diff options
Diffstat (limited to '.rubocop.yml')
-rw-r--r-- | .rubocop.yml | 566 |
1 files changed, 365 insertions, 201 deletions
diff --git a/.rubocop.yml b/.rubocop.yml index e73500be2a9..23bb0fa8be8 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,11 +1,13 @@ require: - rubocop-rspec + - rubocop-gitlab-security - ./rubocop/rubocop inherit_from: .rubocop_todo.yml AllCops: TargetRubyVersion: 2.3 + TargetRailsVersion: 4.2 # Cop names are not d§splayed in offense messages by default. Change behavior # by overriding DisplayCopNames, or by giving the -D/--display-cop-names # option. @@ -29,34 +31,241 @@ AllCops: Bundler/OrderedGems: Enabled: false -# Style ####################################################################### +# Layout ###################################################################### # Check indentation of private/protected visibility modifiers. -Style/AccessModifierIndentation: - Enabled: true - -# Check the naming of accessor methods for get_/set_. -Style/AccessorMethodName: - Enabled: false - -# Use alias_method instead of alias. -Style/Alias: - EnforcedStyle: prefer_alias_method +Layout/AccessModifierIndentation: Enabled: true # Align the elements of an array literal if they span more than one line. -Style/AlignArray: +Layout/AlignArray: Enabled: true # Align the elements of a hash literal if they span more than one line. -Style/AlignHash: +Layout/AlignHash: Enabled: true # Here we check if the parameters on a multi-line method call or # definition are aligned. -Style/AlignParameters: +Layout/AlignParameters: + Enabled: false + +# Put end statement of multiline block on its own line. +Layout/BlockEndNewline: + Enabled: true + +# Indentation of when in a case/when/[else/]end. +Layout/CaseIndentation: + Enabled: true + +# Indentation of comments. +Layout/CommentIndentation: + Enabled: true + +# Multi-line method chaining should be done with leading dots. +Layout/DotPosition: + Enabled: true + EnforcedStyle: leading + +# Align elses and elsifs correctly. +Layout/ElseAlignment: + Enabled: true + +# Add an empty line after magic comments to separate them from code. +Layout/EmptyLineAfterMagicComment: + Enabled: false + +# Use empty lines between defs. +Layout/EmptyLineBetweenDefs: + Enabled: true + +# Don't use several empty lines in a row. +Layout/EmptyLines: + Enabled: true + +# Keep blank lines around access modifiers. +Layout/EmptyLinesAroundAccessModifier: + Enabled: true + +# Keeps track of empty lines around block bodies. +Layout/EmptyLinesAroundBlockBody: + Enabled: true + +# Keeps track of empty lines around class bodies. +Layout/EmptyLinesAroundClassBody: + Enabled: true + +# Keeps track of empty lines around exception handling keywords. +Layout/EmptyLinesAroundExceptionHandlingKeywords: + Enabled: false + +# Keeps track of empty lines around method bodies. +Layout/EmptyLinesAroundMethodBody: + Enabled: true + +# Keeps track of empty lines around module bodies. +Layout/EmptyLinesAroundModuleBody: + Enabled: true + +# Use Unix-style line endings. +Layout/EndOfLine: + Enabled: true + +# Checks for a line break before the first parameter in a multi-line method +# parameter definition. +Layout/FirstMethodParameterLineBreak: + Enabled: true + +# Keep indentation straight. +Layout/IndentationConsistency: + Enabled: true + +# Use 2 spaces for indentation. +Layout/IndentationWidth: + Enabled: true + +# Checks the indentation of the first line of the right-hand-side of a +# multi-line assignment. +Layout/IndentAssignment: + Enabled: true + +# This cops checks the indentation of the here document bodies. +Layout/IndentHeredoc: + Enabled: false + +# Comments should start with a space. +Layout/LeadingCommentSpace: + Enabled: true + +# Checks that the closing brace in an array literal is either on the same line +# as the last array element, or a new line. +Layout/MultilineArrayBraceLayout: + Enabled: true + EnforcedStyle: symmetrical + +# Ensures newlines after multiline block do statements. +Layout/MultilineBlockLayout: + Enabled: true + +# Checks that the closing brace in a hash literal is either on the same line as +# the last hash element, or a new line. +Layout/MultilineHashBraceLayout: + Enabled: true + EnforcedStyle: symmetrical + +# Checks that the closing brace in a method call is either on the same line as +# the last method argument, or a new line. +Layout/MultilineMethodCallBraceLayout: + Enabled: false + EnforcedStyle: symmetrical + +# Checks indentation of method calls with the dot operator that span more than +# one line. +Layout/MultilineMethodCallIndentation: + Enabled: false + +# Checks that the closing brace in a method definition is symmetrical with +# respect to the opening brace and the method parameters. +Layout/MultilineMethodDefinitionBraceLayout: + Enabled: false + +# Checks indentation of binary operations that span more than one line. +Layout/MultilineOperationIndentation: + Enabled: true + EnforcedStyle: indented + +# Use spaces after colons. +Layout/SpaceAfterColon: + Enabled: true + +# Use spaces after commas. +Layout/SpaceAfterComma: + Enabled: true + +# Do not put a space between a method name and the opening parenthesis in a +# method definition. +Layout/SpaceAfterMethodName: + Enabled: true + +# Tracks redundant space after the ! operator. +Layout/SpaceAfterNot: + Enabled: true + +# Use spaces after semicolons. +Layout/SpaceAfterSemicolon: + Enabled: true + +# Use space around equals in parameter default +Layout/SpaceAroundEqualsInParameterDefault: + Enabled: true + +# Use a space around keywords if appropriate. +Layout/SpaceAroundKeyword: + Enabled: true + +# Use a single space around operators. +Layout/SpaceAroundOperators: + Enabled: true + +# Checks that block braces have or don't have a space before the opening +# brace depending on configuration. +# Configuration parameters: EnforcedStyle, SupportedStyles. +# SupportedStyles: space, no_space +Layout/SpaceBeforeBlockBraces: + Enabled: true + +# No spaces before commas. +Layout/SpaceBeforeComma: + Enabled: true + +# Checks for missing space between code and a comment on the same line. +Layout/SpaceBeforeComment: + Enabled: true + +# No spaces before semicolons. +Layout/SpaceBeforeSemicolon: + Enabled: true + +# Checks for spaces inside square brackets. +Layout/SpaceInsideBrackets: + Enabled: true + +# Use spaces inside hash literal braces - or don't. +Layout/SpaceInsideHashLiteralBraces: + Enabled: true + +# No spaces inside range literals. +Layout/SpaceInsideRangeLiteral: + Enabled: true + +# Checks for padding/surrounding spaces inside string interpolation. +Layout/SpaceInsideStringInterpolation: + EnforcedStyle: no_space + Enabled: true + +# No hard tabs. +Layout/Tab: + Enabled: true + +# Checks trailing blank lines and final newline. +Layout/TrailingBlankLines: + Enabled: true + +# Avoid trailing whitespace. +Layout/TrailingWhitespace: + Enabled: true + +# Style ####################################################################### + +# Check the naming of accessor methods for get_/set_. +Style/AccessorMethodName: Enabled: false +# Use alias_method instead of alias. +Style/Alias: + EnforcedStyle: prefer_alias_method + Enabled: true + # Whether `and` and `or` are banned only in conditionals (conditionals) # or completely (always). Style/AndOr: @@ -91,10 +300,6 @@ Style/BlockComments: Style/BlockDelimiters: Enabled: true -# Put end statement of multiline block on its own line. -Style/BlockEndNewline: - Enabled: true - # This cop checks for braces around the last parameter in a method call # if the last parameter is a hash. Style/BracesAroundHashParameters: @@ -104,10 +309,6 @@ Style/BracesAroundHashParameters: Style/CaseEquality: Enabled: false -# Indentation of when in a case/when/[else/]end. -Style/CaseIndentation: - Enabled: true - # Checks for uses of character literals. Style/CharacterLiteral: Enabled: true @@ -142,10 +343,6 @@ Style/ColonMethodCall: Style/CommentAnnotation: Enabled: false -# Indentation of comments. -Style/CommentIndentation: - Enabled: true - # Check for `if` and `case` statements where each branch is used for # assignment to the same variable when using the return of the # condition can be used instead. @@ -170,46 +367,10 @@ Style/Documentation: Style/DoubleNegation: Enabled: false -# Align elses and elsifs correctly. -Style/ElseAlignment: - Enabled: true - -# Use empty lines between defs. -Style/EmptyLineBetweenDefs: - Enabled: true - -# Don't use several empty lines in a row. -Style/EmptyLines: - Enabled: true - -# Keep blank lines around access modifiers. -Style/EmptyLinesAroundAccessModifier: - Enabled: true - -# Keeps track of empty lines around block bodies. -Style/EmptyLinesAroundBlockBody: - Enabled: true - -# Keeps track of empty lines around class bodies. -Style/EmptyLinesAroundClassBody: - Enabled: true - -# Keeps track of empty lines around method bodies. -Style/EmptyLinesAroundMethodBody: - Enabled: true - -# Keeps track of empty lines around module bodies. -Style/EmptyLinesAroundModuleBody: - Enabled: true - # Avoid the use of END blocks. Style/EndBlock: Enabled: true -# Use Unix-style line endings. -Style/EndOfLine: - Enabled: true - # Favor the use of Fixnum#even? && Fixnum#odd? Style/EvenOdd: Enabled: true @@ -218,11 +379,6 @@ Style/EvenOdd: Style/FileName: Enabled: true -# Checks for a line break before the first parameter in a multi-line method -# parameter definition. -Style/FirstMethodParameterLineBreak: - Enabled: true - # Checks for flip flops. Style/FlipFlop: Enabled: true @@ -231,6 +387,10 @@ Style/FlipFlop: Style/For: Enabled: true +# Use a consistent style for format string tokens. +Style/FormatStringToken: + Enabled: false + # Checks if there is a magic comment to enforce string literals Style/FrozenStringLiteralComment: Enabled: false @@ -256,31 +416,19 @@ Style/IdenticalConditionalBranches: Style/IfWithSemicolon: Enabled: true -# Checks the indentation of the first line of the right-hand-side of a -# multi-line assignment. -Style/IndentAssignment: - Enabled: true - -# Keep indentation straight. -Style/IndentationConsistency: - Enabled: true - -# Use 2 spaces for indentation. -Style/IndentationWidth: - Enabled: true - # Use Kernel#loop for infinite loops. Style/InfiniteLoop: Enabled: true +# Use the inverse method instead of `!.method` +# if an inverse method is defined. +Style/InverseMethods: + Enabled: false + # Use lambda.call(...) instead of lambda.(...). Style/LambdaCall: Enabled: true -# Comments should start with a space. -Style/LeadingCommentSpace: - Enabled: true - # Checks if the method definitions have or don't have parentheses. Style/MethodDefParentheses: Enabled: true @@ -293,55 +441,23 @@ Style/MethodName: Style/ModuleFunction: Enabled: false -# Checks that the closing brace in an array literal is either on the same line -# as the last array element, or a new line. -Style/MultilineArrayBraceLayout: - Enabled: true - EnforcedStyle: symmetrical - # Avoid multi-line chains of blocks. Style/MultilineBlockChain: Enabled: true -# Ensures newlines after multiline block do statements. -Style/MultilineBlockLayout: - Enabled: true - -# Checks that the closing brace in a hash literal is either on the same line as -# the last hash element, or a new line. -Style/MultilineHashBraceLayout: - Enabled: true - EnforcedStyle: symmetrical - # Do not use then for multi-line if/unless. Style/MultilineIfThen: Enabled: true -# Checks that the closing brace in a method call is either on the same line as -# the last method argument, or a new line. -Style/MultilineMethodCallBraceLayout: - Enabled: false - EnforcedStyle: symmetrical - -# Checks indentation of method calls with the dot operator that span more than -# one line. -Style/MultilineMethodCallIndentation: - Enabled: false - -# Checks that the closing brace in a method definition is symmetrical with -# respect to the opening brace and the method parameters. -Style/MultilineMethodDefinitionBraceLayout: - Enabled: false - -# Checks indentation of binary operations that span more than one line. -Style/MultilineOperationIndentation: - Enabled: true - EnforcedStyle: indented - # Avoid multi-line `? :` (the ternary operator), use if/unless instead. Style/MultilineTernaryOperator: Enabled: true +# Avoid comparing a variable with multiple items in a conditional, +# use Array#include? instead. +Style/MultipleComparison: + Enabled: false + # This cop checks whether some constant value isn't a # mutable literal (e.g. array or hash). Style/MutableConstant: @@ -390,6 +506,15 @@ Style/OpMethod: Style/ParenthesesAroundCondition: Enabled: true +# This cop (by default) checks for uses of methods Hash#has_key? and +# Hash#has_value? where it enforces Hash#key? and Hash#value? +# It is configurable to enforce the inverse, using `verbose` method +# names also. +# Configuration parameters: EnforcedStyle, SupportedStyles. +# SupportedStyles: short, verbose +Style/PreferredHashMethods: + Enabled: false + # Checks for an obsolete RuntimeException argument in raise/fail. Style/RedundantException: Enabled: true @@ -407,68 +532,6 @@ Style/SignalException: EnforcedStyle: only_raise Enabled: true -# Use spaces after colons. -Style/SpaceAfterColon: - Enabled: true - -# Use spaces after commas. -Style/SpaceAfterComma: - Enabled: true - -# Do not put a space between a method name and the opening parenthesis in a -# method definition. -Style/SpaceAfterMethodName: - Enabled: true - -# Tracks redundant space after the ! operator. -Style/SpaceAfterNot: - Enabled: true - -# Use spaces after semicolons. -Style/SpaceAfterSemicolon: - Enabled: true - -# Use space around equals in parameter default -Style/SpaceAroundEqualsInParameterDefault: - Enabled: true - -# Use a space around keywords if appropriate. -Style/SpaceAroundKeyword: - Enabled: true - -# Use a single space around operators. -Style/SpaceAroundOperators: - Enabled: true - -# No spaces before commas. -Style/SpaceBeforeComma: - Enabled: true - -# Checks for missing space between code and a comment on the same line. -Style/SpaceBeforeComment: - Enabled: true - -# No spaces before semicolons. -Style/SpaceBeforeSemicolon: - Enabled: true - -# Checks for spaces inside square brackets. -Style/SpaceInsideBrackets: - Enabled: true - -# Use spaces inside hash literal braces - or don't. -Style/SpaceInsideHashLiteralBraces: - Enabled: true - -# No spaces inside range literals. -Style/SpaceInsideRangeLiteral: - Enabled: true - -# Checks for padding/surrounding spaces inside string interpolation. -Style/SpaceInsideStringInterpolation: - EnforcedStyle: no_space - Enabled: true - # Check for the usage of parentheses around stabby lambda arguments. Style/StabbyLambdaParentheses: EnforcedStyle: require_parentheses @@ -484,17 +547,19 @@ Style/StringMethods: intern: to_sym Enabled: true -# No hard tabs. -Style/Tab: - Enabled: true - -# Checks trailing blank lines and final newline. -Style/TrailingBlankLines: - Enabled: true +# Use %i or %I for arrays of symbols. +Style/SymbolArray: + Enabled: false # This cop checks for trailing comma in array and hash literals. Style/TrailingCommaInLiteral: - Enabled: false + Enabled: true + EnforcedStyleForMultiline: no_comma + +# This cop checks for trailing comma in argument lists. +Style/TrailingCommaInArguments: + Enabled: true + EnforcedStyleForMultiline: no_comma # Checks for %W when interpolation is not needed. Style/UnneededCapitalW: @@ -533,6 +598,10 @@ Style/WhileUntilModifier: Style/WordArray: Enabled: true +# Do not use literals as the first operand of a comparison. +Style/YodaCondition: + Enabled: false + # Use `proc` instead of `Proc.new`. Style/Proc: Enabled: true @@ -543,7 +612,7 @@ Style/Proc: # branches, and conditions. Metrics/AbcSize: Enabled: true - Max: 57.08 + Max: 56.96 # This cop checks if the length of a block exceeds some maximum value. Metrics/BlockLength: @@ -588,6 +657,11 @@ Metrics/PerceivedComplexity: # Lint ######################################################################## +# Checks for ambiguous block association with method when param passed without +# parentheses. +Lint/AmbiguousBlockAssociation: + Enabled: false + # Checks for ambiguous operators in the first argument of a method invocation # without parentheses. Lint/AmbiguousOperator: @@ -789,6 +863,10 @@ Lint/Void: # Performance ################################################################# +# Use `caller(n..n)` instead of `caller`. +Performance/Caller: + Enabled: false + # Use `casecmp` rather than `downcase ==`. Performance/Casecmp: Enabled: true @@ -863,14 +941,23 @@ Rails/ActionFilter: Enabled: true EnforcedStyle: action +# Check that models subclass ApplicationRecord. +Rails/ApplicationRecord: + Enabled: false + +# Enforce using `blank?` and `present?`. +Rails/Blank: + Enabled: false + # Checks the correct usage of date aware methods, such as `Date.today`, # `Date.current`, etc. Rails/Date: Enabled: false # Prefer delegate method for delegations. +# Disabled per https://gitlab.com/gitlab-org/gitlab-ce/issues/35869 Rails/Delegate: - Enabled: true + Enabled: false # This cop checks dynamic `find_by_*` methods. Rails/DynamicFindBy: @@ -919,10 +1006,18 @@ Rails/OutputSafety: Rails/PluralizationGrammar: Enabled: true +# Enforce using `blank?` and `present?`. +Rails/Present: + Enabled: false + # Checks for `read_attribute(:attr)` and `write_attribute(:attr, val)`. Rails/ReadWriteAttribute: Enabled: false +# Do not assign relative date to constants. +Rails/RelativeDateConstant: + Enabled: false + # Checks the arguments of ActiveRecord scopes. Rails/ScopeArgs: Enabled: true @@ -945,12 +1040,16 @@ RSpec/AnyInstance: RSpec/BeEql: Enabled: true +# We don't enforce this as we use this technique in a few places. +RSpec/BeforeAfterAll: + Enabled: false + # Check that the first argument to the top level describe is the tested class or # module. RSpec/DescribeClass: Enabled: false -# Use `described_class` for tested class / module. +# Checks that the second argument to `describe` specifies a method. RSpec/DescribeMethod: Enabled: false @@ -958,10 +1057,15 @@ RSpec/DescribeMethod: RSpec/DescribeSymbol: Enabled: true -# Checks that the second argument to top level describe is the tested method -# name. +# Checks that tests use `described_class`. RSpec/DescribedClass: - Enabled: false + Enabled: true + +# Checks if an example group does not include any tests. +RSpec/EmptyExampleGroup: + Enabled: true + CustomIncludeMethods: + - run_permission_checks # Checks for long example. RSpec/ExampleLength: @@ -981,17 +1085,34 @@ RSpec/ExampleWording: RSpec/ExpectActual: Enabled: true +# Checks for opportunities to use `expect { … }.to output`. +RSpec/ExpectOutput: + Enabled: true + # Checks the file and folder naming of the spec file. RSpec/FilePath: - Enabled: false - CustomTransform: - RuboCop: rubocop - RSpec: rspec + Enabled: true + IgnoreMethods: true + Exclude: + - 'qa/**/*' + - 'spec/javascripts/fixtures/*' + - 'spec/requests/api/v3/*' # Checks if there are focused specs. RSpec/Focus: Enabled: true +# Checks the arguments passed to `before`, `around`, and `after`. +RSpec/HookArgument: + Enabled: true + EnforcedStyle: implicit + +# Configuration parameters: EnforcedStyle, SupportedStyles. +# SupportedStyles: is_expected, should +RSpec/ImplicitExpect: + Enabled: true + EnforcedStyle: is_expected + # Checks for the usage of instance variables. RSpec/InstanceVariable: Enabled: false @@ -1037,6 +1158,13 @@ RSpec/NotToNot: RSpec/RepeatedDescription: Enabled: false +# Ensure RSpec hook blocks are always multi-line. +RSpec/SingleLineHook: + Enabled: true + Exclude: + - 'spec/factories/*' + - 'spec/requests/api/v3/*' + # Checks for stubbed test subjects. RSpec/SubjectStub: Enabled: false @@ -1044,3 +1172,39 @@ RSpec/SubjectStub: # Prefer using verifying doubles over normal doubles. RSpec/VerifiedDoubles: Enabled: false + +# GitlabSecurity ############################################################## + +GitlabSecurity/DeepMunge: + Enabled: true + Exclude: + - 'lib/**/*.rake' + - 'spec/**/*' + +GitlabSecurity/PublicSend: + Enabled: true + Exclude: + - 'config/**/*' + - 'db/**/*' + - 'features/**/*' + - 'lib/**/*.rake' + - 'qa/**/*' + - 'spec/**/*' + +GitlabSecurity/RedirectToParamsUpdate: + Enabled: true + Exclude: + - 'lib/**/*.rake' + - 'spec/**/*' + +GitlabSecurity/SqlInjection: + Enabled: true + Exclude: + - 'lib/**/*.rake' + - 'spec/**/*' + +GitlabSecurity/SystemCommandInjection: + Enabled: true + Exclude: + - 'lib/**/*.rake' + - 'spec/**/*' |