Class: Rubocop::Cop::GemFetcher

Inherits:

RuboCop::Cop::Base

• Object
• RuboCop::Cop::Base
• Rubocop::Cop::GemFetcher

Defined in:

lib/rubocop/cop/gem_fetcher.rb

Overview

Prevents usage of the ‘git` and `github` arguments to `gem` in a `Gemfile` in order to avoid additional points of failure beyond rubygems.org.

Constant Summary

MSG =

'Do not use gems from git repositories, only use gems from RubyGems or vendored gems. ' \
'See https://docs.gitlab.com/ee/development/gemfile.html#no-gems-fetched-from-git-repositories'

GIT_SOURCES =

See bundler.io/guides/git.html#custom-git-sources

%i[git github gist bitbucket].freeze

RESTRICT_ON_SEND =

%i[gem].freeze

Instance Method Summary

• #gem_option(node) ⇒ Object
• #on_send(node) ⇒ Object

Instance Method Details

#gem_option(node) ⇒ Object

# File 'lib/rubocop/cop/gem_fetcher.rb', line 16

def_node_matcher :gem_option, <<~PATTERN
  (send nil? :gem _ ...
    (hash
      <$(pair (sym {#{GIT_SOURCES.map(&:inspect).join(' ')}}) _)
      ...>
    )
  )
PATTERN

#on_send(node) ⇒ Object

# File 'lib/rubocop/cop/gem_fetcher.rb', line 27

def on_send(node)
  pair_node = gem_option(node)
  return unless pair_node

  add_offense(pair_node)
end