simplycop 1.2.0 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cb033be1d0c83f6ddf82d2d096aa89992caeb1e51f55b6966ecbc69b77f9462e
4
- data.tar.gz: 8e04105bcda67012c7c1e9ef83cd91e34ae7318a8e06e9ad24f0deb96f27831f
3
+ metadata.gz: 266e346cb15a66ac2a156e5aa7f9baa95db52601c74759ebf8de088e65d5555a
4
+ data.tar.gz: 4c59e192a0733f3311c104868ab9b70a746310c58b1f58515334e9b366127d6a
5
5
  SHA512:
6
- metadata.gz: e9f93c07d4fd1a18109ae5561aa9246578f16656c1fb95aeb188cf0b3a6d3702a7b5cc8e1680dac2ae1bc2474569dcd5eb84f33e8563dbad0fc7a574cc71e69a
7
- data.tar.gz: bc2f67423f8ff100f0f883b5dd4047ff1728f11e4ae709c0d1fa2d990ae0f75a8e380e47d7640a9a9353d9865e5c9efa78600e9e7e9d34cf04094557586cb666
6
+ metadata.gz: e5c2b709e412069b735d778df516789fce3253a6aa8fc6e691f412639d7b8cde5adaf36ca09a62bb82b326e44480d98358b4c4480d707bda8e4f12c2a1a3269b
7
+ data.tar.gz: 8da07133883fda0eefcd34f750dacc2f0d43e3480ddb719a32d943de61ec089b91641c28935ccf3fc498ecc79cbe962c2f88fbc4210b3afc91d62f363e9ee539
@@ -1,5 +1,6 @@
1
1
  require:
2
2
  - './lib/simplycop/custom_cops/timecop_without_block.rb'
3
+ - './lib/simplycop/custom_cops/dont_print_all_env.rb'
3
4
 
4
5
  AllCops:
5
6
  ExtraDetails: true
@@ -9,3 +10,8 @@ CustomCops/TimecopWithoutBlock:
9
10
  Details: >-
10
11
  Time in all tests is faked to be midday. Using `Timecop.return` rather than the block format will spoil that for all subsequent tests.
11
12
  `https://github.com/simplybusiness/chopin/pull/10607`
13
+
14
+ CustomCops/DontPrintAllEnv:
15
+ Enabled: true
16
+ Details: >-
17
+ This cop checks if someone accidentally print all environment variables as they may contain secrets.
@@ -0,0 +1,36 @@
1
+ # frozen_string_literal: true
2
+
3
+ module CustomCops
4
+ class DontPrintAllEnv < RuboCop::Cop::Cop
5
+ # This cop checks if someone accidentally print all environment variables
6
+ # because some of them may contain secrets.
7
+ #
8
+ # @example
9
+ # # bad
10
+ # puts ENV.to_h
11
+ # puts `env`
12
+ # puts ENVIRON.to_h
13
+ #
14
+ # # good
15
+ # puts ENV['SOME_KEY']
16
+ # puts ENVIRON['SOME_KEY']
17
+ MSG = 'Printing all Environment Variables is extremely risky'\
18
+ ' If this code has been run, then it is likely that secrets have been'\
19
+ ' exposed in plaintext. Please alert `#infosec` about this so it can be'\
20
+ ' investigated immediately.'\
21
+
22
+ def_node_matcher :convert_env_to_hash_or_array?, <<~PATTERN
23
+ (send (const nil? {:ENVIRON :ENV}) {:to_h :to_a :to_hash})
24
+ PATTERN
25
+
26
+ def_node_matcher :print_all_env_shell?, <<~PATTERN
27
+ (send nil? {:puts :p :print} (xstr(str "env")))
28
+ PATTERN
29
+
30
+ def on_send(node)
31
+ return unless convert_env_to_hash_or_array?(node) || print_all_env_shell?(node)
32
+
33
+ add_offense(node, location: :selector)
34
+ end
35
+ end
36
+ end
@@ -7,5 +7,5 @@
7
7
  #
8
8
 
9
9
  module Simplycop
10
- VERSION = '1.2.0'
10
+ VERSION = '1.3.0'
11
11
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: simplycop
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.0
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Simply Business
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-12-15 00:00:00.000000000 Z
11
+ date: 2020-12-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rubocop
@@ -124,6 +124,7 @@ files:
124
124
  - lib/simplycop.rb
125
125
  - lib/simplycop/custom_cops/constantize.rb
126
126
  - lib/simplycop/custom_cops/define_method.rb
127
+ - lib/simplycop/custom_cops/dont_print_all_env.rb
127
128
  - lib/simplycop/custom_cops/instance_eval.rb
128
129
  - lib/simplycop/custom_cops/method_missing.rb
129
130
  - lib/simplycop/custom_cops/timecop_without_block.rb