New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add some linters specifically for the Gemfile #3600

Open
dkniffin opened this Issue Oct 12, 2016 · 7 comments

Comments

Projects
None yet
5 participants
@dkniffin
Contributor

dkniffin commented Oct 12, 2016

It'd be awesome if there were some linters specifically geared towards the Gemfile.

There's probably a bunch of ones that could be made, but here's some ideas off the top of my head:

  • Make sure a gem group isn't defined twice
  • Enforce alphabetization of "groups" of gems (lines that are next to each other)
  • Make sure a gem is only listed once (although this is actually built into bundler)
  • Specify requirements for gem versions.
    • Require a version for every gem
    • Require versions to only be at the "major" level
    • Require no versions to be specified, unless it has a comment with it (related blog post)
  • require the ruby version to be specified
  • require source 'http://rubygems.org' at the top of the file
  • A check specifically for this vulnerability
@mikegee

This comment has been minimized.

Show comment
Hide comment
@mikegee

mikegee Oct 13, 2016

Contributor

I think this is a great idea. Some of those checks will need configurability, of course. (For instance, where I work apps are required to pull from the local gem server, not rubygems.)

A check specifically for this vulnerability would be cool, too.

Contributor

mikegee commented Oct 13, 2016

I think this is a great idea. Some of those checks will need configurability, of course. (For instance, where I work apps are required to pull from the local gem server, not rubygems.)

A check specifically for this vulnerability would be cool, too.

@dkniffin

This comment has been minimized.

Show comment
Hide comment
@dkniffin

dkniffin Oct 13, 2016

Contributor

Interesting. I hadn't heard of that vulnerability. I think it'd be worthwhile to have a check for it. I'll add it to the list in my original post.

Contributor

dkniffin commented Oct 13, 2016

Interesting. I hadn't heard of that vulnerability. I think it'd be worthwhile to have a check for it. I'll add it to the list in my original post.

@bbatsov

This comment has been minimized.

Show comment
Hide comment
@bbatsov

bbatsov Oct 13, 2016

Collaborator

I agree. I'd accept Gemfile linters if someone is willing to write them. :-)

Collaborator

bbatsov commented Oct 13, 2016

I agree. I'd accept Gemfile linters if someone is willing to write them. :-)

@jmks

This comment has been minimized.

Show comment
Hide comment
@jmks

jmks Oct 14, 2016

Contributor

Make sure a gem is only listed once

I'll give this one a go

Contributor

jmks commented Oct 14, 2016

Make sure a gem is only listed once

I'll give this one a go

jmks added a commit to jmks/rubocop that referenced this issue Oct 17, 2016

[#3600] Add new `Lint/DuplicatedGem` cop
The DuplicatedGem cop checks for duplicate gem entries in Gemfiles.

@jmks jmks referenced this issue Oct 17, 2016

Merged

[#3600] Add new `Bundler/DuplicatedGem` cop #3638

10 of 10 tasks complete

tdeo added a commit to tdeo/rubocop that referenced this issue Oct 20, 2016

tdeo added a commit to tdeo/rubocop that referenced this issue Oct 20, 2016

[#3600] Add new `Style/OrderedGems` cop
This Cop checks that all gem entries belonging in consecutive lines in
the Gemfile appear in alphabetically sorted order.

tdeo added a commit to tdeo/rubocop that referenced this issue Oct 20, 2016

[Fix #3600] Add new `Style/OrderedGems` cop
This Cop checks that all gem entries belonging in consecutive lines in
the Gemfile appear in alphabetically sorted order.

@tdeo tdeo referenced this issue Oct 20, 2016

Merged

[#3600] Add new `Bundler/OrderedGems` cop #3657

11 of 11 tasks complete

tdeo added a commit to tdeo/rubocop that referenced this issue Oct 21, 2016

[Fix #3600] Add new `Style/OrderedGems` cop
This Cop checks that all gem entries belonging in consecutive lines in
the Gemfile appear in alphabetically sorted order.

tdeo added a commit to tdeo/rubocop that referenced this issue Oct 21, 2016

[Fix #3600] Add new `Style/OrderedGems` cop
This Cop checks that all gem entries belonging in consecutive lines in
the Gemfile appear in alphabetically sorted order.

tdeo added a commit to tdeo/rubocop that referenced this issue Nov 1, 2016

[#3600] Add new `Style/OrderedGems` cop
This Cop checks that all gem entries belonging in consecutive lines in
the Gemfile appear in alphabetically sorted order.

tdeo added a commit to tdeo/rubocop that referenced this issue Nov 1, 2016

jmks added a commit to jmks/rubocop that referenced this issue Nov 1, 2016

[#3600] Add new `Bundler/DuplicatedGem` cop
The DuplicatedGem cop checks for duplicate gem entries in Gemfiles.

bbatsov added a commit that referenced this issue Nov 1, 2016

[#3600] Add new `Bundler/DuplicatedGem` cop
The DuplicatedGem cop checks for duplicate gem entries in Gemfiles.

tdeo added a commit to tdeo/rubocop that referenced this issue Nov 8, 2016

tdeo added a commit to tdeo/rubocop that referenced this issue Nov 22, 2016

pocke added a commit to pocke/rubocop that referenced this issue Dec 1, 2016

Add Auto-Correct for `Bundler/OrderedGems` cop
See also #3657 #3600

Goal
----

Auto Correct not sorted gems.

e.g.

```ruby
gem 'b'
gem 'd'
gem 'c'
gem 'a'

gem 'a'
gem 'b'
gem 'c'
gem 'd'
```

Note
-----

I added `autocorrect_source_with_loop` test helper method to execute auto-correction with loop.
This method is based on do_inspection_loop.
https://github.com/bbatsov/rubocop/blob/ed4aeb845bfcaaff0648d365c5b46a2e725347f7/lib/rubocop/runner.rb#L179-L202

pocke added a commit to pocke/rubocop that referenced this issue Dec 1, 2016

Add Auto-Correct for `Bundler/OrderedGems` cop
See also #3657 #3600

Goal
----

Auto Correct not sorted gems.

e.g.

```ruby
gem 'b'
gem 'd'
gem 'c'
gem 'a'

gem 'a'
gem 'b'
gem 'c'
gem 'd'
```

Note
-----

I added `autocorrect_source_with_loop` test helper method to execute auto-correction with loop.
This method is based on do_inspection_loop.
https://github.com/bbatsov/rubocop/blob/ed4aeb845bfcaaff0648d365c5b46a2e725347f7/lib/rubocop/runner.rb#L179-L202

@pocke pocke referenced this issue Dec 1, 2016

Merged

Add Auto-Correct for `Bundler/OrderedGems` cop #3757

9 of 11 tasks complete

pocke added a commit to pocke/rubocop that referenced this issue Dec 1, 2016

Add Auto-Correct for `Bundler/OrderedGems` cop
See also #3657 #3600

Goal
----

Auto Correct not sorted gems.

e.g.

```ruby
gem 'b'
gem 'd'
gem 'c'
gem 'a'

gem 'a'
gem 'b'
gem 'c'
gem 'd'
```

Note
-----

I added `autocorrect_source_with_loop` test helper method to execute auto-correction with loop.
This method is based on do_inspection_loop.
https://github.com/bbatsov/rubocop/blob/ed4aeb845bfcaaff0648d365c5b46a2e725347f7/lib/rubocop/runner.rb#L179-L202

pocke added a commit to pocke/rubocop that referenced this issue Dec 1, 2016

Add Auto-Correct for `Bundler/OrderedGems` cop
See also #3657 #3600

Goal
----

Auto Correct not sorted gems.

e.g.

```ruby
gem 'b'
gem 'd'
gem 'c'
gem 'a'

gem 'a'
gem 'b'
gem 'c'
gem 'd'
```

Note
-----

I added `autocorrect_source_with_loop` test helper method to execute auto-correction with loop.
This method is based on do_inspection_loop.
https://github.com/bbatsov/rubocop/blob/ed4aeb845bfcaaff0648d365c5b46a2e725347f7/lib/rubocop/runner.rb#L179-L202

bbatsov added a commit that referenced this issue Dec 1, 2016

Add Auto-Correct for `Bundler/OrderedGems` cop
See also #3657 #3600

Goal
----

Auto Correct not sorted gems.

e.g.

```ruby
gem 'b'
gem 'd'
gem 'c'
gem 'a'

gem 'a'
gem 'b'
gem 'c'
gem 'd'
```

Note
-----

I added `autocorrect_source_with_loop` test helper method to execute auto-correction with loop.
This method is based on do_inspection_loop.
https://github.com/bbatsov/rubocop/blob/ed4aeb845bfcaaff0648d365c5b46a2e725347f7/lib/rubocop/runner.rb#L179-L202
@RKushnir

This comment has been minimized.

Show comment
Hide comment
@RKushnir

RKushnir Jun 2, 2017

The idea of enforcing an order in a Gemfile is just wrong. The order is important because the gems are loaded as they are listed and may contain logic dependent on the gems already in memory.

RKushnir commented Jun 2, 2017

The idea of enforcing an order in a Gemfile is just wrong. The order is important because the gems are loaded as they are listed and may contain logic dependent on the gems already in memory.

@mikegee

This comment has been minimized.

Show comment
Hide comment
@mikegee

mikegee Jun 2, 2017

Contributor

@RKushnir, the new cop enforces ordering of groups of adjacent gems, not the whole Gemfile. No one has reported it breaking their app in the six months since it was added.

Contributor

mikegee commented Jun 2, 2017

@RKushnir, the new cop enforces ordering of groups of adjacent gems, not the whole Gemfile. No one has reported it breaking their app in the six months since it was added.

@RKushnir

This comment has been minimized.

Show comment
Hide comment
@RKushnir

RKushnir Jun 2, 2017

@mikegee I see, I didn't immediately grasp what is a group. Then it assumes the dependent gems are placed in different "batches". So if you need to enforce a specific order, you have to put a newline between them.

RKushnir commented Jun 2, 2017

@mikegee I see, I didn't immediately grasp what is a group. Then it assumes the dependent gems are placed in different "batches". So if you need to enforce a specific order, you have to put a newline between them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment