From 57b6e0b2828c24d65e358593090b9f195f6cf8c4 Mon Sep 17 00:00:00 2001 From: Nils Bartels Date: Wed, 15 Nov 2023 23:19:48 +0100 Subject: [PATCH] Linting and stuff --- .github/workflows/ruby.yml | 6 +- .rubocop.yml | 5 + Gemfile | 5 + Gemfile.lock | 53 ++++++ config/rails.yml | 376 +++++++++++++++++++++++++++++++++++++ 5 files changed, 442 insertions(+), 3 deletions(-) create mode 100644 .rubocop.yml create mode 100644 config/rails.yml diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index 9ef70b9..e25cc44 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -57,8 +57,8 @@ jobs: bundler-cache: true # Add or replace any other lints here - name: Security audit dependencies - run: bin/bundler-audit --update + run: bundle exec bundler-audit --update - name: Security audit application code - run: bin/brakeman -q -w2 + run: bundle exec brakeman -q -w2 - name: Lint Ruby files - run: bin/rubocop --parallel + run: bundle exec rubocop --parallel diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..e068a37 --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,5 @@ +inherit_gem: + rubocop-rails_config: + - config/rails.yml +require: + - rubocop-rails diff --git a/Gemfile b/Gemfile index 4e5966b..6e171d2 100755 --- a/Gemfile +++ b/Gemfile @@ -68,6 +68,8 @@ group :test do end gem 'bootstrap', '~> 4.3.1' +gem 'brakeman' +gem 'bundler-audit' gem 'devise' gem 'devise-jwt' gem 'haml' @@ -75,5 +77,8 @@ gem 'haml-rails' gem 'jquery-rails' gem 'kaminari' gem 'redis-session-store' +gem 'rubocop', require: false +gem 'rubocop-rails', require: false +gem 'rubocop-rails_config' gem 'sass-rails' gem 'simple_form', '~> 5.1.0' diff --git a/Gemfile.lock b/Gemfile.lock index 13b9d9e..6172398 100755 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -77,6 +77,7 @@ GEM tzinfo (~> 2.0) addressable (2.8.5) public_suffix (>= 2.0.2, < 6.0) + ast (2.4.2) autoprefixer-rails (10.4.15.0) execjs (~> 2) base64 (0.2.0) @@ -89,7 +90,11 @@ GEM autoprefixer-rails (>= 9.1.0) popper_js (>= 1.14.3, < 2) sassc-rails (>= 2.0.0) + brakeman (6.0.1) builder (3.2.4) + bundler-audit (0.9.1) + bundler (>= 1.2.0, < 3) + thor (~> 1.0) capybara (3.39.2) addressable matrix @@ -157,6 +162,7 @@ GEM rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) + json (2.6.3) jwt (2.7.1) kaminari (1.2.2) activesupport (>= 4.1.0) @@ -170,6 +176,7 @@ GEM activerecord kaminari-core (= 1.2.2) kaminari-core (1.2.2) + language_server-protocol (3.17.0.3) loofah (2.21.4) crass (~> 1.0.2) nokogiri (>= 1.12.0) @@ -197,6 +204,10 @@ GEM nokogiri (1.15.4-x86_64-linux) racc (~> 1.4) orm_adapter (0.5.0) + parallel (1.23.0) + parser (3.2.2.4) + ast (~> 2.4.1) + racc pg (1.5.4) popper_js (1.16.1) psych (5.1.1.1) @@ -242,6 +253,7 @@ GEM rake (>= 12.2) thor (~> 1.0, >= 1.2.2) zeitwerk (~> 2.6) + rainbow (3.1.1) rake (13.1.0) rdoc (6.6.0) psych (>= 4.0.0) @@ -259,6 +271,41 @@ GEM actionpack (>= 5.2) railties (>= 5.2) rexml (3.2.6) + rubocop (1.57.2) + json (~> 2.3) + language_server-protocol (>= 3.17.0) + parallel (~> 1.10) + parser (>= 3.2.2.4) + rainbow (>= 2.2.2, < 4.0) + regexp_parser (>= 1.8, < 3.0) + rexml (>= 3.2.5, < 4.0) + rubocop-ast (>= 1.28.1, < 2.0) + ruby-progressbar (~> 1.7) + unicode-display_width (>= 2.4.0, < 3.0) + rubocop-ast (1.30.0) + parser (>= 3.2.1.0) + rubocop-md (1.2.1) + rubocop (>= 1.0) + rubocop-minitest (0.33.0) + rubocop (>= 1.39, < 2.0) + rubocop-packaging (0.5.2) + rubocop (>= 1.33, < 2.0) + rubocop-performance (1.19.1) + rubocop (>= 1.7.0, < 2.0) + rubocop-ast (>= 0.4.0) + rubocop-rails (2.22.1) + activesupport (>= 4.2.0) + rack (>= 1.1) + rubocop (>= 1.33.0, < 2.0) + rubocop-rails_config (1.16.0) + rubocop (>= 1.57.0) + rubocop-ast (>= 1.26.0) + rubocop-md + rubocop-minitest (~> 0.22) + rubocop-packaging (~> 0.5) + rubocop-performance (~> 1.11) + rubocop-rails (~> 2.0) + ruby-progressbar (1.13.0) ruby2_keywords (0.0.5) rubyzip (2.3.2) sass-rails (6.0.0) @@ -298,6 +345,7 @@ GEM railties (>= 6.0.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) + unicode-display_width (2.5.0) warden (1.2.9) rack (>= 2.0.9) warden-jwt_auth (0.8.0) @@ -326,6 +374,8 @@ DEPENDENCIES bcrypt (~> 3.1.7) bootsnap bootstrap (~> 4.3.1) + brakeman + bundler-audit capybara debug devise @@ -341,6 +391,9 @@ DEPENDENCIES rails (~> 7.1.2) redis (>= 4.0.1) redis-session-store + rubocop + rubocop-rails + rubocop-rails_config sass-rails selenium-webdriver simple_form (~> 5.1.0) diff --git a/config/rails.yml b/config/rails.yml new file mode 100644 index 0000000..029baba --- /dev/null +++ b/config/rails.yml @@ -0,0 +1,376 @@ +require: + - rubocop-minitest + - rubocop-packaging + - rubocop-performance + - rubocop-rails + - rubocop-md + +AllCops: + # RuboCop has a bunch of cops enabled by default. This setting tells RuboCop + # to ignore them, so only the ones explicitly set in this file are enabled. + DisabledByDefault: true + SuggestExtensions: false + Exclude: + - '**/tmp/**/*' + - '**/templates/**/*' + - '**/vendor/**/*' + - 'actionpack/lib/action_dispatch/journey/parser.rb' + - 'actionmailbox/test/dummy/**/*' + - 'activestorage/test/dummy/**/*' + - 'actiontext/test/dummy/**/*' + - '**/node_modules/**/*' + - '**/CHANGELOG.md' + - '**/2_*_release_notes.md' + - '**/3_*_release_notes.md' + - '**/4_*_release_notes.md' + - '**/5_*_release_notes.md' + - '**/6_*_release_notes.md' + # Additional exclude files by rubocop-rails_config + - 'bin/**/*' + - 'db/schema.rb' + +Performance: + Exclude: + - '**/test/**/*' + +# Prefer assert_not over assert ! +Rails/AssertNot: + Include: + - '**/test/**/*' + +# Prefer assert_not_x over refute_x +Rails/RefuteMethods: + Include: + - '**/test/**/*' + +Rails/IndexBy: + Enabled: true + +Rails/IndexWith: + Enabled: true + +# Prefer &&/|| over and/or. +Style/AndOr: + Enabled: true + +# Align `when` with `case`. +Layout/CaseIndentation: + Enabled: true + +Layout/ClosingHeredocIndentation: + Enabled: true + +Layout/ClosingParenthesisIndentation: + Enabled: true + +# Align comments with method definitions. +Layout/CommentIndentation: + Enabled: true + +Layout/ElseAlignment: + Enabled: true + +# Align `end` with the matching keyword or starting expression except for +# assignments, where it should be aligned with the LHS. +Layout/EndAlignment: + Enabled: true + EnforcedStyleAlignWith: variable + AutoCorrect: true + +Layout/EndOfLine: + Enabled: true + +Layout/EmptyLineAfterMagicComment: + Enabled: true + +Layout/EmptyLinesAroundAccessModifier: + Enabled: true + EnforcedStyle: only_before + +Layout/EmptyLinesAroundBlockBody: + Enabled: true + +# In a regular class definition, no empty lines around the body. +Layout/EmptyLinesAroundClassBody: + Enabled: true + +# In a regular method definition, no empty lines around the body. +Layout/EmptyLinesAroundMethodBody: + Enabled: true + +# In a regular module definition, no empty lines around the body. +Layout/EmptyLinesAroundModuleBody: + Enabled: true + +# Use Ruby >= 1.9 syntax for hashes. Prefer { a: :b } over { :a => :b }. +Style/HashSyntax: + Enabled: true + +# Method definitions after `private` or `protected` isolated calls need one +# extra level of indentation. +Layout/IndentationConsistency: + Enabled: true + EnforcedStyle: indented_internal_methods + Exclude: + - '**/*.md' + +# Two spaces, no tabs (for indentation). +Layout/IndentationWidth: + Enabled: true + +Layout/LeadingCommentSpace: + Enabled: true + +Layout/SpaceAfterColon: + Enabled: true + +Layout/SpaceAfterComma: + Enabled: true + +Layout/SpaceAfterSemicolon: + Enabled: true + +Layout/SpaceAroundEqualsInParameterDefault: + Enabled: true + +Layout/SpaceAroundKeyword: + Enabled: true + +Layout/SpaceAroundOperators: + Enabled: true + +Layout/SpaceBeforeComma: + Enabled: true + +Layout/SpaceBeforeComment: + Enabled: true + +Layout/SpaceBeforeFirstArg: + Enabled: true + +Style/DefWithParentheses: + Enabled: true + +# Defining a method with parameters needs parentheses. +Style/MethodDefParentheses: + Enabled: true + +Style/ExplicitBlockArgument: + Enabled: true + +Style/FrozenStringLiteralComment: + Enabled: true + EnforcedStyle: always + Exclude: + - 'actionview/test/**/*.builder' + - 'actionview/test/**/*.ruby' + - 'actionpack/test/**/*.builder' + - 'actionpack/test/**/*.ruby' + - 'activestorage/db/migrate/**/*.rb' + - 'activestorage/db/update_migrate/**/*.rb' + - 'actionmailbox/db/migrate/**/*.rb' + - 'actiontext/db/migrate/**/*.rb' + - '**/*.md' + +Style/MapToHash: + Enabled: true + +Style/RedundantFreeze: + Enabled: true + +# Use `foo {}` not `foo{}`. +Layout/SpaceBeforeBlockBraces: + Enabled: true + +# Use `foo { bar }` not `foo {bar}`. +Layout/SpaceInsideBlockBraces: + Enabled: true + EnforcedStyleForEmptyBraces: space + +# Use `{ a: 1 }` not `{a:1}`. +Layout/SpaceInsideHashLiteralBraces: + Enabled: true + +Layout/SpaceInsideParens: + Enabled: true + +# Check quotes usage according to lint rule below. +Style/StringLiterals: + Enabled: true + EnforcedStyle: double_quotes + +# Detect hard tabs, no hard tabs. +Layout/IndentationStyle: + Enabled: true + +# Empty lines should not have any spaces. +Layout/TrailingEmptyLines: + Enabled: true + +# No trailing whitespace. +Layout/TrailingWhitespace: + Enabled: true + +# Use quotes for string literals when they are enough. +Style/RedundantPercentQ: + Enabled: true + +Lint/AmbiguousOperator: + Enabled: true + +Lint/AmbiguousRegexpLiteral: + Enabled: true + +Lint/DuplicateRequire: + Enabled: true + +Lint/DuplicateMagicComment: + Enabled: true + +Lint/DuplicateMethods: + Enabled: true + +Lint/ErbNewArguments: + Enabled: true + +Lint/EnsureReturn: + Enabled: true + +# Use my_method(my_arg) not my_method( my_arg ) or my_method my_arg. +Lint/RequireParentheses: + Enabled: true + +Lint/RedundantSafeNavigation: + Enabled: true + +Lint/RedundantStringCoercion: + Enabled: true + +Lint/UriEscapeUnescape: + Enabled: true + +Lint/UselessAssignment: + Enabled: true + +Lint/DeprecatedClassMethods: + Enabled: true + +Style/EvalWithLocation: + Enabled: true + Exclude: + - '**/test/**/*' + +Style/ParenthesesAroundCondition: + Enabled: true + +Style/HashTransformKeys: + Enabled: true + +Style/HashTransformValues: + Enabled: true + +Style/RedundantBegin: + Enabled: true + +Style/RedundantReturn: + Enabled: true + AllowMultipleReturnValues: true + +Style/RedundantRegexpEscape: + Enabled: true + +Style/Semicolon: + Enabled: true + AllowAsExpressionSeparator: true + +# Prefer Foo.method over Foo::method +Style/ColonMethodCall: + Enabled: true + +Style/TrivialAccessors: + Enabled: true + +# Prefer a = b || c over a = b ? b : c +Style/RedundantCondition: + Enabled: true + +Style/RedundantDoubleSplatHashBraces: + Enabled: true + +Performance/BindCall: + Enabled: true + +Performance/FlatMap: + Enabled: true + +Performance/MapCompact: + Enabled: true + +Performance/SelectMap: + Enabled: true + +Performance/RedundantMerge: + Enabled: true + +Performance/StartWith: + Enabled: true + +Performance/EndWith: + Enabled: true + +Performance/RegexpMatch: + Enabled: true + +Performance/ReverseEach: + Enabled: true + +Performance/StringReplacement: + Enabled: true + +Performance/UnfreezeString: + Enabled: true + +Performance/DeletePrefix: + Enabled: true + +Performance/DeleteSuffix: + Enabled: true + +Performance/OpenStruct: + Enabled: true + +Performance/InefficientHashSearch: + Enabled: true + +Performance/ConstantRegexp: + Enabled: true + +Performance/RedundantStringChars: + Enabled: true + +Performance/StringInclude: + Enabled: true + +Minitest/AssertPredicate: + Enabled: true + +Minitest/AssertRaisesWithRegexpArgument: + Enabled: true + +Minitest/AssertWithExpectedArgument: + Enabled: true + +Minitest/LiteralAsActualArgument: + Enabled: true + +Minitest/SkipEnsure: + Enabled: true + +Minitest/UnreachableAssertion: + Enabled: true + +Markdown: + # Whether to run RuboCop against non-valid snippets + WarnInvalid: false + # Whether to lint codeblocks without code attributes + Autodetect: false