Class: RuboCop::Cop::Gemspec::RequireMFA
| Relationships & Source Files | |
| Super Chains via Extension / Inclusion / Inheritance | |
|
Class Chain:
self,
::RuboCop::Cop::AutoCorrector,
::RuboCop::Cop::Base,
::RuboCop::ExcludeLimit,
NodePattern::Macros,
RuboCop::AST::Sexp
|
|
|
Instance Chain:
self,
::RuboCop::Cop::GemspecHelp,
::RuboCop::Cop::Base,
::RuboCop::Cop::AutocorrectLogic,
::RuboCop::Cop::IgnoredNode,
::RuboCop::Util,
RuboCop::AST::Sexp
|
|
| Inherits: |
RuboCop::Cop::Base
|
| Defined in: | lib/rubocop/cop/gemspec/require_mfa.rb |
Overview
Requires a gemspec to have rubygems_mfa_required metadata set.
This setting tells RubyGems that MFA (Multi-Factor Authentication) is required for accounts to be able perform privileged operations, such as (see RubyGems' documentation for the full list of privileged operations):
-
gem push -
gem yank -
gem owner --add/remove -
adding or removing owners using gem ownership page
This helps make your gem more secure, as users can be more confident that gem updates were pushed by maintainers.
Constant Summary
-
MSG =
# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 67"`metadata['rubygems_mfa_required']` must be set to `'true'`."
::RuboCop::Cop::Base - Inherited
Class Attribute Summary
::RuboCop::Cop::AutoCorrector - Extended
::RuboCop::Cop::Base - Inherited
| .gem_requirements, .lint?, | |
| .support_autocorrect? | Returns if class supports autocorrect. |
| .support_multiple_source? | Override if your cop should be called repeatedly for multiple investigations Between calls to |
| .builtin? | |
Class Method Summary
::RuboCop::Cop::Base - Inherited
| .autocorrect_incompatible_with | List of cops that should not try to autocorrect at the same time as this cop. |
| .badge | Naming. |
| .callbacks_needed, .cop_name, .department, | |
| .documentation_url | Cops (other than builtin) are encouraged to implement this. |
| .exclude_from_registry | Call for abstract Cop classes. |
| .inherited, | |
| .joining_forces | Override and return the Force class(es) you need to join. |
| .match? | Returns true if the cop name or the cop namespace matches any of the given names. |
| .new, | |
| .requires_gem | Register a version requirement for the given gem name. |
| .restrict_on_send | |
::RuboCop::ExcludeLimit - Extended
| exclude_limit | Sets up a configuration option to have an exclude limit tracked. |
| transform | |
Instance Attribute Summary
::RuboCop::Cop::Base - Inherited
::RuboCop::Cop::AutocorrectLogic - Included
Instance Method Summary
- #metadata(node)
-
#on_block(node)
InternalAffairs/NumblockHandler.
- #rubygems_mfa_required(node)
- #true_string?(node)
- #autocorrect(corrector, node, block_var, metadata) private
- #change_value(corrector, value) private
- #correct_metadata(corrector, metadata) private
- #insert_mfa_required(corrector, node, block_var) private
- #mfa_value(metadata_value) private
::RuboCop::Cop::GemspecHelp - Included
::RuboCop::Cop::Base - Inherited
| #add_global_offense | Adds an offense that has no particular location. |
| #add_offense | Adds an offense on the specified range (or node with an expression) Unless that offense is disabled for this range, a corrector will be yielded to provide the cop the opportunity to autocorrect the offense. |
| #begin_investigation | Called before any investigation. |
| #callbacks_needed, | |
| #cop_config | Configuration Helpers. |
| #cop_name, #excluded_file?, | |
| #external_dependency_checksum | This method should be overridden when a cop’s behavior depends on state that lives outside of these locations: |
| #inspect, | |
| #message | Gets called if no message is specified when calling |
| #name | Alias for Base#cop_name. |
| #offenses, | |
| #on_investigation_end | Called after all on_… |
| #on_new_investigation | Called before all on_… |
| #on_other_file | Called instead of all on_… |
| #parse | There should be very limited reasons for a Cop to do it’s own parsing. |
| #parser_engine, | |
| #ready | Called between investigations. |
| #relevant_file?, #target_rails_version, #target_ruby_version, #annotate, #apply_correction, #attempt_correction, | |
| #callback_argument | Reserved for Cop::Cop. |
| #complete_investigation | Called to complete an investigation. |
| #correct, #current_corrector, | |
| #current_offense_locations | Reserved for Commissioner: |
| #current_offenses, #currently_disabled_lines, #custom_severity, #default_severity, #disable_uncorrectable, #enabled_line?, #file_name_matches_any?, #find_message, #find_severity, #range_for_original, #range_from_node_or_range, #reset_investigation, #use_corrector | |
::RuboCop::Cop::AutocorrectLogic - Included
| #disable_offense, #disable_offense_at_end_of_line, #disable_offense_before_and_after, #disable_offense_with_eol_or_surround_comment, #max_line_length, | |
| #range_by_lines | Expand the given range to include all of any lines it covers. |
| #range_of_first_line, #surrounding_heredoc, #surrounding_percent_array | |
::RuboCop::Cop::IgnoredNode - Included
Constructor Details
This class inherits a constructor from RuboCop::Cop::Base
Instance Method Details
#autocorrect(corrector, node, block_var, metadata) (private)
[ GitHub ]# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 115
def autocorrect(corrector, node, block_var, ) if return unless .hash_type? (corrector, ) else insert_mfa_required(corrector, node, block_var) end end
#change_value(corrector, value) (private)
[ GitHub ]# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 139
def change_value(corrector, value) corrector.replace(value, "'true'") end
#correct_metadata(corrector, metadata) (private)
[ GitHub ]# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 125
def (corrector, ) if .pairs.any? corrector.insert_after(.pairs.last, ",\n'rubygems_mfa_required' => 'true'") else corrector.insert_before(.loc.end, "'rubygems_mfa_required' => 'true'") end end
#insert_mfa_required(corrector, node, block_var) (private)
[ GitHub ]# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 133
def insert_mfa_required(corrector, node, block_var) corrector.insert_before(node.loc.end, <<~RUBY) #{block_var}.metadata['rubygems_mfa_required'] = 'true' RUBY end
#metadata(node)
[ GitHub ]# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 70
def_node_matcher :, <<~PATTERN `{ (send _ :metadata= $_) (send (send _ :metadata) :[]= (str "rubygems_mfa_required") $_) } PATTERN
#mfa_value(metadata_value) (private)
[ GitHub ]# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 108
def mfa_value() return unless return if .str_type? rubygems_mfa_required().first end
#on_block(node)
InternalAffairs/NumblockHandler
# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 87
def on_block(node) # rubocop:disable Metrics/MethodLength, InternalAffairs/NumblockHandler gem_specification(node) do |block_var| = (node) mfa_value = mfa_value() if mfa_value unless true_string?(mfa_value) add_offense(mfa_value) do |corrector| change_value(corrector, mfa_value) end end else add_offense(node) do |corrector| autocorrect(corrector, node, block_var, ) end end end end
#rubygems_mfa_required(node)
[ GitHub ]# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 78
def_node_search :rubygems_mfa_required, <<~PATTERN (pair (str "rubygems_mfa_required") $_) PATTERN
#true_string?(node)
[ GitHub ]# File 'lib/rubocop/cop/gemspec/require_mfa.rb', line 83
def_node_matcher :true_string?, <<~PATTERN (str "true") PATTERN