simplycop 1.7.2 → 1.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 50a0298e4fe2fea10475eb542f24df49cc548add3299ce646df95daca8ac8194
-  data.tar.gz: f7bc5d42576f976f5be0b7d28920861d38553dcc907a41a8d7044df941771661
+  metadata.gz: 7186eac4e8a769e55cefe3738cfbf45c967a6b2aab0f4744191d92b932175ea7
+  data.tar.gz: 604182eff86928d921da2831b08a1bb880b1a21660a252610619012f7059fa34
 SHA512:
-  metadata.gz: 88236123a372bef498fc28c6b897b5017fdd4492b05c9fb575720721d9174a6b74828a4ae06be57a4dc3082be26eb15f60d3f850ac581a3beb0c55b40a55c883
-  data.tar.gz: 94ad143b7fa0971802e735be97f98ba6ee2826c2c846bdad91a646f50277a070201a756a5ed70b0a57530c6c9d4ce807bf61c6c8c979e089b00d984bf85ab0bd
+  metadata.gz: 0be2768aceb033e5625ebd342c86c1ae8cbe356d348f8ad27d7cd9ef9d9faecb78907ff4a6f17f6369eade666f99b8e1697a35143b43b768b7ef73609024de0b
+  data.tar.gz: 0a09ff8fccde37b4b8f9eea6241a2c64ca76e5a775f34777eebfb7eda8751ec7471c7d080319d1cd420c67f28cf386a220f4870435b0b8d059a5ef8f6119aa37

data/.custom_simplycop.yml

@@ -1,6 +1,7 @@
 require:
   - './lib/simplycop/custom_cops/timecop_without_block.rb'
   - './lib/simplycop/custom_cops/dont_print_all_env.rb'
+  - './lib/simplycop/custom_cops/variable_name_shadowing_method.rb'
 
 AllCops:
   ExtraDetails: true

data/.github/workflows/dobby-actions.yml

@@ -1,4 +1,5 @@
-name: "dobby actions"
+
+name: "Dobby action"
 on:
   issue_comment:
     types: [created]
@@ -6,10 +7,20 @@ jobs:
   pr_commented:
     runs-on: ubuntu-20.04
     if: startsWith(github.event.comment.body, '/dobby')
-
+    env:
+      BUNDLE_WITHOUT: "development:test"
     steps:
-      - name: 'bump version'
-        uses: simplybusiness/dobby@v2.1.0
+      - name: Chekcout action
+        uses: actions/checkout@v2
+        with:
+          repository: 'simplybusiness/dobby'
+          ref: 'v3.0.0'
+      - name: Set up ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+      - name: Bump version
+        uses: simplybusiness/dobby@v3.0.0
         env:
           DOBBY_APP_ID: ${{ secrets.DOBBY_APP_ID }}
           DOBBY_PRIVATE_KEY: ${{ secrets.DOBBY_PRIVATE_KEY }}

data/README.md

@@ -2,72 +2,4 @@
 
 Provides standard shared rubocop configuration for Simply Business applications. No more copying `.rubocop.yml`, no more out-of-sync configuration files. Yay!
 
-## Installation
-
-Add this line to your application's Gemfile:
-
-```ruby
-gem 'simplycop', git: 'git@github.com:simplybusiness/simplycop.git'
-
-```
-
-Then install gems by executing:
-
-    $ bundle install
-
-Put following lines at the beginning of your `rubocop.yml` file:
-
-```yaml
-inherit_gem:
-  simplycop: .simplycop.yml
-
-AllCops:
-  Exclude:
-    - 'vendor/**/*'
-```
-
-* If you are implementing this in rails project and have rspec , you probably want the standard rails and rspec cops. you can include this by adding:
-
-```yaml
-inherit_gem:
-  simplycop:
-    - .simplycop.yml
-    - .simplycop_rails.yml
-    - .simplycop_rspec.yml
-```
-
-## Usage
-
-Run Rubocop as you would usually do, i.e.
-
-    $ bundle exec rubocop
-
-or from your continuous integration tool.
-
-## Guidances
-
-* If you are implementing this in a non-rails project, you probably don't want or need the rails cops. In case they cause problems, you can exclude them using:
-```yaml
-Rails:
-  Enabled: false
-```
-* When adding rubocop and simplycop to a legacy project, you might want to initially disable some of the rules.
-
-## Security Cops
-- CheckForVulnerableCode
-
-This cop was built to identify possible Rails vulnerable code.
-Its purpose is to raise an awareness of the finding.
-When an offence was raised, please seek for help and guidance from application security team.
-
-IMPORTANT:
-This cop must be enabled at all times, if you need to disable it please check with AppSec team first.
-
-Example of vulnerable code:
-
-```ruby
-class BooksController < ApplicationController
-  caches_page :show
-end
-```
-Vulnerability Details: https://nvd.nist.gov/vuln/detail/CVE-2020-8159
+See [Full docs](docs/index.md)

data/catalog-info.yaml

@@ -6,7 +6,6 @@ metadata:
   annotations:
     github.com/project-slug: "simplybusiness/simplycop"
     backstage.io/source-location: url:https://github.com/simplybusiness/simplycop/
-    backstage.io/techdocs-ref: url:https://github.com/simplybusiness/simplycop/
 spec:
   type: library
   lifecycle: production

data/docs/index.md

@@ -0,0 +1,73 @@
+# Simplycop
+
+Provides standard shared rubocop configuration for Simply Business applications. No more copying `.rubocop.yml`, no more out-of-sync configuration files. Yay!
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'simplycop'
+
+```
+
+Then install gems by executing:
+
+    $ bundle install
+
+Put following lines at the beginning of your `rubocop.yml` file:
+
+```yaml
+inherit_gem:
+  simplycop: .simplycop.yml
+
+AllCops:
+  Exclude:
+    - 'vendor/**/*'
+```
+
+* If you are implementing this in rails project and have rspec , you probably want the standard rails and rspec cops. you can include this by adding:
+
+```yaml
+inherit_gem:
+  simplycop:
+    - .simplycop.yml
+    - .simplycop_rails.yml
+    - .simplycop_rspec.yml
+```
+
+## Usage
+
+Run Rubocop as you would usually do, i.e.
+
+    $ bundle exec rubocop
+
+or from your continuous integration tool.
+
+## Guidances
+
+* If you are implementing this in a non-rails project, you probably don't want or need the rails cops. In case they cause problems, you can exclude them using:
+```yaml
+Rails:
+  Enabled: false
+```
+* When adding rubocop and simplycop to a legacy project, you might want to initially disable some of the rules.
+
+## Security Cops
+- CheckForVulnerableCode
+
+This cop was built to identify possible Rails vulnerable code.
+Its purpose is to raise an awareness of the finding.
+When an offence was raised, please seek for help and guidance from application security team.
+
+IMPORTANT:
+This cop must be enabled at all times, if you need to disable it please check with AppSec team first.
+
+Example of vulnerable code:
+
+```ruby
+class BooksController < ApplicationController
+  caches_page :show
+end
+```
+Vulnerability Details: https://nvd.nist.gov/vuln/detail/CVE-2020-8159

data/lib/simplycop/custom_cops/variable_name_shadowing_method.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module CustomCops
+  class VariableNameShadowingMethod < RuboCop::Cop::Cop
+    # For each source file, Rubocop calls on_new_investigation, then walks the abstract syntax
+    # tree calling on_foo methods for each "foo" AST node - e.g on_begin, on_def, on_args,
+    # on_int, etc.
+
+    # We need to do two passes over the source so that we can find all the method names before
+    # we start looking at the nodes that assign local variables (some methods may be defined
+    # _after_ code that assigns shadowing local variables. We do the first one in
+    # on_new_investigation
+
+    def_node_search :method_names, <<~PATTERN
+      (:def $_ ...)
+    PATTERN
+
+    def on_new_investigation
+      @declared_method_names = method_names(processed_source.ast).to_a
+    end
+
+    def on_lvasgn(node)
+      if @declared_method_names.include?(node.name)
+        add_offense(
+          node,
+          message: "Shadowing method name - `#{node.name}`."
+        )
+      end
+    end
+  end
+end

data/lib/simplycop/version.rb

@@ -7,5 +7,5 @@
 #
 
 module Simplycop
-  VERSION = '1.7.2'
+  VERSION = '1.8.0'
 end

data/mkdocs.yml

@@ -0,0 +1,7 @@
+site_name: 'Simplycop Docs'
+docs_dir: 'doc'
+nav:
+  - Home: index.md
+
+plugins:
+  - techdocs-core

data/simplycop.gemspec

@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'rubocop', '~> 1.12.1'
   spec.add_dependency 'rubocop-rails', '~> 2.9.0'
   spec.add_dependency 'rubocop-rspec', '~> 2.2.0'
-  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'bundler', '>= 2.2.15'
   spec.add_development_dependency 'rake', '>= 12.3.3'
   spec.add_development_dependency 'rspec', '~> 3.10'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: simplycop
 version: !ruby/object:Gem::Version
-  version: 1.7.2
+  version: 1.8.0
 platform: ruby
 authors:
 - Simply Business
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-07-09 00:00:00.000000000 Z
+date: 2021-10-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.2.15
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.2.15
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -124,6 +124,7 @@ files:
 - bin/console
 - bin/setup
 - catalog-info.yaml
+- docs/index.md
 - lib/simplycop.rb
 - lib/simplycop/custom_cops/constantize.rb
 - lib/simplycop/custom_cops/define_method.rb
@@ -131,10 +132,12 @@ files:
 - lib/simplycop/custom_cops/instance_eval.rb
 - lib/simplycop/custom_cops/method_missing.rb
 - lib/simplycop/custom_cops/timecop_without_block.rb
+- lib/simplycop/custom_cops/variable_name_shadowing_method.rb
 - lib/simplycop/security/check_for_vulnerable_code.rb
 - lib/simplycop/security/csrf_token_validation.rb
 - lib/simplycop/security/reject_all_requests_local.rb
 - lib/simplycop/version.rb
+- mkdocs.yml
 - simplycop.gemspec
 - vuln_db.json
 homepage: https://github.com/simplybusiness/simplycop
@@ -156,7 +159,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.2.22
 signing_key: 
 specification_version: 4
 summary: Provides a single point of reference for common rubocop rules.