Class: RuboCop::Cop::Homebrew::ExecShellMetacharacters Private

Inherits:

Base

Object
Base
RuboCop::Cop::Homebrew::ExecShellMetacharacters

show all

Includes:: RuboCop::Cop::HelperFunctions

Defined in:: rubocops/shell_commands.rb

Overview

This class is part of a private API. This class may only be used in the Homebrew/brew repository. Third parties should avoid using this class if possible, as it may be removed or changed without warning.

This cop disallows shell metacharacters in exec calls.

Constant Summary collapse

MSG =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

"Don't use shell metacharacters in `exec`. " \
"Implement the logic in Ruby instead, using methods like `$stdout.reopen`."

RESTRICT_ON_SEND =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

[:exec].freeze

Instance Method Summary collapse

#on_send(node) ⇒ Object private

Methods included from RuboCop::Cop::HelperFunctions

#block_method_called_in_block?, #block_size, #check_precedence, #class_name, #component_precedes?, #end_column, #expression_negated?, #find_all_blocks, #find_block, #find_blocks, #find_const, #find_every_func_call_by_name, #find_every_method_call_by_name, #find_instance_call, #find_instance_method_call, #find_method_calls_by_name, #find_method_def, #find_method_with_args, #find_node_method_by_name, #find_strings, #format_component, #line_number, #line_start_column, #method_called?, #method_called_ever?, #method_name, #node_equals?, #offending_node, #parameters, #parameters_passed?, #problem, #regex_match_group, #size, #source_buffer, #start_column, #string_content

Methods included from Kernel

#disk_usage_readable, #ensure_executable!, #ensure_formula_installed!, #exec_browser, #exec_editor, #ignore_interrupts, #interactive_shell, #number_readable, #odebug, #odeprecated, #odie, #odisabled, #ofail, #oh1, #oh1_title, #ohai, #ohai_title, #onoe, #opoo, #paths, #pretty_duration, #pretty_installed, #pretty_outdated, #pretty_uninstalled, #quiet_system, #redact_secrets, #redirect_stdout, #require?, #safe_system, #tap_and_name_comparison, #truncate_text_to_approximate_size, #which, #which_all, #which_editor, #with_custom_locale, #with_env, #with_homebrew_path

Instance Method Details

#on_send(node) ⇒ `Object`

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

# File 'rubocops/shell_commands.rb', line 122

def on_send(node)
  return if node.receiver.present? && node.receiver != s(:const, nil, :Kernel)
  return if node.arguments.count != 1

  stripped_arg_str = string_content(node.arguments.first, strip_dynamic: true)
  command = string_content(node.arguments.first).shellsplit.first

  return if SHELL_BUILTINS.none?(command) &&
            !command&.include?("=") &&
            SHELL_METACHARACTERS.none? { |meta| stripped_arg_str.include?(meta) }

  add_offense(node.arguments.first, message: MSG)
end