Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Added rubocop to the CI pipeline.
* Add rubocop to the CI pipeline.
* Drop ruby 2.4 and 2.5 from the CI matrix, as they have reached End-of-Life.
* Add `rubocop` and `rubocop:fix` rake tasks.
* Added missing top-level descriptions to classes.
* Various style fixes to appease rubocop.
  • Loading branch information
postmodern committed Aug 15, 2021
1 parent 6a26277 commit 0616c45
Show file tree
Hide file tree
Showing 20 changed files with 160 additions and 30 deletions.
16 changes: 14 additions & 2 deletions .github/workflows/ruby.yml
Expand Up @@ -9,8 +9,6 @@ jobs:
fail-fast: false
matrix:
ruby:
- 2.4
- 2.5
- 2.6
- 2.7
- 3.0
Expand All @@ -27,3 +25,17 @@ jobs:
run: bundle install --jobs 4 --retry 3
- name: Run tests
run: bundle exec rake test

# rubocop linting
rubocop:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.7
- name: Install dependencies
run: bundle install --jobs 4 --retry 3
- name: Run rubocop
run: bundle exec rubocop --parallel
75 changes: 75 additions & 0 deletions .rubocop.yml
@@ -0,0 +1,75 @@
AllCops:
NewCops: enable
SuggestExtensions: false
TargetRubyVersion: 2.7
Exclude:
- 'spec/bundle/**/*'
- 'spec/fixtures/database/**/*'
- 'vendor/**/*'

#
# Style
#
Layout/FirstArrayElementIndentation: { EnforcedStyle: consistent }
Layout/FirstHashElementIndentation: { EnforcedStyle: consistent }
Layout/SpaceAroundEqualsInParameterDefault: { EnforcedStyle: no_space }
Style/SymbolArray: { EnforcedStyle: brackets }

#
# Rules that conflict with my style.
#
Metrics: { Enabled: false }
Layout/BeginEndAlignment: { Enabled: false } # Offense count: 1
Layout/BlockAlignment: { Enabled: false } # Offense count: 1
Layout/EmptyLinesAroundClassBody: { Enabled: false } # Offense count: 15
Layout/ExtraSpacing: { Enabled: false } # Offense count: 9
Layout/HashAlignment: { Enabled: false } # Offense count: 3
Layout/SpaceAfterComma: { Enabled: false } # Offense count: 122
Layout/SpaceInsideHashLiteralBraces: { Enabled: false } # Offense count: 8
Lint/MissingSuper: { Enabled: false } # Offense count: 3
Lint/ShadowingOuterLocalVariable: { Enabled: false }
Lint/ConstantDefinitionInBlock: { Exclude: ['spec/cli/formats_spec.rb'] }
Lint/SuppressedException: { Exclude: ['spec/cli_spec.rb'] }
Lint/UnusedBlockArgument: { Enabled: false } # Offense count: 4
Lint/UnusedMethodArgument: { Enabled: false } # Offense count: 6
Naming/RescuedExceptionsVariableName: { Enabled: false } # Offense count: 2
Style/BlockDelimiters: { Enabled: false } # Offense count: 20
Style/CaseEquality: { Exclude: ['lib/bundler/audit/advisory.rb'] }
Style/ClassCheck: { Enabled: false } # Offense count: 4
Style/Documentation: { Enabled: false } # Offense count: 12
Style/GuardClause: { Enabled: false } # Offense count: 1
Style/HashSyntax:
Exclude:
- 'Rakefile'
- 'lib/bundler/audit/task.rb'
Style/IfUnlessModifier: { Enabled: false } # Offense count: 14
Style/MethodCallWithoutArgsParentheses: { Enabled: false } # Offense count: 1
Style/MultilineBlockChain: { Exclude: ['spec/**/*'] } # Offense count: 6
Style/MutableConstant: { Enabled: false } # Offense count: 4
Style/ParenthesesAroundCondition: { Enabled: false } # Offense count: 1
Style/RedundantBegin: { Exclude: ['spec/cli_spec.rb'] } # Offense count: 1
Style/RedundantReturn: { Enabled: false } # Offense count: 6
Style/SpecialGlobalVars: { Enabled: false } # Offense count: 5
Style/StringLiterals: { Enabled: false } # Offense count: 333
Style/StructInheritance: { Enabled: false } # Offense count: 1
Style/UnlessElse: { Enabled: false } # Offense count: 1
Style/WordArray: { Enabled: false } # Offense count: 1
Style/Lambda: { Enabled: false } # Offense count: 2
Style/SafeNavigation: { Enabled: false } # Offense count: 2

#
# Rules that may be disabled in the future.
#
# Layout/SpaceInsideParens: { Enabled: false }
# Layout/TrailingWhitespace: { Enabled: false }

#
# Rules that I want to fully enabled in the future.
#
Style/DoubleNegation: { Exclude: ['spec/spec_helper.rb'] } # Offense count: 1
Style/EmptyMethod: { Exclude: ['spec/cli/formats_spec.rb'] } # Offense count: 2
Style/ExpandPathArguments: { Enabled: false } # Offense count: 5
Style/FrozenStringLiteralComment: { Enabled: false } # Offense count: 42
Style/MixinUsage: { Exclude: ['spec/spec_helper.rb'] } # Offense count: 1
Layout/LineLength: { Enabled: false }

9 changes: 6 additions & 3 deletions Gemfile
Expand Up @@ -4,10 +4,13 @@ gemspec

group :development do
gem 'rake'
gem 'kramdown', '~> 2.0'

gem 'rubygems-tasks', '~> 0.2'

gem 'rubocop', '~> 1.18'

gem 'rspec', '~> 3.0'
gem 'simplecov', '~> 0.7', require: false

gem 'kramdown', '~> 2.0'
gem 'yard', '~> 0.9'
gem 'simplecov', '~> 0.7', :require => false
end
16 changes: 13 additions & 3 deletions Rakefile
@@ -1,5 +1,3 @@
# encoding: utf-8

require 'rubygems'

begin
Expand Down Expand Up @@ -36,8 +34,20 @@ task :test => :spec
task :default => :spec

require 'yard'
YARD::Rake::YardocTask.new
YARD::Rake::YardocTask.new
task :doc => :yard

require 'bundler/audit/task'
Bundler::Audit::Task.new

desc "Runs rubocop"
task :rubocop do

This comment has been minimized.

Copy link
@lopopolo

lopopolo Aug 16, 2021

I'm not sure if y'all know, but RuboCop ships its own Rake task just like bundler-audit does.

https://github.com/rubocop/rubocop/blob/dcc4df5f709e5e9ccc08c7ce404c981e79f9334b/lib/rubocop/rake_task.rb

This comment has been minimized.

Copy link
@postmodern

postmodern Aug 17, 2021

Author Member

Fixed in cbdf310. Thanks!

sh 'bundle exec rubocop .'
end

namespace :rubocop do
desc "Runs rubocop and auto-corrects"
task :fix do
sh 'bundle exec rubocop -A .'
end
end
7 changes: 3 additions & 4 deletions bundler-audit.gemspec
@@ -1,5 +1,3 @@
# encoding: utf-8

require 'yaml'

Gem::Specification.new do |gem|
Expand All @@ -23,8 +21,9 @@ Gem::Specification.new do |gem|

glob = lambda { |patterns| gem.files & Dir[*patterns] }

gem.files = `git ls-files`.split($/)
gem.files = glob[gemspec['files']] if gemspec['files']
gem.files = if gemspec['files'] then glob[gemspec['files']]
else `git ls-files`.split($/)
end

gem.executables = gemspec.fetch('executables') do
glob['bin/*'].map { |path| File.basename(path) }
Expand Down
3 changes: 3 additions & 0 deletions lib/bundler/audit/advisory.rb
Expand Up @@ -19,6 +19,9 @@

module Bundler
module Audit
#
# Represents an advsory loaded from the {Database}.
#
class Advisory < Struct.new(:path,
:id,
:url,
Expand Down
3 changes: 3 additions & 0 deletions lib/bundler/audit/cli.rb
Expand Up @@ -25,6 +25,9 @@

module Bundler
module Audit
#
# The `bundle-audit` command.
#
class CLI < ::Thor

default_task :check
Expand Down
8 changes: 6 additions & 2 deletions lib/bundler/audit/cli/formats.rb
Expand Up @@ -126,15 +126,19 @@ def self.[](name)
#
def self.load(name)
name = name.to_s
path = File.join(DIR,File.basename(name))

begin
require File.join(DIR,File.basename(name))
require path
rescue LoadError
raise(FormatNotFound,"could not load format #{name.inspect}")
end

return self[name] || \
unless (format = self[name])
raise(FormatNotFound,"unknown format #{name.inspect}")
end

return format
end
end
end
Expand Down
19 changes: 11 additions & 8 deletions lib/bundler/audit/cli/formats/json.rb
Expand Up @@ -22,6 +22,9 @@ module Bundler
module Audit
class CLI < ::Thor
module Formats
#
# The JSON output format.
#
module JSON
#
# Outputs the report as JSON. Will pretty-print JSON if `output`
Expand All @@ -37,20 +40,20 @@ def print_report(report,output=$stdout)
hash = report.to_h

if output.tty?
output.puts ::JSON.pretty_generate(hash)
output.puts(::JSON.pretty_generate(hash))
else
output.write(::JSON.generate(hash))
end
end

def criticality_label advisory
def criticality_label(advisory)
case advisory.criticality
when :none then "none"
when :low then "low"
when :medium then "medium"
when :high then "high"
when :critical then "critical"
else "unknown"
when :none then "none"
when :low then "low"
when :medium then "medium"
when :high then "high"
when :critical then "critical"
else "unknown"
end
end
end
Expand Down
3 changes: 3 additions & 0 deletions lib/bundler/audit/cli/formats/text.rb
Expand Up @@ -21,6 +21,9 @@ module Bundler
module Audit
class CLI < ::Thor
module Formats
#
# The plain-text output format.
#
module Text
#
# Prints any findings as plain-text.
Expand Down
4 changes: 2 additions & 2 deletions lib/bundler/audit/database.rb
Expand Up @@ -119,7 +119,7 @@ def self.download(options={})

path = options.fetch(:path,DEFAULT_PATH)

command = %w(git clone)
command = %w[git clone]
command << '--quiet' if options[:quiet]
command << URL << path

Expand Down Expand Up @@ -199,7 +199,7 @@ def git?
def update!(options={})
if git?
Dir.chdir(@path) do
command = %w(git pull)
command = %w[git pull]
command << '--quiet' if options[:quiet]
command << 'origin' << 'master'

Expand Down
3 changes: 3 additions & 0 deletions lib/bundler/audit/results/insecure_source.rb
Expand Up @@ -20,6 +20,9 @@
module Bundler
module Audit
module Results
#
# Represents an insecure gem source (ex: `git://...` or `http://...`).
#
class InsecureSource < Result

# The insecure `git://` or `http://` URI.
Expand Down
4 changes: 4 additions & 0 deletions lib/bundler/audit/results/unpatched_gem.rb
Expand Up @@ -22,6 +22,10 @@
module Bundler
module Audit
module Results
#
# Represents a gem version that has known vulnerabilities and needs to be
# upgraded.
#
class UnpatchedGem < Result

# The specification of the vulnerable gem.
Expand Down
3 changes: 3 additions & 0 deletions lib/bundler/audit/scanner.rb
Expand Up @@ -31,6 +31,9 @@

module Bundler
module Audit
#
# Scans a `Gemfile.lock` for security issues.
#
class Scanner

# The advisory database
Expand Down
3 changes: 3 additions & 0 deletions lib/bundler/audit/task.rb
Expand Up @@ -2,6 +2,9 @@

module Bundler
module Audit
#
# Defines the `bundle:audit` rake tasks.
#
class Task < Rake::TaskLib
#
# Initializes the task.
Expand Down
2 changes: 1 addition & 1 deletion spec/advisory_spec.rb
Expand Up @@ -83,7 +83,7 @@
end

context "YAML data not representing a hash" do
let(:path ) do
let(:path) do
File.expand_path('../fixtures/advisory/not_a_hash.yml', __FILE__)
end

Expand Down
3 changes: 1 addition & 2 deletions spec/cli/formats/text_spec.rb
Expand Up @@ -116,7 +116,7 @@
expect(output_lines).to include("Criticality: None")
end
end

context "when Advisory#criticality is :low" do
let(:advisory) do
super().tap do |advisory|
Expand All @@ -132,7 +132,6 @@
context "when Advisory#criticality is :medium" do
let(:advisory) do
super().tap do |advisory|

advisory.cvss_v3 = 4.0
end
end
Expand Down
1 change: 0 additions & 1 deletion spec/cli_spec.rb
Expand Up @@ -98,7 +98,6 @@
expect(error.status).to eq(1)
end
end

end

context "when git is not installed" do
Expand Down
2 changes: 1 addition & 1 deletion spec/database_spec.rb
Expand Up @@ -174,7 +174,7 @@
end

context "when given a directory" do
let(:path ) { Dir.tmpdir }
let(:path) { Dir.tmpdir }

subject { described_class.new(path) }

Expand Down
6 changes: 5 additions & 1 deletion spec/spec_helper.rb
Expand Up @@ -33,7 +33,11 @@ def self.join(*paths)
module Helpers
def sh(command, options={})
result = `#{command} 2>&1`
raise "FAILED #{command}\n#{result}" if $?.success? == !!options[:fail]

if $?.success? == !!options[:fail]
raise "FAILED #{command}\n#{result}"
end

result
end

Expand Down

0 comments on commit 0616c45

Please sign in to comment.