simplycop 2.34.3 → 2.34.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a012007bd10f42a48abae25b01c49dd81f6b1def4451b5560afac90570517601
-  data.tar.gz: e40d81ba5bccdfa760b2eb323acf55ff0d89c324a523b49a13e4654da0195a2f
+  metadata.gz: c5cccbb176267321b2cbc3fc80ea3c7fec278cf63e456c5b7b2f788238d723c8
+  data.tar.gz: ad20e21b2f3b62a458bf4a967f10f314dc87b7294f7920d5cc1a77bea8805b99
 SHA512:
-  metadata.gz: 5b9062f38dea4ad7012c63397b6cae444bf07a56358140925a8c2f2e85de70b6f661d18c6f87b4f52f0bc197a555ebd10a5eab5ec7d7bf9fbab4caa77135ad1f
-  data.tar.gz: 492fef1f67bb6795ec1af3d0c296583a1c0ebb777a686ee612d494b81cbdf3213e88edea50e9906726ebc85ff474ae9bcc0c99e5da79de0370b2294b25059d04
+  metadata.gz: 895fa251a17f034c87bfc8dba66c8acf3d9ab55c144b575fba46d62b61a72af002a9476b9246ce40f4377871f68a0678d6cc716c220d81891fc00b60c409045b
+  data.tar.gz: 00f7019f9d6146e6839b969e1d5fe53c3ca57268444fc04720b788489c8fd69b021c4f1198960a168f0011f67f42ca6a3d9edbfd2efb4828099743883f6a30f2

data/lib/simplycop/custom_cops/version_comparison.rb

@@ -0,0 +1,100 @@
+# frozen_string_literal: true
+
+module CustomCops
+  # Detects incorrect semantic version comparisons.
+  # Triggers on variables/methods containing 'version'.
+  #
+  # @example Bad - version.to_f >= 2.0, version >= "2"
+  # @example Good - Gem::Version.new(version) >= Gem::Version.new('2.0')
+  #
+  # If this cop flags a false positive, disable it with an inline rubocop comment.
+  class VersionComparison < RuboCop::Cop::Base
+    extend RuboCop::Cop::AutoCorrector
+
+    DISABLE_HINT = 'Disable if not a semantic version string.'
+    MSG_TO_F = "Avoid `.to_f` on version strings; use `Gem::Version.new()`. #{DISABLE_HINT}"
+    MSG_TO_I = "Avoid `.to_i` on version strings; use `Gem::Version.new()`. #{DISABLE_HINT}"
+    MSG_STRING = "Avoid ordering operators on version strings; use `Gem::Version.new()`. #{DISABLE_HINT}"
+    ORDERING_OPERATORS = [:>=, :>, :<=, :<].freeze
+    REVERSED_OPERATORS = { :>= => :<=, :> => :<, :<= => :>=, :< => :> }.freeze
+
+    def_node_matcher :to_f_call?, '(send $_ :to_f)'
+    def_node_matcher :to_i_call?, '(send $_ :to_i)'
+    def_node_matcher :ordering_comparison?, <<~PATTERN
+      (send $_ {#{ORDERING_OPERATORS.map(&:inspect).join(' ')}} (str $_))
+    PATTERN
+    def_node_matcher :reversed_ordering_comparison?, <<~PATTERN
+      (send (str $_) {#{ORDERING_OPERATORS.map(&:inspect).join(' ')}} $_)
+    PATTERN
+
+    def on_send(node)
+      check_numeric_conversion(node, :to_f_call?, MSG_TO_F)
+      check_numeric_conversion(node, :to_i_call?, MSG_TO_I)
+      check_ordering_comparison(node)
+      check_reversed_ordering_comparison(node)
+    end
+
+    private
+
+    def check_numeric_conversion(node, matcher, message)
+      send(matcher, node) do |receiver|
+        return unless version_related?(receiver)
+
+        add_offense(node, message: message) { |c| autocorrect_numeric(c, node, receiver) }
+      end
+    end
+
+    def check_ordering_comparison(node)
+      ordering_comparison?(node) do |receiver, str_val|
+        return unless version_related?(receiver)
+
+        add_offense(node, message: MSG_STRING) do |c|
+          c.replace(node, build_comparison(receiver.source, node.method_name, "'#{str_val}'"))
+        end
+      end
+    end
+
+    def check_reversed_ordering_comparison(node)
+      reversed_ordering_comparison?(node) do |str_val, receiver|
+        return unless version_related?(receiver)
+
+        add_offense(node, message: MSG_STRING) do |c|
+          c.replace(node, build_comparison(receiver.source, REVERSED_OPERATORS[node.method_name], "'#{str_val}'"))
+        end
+      end
+    end
+
+    def autocorrect_numeric(corrector, node, receiver)
+      parent = node.parent
+      if parent&.send_type? && ORDERING_OPERATORS.include?(parent.method_name)
+        corrector.replace(parent, build_comparison(receiver.source, parent.method_name, parent.arguments.first.source))
+      else
+        corrector.replace(node, "Gem::Version.new(#{receiver.source})")
+      end
+    end
+
+    def build_comparison(lhs, operator, rhs)
+      "Gem::Version.new(#{lhs}) #{operator} Gem::Version.new(#{rhs})"
+    end
+
+    def version_related?(node)
+      return false unless node
+
+      case node.type
+      when :lvar, :ivar, :cvar, :gvar then node.children.first.to_s.downcase.include?('version')
+      when :send then method_or_key_contains_version?(node)
+      else false
+      end
+    end
+
+    def method_or_key_contains_version?(node)
+      return true if node.method_name.to_s.downcase.include?('version')
+
+      key = node.arguments.first
+      return true if node.method_name == :[] && key && [:str, :sym].include?(key.type) &&
+                     key.value.to_s.downcase.include?('version')
+
+      version_related?(node.receiver)
+    end
+  end
+end

data/lib/simplycop/version.rb

@@ -7,5 +7,5 @@
 #
 
 module Simplycop
-  VERSION = '2.34.3'
+  VERSION = '2.34.4'
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: simplycop
 version: !ruby/object:Gem::Version
-  version: 2.34.3
+  version: 2.34.4
 platform: ruby
 authors:
 - Simply Business
 bindir: bin
 cert_chain: []
-date: 2025-12-30 00:00:00.000000000 Z
+date: 2026-01-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: benchmark
@@ -249,6 +249,7 @@ files:
 - lib/simplycop/custom_cops/no_foreground_indices.rb
 - lib/simplycop/custom_cops/timecop_without_block.rb
 - lib/simplycop/custom_cops/variable_name_shadowing_method.rb
+- lib/simplycop/custom_cops/version_comparison.rb
 - lib/simplycop/security/csrf_token_validation.rb
 - lib/simplycop/security/reject_all_requests_local.rb
 - lib/simplycop/version.rb