_type?
 
         if LSP.enabled?
-          end_range = node.loc.respond_to?(:name) ? node.loc.name : node.loc.begin
+          end_range = node.loc?(:name) ? node.loc.name : node.loc.begin
           node.source_range.begin.join(end_range)
         else
           node.source_range

data/lib/rubocop/cop/mixin/end_keyword_alignment.rb

@@ -19,8 +19,7 @@ module RuboCop
       def check_end_kw_alignment(node, align_ranges)
         return if ignored_node?(node)
 
-        end_loc = node.loc.end
-        return if accept_end_kw_alignment?(end_loc)
+        return unless (end_loc = node.loc.end)
 
         matching = matching_ranges(end_loc, align_ranges)
 
@@ -57,11 +56,6 @@ module RuboCop
         add_offense(end_loc, message: msg) { |corrector| autocorrect(corrector, node) }
       end
 
-      def accept_end_kw_alignment?(end_loc)
-        end_loc.nil? || # Discard modifier forms of if/while/until.
-          !/\A[ \t]*end/.match?(processed_source.lines[end_loc.line - 1])
-      end
-
       def style_parameter_name
         'EnforcedStyleAlignWith'
       end

data/lib/rubocop/cop/mixin/hash_shorthand_syntax.rb

@@ -13,7 +13,7 @@ module RuboCop
 
       DefNode = Struct.new(:node) do
         def selector
-          if node.loc.respond_to?(:selector)
+          if node.loc?(:selector)
             node.loc.selector
           else
             node.loc.keyword

data/lib/rubocop/cop/mixin/line_length_help.rb

@@ -8,8 +8,27 @@ module RuboCop
 
       private
 
-      def ignore_cop_directives?
-        config.for_cop('Layout/LineLength')['IgnoreCopDirectives']
+      def allow_rbs_inline_annotation?
+        config.for_cop('Layout/LineLength')['AllowRBSInlineAnnotation']
+      end
+
+      def rbs_inline_annotation_on_source_line?(line_index)
+        source_line_number = line_index + processed_source.buffer.first_line
+        comment = processed_source.comment_at_line(source_line_number)
+
+        return false unless comment
+
+        comment.text.start_with?(/#:|#\[.+\]|#\|/)
+      end
+
+      def allow_cop_directives?
+        # TODO: This logic for backward compatibility with deprecated `IgnoreCopDirectives` option.
+        # The following three lines will be removed in RuboCop 2.0.
+        ignore_cop_directives = config.for_cop('Layout/LineLength')['IgnoreCopDirectives']
+        return true if ignore_cop_directives
+        return false if ignore_cop_directives == false
+
+        config.for_cop('Layout/LineLength')['AllowCopDirectives']
       end
 
       def directive_on_source_line?(line_index)

data/lib/rubocop/cop/mixin/method_complexity.rb

@@ -73,7 +73,7 @@ module RuboCop
 
       def location(node)
         if LSP.enabled?
-          end_range = node.loc.respond_to?(:name) ? node.loc.name : node.loc.begin
+          end_range = node.loc?(:name) ? node.loc.name : node.loc.begin
           node.source_range.begin.join(end_range)
         else
           node.source_range

data/lib/rubocop/cop/mixin/multiline_expression_indentation.rb

@@ -200,7 +200,7 @@ module RuboCop
       end
 
       def grouped_expression?(node)
-        node.begin_type? && node.loc.respond_to?(:begin) && node.loc.begin
+        node.begin_type? && node.loc?(:begin) && node.loc.begin
       end
 
       def inside_arg_list_parentheses?(node, ancestor)

data/lib/rubocop/cop/mixin/multiline_literal_brace_layout.rb

@@ -127,7 +127,7 @@ module RuboCop
         parent ||= node
 
         if node.respond_to?(:loc) &&
-           node.loc.respond_to?(:heredoc_end) &&
+           node.loc?(:heredoc_end) &&
            node.loc.heredoc_end.last_line >= parent.last_line
           return true
         end

data/lib/rubocop/cop/mixin/space_after_punctuation.rb

@@ -8,8 +8,8 @@ module RuboCop
       MSG = 'Space missing after %<token>s.'
 
       def on_new_investigation
-        each_missing_space(processed_source.tokens) do |token|
-          add_offense(token.pos, message: format(MSG, token: kind(token))) do |corrector|
+        each_missing_space(processed_source.tokens) do |token, kind|
+          add_offense(token.pos, message: format(MSG, token: kind)) do |corrector|
             PunctuationCorrector.add_space(corrector, token)
           end
         end
@@ -19,11 +19,12 @@ module RuboCop
 
       def each_missing_space(tokens)
         tokens.each_cons(2) do |token1, token2|
-          next unless kind(token1)
+          kind = kind(token1, token2)
+          next unless kind
           next unless space_missing?(token1, token2)
           next unless space_required_before?(token2)
 
-          yield token1
+          yield token1, kind
         end
       end
 

data/lib/rubocop/cop/mixin/statement_modifier.rb

@@ -100,12 +100,6 @@ module RuboCop
         node.parent.send_type?
       end
 
-      def max_line_length
-        return unless config.cop_enabled?('Layout/LineLength')
-
-        config.for_cop('Layout/LineLength')['Max']
-      end
-
       def comment_disables_cop?(comment)
         regexp_pattern = "# rubocop : (disable|todo) ([^,],)* (all|#{cop_name})"
         Regexp.new(regexp_pattern.gsub(' ', '\s*')).match?(comment)

data/lib/rubocop/cop/mixin/trailing_comma.rb

@@ -95,13 +95,16 @@ module RuboCop
         node.multiline? && !allowed_multiline_argument?(node)
       end
 
+      # rubocop:disable Metrics/AbcSize
       def method_name_and_arguments_on_same_line?(node)
-        return false unless node.call_type?
+        return false if !node.call_type? || node.last_line != node.last_argument.last_line
+        return true if node.last_argument.hash_type? && node.last_argument.braces?
 
-        line = node.loc.selector.nil? ? node.loc.line : node.loc.selector.line
+        line = node.loc.selector&.line || node.loc.line
 
-        line == node.last_argument.last_line && node.last_line == node.last_argument.last_line
+        line == node.last_argument.last_line
       end
+      # rubocop:enable Metrics/AbcSize
 
       # A single argument with the closing bracket on the same line as the end
       # of the argument is not considered multiline, even if the argument
@@ -140,7 +143,7 @@ module RuboCop
       end
 
       def last_item_precedes_newline?(node)
-        after_last_item = node.children.last.source_range.end.join(node.loc.end.begin)
+        after_last_item = node.children.last.source_range.end.join(node.source_range.end)
 
         after_last_item.source.start_with?(/,?\s*(#.*)?\n/)
       end
@@ -185,7 +188,7 @@ module RuboCop
 
       def heredoc?(node)
         return false unless node.is_a?(RuboCop::AST::Node)
-        return true if node.loc.respond_to?(:heredoc_body)
+        return true if node.loc?(:heredoc_body)
 
         return heredoc_send?(node) if node.send_type?
 

data/lib/rubocop/cop/naming/method_name.rb

@@ -147,7 +147,9 @@ module RuboCop
         alias on_defs on_def
 
         def on_alias(node)
-          handle_method_name(node.new_identifier, node.new_identifier.value)
+          return unless (new_identifier = node.new_identifier).sym_type?
+
+          handle_method_name(new_identifier, new_identifier.value)
         end
 
         private
@@ -198,7 +200,7 @@ module RuboCop
 
           if forbidden_name?(name.to_s)
             register_forbidden_name(node)
-          elsif !OPERATOR_METHODS.include?(name)
+          elsif !OPERATOR_METHODS.include?(name.to_sym)
             check_name(node, name, range_position(node))
           end
         end
@@ -232,7 +234,7 @@ module RuboCop
         end
 
         def range_position(node)
-          if node.loc.respond_to?(:selector)
+          if node.loc?(:selector)
             selector_end_pos = node.loc.selector.end_pos + 1
             expr_end_pos = node.source_range.end_pos
 

data/lib/rubocop/cop/naming/predicate_method.rb

@@ -14,7 +14,7 @@ module RuboCop
       # method calls are assumed to return boolean values. The cop does not make an assessment
       # if the return type is unknown (non-predicate method calls, variables, etc.).
       #
-      # NOTE: Operator methods (`def ==`, etc.) are ignored.
+      # NOTE: The `initialize` method and operator methods (`def ==`, etc.) are ignored.
       #
       # By default, the cop runs in `conservative` mode, which allows a method to be named
       # with a question mark as long as at least one return value is boolean. In `aggressive`
@@ -113,6 +113,18 @@ module RuboCop
       #     true
       #   end
       #
+      # @example AllowedMethods: [call] (default)
+      #   # good
+      #   def call
+      #     foo == bar
+      #   end
+      #
+      # @example AllowedPatterns: [\Afoo]
+      #   # good
+      #   def foo?
+      #     'foo'
+      #   end
+      #
       # @example AllowBangMethods: false (default)
       #   # bad
       #   def save!
@@ -149,7 +161,8 @@ module RuboCop
         private
 
         def allowed?(node)
-          allowed_method?(node.method_name) ||
+          node.method?(:initialize) ||
+            allowed_method?(node.method_name) ||
             matches_allowed_pattern?(node.method_name) ||
             allowed_bang_method?(node) ||
             node.operator_method? ||
@@ -180,8 +193,7 @@ module RuboCop
             return_values << extract_return_value(return_node)
           end
 
-          last_value = last_value(node)
-          return_values << last_value if last_value
+          return_values << last_value(node)
 
           process_return_values(return_values)
         end
@@ -234,8 +246,9 @@ module RuboCop
         end
 
         def last_value(node)
-          value = node.begin_type? ? node.children.last : node
-          value&.return_type? ? extract_return_value(value) : value
+          value = node.begin_type? ? node.children.last || s(:nil) : node
+
+          value.return_type? ? extract_return_value(value) : value
         end
 
         def process_return_values(return_values)

data/lib/rubocop/cop/security/json_load.rb

@@ -6,22 +6,40 @@ module RuboCop
       # Checks for the use of JSON class methods which have potential
       # security issues.
       #
+      # `JSON.load` and similar methods allow deserialization of arbitrary ruby objects:
+      #
+      # [source,ruby]
+      # ----
+      # require 'json/add/string'
+      # result = JSON.load('{ "json_class": "String", "raw": [72, 101, 108, 108, 111] }')
+      # pp result # => "Hello"
+      # ----
+      #
+      # Never use `JSON.load` for untrusted user input. Prefer `JSON.parse` unless you have
+      # a concrete use-case for `JSON.load`.
+      #
+      # NOTE: Starting with `json` gem version 2.8.0, triggering this behavior without explicitly
+      # passing the `create_additions` keyword argument emits a deprecation warning, with the
+      # goal of being secure by default in the next major version 3.0.0.
+      #
       # @safety
       #   This cop's autocorrection is unsafe because it's potentially dangerous.
-      #   If using a stream, like `JSON.load(open('file'))`, it will need to call
+      #   If using a stream, like `JSON.load(open('file'))`, you will need to call
       #   `#read` manually, like `JSON.parse(open('file').read)`.
-      #   If reading single values (rather than proper JSON objects), like
-      #   `JSON.load('false')`, it will need to pass the `quirks_mode: true`
-      #   option, like `JSON.parse('false', quirks_mode: true)`.
       #   Other similar issues may apply.
       #
       # @example
       #   # bad
-      #   JSON.load("{}")
-      #   JSON.restore("{}")
+      #   JSON.load('{}')
+      #   JSON.restore('{}')
       #
       #   # good
-      #   JSON.parse("{}")
+      #   JSON.parse('{}')
+      #   JSON.unsafe_load('{}')
+      #
+      #   # good - explicit use of `create_additions` option
+      #   JSON.load('{}', create_additions: true)
+      #   JSON.load('{}', create_additions: false)
       #
       class JSONLoad < Base
         extend AutoCorrector
@@ -29,13 +47,17 @@ module RuboCop
         MSG = 'Prefer `JSON.parse` over `JSON.%<method>s`.'
         RESTRICT_ON_SEND = %i[load restore].freeze
 
-        # @!method json_load(node)
-        def_node_matcher :json_load, <<~PATTERN
-          (send (const {nil? cbase} :JSON) ${:load :restore} ...)
+        # @!method insecure_json_load(node)
+        def_node_matcher :insecure_json_load, <<~PATTERN
+          (
+            send (const {nil? cbase} :JSON) ${:load :restore}
+            ...
+            !(hash `(sym $:create_additions))
+          )
         PATTERN
 
         def on_send(node)
-          json_load(node) do |method|
+          insecure_json_load(node) do |method|
             add_offense(node.loc.selector, message: format(MSG, method: method)) do |corrector|
               corrector.replace(node.loc.selector, 'parse')
             end

data/lib/rubocop/cop/style/array_intersect.rb

@@ -10,6 +10,8 @@ module RuboCop
       # * `(array1 & array2).any?`
       # * `(array1.intersection(array2)).any?`
       # * `array1.any? { |elem| array2.member?(elem) }`
+      # * `(array1 & array2).count > 0`
+      # * `(array1 & array2).size > 0`
       #
       # can be replaced with `array1.intersect?(array2)`.
       #
@@ -51,6 +53,19 @@ module RuboCop
       #   array1.intersect?(array2)
       #   !array1.intersect?(array2)
       #
+      #   # bad
+      #   (array1 & array2).count > 0
+      #   (array1 & array2).count.positive?
+      #   (array1 & array2).count != 0
+      #
+      #   (array1 & array2).count == 0
+      #   (array1 & array2).count.zero?
+      #
+      #   # good
+      #   array1.intersect?(array2)
+      #
+      #   !array1.intersect?(array2)
+      #
       # @example AllCops:ActiveSupportExtensionsEnabled: false (default)
       #   # good
       #   (array1 & array2).present?
@@ -73,17 +88,33 @@ module RuboCop
         PREDICATES = %i[any? empty? none?].to_set.freeze
         ACTIVE_SUPPORT_PREDICATES = (PREDICATES + %i[present? blank?]).freeze
 
+        ARRAY_SIZE_METHODS = %i[count length size].to_set.freeze
+
         # @!method bad_intersection_check?(node, predicates)
         def_node_matcher :bad_intersection_check?, <<~PATTERN
-          (call
+          $(call
             {
               (begin (send $_ :& $_))
-              (call $_ :intersection $_)
+              (call $!nil? :intersection $_)
             }
             $%1
           )
         PATTERN
 
+        # @!method intersection_size_check?(node, predicates)
+        def_node_matcher :intersection_size_check?, <<~PATTERN
+          (call
+            $(call
+              {
+                (begin (send $_ :& $_))
+                (call $!nil? :intersection $_)
+              }
+              %ARRAY_SIZE_METHODS
+            )
+            {$:> (int 0) | $:positive? | $:!= (int 0) | $:== (int 0) | $:zero?}
+          )
+        PATTERN
+
         # @!method any_none_block_intersection(node)
         def_node_matcher :any_none_block_intersection, <<~PATTERN
           {
@@ -104,15 +135,15 @@ module RuboCop
         PATTERN
 
         MSG = 'Use `%<replacement>s` instead of `%<existing>s`.'
-        STRAIGHT_METHODS = %i[present? any?].freeze
-        NEGATED_METHODS = %i[blank? empty? none?].freeze
+        STRAIGHT_METHODS = %i[present? any? > positive? !=].freeze
+        NEGATED_METHODS = %i[blank? empty? none? == zero?].freeze
         RESTRICT_ON_SEND = (STRAIGHT_METHODS + NEGATED_METHODS).freeze
 
         def on_send(node)
           return if node.block_literal?
-          return unless (receiver, argument, method_name = bad_intersection?(node))
+          return unless (dot_node, receiver, argument, method_name = bad_intersection?(node))
 
-          dot = node.loc.dot.source
+          dot = dot_node.loc.dot.source
           bang = straight?(method_name) ? '' : '!'
           replacement = "#{bang}#{receiver.source}#{dot}intersect?(#{argument.source})"
 
@@ -135,13 +166,16 @@ module RuboCop
         private
 
         def bad_intersection?(node)
-          predicates = if active_support_extensions_enabled?
-                         ACTIVE_SUPPORT_PREDICATES
-                       else
-                         PREDICATES
-                       end
+          bad_intersection_check?(node, bad_intersection_predicates) ||
+            intersection_size_check?(node)
+        end
 
-          bad_intersection_check?(node, predicates)
+        def bad_intersection_predicates
+          if active_support_extensions_enabled?
+            ACTIVE_SUPPORT_PREDICATES
+          else
+            PREDICATES
+          end
         end
 
         def straight?(method_name)

data/lib/rubocop/cop/style/array_intersect_with_single_element.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Style
+      # Use `include?(element)` instead of `intersect?([element])`.
+      #
+      # @safety
+      #   The receiver might not be an array.
+      #
+      # @example
+      #   # bad
+      #   array.intersect?([element])
+      #
+      #   # good
+      #   array.include?(element)
+      class ArrayIntersectWithSingleElement < Base
+        extend AutoCorrector
+
+        MSG = 'Use `include?(element)` instead of `intersect?([element])`.'
+
+        RESTRICT_ON_SEND = %i[intersect?].freeze
+
+        # @!method single_element(node)
+        def_node_matcher :single_element, <<~PATTERN
+          (send _ _ $(array $_))
+        PATTERN
+
+        def on_send(node)
+          array, element = single_element(node)
+          return unless array
+
+          add_offense(
+            node.source_range.with(begin_pos: node.loc.selector.begin_pos)
+          ) do |corrector|
+            corrector.replace(node.loc.selector, 'include?')
+            corrector.replace(
+              array,
+              array.percent_literal? ? element.value.inspect : element.source
+            )
+          end
+        end
+        alias on_csend on_send
+      end
+    end
+  end
+end

data/lib/rubocop/cop/style/bare_percent_literals.rb

@@ -41,8 +41,7 @@ module RuboCop
 
         def check(node)
           return if node.heredoc?
-          return unless node.loc.respond_to?(:begin)
-          return unless node.loc.begin
+          return unless node.loc?(:begin)
 
           source = node.loc.begin.source
           if requires_percent_q?(source)

data/lib/rubocop/cop/style/bitwise_predicate.rb

@@ -70,18 +70,25 @@ module RuboCop
             (send _ :& _))
         PATTERN
 
+        # rubocop:disable Metrics/AbcSize
         def on_send(node)
           return unless node.receiver&.begin_type?
           return unless (preferred_method = preferred_method(node))
 
           bit_operation = node.receiver.children.first
           lhs, _operator, rhs = *bit_operation
-          preferred = "#{lhs.source}.#{preferred_method}(#{rhs.source})"
+
+          preferred = if preferred_method == 'allbits?' && lhs.source == node.first_argument.source
+                        "#{rhs.source}.allbits?(#{lhs.source})"
+                      else
+                        "#{lhs.source}.#{preferred_method}(#{rhs.source})"
+                      end
 
           add_offense(node, message: format(MSG, preferred: preferred)) do |corrector|
             corrector.replace(node, preferred)
           end
         end
+        # rubocop:enable Metrics/AbcSize
 
         private