simplycop 1.2.0 → 1.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.custom_simplycop.yml +6 -0
- data/lib/simplycop/custom_cops/dont_print_all_env.rb +36 -0
- data/lib/simplycop/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 266e346cb15a66ac2a156e5aa7f9baa95db52601c74759ebf8de088e65d5555a
|
|
4
|
+
data.tar.gz: 4c59e192a0733f3311c104868ab9b70a746310c58b1f58515334e9b366127d6a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e5c2b709e412069b735d778df516789fce3253a6aa8fc6e691f412639d7b8cde5adaf36ca09a62bb82b326e44480d98358b4c4480d707bda8e4f12c2a1a3269b
|
|
7
|
+
data.tar.gz: 8da07133883fda0eefcd34f750dacc2f0d43e3480ddb719a32d943de61ec089b91641c28935ccf3fc498ecc79cbe962c2f88fbc4210b3afc91d62f363e9ee539
|
data/.custom_simplycop.yml
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
require:
|
|
2
2
|
- './lib/simplycop/custom_cops/timecop_without_block.rb'
|
|
3
|
+
- './lib/simplycop/custom_cops/dont_print_all_env.rb'
|
|
3
4
|
|
|
4
5
|
AllCops:
|
|
5
6
|
ExtraDetails: true
|
|
@@ -9,3 +10,8 @@ CustomCops/TimecopWithoutBlock:
|
|
|
9
10
|
Details: >-
|
|
10
11
|
Time in all tests is faked to be midday. Using `Timecop.return` rather than the block format will spoil that for all subsequent tests.
|
|
11
12
|
`https://github.com/simplybusiness/chopin/pull/10607`
|
|
13
|
+
|
|
14
|
+
CustomCops/DontPrintAllEnv:
|
|
15
|
+
Enabled: true
|
|
16
|
+
Details: >-
|
|
17
|
+
This cop checks if someone accidentally print all environment variables as they may contain secrets.
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module CustomCops
|
|
4
|
+
class DontPrintAllEnv < RuboCop::Cop::Cop
|
|
5
|
+
# This cop checks if someone accidentally print all environment variables
|
|
6
|
+
# because some of them may contain secrets.
|
|
7
|
+
#
|
|
8
|
+
# @example
|
|
9
|
+
# # bad
|
|
10
|
+
# puts ENV.to_h
|
|
11
|
+
# puts `env`
|
|
12
|
+
# puts ENVIRON.to_h
|
|
13
|
+
#
|
|
14
|
+
# # good
|
|
15
|
+
# puts ENV['SOME_KEY']
|
|
16
|
+
# puts ENVIRON['SOME_KEY']
|
|
17
|
+
MSG = 'Printing all Environment Variables is extremely risky'\
|
|
18
|
+
' If this code has been run, then it is likely that secrets have been'\
|
|
19
|
+
' exposed in plaintext. Please alert `#infosec` about this so it can be'\
|
|
20
|
+
' investigated immediately.'\
|
|
21
|
+
|
|
22
|
+
def_node_matcher :convert_env_to_hash_or_array?, <<~PATTERN
|
|
23
|
+
(send (const nil? {:ENVIRON :ENV}) {:to_h :to_a :to_hash})
|
|
24
|
+
PATTERN
|
|
25
|
+
|
|
26
|
+
def_node_matcher :print_all_env_shell?, <<~PATTERN
|
|
27
|
+
(send nil? {:puts :p :print} (xstr(str "env")))
|
|
28
|
+
PATTERN
|
|
29
|
+
|
|
30
|
+
def on_send(node)
|
|
31
|
+
return unless convert_env_to_hash_or_array?(node) || print_all_env_shell?(node)
|
|
32
|
+
|
|
33
|
+
add_offense(node, location: :selector)
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
data/lib/simplycop/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: simplycop
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Simply Business
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-12-
|
|
11
|
+
date: 2020-12-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rubocop
|
|
@@ -124,6 +124,7 @@ files:
|
|
|
124
124
|
- lib/simplycop.rb
|
|
125
125
|
- lib/simplycop/custom_cops/constantize.rb
|
|
126
126
|
- lib/simplycop/custom_cops/define_method.rb
|
|
127
|
+
- lib/simplycop/custom_cops/dont_print_all_env.rb
|
|
127
128
|
- lib/simplycop/custom_cops/instance_eval.rb
|
|
128
129
|
- lib/simplycop/custom_cops/method_missing.rb
|
|
129
130
|
- lib/simplycop/custom_cops/timecop_without_block.rb
|