class RuboCop::Cop::Style::DocumentDynamicEvalDefinition
class_eval(“def #{unsafe_method}!(*params); end # def capitalize!(*params); end”)
# good - with inline comment or replace it with block comment using heredoc
class_eval(“def #{unsafe_method}!(*params); end”)
# bad - interpolated string without comment
)
EOT
end
super
@dirty = true
def #{unsafe_method}!(*params)
<<-EOT, __FILE__, __LINE__ + 1
# end
# super
# @dirty = true
# def capitalize!(*params)
class_eval(
# good, block comments before heredoc
EOT
end
super
@dirty = true
def #{unsafe_method}!(*params)
# end
# super
# @dirty = true
# def capitalize!(*params)
class_eval <<-EOT, __FILE__, __LINE__ + 1
# good, block comments in heredoc
end
end
EOT
end # end
super # super
@dirty = true # @dirty = true
def #{unsafe_method}!(*params) # def capitalize!(*params)
end # end
to_str.#{unsafe_method}(*params, &block) # to_str.capitalize(*params, &block)
def #{unsafe_method}(*params, &block) # def capitalize(*params, &block)
class_eval <<-EOT, __FILE__, __LINE__ + 1
if ‘String’.respond_to?(unsafe_method)
UNSAFE_STRING_METHODS.each do |unsafe_method|
# good, inline comments in heredoc
end
end
EOT
end
super
@dirty = true
def #{unsafe_method}!(*params)
end
to_str.#{unsafe_method}(*params, &block)
def #{unsafe_method}(*params, &block)
class_eval <<-EOT, __FILE__, __LINE__ + 1
if ‘String’.respond_to?(unsafe_method)
UNSAFE_STRING_METHODS.each do |unsafe_method|
# bad
# from activesupport/lib/active_support/core_ext/string/output_safety.rb
@example
add a comment block showing its appearance if interpolated (a practice used in Rails code).
When using ‘class_eval` (or other `eval`) with string interpolation,
def comment_block_docs?(arg_node)
def comment_block_docs?(arg_node) comments = heredoc_comment_blocks(arg_node.loc.heredoc_body.line_span) .concat(preceding_comment_blocks(arg_node.parent)) return if comments.none? regexp = comment_regexp(arg_node) comments.any?(regexp) || regexp.match?(comments.join) end
def comment_regexp(arg_node)
def comment_regexp(arg_node) # Replace the interpolations with wildcards regexp_parts = arg_node.child_nodes.map do |n| n.begin_type? ? /.+/ : source_to_regexp(n.source) end Regexp.new(regexp_parts.join) end
def heredoc_comment_blocks(heredoc_body)
def heredoc_comment_blocks(heredoc_body) # Collect comments inside the heredoc line_range = (heredoc_body.begin - 1)..(heredoc_body.end - 1) lines = processed_source.lines[line_range] lines.each_with_object({}).with_index(line_range.begin) do |(line, hash), index| merge_adjacent_comments(line, index, hash) end.values end
def inline_comment_docs?(node)
def inline_comment_docs?(node) node.each_child_node(:begin).all? do |begin_node| source_line = processed_source.lines[begin_node.first_line - 1] source_line.match?(COMMENT_REGEXP) end end
def interpolated?(arg_node)
def interpolated?(arg_node) arg_node.each_child_node(:begin).any? end
def merge_adjacent_comments(line, index, hash)
def merge_adjacent_comments(line, index, hash) # Combine adjacent comment lines into a single string return unless (line = line.dup.gsub!(BLOCK_COMMENT_REGEXP, '')) hash[index] = if hash.keys.last == index - 1 [hash.delete(index - 1), line].join("\n") else line end end
def on_send(node)
def on_send(node) arg_node = node.first_argument return unless arg_node&.dstr_type? && interpolated?(arg_node) return if inline_comment_docs?(arg_node) || (arg_node.heredoc? && comment_block_docs?(arg_node)) add_offense(node.loc.selector) end
def preceding_comment_blocks(node)
def preceding_comment_blocks(node) # Collect comments in the method call, but outside the heredoc comments = processed_source.each_comment_in_lines(node.source_range.line_span) comments.each_with_object({}) do |comment, hash| merge_adjacent_comments(comment.text, comment.loc.line, hash) end.values end
def source_to_regexp(source)
def source_to_regexp(source) # Get the source in the heredoc being `eval`ed, without any comments # and turn it into a regexp return /\s+/ if source.blank? source = source.gsub(COMMENT_REGEXP, '') return if source.blank? /\s*#{Regexp.escape(source.strip)}/ end