From 3ac4e04bcb23aa5aed63d73556acd182dcc04899 Mon Sep 17 00:00:00 2001 From: Olle Jonsson Date: Fri, 6 Oct 2023 00:06:37 +0200 Subject: [PATCH 1/3] Add RuboCop, and disable all but Security rules Run it in CI --- .github/workflows/test.yml | 3 +++ .rubocop.yml | 15 +++++++++++++++ Gemfile | 5 +++++ 3 files changed, 23 insertions(+) create mode 100644 .rubocop.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 32835f70..b87de928 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -48,6 +48,9 @@ jobs: uses: ruby/setup-ruby@v1 with: ruby-version: 2.7 + - run: bundle install && bundle exec rubocop + env: + RUBOCOP: yes - run: bundle install && bundle exec rake test:rails env: RAILS: 5.2.8 diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 00000000..095f8b58 --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,15 @@ +# The behavior of RuboCop can be controlled via the .rubocop.yml +# configuration file. It makes it possible to enable/disable +# certain cops (checks) and to alter their behavior if they accept +# any parameters. The file can be placed either in your home +# directory or in some project directory. +# +# RuboCop will start looking for the configuration file in the directory +# where the inspected file is and continue its way up to the root directory. +# +# See https://docs.rubocop.org/rubocop/configuration +AllCops: + DisabledByDefault: true + TargetRubyVersion: 2.5 +Security: + Enabled: true diff --git a/Gemfile b/Gemfile index 93300652..fbbedaea 100644 --- a/Gemfile +++ b/Gemfile @@ -41,3 +41,8 @@ if ENV['SINATRA'] gem 'sinatra', tag: "v#{ENV['SINATRA']}" end end + +if ENV['RUBOCOP'] + gem 'rubocop' + gem 'rubocop-rails' +end From 17234443480bbd7d042a25df90c6d4667595af4e Mon Sep 17 00:00:00 2001 From: Olle Jonsson Date: Fri, 6 Oct 2023 00:10:57 +0200 Subject: [PATCH 2/3] Make all RuboCop failed checks a TODO See the .rubocop_todo.yml. See also https://docs.rubocop.org/rubocop/usage/basic_usage.html#command-line-flags --- .rubocop.yml | 2 ++ .rubocop_todo.yml | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 .rubocop_todo.yml diff --git a/.rubocop.yml b/.rubocop.yml index 095f8b58..cee0b4d4 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,3 +1,5 @@ +inherit_from: .rubocop_todo.yml + # The behavior of RuboCop can be controlled via the .rubocop.yml # configuration file. It makes it possible to enable/disable # certain cops (checks) and to alter their behavior if they accept diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml new file mode 100644 index 00000000..7cfc3644 --- /dev/null +++ b/.rubocop_todo.yml @@ -0,0 +1,20 @@ +# This configuration was generated by +# `rubocop --auto-gen-config` +# on 2023-10-05 22:09:56 UTC using RuboCop version 1.56.4. +# The point is for the user to remove these configuration records +# one by one as the offenses are removed from the code base. +# Note that changes in the inspected code, or installation of new +# versions of RuboCop, may require this file to be generated again. + +# Offense count: 5 +Security/Eval: + Exclude: + - 'lib/slim/command.rb' + - 'lib/slim/translator.rb' + - 'test/literate/run.rb' + +# Offense count: 1 +# This cop supports unsafe autocorrection (--autocorrect-all). +Security/YAMLLoad: + Exclude: + - 'lib/slim/command.rb' From db3e59517abebc9951094431b29b0243deb120a9 Mon Sep 17 00:00:00 2001 From: Olle Jonsson Date: Fri, 6 Oct 2023 00:14:57 +0200 Subject: [PATCH 3/3] CI: Name the RuboCop step --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b87de928..8e1d66d1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -49,6 +49,7 @@ jobs: with: ruby-version: 2.7 - run: bundle install && bundle exec rubocop + name: "Run RuboCop" env: RUBOCOP: yes - run: bundle install && bundle exec rake test:rails