Sha256: 57fa233f278d9bdb50e2c8a0871fdadc49ffba2d4c085e54a24e10430aa279c7
Contents?: true
Size: 1.01 KB
Versions: 2
Compression:
Stored size: 1.01 KB
Contents
# frozen_string_literal: true
module Rubocop
module Cop
# Prevents usage of the `git` and `github` arguments to `gem` in a
# `Gemfile` in order to avoid additional points of failure beyond
# rubygems.org.
class GemFetcher < RuboCop::Cop::Base
MSG = 'Do not use gems from git repositories, only use gems from RubyGems or vendored gems. ' \
'See https://docs.gitlab.com/ee/development/gemfile.html#no-gems-fetched-from-git-repositories'
# See https://bundler.io/guides/git.html#custom-git-sources
GIT_SOURCES = %i[git github gist bitbucket].freeze
# @!method gem_option(node)
def_node_matcher :gem_option, <<~PATTERN
(send nil? :gem _ ...
(hash
<$(pair (sym {#{GIT_SOURCES.map(&:inspect).join(' ')}}) _)
...>
)
)
PATTERN
RESTRICT_ON_SEND = %i[gem].freeze
def on_send(node)
pair_node = gem_option(node)
return unless pair_node
add_offense(pair_node)
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| gitlab-styles-13.0.1 | lib/rubocop/cop/gem_fetcher.rb |
| gitlab-styles-13.0.0 | lib/rubocop/cop/gem_fetcher.rb |