* Initialize rubocop
* Style/StringLiterals: prefer single quotes
* Style/AndOr: use `&&` and `||`, instead of `and` and `or`
* Style/HashSyntax: use new hash syntax
* Layout/EmptyLineAfterGuardClause: add empty lines after guard clause
* Style/SingleLineMethods: temporary disable
It breaks layout of the code, it is better to fix it manually
* Style/Proc: prefer `proc` vs `Proc.new`
* Disable Lint/AmbiguousBlockAssociation
It affects proc definitions for sinatra DSL
* Disable Style/CaseEquality
* Lint/UnusedBlockArgument: put underscore in front of it
* Style/Alias: prefer alias vs alias_method in a class body
* Layout/EmptyLineBetweenDefs: add empty lines between defs
* Style/ParallelAssignment: don't use parallel assigment
* Style/RegexpLiteral: prefer %r for regular expressions
* Naming/UncommunicativeMethodParamName: fix abbrevs
* Style/PerlBackrefs: disable cop
* Layout/SpaceAfterComma: add missing spaces
* Style/Documentation: disable cop
* Style/FrozenStringLiteralComment: add frozen_string_literal
* Layout/AlignHash: align hash
* Layout/ExtraSpacing: allow for alignment
* Layout/SpaceAroundOperators: add missing spaces
* Style/Not: prefer `!` instead of `not`
* Style/GuardClause: add guard conditions
* Style/MutableConstant: freeze contants
* Lint/IneffectiveAccessModifier: disable cop
* Lint/RescueException: disable cop
* Style/SpecialGlobalVars: disable cop
* Layout/DotPosition: fix position of dot for multiline method chains
* Layout/SpaceInsideArrayLiteralBrackets: don't use spaces inside arrays
* Layout/SpaceInsideBlockBraces: add space for blocks
* Layout/SpaceInsideHashLiteralBraces: add spaces for hashes
* Style/FormatString: use format string syntax
* Style/StderrPuts: `warn` is preferable to `$stderr.puts`
* Bundler/DuplicatedGem: disable cop
* Layout/AlignArray: fix warning
* Lint/AssignmentInCondition: remove assignments from conditions
* Layout/IndentHeredoc: disable cop
* Layout/SpaceInsideParens: remove extra spaces
* Lint/UnusedMethodArgument: put underscore in front of unused arg
* Naming/RescuedExceptionsVariableName: use `e` for exceptions
* Style/CommentedKeyword: put comments before the method
* Style/FormatStringToken: disable cop
* Style/MultilineIfModifier: move condition before the method
* Style/SignalException: prefer `raise` to `fail`
* Style/SymbolArray: prefer %i for array of symbols
* Gemspec/OrderedDependencies: Use alphabetical order for dependencies
* Lint/UselessAccessModifier: disable cop
* Naming/HeredocDelimiterNaming: change delimiter's name
* Style/ClassCheck: prefer `is_a?` to `kind_of?`
* Style/ClassVars: disable cop
* Style/Encoding: remove coding comment
* Style/RedundantParentheses: remove extra parentheses
* Style/StringLiteralsInInterpolation: prefer singl quotes
* Layout/AlignArguments: fix alignment
* Layout/ClosingHeredocIndentation: align heredoc
* Layout/EmptyLineAfterMagicComment: add empty line
* Set RubyVersion for rubocop
* Lint/UselessAssignment: disable cop
* Style/EmptyLiteral: disable cop
Causes test failures
* Minor code-style fixes with --safe-auto-correct option
* Disable the rest of the cops that cause warnings
It would be easier to re-enable them in separate PRs
* Add rubocop check to the default Rake task
* Update to rubocop 1.32.0
* Rubocop updates for rack-protection and sinatra-contrib
* Disable Style/SlicingWithRange cop
* Make suggested updates
Co-authored-by: Jordan Owens <jkowens@gmail.com>
* Allow content source to fallback to default-src
Remove defaults for script-src, style-src, connect-src, and img-src
so that they can fallback to default-src. The default for default-src
has been changed from 'none' to 'self'. This seems to be a safe default
especially as browsers implement prefetch-src. If stricter policies are
needed they can be specified when loading this middleware.
* Add support for webrtc-src, navigate-to, and prefetch-src directives
Many of the CSP3 no-arg directives are multiple words so calling `sub`
only transforms the first "_" to a "-" when we need to transform all of
them to have a valid directive.
Adds complete set of directives that are currently supported by
browsers that support CSP Level 2 and Level 3 (draft).
Also supports directives that don't take any arguments.
The directives in the content security policy output are now sorted.
