kotovalexarian-likes-github
/
pry--pry
mirror of https://github.com/pry/pry.git
1
0
Fork 0
Code Releases Activity

rubocop: "fix" offences of the Security/Eval cop

This commit is contained in:
Kyrylo Silin 2019-03-24 15:12:29 +02:00
parent b85073f808
commit 3b136119f4
7 changed files with 21 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.rubocop_todo.yml
View File

@ -114,13 +114,3 @@ Naming/MemoizedInstanceVariableName:
# AllowedNames: io, id, to, by, on, in, at, ip, db
Naming/UncommunicativeMethodParamName:
Enabled: false
# Offense count: 10
Security/Eval:
Exclude:
- 'Rakefile'
- 'lib/pry/cli.rb'
- 'lib/pry/commands/show_info.rb'
- 'lib/pry/input_completer.rb'
- 'spec/indent_spec.rb'
- 'spec/wrapped_module_spec.rb'

2
Rakefile
View File

@ -35,7 +35,9 @@ task :profile do
end
def modify_base_gemspec
# rubocop:disable Security/Eval
eval(File.read('pry.gemspec')).tap { |s| yield s }
# rubocop:enable Security/Eval
end
namespace :ruby do

2
lib/pry/cli.rb
View File

@ -101,7 +101,7 @@ class Pry
# create the actual context
if opts[:context]
Pry.initial_session_setup
context = Pry.binding_for(eval(opts[:context]))
context = Pry.binding_for(eval(opts[:context])) # rubocop:disable Security/Eval
Pry.final_session_setup
else
context = Pry.toplevel_binding

13
lib/pry/commands/show_info.rb
View File

@ -212,11 +212,14 @@ class Pry
if input =~ /([^ ]*)#([a-z0-9_]*)\z/
prefix = Regexp.last_match(1)
search = Regexp.last_match(2)
methods = begin
Pry::Method.all_from_class(binding.eval(prefix))
rescue RescuableException
return super
end
methods =
begin
# rubocop:disable Security/Eval
Pry::Method.all_from_class(binding.eval(prefix))
# rubocop:enable Security/Eval
rescue RescuableException
return super
end
methods.map do |method|
[prefix, method.name].join('#') if method.name.start_with?(search)
end.compact

10
lib/pry/input_completer.rb
View File

@ -115,10 +115,10 @@ class Pry
receiver = Regexp.last_match(1)
message = Regexp.quote(Regexp.last_match(2))
begin
candidates = eval(
candidates = eval( # rubocop:disable Security/Eval
"#{receiver}.constants.collect(&:to_s)", bind, __FILE__, __LINE__
)
candidates |= eval(
candidates |= eval( # rubocop:disable Security/Eval
"#{receiver}.methods.collect(&:to_s)", bind, __FILE__, __LINE__
)
rescue Pry::RescuableException
@ -135,7 +135,9 @@ class Pry
receiver = Regexp.last_match(1)
message = Regexp.quote(Regexp.last_match(5))
begin
# rubocop:disable Security/Eval
candidates = eval(receiver, bind).methods.collect(&:to_s)
# rubocop:enable Security/Eval
rescue Pry::RescuableException
candidates = []
end
@ -145,7 +147,9 @@ class Pry
receiver = Regexp.last_match(1)
message = Regexp.quote(Regexp.last_match(2))
begin
# rubocop:disable Security/Eval
candidates = eval(receiver, bind).methods.collect(&:to_s)
# rubocop:enable Security/Eval
rescue Pry::RescuableException
candidates = []
end
@ -165,7 +169,7 @@ class Pry
# foo.func and foo is local var. OR
# Foo::Bar.func
begin
candidates = eval(
candidates = eval( # rubocop:disable Security/Eval
"#{receiver}.methods", bind, __FILE__, __LINE__
).collect(&:to_s)
rescue Pry::RescuableException

2
spec/indent_spec.rb
View File

@ -315,7 +315,9 @@ OUTPUT
end
else
it "should parse nesting on line #{i + 1} of example_nesting.rb" do
# rubocop:disable Security/Eval
expect(Pry::Indent.nesting_at(test, i + 1)).to eq eval(result)
# rubocop:enable Security/Eval
end
end
end

2
spec/wrapped_module_spec.rb
View File

@ -9,7 +9,7 @@ describe Pry::WrappedModule do
class Host
%w[spec/fixtures/candidate_helper1.rb
spec/fixtures/candidate_helper2.rb].each do |file|
binding.eval File.read(file), file, 1
binding.eval(File.read(file), file, 1) # rubocop:disable Security/Eval
end
# rank 2