diff options
author | Douwe Maan <douwe@selenight.nl> | 2017-02-21 18:42:22 -0600 |
---|---|---|
committer | Douwe Maan <douwe@selenight.nl> | 2017-02-23 09:31:57 -0600 |
commit | d78513cb6ccfe10976cc433e2b421c30d06d19be (patch) | |
tree | b0f13c7a7a512c5c6ccb00eb9f9d0d87bdcc3c69 | |
parent | 5cd9c7c6ea1ba5c6ad40799b9476145803dccba5 (diff) | |
download | gitlab-ce-d78513cb6ccfe10976cc433e2b421c30d06d19be.tar.gz |
Enable Security/JSONLoad
-rw-r--r-- | .rubocop.yml | 3 | ||||
-rw-r--r-- | .rubocop_todo.yml | 12 | ||||
-rw-r--r-- | db/migrate/20161019190736_migrate_sidekiq_queues_from_default.rb | 2 | ||||
-rw-r--r-- | db/migrate/20161024042317_migrate_mailroom_queue_from_default.rb | 2 | ||||
-rw-r--r-- | db/migrate/20161124141322_migrate_process_commit_worker_jobs.rb | 4 | ||||
-rw-r--r-- | spec/migrations/migrate_process_commit_worker_jobs_spec.rb | 4 | ||||
-rw-r--r-- | spec/models/project_services/irker_service_spec.rb | 2 | ||||
-rw-r--r-- | spec/support/stub_gitlab_calls.rb | 2 |
8 files changed, 11 insertions, 20 deletions
diff --git a/.rubocop.yml b/.rubocop.yml index e0d65533bb5..f48ad41243f 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -944,6 +944,9 @@ Rails/TimeZone: Rails/Validation: Enabled: true +Security/JSONLoad: + Enabled: true + Style/AlignParameters: Enabled: false diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 37d05ac4509..ec9bd29f4ca 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -38,18 +38,6 @@ RSpec/SingleArgumentMessageChain: Exclude: - 'spec/requests/api/internal_spec.rb' -# Offense count: 8 -# Cop supports --auto-correct. -# Configuration parameters: AutoCorrect. -Security/JSONLoad: - Exclude: - - 'db/migrate/20161019190736_migrate_sidekiq_queues_from_default.rb' - - 'db/migrate/20161024042317_migrate_mailroom_queue_from_default.rb' - - 'db/migrate/20161124141322_migrate_process_commit_worker_jobs.rb' - - 'spec/migrations/migrate_process_commit_worker_jobs_spec.rb' - - 'spec/models/project_services/irker_service_spec.rb' - - 'spec/support/stub_gitlab_calls.rb' - # Offense count: 55 # Cop supports --auto-correct. # Configuration parameters: EnforcedStyle, SupportedStyles. diff --git a/db/migrate/20161019190736_migrate_sidekiq_queues_from_default.rb b/db/migrate/20161019190736_migrate_sidekiq_queues_from_default.rb index 9730ebb8f8a..3a7acc84028 100644 --- a/db/migrate/20161019190736_migrate_sidekiq_queues_from_default.rb +++ b/db/migrate/20161019190736_migrate_sidekiq_queues_from_default.rb @@ -93,7 +93,7 @@ class MigrateSidekiqQueuesFromDefault < ActiveRecord::Migration def migrate_from_queue(redis, queue, job_mapping) while job = redis.lpop("queue:#{queue}") - payload = JSON.load(job) + payload = JSON.parse(job) new_queue = job_mapping[payload['class']] # If we have no target queue to migrate to we're probably dealing with diff --git a/db/migrate/20161024042317_migrate_mailroom_queue_from_default.rb b/db/migrate/20161024042317_migrate_mailroom_queue_from_default.rb index 4167ccae39b..91d078f6293 100644 --- a/db/migrate/20161024042317_migrate_mailroom_queue_from_default.rb +++ b/db/migrate/20161024042317_migrate_mailroom_queue_from_default.rb @@ -47,7 +47,7 @@ class MigrateMailroomQueueFromDefault < ActiveRecord::Migration def migrate_from_queue(redis, queue, job_mapping) while job = redis.lpop("queue:#{queue}") - payload = JSON.load(job) + payload = JSON.parse(job) new_queue = job_mapping[payload['class']] # If we have no target queue to migrate to we're probably dealing with diff --git a/db/migrate/20161124141322_migrate_process_commit_worker_jobs.rb b/db/migrate/20161124141322_migrate_process_commit_worker_jobs.rb index 633f57ef600..35697aab207 100644 --- a/db/migrate/20161124141322_migrate_process_commit_worker_jobs.rb +++ b/db/migrate/20161124141322_migrate_process_commit_worker_jobs.rb @@ -34,7 +34,7 @@ class MigrateProcessCommitWorkerJobs < ActiveRecord::Migration new_jobs = [] while job = redis.lpop('queue:process_commit') - payload = JSON.load(job) + payload = JSON.parse(job) project = Project.find_including_path(payload['args'][0]) next unless project @@ -75,7 +75,7 @@ class MigrateProcessCommitWorkerJobs < ActiveRecord::Migration new_jobs = [] while job = redis.lpop('queue:process_commit') - payload = JSON.load(job) + payload = JSON.parse(job) payload['args'][2] = payload['args'][2]['id'] diff --git a/spec/migrations/migrate_process_commit_worker_jobs_spec.rb b/spec/migrations/migrate_process_commit_worker_jobs_spec.rb index 6a93deb5412..b6d678bac18 100644 --- a/spec/migrations/migrate_process_commit_worker_jobs_spec.rb +++ b/spec/migrations/migrate_process_commit_worker_jobs_spec.rb @@ -62,7 +62,7 @@ describe MigrateProcessCommitWorkerJobs do end def pop_job - JSON.load(Sidekiq.redis { |r| r.lpop('queue:process_commit') }) + JSON.parse(Sidekiq.redis { |r| r.lpop('queue:process_commit') }) end before do @@ -198,7 +198,7 @@ describe MigrateProcessCommitWorkerJobs do let(:job) do migration.down - JSON.load(Sidekiq.redis { |r| r.lpop('queue:process_commit') }) + JSON.parse(Sidekiq.redis { |r| r.lpop('queue:process_commit') }) end it 'includes the project ID' do diff --git a/spec/models/project_services/irker_service_spec.rb b/spec/models/project_services/irker_service_spec.rb index b9fb6f3f6f4..dd5400f937b 100644 --- a/spec/models/project_services/irker_service_spec.rb +++ b/spec/models/project_services/irker_service_spec.rb @@ -59,7 +59,7 @@ describe IrkerService, models: true do conn = @irker_server.accept conn.readlines.each do |line| - msg = JSON.load(line.chomp("\n")) + msg = JSON.parse(line.chomp("\n")) expect(msg.keys).to match_array(['to', 'privmsg']) expect(msg['to']).to match_array(["irc://chat.freenode.net/#commits", "irc://test.net/#test"]) diff --git a/spec/support/stub_gitlab_calls.rb b/spec/support/stub_gitlab_calls.rb index 93f96cacc00..a01ef576234 100644 --- a/spec/support/stub_gitlab_calls.rb +++ b/spec/support/stub_gitlab_calls.rb @@ -35,7 +35,7 @@ module StubGitlabCalls { "tags" => tags } ) allow_any_instance_of(ContainerRegistry::Client).to receive(:repository_manifest).and_return( - JSON.load(File.read(Rails.root + 'spec/fixtures/container_registry/tag_manifest.json')) + JSON.parse(File.read(Rails.root + 'spec/fixtures/container_registry/tag_manifest.json')) ) allow_any_instance_of(ContainerRegistry::Client).to receive(:blob).and_return( File.read(Rails.root + 'spec/fixtures/container_registry/config_blob.json') |