Class: RuboCop::Cop::Bundler::InsecureProtocolSource

Inherits:

RuboCop::Cop::Base

• Object
• RuboCop::Cop::Base
• RuboCop::Cop::Bundler::InsecureProtocolSource

Extended by:

AutoCorrector

Includes:

RangeHelp

Defined in:

lib/rubocop/cop/bundler/insecure_protocol_source.rb

Overview

The symbol argument ‘:gemcutter`, `:rubygems`, and `:rubyforge` are deprecated. So please change your source to URL string that ’rubygems.org’ if possible, or ‘rubygems.org’ if not.

This autocorrect will replace these symbols with ‘rubygems.org’. Because it is secure, HTTPS request is strongly recommended. And in most use cases HTTPS will be fine.

However, it don’t replace all ‘sources` of `http://` with `https://`. For example, when specifying an internal gem server using HTTP on the intranet, a use case where HTTPS cannot be specified was considered. Consider using HTTP only if you cannot use HTTPS.

Examples:

# bad
source :gemcutter
source :rubygems
source :rubyforge

# good
source 'https://rubygems.org' # strongly recommended
source 'http://rubygems.org'

Constant Summary

MSG =

'The source `:%<source>s` is deprecated because HTTP requests ' \
'are insecure. ' \
"Please change your source to 'https://rubygems.org' " \
"if possible, or 'http://rubygems.org' if not."

RESTRICT_ON_SEND =

%i[source].freeze

Constants included from Util

Util::LITERAL_REGEX

Instance Attribute Summary

Attributes inherited from RuboCop::Cop::Base

#config, #processed_source

Instance Method Summary

• #on_send(node) ⇒ Object

Methods included from AutoCorrector

support_autocorrect?

Methods inherited from RuboCop::Cop::Base

#add_global_offense, #add_offense, autocorrect_incompatible_with, badge, #callbacks_needed, callbacks_needed, #config_to_allow_offenses, #config_to_allow_offenses=, #cop_config, #cop_name, cop_name, department, documentation_url, exclude_from_registry, #excluded_file?, #external_dependency_checksum, inherited, #initialize, joining_forces, lint?, match?, #message, #offenses, #on_investigation_end, #on_new_investigation, #on_other_file, #ready, #relevant_file?, support_autocorrect?, support_multiple_source?, #target_rails_version, #target_ruby_version

Methods included from AutocorrectLogic

#autocorrect?, #autocorrect_enabled?, #autocorrect_requested?, #correctable?, #disable_uncorrectable?, #safe_autocorrect?

Methods included from IgnoredNode

#ignore_node, #ignored_node?, #part_of_ignored_node?

Methods included from Util

add_parentheses, args_begin, args_end, begins_its_line?, comment_line?, comment_lines?, double_quotes_required?, escape_string, first_part_of_call_chain, indent, interpret_string_escapes, line_range, needs_escaping?, on_node, parentheses?, same_line?, to_string_literal, to_supported_styles, trim_string_interporation_escape_character

Methods included from PathUtil

absolute?, hidden_dir?, hidden_file?, hidden_file_in_not_hidden_dir?, match_path?, maybe_hidden_file?, relative_path, smart_path

Constructor Details

This class inherits a constructor from RuboCop::Cop::Base

Instance Method Details

#on_send(node) ⇒ Object

# File 'lib/rubocop/cop/bundler/insecure_protocol_source.rb', line 44

def on_send(node)
  insecure_protocol_source?(node) do |source_node, source|
    message = format(MSG, source: source)

    add_offense(
      source_node,
      message: message
    ) do |corrector|
      corrector.replace(
        source_node, "'https://rubygems.org'"
      )
    end
  end
end