Sha256: 7c5cffc603c920da92ecc9387dc2f7862c8e38cd082b6189987789963582bad9

Contents?: true

Size: 1.98 KB

Versions: 4

Compression:

Stored size: 1.98 KB

Contents

#
# Copyright:: Copyright 2019, Chef Software Inc.
# Author:: Tim Smith (<tsmith@chef.io>)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module RuboCop
  module Cop
    module Chef
      # Use secure Github and Gitlab URLs for source_url and issues_url
      #
      # @example
      #
      #   # bad
      #   source_url 'http://github.com/something/something'
      #   source_url 'http://www.github.com/something/something'
      #   source_url 'http://www.gitlab.com/something/something'
      #   source_url 'http://gitlab.com/something/something'
      #
      #   # good
      #   source_url 'http://github.com/something/something'
      #   source_url 'http://gitlab.com/something/something'
      #
      class InsecureCookbookURL < Cop
        MSG = 'Insecure http Github or Gitlab URLs for metadata source_url/issues_url fields'.freeze

        def_node_matcher :insecure_cb_url?, <<-PATTERN
          (send nil? {:source_url :issues_url} (str #insecure_url?))
        PATTERN

        def insecure_url?(url)
          # https://rubular.com/r/dS6L6bQZvwWxWq
          url.match?(%r{http://(www.)*git(hub|lab)})
        end

        def on_send(node)
          insecure_cb_url?(node) do
            add_offense(node, location: :expression, message: MSG, severity: :refactor)
          end
        end

        def autocorrect(node)
          lambda do |corrector|
            corrector.replace(node.loc.expression, node.source.gsub(%r{http://(www.)*}, 'https://'))
          end
        end
      end
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
cookstyle-5.4.13 lib/rubocop/cop/chef/correctness/insecure_cookbook_url.rb
cookstyle-5.3.6 lib/rubocop/cop/chef/correctness/insecure_cookbook_url.rb
cookstyle-5.2.17 lib/rubocop/cop/chef/correctness/insecure_cookbook_url.rb
cookstyle-5.1.19 lib/rubocop/cop/chef/correctness/insecure_cookbook_url.rb