95ced3bb5f
Server Side Request Forgery in Services and Web Hooks See merge request gitlab/gitlabhq!2337
135 lines
2.3 KiB
YAML
135 lines
2.3 KiB
YAML
inherit_gem:
|
|
gitlab-styles:
|
|
- rubocop-default.yml
|
|
|
|
inherit_from: .rubocop_todo.yml
|
|
require: ./rubocop/rubocop
|
|
|
|
AllCops:
|
|
TargetRailsVersion: 4.2
|
|
Exclude:
|
|
- 'vendor/**/*'
|
|
- 'node_modules/**/*'
|
|
- 'db/**/*'
|
|
- 'db/fixtures/**/*'
|
|
- 'ee/db/**/*'
|
|
- 'tmp/**/*'
|
|
- 'bin/**/*'
|
|
- 'generator_templates/**/*'
|
|
- 'builds/**/*'
|
|
- 'plugins/**/*'
|
|
CacheRootDirectory: tmp
|
|
|
|
# This cop checks whether some constant value isn't a
|
|
# mutable literal (e.g. array or hash).
|
|
Style/MutableConstant:
|
|
Enabled: true
|
|
Exclude:
|
|
- 'db/migrate/**/*'
|
|
- 'db/post_migrate/**/*'
|
|
- 'ee/db/migrate/**/*'
|
|
- 'ee/db/post_migrate/**/*'
|
|
- 'ee/db/geo/migrate/**/*'
|
|
|
|
Naming/FileName:
|
|
ExpectMatchingDefinition: true
|
|
Exclude:
|
|
- 'spec/**/*'
|
|
- 'features/**/*'
|
|
- 'ee/spec/**/*'
|
|
- 'qa/spec/**/*'
|
|
- 'qa/qa/specs/**/*'
|
|
- 'qa/bin/*'
|
|
- 'config/**/*'
|
|
- 'lib/generators/**/*'
|
|
- 'ee/lib/generators/**/*'
|
|
IgnoreExecutableScripts: true
|
|
AllowedAcronyms:
|
|
- EE
|
|
- JSON
|
|
- LDAP
|
|
- IO
|
|
- HMAC
|
|
- QA
|
|
- ENV
|
|
- STL
|
|
- PDF
|
|
- SVG
|
|
- CTE
|
|
- DN
|
|
- RSA
|
|
- CI
|
|
- CD
|
|
- OAuth
|
|
# default ones:
|
|
- CLI
|
|
- DSL
|
|
- ACL
|
|
- API
|
|
- ASCII
|
|
- CPU
|
|
- CSS
|
|
- DNS
|
|
- EOF
|
|
- GUID
|
|
- HTML
|
|
- HTTP
|
|
- HTTPS
|
|
- ID
|
|
- IP
|
|
- JSON
|
|
- LHS
|
|
- QPS
|
|
- RAM
|
|
- RHS
|
|
- RPC
|
|
- SLA
|
|
- SMTP
|
|
- SQL
|
|
- SSH
|
|
- TCP
|
|
- TLS
|
|
- TTL
|
|
- UDP
|
|
- UI
|
|
- UID
|
|
- UUID
|
|
- URI
|
|
- URL
|
|
- UTF8
|
|
- VM
|
|
- XML
|
|
- XMPP
|
|
- XSRF
|
|
- XSS
|
|
|
|
# Gitlab ###################################################################
|
|
|
|
Gitlab/ModuleWithInstanceVariables:
|
|
Enable: true
|
|
Exclude:
|
|
# We ignore Rails helpers right now because it's hard to workaround it
|
|
- app/helpers/**/*_helper.rb
|
|
- ee/app/helpers/**/*_helper.rb
|
|
# We ignore Rails mailers right now because it's hard to workaround it
|
|
- app/mailers/emails/**/*.rb
|
|
- ee/**/emails/**/*.rb
|
|
# We ignore spec helpers because it usually doesn't matter
|
|
- spec/support/**/*.rb
|
|
- features/steps/**/*.rb
|
|
|
|
Gitlab/HTTParty:
|
|
Enabled: true
|
|
|
|
GitlabSecurity/PublicSend:
|
|
Enabled: true
|
|
Exclude:
|
|
- 'config/**/*'
|
|
- 'db/**/*'
|
|
- 'features/**/*'
|
|
- 'lib/**/*.rake'
|
|
- 'qa/**/*'
|
|
- 'spec/**/*'
|
|
- 'ee/db/**/*'
|
|
- 'ee/lib/**/*.rake'
|
|
- 'ee/spec/**/*'
|