simplycop 1.6.4 → 1.7.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/dobby-actions.yml +1 -1
- data/.simplycop.yml +11 -16
- data/README.md +1 -69
- data/catalog-info.yaml +16 -0
- data/docs/index.md +73 -0
- data/lib/simplycop/version.rb +1 -1
- data/mkdocs.yml +7 -0
- data/simplycop.gemspec +2 -2
- metadata +10 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 37f961bf25d8a75b4c034f73b033878fda1f93de9aac8eb0f7d973a70cb6208f
|
4
|
+
data.tar.gz: db170cb142883c29d430f3c0963c8cd5aa8e000ce1c4b5f4651efef7c5945c04
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fd9db437e6ba9d1b47e5c2a5ff2ff3d63657c274b5898dabc0b7bbb87802221dbf4dc4c883d7c03498ed28ce1c6b89c985ccff6b89d9e4a4155d5d9959f53ba5
|
7
|
+
data.tar.gz: 312b26a63c636df40d7508102ae82181951f0024f70006c71a92615ef5ac349b53779a69459c2f426bec3a537955e53494cac690e4e64d1b0ac48e7ab274b30b
|
data/.simplycop.yml
CHANGED
@@ -22,6 +22,9 @@ AllCops:
|
|
22
22
|
ExtraDetails: true
|
23
23
|
# Adapted from: https://github.com/simplybusiness/how-we-roll/blob/master/development/RUBYSTYLEGUIDE.markdown
|
24
24
|
|
25
|
+
Gemspec/DateAssignment:
|
26
|
+
Enabled: true
|
27
|
+
|
25
28
|
Layout/EmptyLineAfterMultilineCondition:
|
26
29
|
Enabled: true
|
27
30
|
|
@@ -95,28 +98,14 @@ Lint/UnexpectedBlockArity:
|
|
95
98
|
Lint/UnmodifiedReduceAccumulator:
|
96
99
|
Enabled: true
|
97
100
|
|
98
|
-
###### COPS REVIEWED ABOVE THIS LINE ######
|
99
|
-
|
100
101
|
Metrics/BlockLength:
|
101
102
|
Exclude:
|
102
103
|
- spec/**/*.rb
|
103
|
-
|
104
|
+
|
104
105
|
Metrics/ClassLength:
|
105
106
|
Max: 512
|
106
|
-
Enabled: true
|
107
|
-
|
108
|
-
Metrics/ModuleLength:
|
109
|
-
Enabled: true
|
110
107
|
|
111
|
-
|
112
|
-
Enabled: true
|
113
|
-
|
114
|
-
Naming/VariableName:
|
115
|
-
Enabled: true
|
116
|
-
EnforcedStyle: snake_case
|
117
|
-
SupportedStyles:
|
118
|
-
- snake_case
|
119
|
-
- camelCase
|
108
|
+
###### COPS REVIEWED ABOVE THIS LINE ######
|
120
109
|
|
121
110
|
Style/AccessorGrouping:
|
122
111
|
Enabled: true
|
@@ -185,6 +174,9 @@ Style/GuardClause:
|
|
185
174
|
Style/HashAsLastArrayItem:
|
186
175
|
Enabled: true
|
187
176
|
|
177
|
+
Style/HashConversion:
|
178
|
+
Enabled: true
|
179
|
+
|
188
180
|
Style/HashEachMethods:
|
189
181
|
Enabled: false
|
190
182
|
|
@@ -301,6 +293,9 @@ Style/SpecialGlobalVars:
|
|
301
293
|
Enabled: true
|
302
294
|
Severity: warning
|
303
295
|
|
296
|
+
Style/StringChars:
|
297
|
+
Enabled: true
|
298
|
+
|
304
299
|
Style/StringConcatenation:
|
305
300
|
Enabled: true
|
306
301
|
|
data/README.md
CHANGED
@@ -2,72 +2,4 @@
|
|
2
2
|
|
3
3
|
Provides standard shared rubocop configuration for Simply Business applications. No more copying `.rubocop.yml`, no more out-of-sync configuration files. Yay!
|
4
4
|
|
5
|
-
|
6
|
-
|
7
|
-
Add this line to your application's Gemfile:
|
8
|
-
|
9
|
-
```ruby
|
10
|
-
gem 'simplycop', git: 'git@github.com:simplybusiness/simplycop.git'
|
11
|
-
|
12
|
-
```
|
13
|
-
|
14
|
-
Then install gems by executing:
|
15
|
-
|
16
|
-
$ bundle install
|
17
|
-
|
18
|
-
Put following lines at the beginning of your `rubocop.yml` file:
|
19
|
-
|
20
|
-
```yaml
|
21
|
-
inherit_gem:
|
22
|
-
simplycop: .simplycop.yml
|
23
|
-
|
24
|
-
AllCops:
|
25
|
-
Exclude:
|
26
|
-
- 'vendor/**/*'
|
27
|
-
```
|
28
|
-
|
29
|
-
* If you are implementing this in rails project and have rspec , you probably want the standard rails and rspec cops. you can include this by adding:
|
30
|
-
|
31
|
-
```yaml
|
32
|
-
inherit_gem:
|
33
|
-
simplycop:
|
34
|
-
- .simplycop.yml
|
35
|
-
- .simplycop_rails.yml
|
36
|
-
- .simplycop_rspec.yml
|
37
|
-
```
|
38
|
-
|
39
|
-
## Usage
|
40
|
-
|
41
|
-
Run Rubocop as you would usually do, i.e.
|
42
|
-
|
43
|
-
$ bundle exec rubocop
|
44
|
-
|
45
|
-
or from your continuous integration tool.
|
46
|
-
|
47
|
-
## Guidances
|
48
|
-
|
49
|
-
* If you are implementing this in a non-rails project, you probably don't want or need the rails cops. In case they cause problems, you can exclude them using:
|
50
|
-
```yaml
|
51
|
-
Rails:
|
52
|
-
Enabled: false
|
53
|
-
```
|
54
|
-
* When adding rubocop and simplycop to a legacy project, you might want to initially disable some of the rules.
|
55
|
-
|
56
|
-
## Security Cops
|
57
|
-
- CheckForVulnerableCode
|
58
|
-
|
59
|
-
This cop was built to identify possible Rails vulnerable code.
|
60
|
-
Its purpose is to raise an awareness of the finding.
|
61
|
-
When an offence was raised, please seek for help and guidance from application security team.
|
62
|
-
|
63
|
-
IMPORTANT:
|
64
|
-
This cop must be enabled at all times, if you need to disable it please check with AppSec team first.
|
65
|
-
|
66
|
-
Example of vulnerable code:
|
67
|
-
|
68
|
-
```ruby
|
69
|
-
class BooksController < ApplicationController
|
70
|
-
caches_page :show
|
71
|
-
end
|
72
|
-
```
|
73
|
-
Vulnerability Details: https://nvd.nist.gov/vuln/detail/CVE-2020-8159
|
5
|
+
See [Full docs](docs/index.md)
|
data/catalog-info.yaml
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
apiVersion: backstage.io/v1alpha1
|
2
|
+
kind: Component
|
3
|
+
metadata:
|
4
|
+
name: simplycop
|
5
|
+
description: Simply Business Rubocop rules
|
6
|
+
annotations:
|
7
|
+
github.com/project-slug: "simplybusiness/simplycop"
|
8
|
+
backstage.io/source-location: url:https://github.com/simplybusiness/simplycop/
|
9
|
+
spec:
|
10
|
+
type: library
|
11
|
+
lifecycle: production
|
12
|
+
owner: silversmiths
|
13
|
+
dependsOn:
|
14
|
+
- "Component:rake"
|
15
|
+
- "Component:rspec"
|
16
|
+
- "Component:rubocop"
|
data/docs/index.md
ADDED
@@ -0,0 +1,73 @@
|
|
1
|
+
# Simplycop
|
2
|
+
|
3
|
+
Provides standard shared rubocop configuration for Simply Business applications. No more copying `.rubocop.yml`, no more out-of-sync configuration files. Yay!
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Add this line to your application's Gemfile:
|
8
|
+
|
9
|
+
```ruby
|
10
|
+
gem 'simplycop'
|
11
|
+
|
12
|
+
```
|
13
|
+
|
14
|
+
Then install gems by executing:
|
15
|
+
|
16
|
+
$ bundle install
|
17
|
+
|
18
|
+
Put following lines at the beginning of your `rubocop.yml` file:
|
19
|
+
|
20
|
+
```yaml
|
21
|
+
inherit_gem:
|
22
|
+
simplycop: .simplycop.yml
|
23
|
+
|
24
|
+
AllCops:
|
25
|
+
Exclude:
|
26
|
+
- 'vendor/**/*'
|
27
|
+
```
|
28
|
+
|
29
|
+
* If you are implementing this in rails project and have rspec , you probably want the standard rails and rspec cops. you can include this by adding:
|
30
|
+
|
31
|
+
```yaml
|
32
|
+
inherit_gem:
|
33
|
+
simplycop:
|
34
|
+
- .simplycop.yml
|
35
|
+
- .simplycop_rails.yml
|
36
|
+
- .simplycop_rspec.yml
|
37
|
+
```
|
38
|
+
|
39
|
+
## Usage
|
40
|
+
|
41
|
+
Run Rubocop as you would usually do, i.e.
|
42
|
+
|
43
|
+
$ bundle exec rubocop
|
44
|
+
|
45
|
+
or from your continuous integration tool.
|
46
|
+
|
47
|
+
## Guidances
|
48
|
+
|
49
|
+
* If you are implementing this in a non-rails project, you probably don't want or need the rails cops. In case they cause problems, you can exclude them using:
|
50
|
+
```yaml
|
51
|
+
Rails:
|
52
|
+
Enabled: false
|
53
|
+
```
|
54
|
+
* When adding rubocop and simplycop to a legacy project, you might want to initially disable some of the rules.
|
55
|
+
|
56
|
+
## Security Cops
|
57
|
+
- CheckForVulnerableCode
|
58
|
+
|
59
|
+
This cop was built to identify possible Rails vulnerable code.
|
60
|
+
Its purpose is to raise an awareness of the finding.
|
61
|
+
When an offence was raised, please seek for help and guidance from application security team.
|
62
|
+
|
63
|
+
IMPORTANT:
|
64
|
+
This cop must be enabled at all times, if you need to disable it please check with AppSec team first.
|
65
|
+
|
66
|
+
Example of vulnerable code:
|
67
|
+
|
68
|
+
```ruby
|
69
|
+
class BooksController < ApplicationController
|
70
|
+
caches_page :show
|
71
|
+
end
|
72
|
+
```
|
73
|
+
Vulnerability Details: https://nvd.nist.gov/vuln/detail/CVE-2020-8159
|
data/lib/simplycop/version.rb
CHANGED
data/mkdocs.yml
ADDED
data/simplycop.gemspec
CHANGED
@@ -17,9 +17,9 @@ Gem::Specification.new do |spec|
|
|
17
17
|
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
18
18
|
spec.require_paths = ['lib']
|
19
19
|
|
20
|
-
spec.add_dependency 'rubocop', '~> 1.
|
20
|
+
spec.add_dependency 'rubocop', '~> 1.12.1'
|
21
21
|
spec.add_dependency 'rubocop-rails', '~> 2.9.0'
|
22
|
-
spec.add_dependency 'rubocop-rspec', '~> 2.
|
22
|
+
spec.add_dependency 'rubocop-rspec', '~> 2.2.0'
|
23
23
|
spec.add_development_dependency 'bundler'
|
24
24
|
spec.add_development_dependency 'rake', '>= 12.3.3'
|
25
25
|
spec.add_development_dependency 'rspec', '~> 3.10'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: simplycop
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.7.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Simply Business
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-08-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rubocop
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 1.
|
19
|
+
version: 1.12.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 1.
|
26
|
+
version: 1.12.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rubocop-rails
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 2.
|
47
|
+
version: 2.2.0
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 2.
|
54
|
+
version: 2.2.0
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: bundler
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -123,6 +123,8 @@ files:
|
|
123
123
|
- Rakefile
|
124
124
|
- bin/console
|
125
125
|
- bin/setup
|
126
|
+
- catalog-info.yaml
|
127
|
+
- docs/index.md
|
126
128
|
- lib/simplycop.rb
|
127
129
|
- lib/simplycop/custom_cops/constantize.rb
|
128
130
|
- lib/simplycop/custom_cops/define_method.rb
|
@@ -134,6 +136,7 @@ files:
|
|
134
136
|
- lib/simplycop/security/csrf_token_validation.rb
|
135
137
|
- lib/simplycop/security/reject_all_requests_local.rb
|
136
138
|
- lib/simplycop/version.rb
|
139
|
+
- mkdocs.yml
|
137
140
|
- simplycop.gemspec
|
138
141
|
- vuln_db.json
|
139
142
|
homepage: https://github.com/simplybusiness/simplycop
|
@@ -155,7 +158,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
155
158
|
- !ruby/object:Gem::Version
|
156
159
|
version: '0'
|
157
160
|
requirements: []
|
158
|
-
rubygems_version: 3.2.
|
161
|
+
rubygems_version: 3.2.22
|
159
162
|
signing_key:
|
160
163
|
specification_version: 4
|
161
164
|
summary: Provides a single point of reference for common rubocop rules.
|