class RuboCop::Cop::Gemspec::RequireMFA

= ‘true’
Gem::Specification.new do |spec|
# good end spec.metadata = ‘false’
Gem::Specification.new do |spec|
# bad
end
}
‘rubygems_mfa_required’ => ‘true’
spec.metadata = {
Gem::Specification.new do |spec|
# good
end
}
‘rubygems_mfa_required’ => ‘false’
spec.metadata = {
Gem::Specification.new do |spec|
# bad end spec.metadata = ‘true’
Gem::Specification.new do |spec|
# good
end
}
‘rubygems_mfa_required’ => ‘true’
spec.metadata = {
Gem::Specification.new do |spec|
# good
end
# no ‘rubygems_mfa_required` metadata specified
Gem::Specification.new do |spec|
# bad
@example
confident that gem updates were pushed by maintainers.
This helps make your gem more secure, as users can be more
* adding or removing owners using gem ownership page
* `gem owner –add/remove`
* `gem yank`
* `gem push`
operations):
(see RubyGems’ documentation for the full list of privileged
required for accounts to be able perform privileged operations, such as
This setting tells RubyGems that MFA (Multi-Factor Authentication) is
Requires a gemspec to have ‘rubygems_mfa_required` metadata set.

def autocorrect(corrector, node, block_var, metadata)

def autocorrect(corrector, node, block_var, metadata)
  if metadata
    return unless metadata.hash_type?
    correct_metadata(corrector, metadata)
  else
    insert_mfa_required(corrector, node, block_var)
  end
end

def change_value(corrector, value)

def change_value(corrector, value)
  corrector.replace(value, "'true'")
end

def correct_metadata(corrector, metadata)

def correct_metadata(corrector, metadata)
  if metadata.pairs.any?
    corrector.insert_after(metadata.pairs.last, ",\n'rubygems_mfa_required' => 'true'")
  else
    corrector.insert_before(metadata.loc.end, "'rubygems_mfa_required' => 'true'")
  end
end

def insert_mfa_required(corrector, node, block_var)

def insert_mfa_required(corrector, node, block_var)
  corrector.insert_before(node.loc.end, <<~RUBY)
    #{block_var}.metadata['rubygems_mfa_required'] = 'true'
  RUBY
end

def mfa_value(metadata_value)

def mfa_value(metadata_value)
  return unless metadata_value
  return metadata_value if metadata_value.str_type?
  rubygems_mfa_required(metadata_value).first
end

def on_block(node) # rubocop:disable Metrics/MethodLength, InternalAffairs/NumblockHandler

rubocop:disable Metrics/MethodLength, InternalAffairs/NumblockHandler

def on_block(node) # rubocop:disable Metrics/MethodLength, InternalAffairs/NumblockHandler
  gem_specification(node) do |block_var|
    metadata_value = metadata(node)
    mfa_value = mfa_value(metadata_value)
    if mfa_value
      unless true_string?(mfa_value)
        add_offense(mfa_value) do |corrector|
          change_value(corrector, mfa_value)
        end
      end
    else
      add_offense(node) do |corrector|
        autocorrect(corrector, node, block_var, metadata_value)
      end
    end
  end
end

Instance Methods

Defined in

lib/rubocop/cop/gemspec/require_mfa.rb

class RuboCop::Cop::Gemspec::RequireMFA

def autocorrect(corrector, node, block_var, metadata)

def change_value(corrector, value)

def correct_metadata(corrector, metadata)

def insert_mfa_required(corrector, node, block_var)

def mfa_value(metadata_value)

def on_block(node) # rubocop:disable Metrics/MethodLength, InternalAffairs/NumblockHandler

Namespace

Parent class

Included Modules

Extended Modules

Instance Methods

Defined in