ignat-z / ducalis Goto Github PK

View Code? Open in Web Editor NEW

43.0 43.0 3.0 308 KB

RuboCop based static code analyzer for enterprise Rails applications.

Home Page: https://ducalis-rb.github.io/

License: MIT License

Ruby 99.56% Shell 0.44%

analyzer codereview-scripted enterprise-rails-applications handbook

ducalis's People

Contributors

Stargazers

Watchers

Forkers

maksar kupolak nick-vyrko

ducalis's Issues

Request to use \x for complex regexes

It's much descriptive to use \x mode for multi-lines regexes

Use x modifier for complex regexps. This makes them more readable and you can add some useful comments. Just be careful as spaces are ignored.

regexp = %r{
  start         # some text
  \s            # white space char
  (group)       # first group
  (?:alt1|alt2) # some alternation
  end
}x

Rename raise_withour_error_class method. there is typo in it.

Too long workers cop

Argumentation from: https://brandur.org/mediator#lean-jobs, seems like worker class knows too much if it is more than ~20 lines.

add a link on the the back to github

It seems like https://ducalis-rb.github.io/ has no backlink to the GitHub project

1

def create_message_struct(message)
  objects = message["objects"].map { |object| convert_message_object(object) }
  Auditor::Message.new(message, objects)
end

2

def complete=(value, complete_at)
  value = value.to_b
  self.complete_at = complete_at if complete && value
  self.complete_at = nil unless value
end

Fix false-positive triggering on gems with require

Records like

gem 'wirble', :group => :development
gem 'wirble', group: :development
gem 'rest-client', require: 'rest_client'

Fix ModuleLikeClass for nested scopes

#1 
  class A
    module B
      include C
    end
  end

#2
module A
  class B
    class << self
      include C
    end
  end
end

Update documentation forREST-only cop

Add link to Confreaks video
https://www.youtube.com/watch?v=HctYHe-YjnE

Improve preferable methods cop

https://github.com/ignat-z/ducalis/blob/master/lib/ducalis/cops/preferable_methods.rb

Rewrite lambda for delete method, some kind of: "if there is no name suffix in calling variable name && arguments count <=1 && if argument exists it is a variable"
Add "dangerous" methods like

seems like they are pretty unique in Ruby scope.

Add older ruby versions support

2.2+

Move DOCUMENTATION.md to GitHub pages

Create documentation GitHub page to not pollute source code with documentation changes.

Add after_initialize and after_find to callbacks cop

http://guides.rubyonrails.org/active_record_callbacks.html#after-initialize-and-after-find

Redefining standard object methods

All collection of methods from object:

Object.new.methods
# => [:tap, :public_send, :instance_variables, :instance_variable_set, :instance_variable_defined?, :remove_instance_variable, :private_methods, :kind_of?, :is_a?, :instance_variable_get, :instance_of?, :public_method, :extend, :define_singleton_method, :singleton_method, :to_enum, :enum_for, :<=>, :===, :=~, :!~, :eql?, :respond_to?, :freeze, :inspect, :display, :object_id, :send, :to_s, :method, :nil?, :hash, :class, :singleton_class, :clone, :dup, :itself, :taint, :tainted?, :untaint, :untrust, :trust, :untrusted?, :methods, :protected_methods, :frozen?, :public_methods, :singleton_methods, :!, :==, :!=, :__send__, :equal?, :instance_eval, :instance_exec, :__id__]

Ok for gems, okish for business objects, not ok for business logic.

Catch IllegalSyntaxError exception from RegexpExamples

https://github.com/tom-lord/regexp-examples#impossible-features-illegal-syntax

Add details to PossibleTap cop

Something about not only actual tap using but about moving variable to method or inline it as is

Add to every # bad example at least one # good example

You describe nicely the bad cases and why to improve it. It would be great of you would show in code how you would make each case better. This increases the understanding tremendously.

Enhance PrivateInstanceAssign offense message

make it clear what is filters

Identify minimal rubocop version requirement

Detect current rubocop version

Services without namespaces cop

Deny using multiple time-related expressions in scope

validates :year, numericality: { only_integer: true }, 
  inclusion: { in: Date.current.year - 1..Date.current.year + 2 }

[
  Date.today - RATE_CHANGES_DAYS, 
  Date.today + RATE_CHANGES_DAYS
]

def initialize
  @used_year = settings[:year] || Date.current.year
  @used_quarter = settings[:quarter] || quarter(Date.current)
end

Import.where(begin_date: Date.today, end_date: Date.today).first_or_create!

Update options arg cop

Add args argument to black list
Add example with passing hash as variable with **

Change Documentation generating

Ignore [bugfix] specs.
Move complex information to DETAILS const.

NotTestedChanges cop

Comment PR if someone changed business logic (ruby file in app/) but there is no any changes in specs

Ducalis force to use update in migrations in old rails versions

Ducalis force to use update in migrations even in rails <4 (c)

Pessimistic operator`~>` for new gems in Gemfile

Force table names in AR where statements

scope :active, -> { where(completed_at: nil) } # good
scope :active, -> { where(tasks: { completed_at: nil }) } # better

Classes with only `defs` nodes cop

Class names with postfixes like `Manager` or `Service`

Client

http://objology.blogspot.com.by/2011/09/one-of-best-bits-of-programming-advice.html
http://www.benhallbenhall.com/2013/01/naming-objects-er-object-names/
http://www.carlopescio.com/2011/04/your-coding-conventions-are-hurting-you.html

Make documentation generation deterministic

Improve ducalis client version

Secure: https://developer.github.com/webhooks/securing/
CI like: https://developer.github.com/v3/guides/building-a-ci-server/

Do not use rubocop config as default fallback

https://github.com/backus/rubocop-rspec/blob/3876b89/lib/rubocop/rspec/inject.rb

do_something && return if any_condition -> return do_something if any_condition

Ducalis disable directive

Nice to have some kind of comment to make ducalis happy and increase bus factor by passing explanation why it violates rules

# ducalis:disable: use `delete_all` because of performance reasons
def remove_garbage
  AuditLog.where(user_id: user_id).delete_all
end

Using query objects for complex queries

Rule of thumb: count one for each group, join, having, where, order in your query. More than three? Things will 💥 blow up.

https://deliveroo.engineering/guidelines/active-record/#query-objects

Rise if expression contains more then one Elvis operator

Add ApplicationController as exception for RestOnlyCop

`fetch` vs `[] || default value` cop

Probably enforce fetch calling on params hash. Use fetch for hash access with default,

hash[:name] || DEFAULT_NAME
# to
hash.fetch(:name. DEFAULT_NAME)
# or
hash.fetch(:name) { DEFAULT_NAME }

Explanation:

ActionController::ParameterMissing and KeyError gets raised right where error happens -- on fetching params. ActionController::ParameterMissing is more descriptive than ActiveRecord::RecordNotFound with strange Couldn't find Model with 'id'=, additionally it saves request to DB.

Send method cop

Deny public_send, send, and __send__ methods to prevent security issues and make it easier to grep code.
TBD

Recommendations for very simple regexes

I'm not sure, but regexes like this should be banned:

/json|yaml/
/(>=)|(<=)|(~>)|(>)|(<)|(=)/
/Access Denied/
%r{^/(book|chapter)}

There are some alternatives:

ALLOWED_FORMATS = %w[json yaml] && Regexp.union(ALLOWED_FORMATS)
OPERATORS = %w(>= <= > < =) && Regexp.new(OPERATORS.map { |key| "(#{key})" }.join('|'))
'bookshelf'.include?('book')
Regexp.new("^/(#{%w(book chapter).join('|')})")

Benchmark results:

(n > 2)
Warming up --------------------------------------
          regex mode   136.908k i/100ms
          union mode   135.833k i/100ms
     pure regex mode   131.355k i/100ms
        include mode   123.399k i/100ms
Calculating -------------------------------------
          regex mode      2.422M (± 6.5%) i/s -     12.185M in   5.052242s
          union mode      2.416M (± 6.1%) i/s -     12.089M in   5.022020s
     pure regex mode      2.478M (± 5.2%) i/s -     12.479M in   5.049099s
        include mode      2.047M (± 6.1%) i/s -     10.242M in   5.022063s

Comparison:
     pure regex mode:  2478188.8 i/s
          regex mode:  2422086.8 i/s - same-ish: difference falls within error
          union mode:  2416283.1 i/s - same-ish: difference falls within error
        include mode:  2046944.6 i/s - 1.21x  slower

(n <= 2)
Warming up --------------------------------------
          regex mode   130.949k i/100ms
          union mode   136.502k i/100ms
     pure regex mode   132.738k i/100ms
        include mode   165.892k i/100ms
Calculating -------------------------------------
          regex mode      2.397M (± 6.4%) i/s -     12.047M in   5.046537s
          union mode      2.436M (± 5.4%) i/s -     12.149M in   5.002772s
     pure regex mode      2.364M (± 6.9%) i/s -     11.814M in   5.020348s
        include mode      4.042M (± 6.7%) i/s -     20.239M in   5.030716s

Comparison:
        include mode:  4041834.5 i/s
          union mode:  2435537.5 i/s - 1.66x  slower
          regex mode:  2396910.8 i/s - 1.69x  slower
     pure regex mode:  2364418.7 i/s - 1.71x  slower

Benchmark source:

require 'benchmark/ips'

SUBJECT = 'bookshelf.xml'

LONG_FORMATS      = %w[json yaml xml]
LONG_PURE_REGEX   = /json|yaml|xml/
LONG_UNION_REGEX  = Regexp.union(LONG_FORMATS)
LONG_FORMAT_REGEX = Regexp.new(LONG_FORMATS.join('|'))

Benchmark.ips do |x|
  puts '(n > 2)'
  x.report("regex mode") { SUBJECT =~ LONG_FORMAT_REGEX }
  x.report("union mode") { SUBJECT =~ LONG_UNION_REGEX }
  x.report("pure regex mode") { SUBJECT =~ LONG_PURE_REGEX }
  x.report("include mode") do
    LONG_FORMATS.any? { |format| SUBJECT.include?(format) }
  end
  x.compare!
end

SHORT_FORMATS      = %w[xml json]
SHORT_PURE_REGEX   = /xml|json/
SHORT_UNION_REGEX  = Regexp.union(SHORT_FORMATS)
SHORT_FORMAT_REGEX = Regexp.new(SHORT_FORMATS.join('|'))

Benchmark.ips do |x|
  puts '(n <= 2)'
  x.report("regex mode") { SUBJECT =~ SHORT_FORMAT_REGEX }
  x.report("union mode") { SUBJECT =~ SHORT_UNION_REGEX }
  x.report("pure regex mode") { SUBJECT =~ SHORT_PURE_REGEX }
  x.report("include mode") do
    SHORT_FORMATS.any? { |format| SUBJECT.include?(format) }
  end
  x.compare!
end

http://java-performance.info/regexp-related-methods-of-string/

namespace :copy_data do
  def load_remote_yml(environment, path)
    yml = "config/database.#{environment}-#{Time.now.strftime '%Y-%m-%d_%H:%M:%S'}.yml"
    begin
      get path, yml
      config = YAML.load_file(yml)
      return config[environment.to_s]
    rescue
      raise
    ensure
      `rm -f #{yml}`
    end
  end
end

Enforce directives order in AR models

Something like:

Includes
Excludes
Gems-related directives (like has_paper_trail)
Relations
Scopes
Validations
Delegates
Nested attributes
Class methods
Instance methods

Possible tap on non-children nodes

def filtered_admins(reducers)
  reducers
    .map { |reducer| @base_scope.public_send(reducer) }
    .order("admin_users.created_at DESC")
end

Invalid hint on Ducalis/FetchExpression

Given:

day = params[:day] || Time.zone.today

Ducalis states as followed:

You can use fetch instead:

params.fetch(:day) { Time.zone.today }

but it is not the same for the nil case:

params = {}
params[:day] || Time.zone.today #=> Time.zone.today result

params = { day: nil }
params.fetch(:day) { Time.zone.today } #=> nil

this should not be suggested as better as the expression result is not the same and the cases may differ.