AWS CloudFormation Linter

Use of `eval` detectedRB-SC1001 Use of `Kernel#open` detectedRB-SC1004 `rails` version is susceptible to DOS attack via Mime type cachingRB-A1008 `sprockets` gem version is susceptible to path traversal vulnerabilityRB-A1009 `rails` version specified in Gemfile does not encode JSON keysRB-A1010 Rails version with CSRF token forgery vulnerability detectedRB-A1001 Rails version with XML DOS vulnerability detectedRB-A1002 Rails version with file disclosure vulnerability detectedRB-A1003 Rails version with ActiveRecord symbol DOS vulnerability detectedRB-A1004 Rails version vulnerable to timing attack in basic auth detectedRB-A1006 Project's `rails` & `i18n` gem versions are vulnerable to cross-site scripting (XSS)RB-A1007 Project's `rails` version is vulnerable to DoS on using `render :text`RB-A1011 Rails version with SafeBuffer manipulation bug detectedRB-A1005 Hash contains duplicate keysRB-LI1012 `each_with_object` is called with an immutable argumentRB-LI1014 Ineffective access modifier detectedRB-LI1028 Literal used in interpolationRB-LI1032 `while`/`until` detected in `begin` blockRB-LI1033 Multiple comparison detectedRB-LI1035 Trailing comma in attribute declaration detectedRB-LI1099 Function argument overwritten before useRB-LI1064 Use of `has_and_belongs_to_many` detectedRB-RL1025 Error class inheriting from `Exception`RB-LI1029 Duplicate require/require_relative blocks were foundRB-LI1096 `return` detected inside `ensure`RB-LI1021 Override of built-in `ActiveRecord` method detectedRB-RL1003 Use of `ActiveSupport` alias to core Ruby method detectedRB-RL1004 Use of `assert !` detectedRB-RL1009 Call to `exit` detected in appRB-RL1021 Consider using `where.first` method instead of `find_by`RB-RL1023 Replace `all.each` with `all.find_each`RB-RL1024 Use of http methods without params detectedRB-RL1028 Conditional statement contains an assignmentRB-LI1004 Unnecessary use of disjunctive assignment in constructorRB-LI1010 Duplicate conditions found in caseRB-LI1011 Invalid construction of percent string literalRB-LI1044 Unnecessary splat expressionRB-LI1050 `with_object` is called, but its value is not usedRB-LI1053 Regex literal used as conditionRB-LI1054 Predicate method with arg called without parenthesesRB-LI1055 `Exception` used in `rescue`RB-LI1056 Chain with safe navigation operator may cause `NoMethodError`RB-LI1059 Inconsistent use for safe navigation operator detectedRB-LI1060 Safe navigation operator used with `empty?` in conditionalRB-LI1061 Outer local variable is shadowedRB-LI1066 Unreachable code detectedRB-LI1072 Access modifiers should be declared as a groupRB-ST1001 `IO.select` with single argument detectedRB-DS1003 Bad binary expression operand orderRB-DS1005 Potential SSL verification bypass detectedRB-DS1011 Prefer using templates instead of rendering inline textRB-W1011 Duplicate value detected in enum declarationsRB-RL1019 Unexpected override of built-in `Struct` methodRB-W1007 Exception class overwritten by its resultRB-E1001 Bad ordering of magic commentsRB-LI1042 Arguments to range literal are ambiguousRB-W1006 Lambda without a literal block is deprecatedRB-W1004 Avoid using `git` to declare files in gemspecRB-E1004 Deprecated method used inside `refine` blockRB-W1005 Duplicate magic comment foundRB-W1008 Use `Rails.root.join` to join pathsRB-RL1022 Use `squish` for raw SQL queryRB-E1003 Incorrect Order of ActiveRecord CallbacksRB-LI1103 Avoid use of `match` in Rails routes with single request typeRB-LI1104 Rails migrations are not reversibleRB-LI1107 Rails 5 models should subclass `ApplicationRecord`RB-RL1008 `add_column` does not accept an `index` argumentRB-W1013 `default` value provided to `attribute` without a blockRB-W1014 Symbol with same name as the boolean values foundRB-LI1006 Duplicate assignments for a constantRB-DS1002 Flip-flop operator detectedRB-LI1023 `else` used without `rescue`RB-LI1080 Using insecure network protocol sourceRB-S1000 Require Multi-Factor Authentication (MFA) in GemspecRB-S1001 Division by zeroRB-E1009 Found redundant self-assignment branchRB-C1014 Useless occurrence of `rescue`RB-W1023 `uniqueness: true` used on a field that is not an indexRB-W1022 Usage of "*" on `Arel::Table` column referenceRB-W1018 Method vulnerable to DoS attackRB-S1004 Skipping CRRF or authentication checks by defaultRB-S1005 Usage of `Time.zone=` methodRB-W1019 Usage of weak hashing algorithmRB-S1002 Plaintext password found in callbackRB-S1003 Ignored column accessed from ActiveRecord modelRB-E1010 Found pattern branch without a bodyRB-W1003 `return` used in void contextRB-LI1058 Top level return with argument detectedRB-LI1088 Use of `and`/`or` detectedRB-ST1003 `attr` usedRB-ST1006 Explicitly make constant public or private using either `#public_constant` or `#private_constant`RB-ST1026 Omit the parentheses in defs when the method doesn't accept any argumentsRB-ST1029 Use `each_with_object` instead of `inject`/`reduce`RB-ST1036 Avoid the use of `END` blocks. Use `Kernel#at_exit` insteadRB-ST1044 Blocks should be used for interpolated strings passed to `Rails.logger.debug`RB-W1009 Risk of race condition in non-atomic file operationRB-E1002 Use of class/module name detected in definition of class/module methodsRB-ST1017 Empty file detectedRB-LI1098 Usage of SQL fragments in `where` query methodRB-C1016 Usage of `inquiry` methodRB-C1017 Found `then` keyword in multi-line pattern matching statementRB-C1015 Unnecessary condition usedRB-ST1117 Usage of `ENV[]` that fails silentlyRB-W1021 Unused assignment detectedRB-LI1078 Function with cyclomatic complexity higher than thresholdRB-R1001 Insecure JSON method detectedRB-SC1002 Use of insecure Marshal class method detectedRB-SC1003 Audit: Calls to methods in `IO` class must be avoidedRB-A1012 Use of insecure YAML method detectedRB-SC1005 Use `lambda`/`proc` instead of a plain method callRB-RL1052 Enum detected with array syntaxRB-RL1018 Inconsistent usage of request attribute detectedRB-RL1047 Use `start_with` in place of regexRB-PR1021 Multiple methods with same name in the same scopeRB-LI1013 Use `Array.new()` with a block instead of `.times`RB-PR1023 Empty `ensure` block detectedRB-LI1016 Empty expression detectedRB-LI1017 `when` branch without a body detectedRB-LI1019 `END` detected in a methodRB-LI1020 Mismatch between specified and passed format paramsRB-LI1025 Invalid order of method invocation in heredocRB-LI1026 Interpolation in a single-quote stringRB-LI1030 Empty interpolation detectedRB-LI1018 `Rails.env` predicate does not existRB-RL1056 Possible unintended string concatenationRB-LI1027 Self assignment detectedRB-LI1092 Detected `==` for comparison instead of recommended `equal?` methodRB-LI1100 Invalid value provided for `Integer#times`RB-LI1101 Constants defined within a blockRB-LI1102 Binary operator with identical operands detectedRB-LI1093 Use unary plus to get an unfrozen string literalRB-PR1024 `gsub(/\Aprefix/, '')` can be replaced by `delete_prefix('prefix')`RB-PR1026 `gsub(/suffix\z/, '')` can be replaced by `delete_suffix('suffix')`RB-PR1027 Unnecessary require statementRB-LI1049 Incorrect pluralization grammar detectedRB-RL1037 No `enable` statement found after `disable`RB-LI1034 Use of deprecated `*_filter` detectedRB-RL1001 Literal is used as conditionRB-LI1031 Unused method arguments detectedRB-LI1074 Grouped parentheses found in function callsRB-LI1043 Use `String#end_with?` instead of a regex match anchored to the end of the stringRB-PR1009 Do not compute the size of statically sized objectsRB-PR1010 Use `flat_map` to flatten mapsRB-PR1011 Use `=~` in places where the `MatchData` returned by `#match` will not be usedRB-PR1016 Use `size` instead of `count`RB-PR1020 Use `tr`/`delete` instead of `gsub`RB-PR1022 Safe navigation used with `blank?`RB-RL1050 `index_with` can be used to create a hash from an enumerableRB-RL1059 Use of `ActiveRecord` alias detectedRB-RL1002 Use `Range#cover?` instead of `Range#include?`RB-PR1014 Use `yield` instead of block callRB-PR1015 Prefer `match?` over `match`RB-PR1018 Use `reverse_each` instead of `reverse.each`RB-PR1019 Use of debugger detectedRB-LI1008 `case`..`when` can be modified for performanceRB-PR1002 Case-insensitive comparison of strings can use `casecmp`RB-PR1003 Replace methods on array with mutationsRB-PR1004 Replace `sort`, `max` and `min` with respective `_by` methodsRB-PR1005 Use `count` instead of `select`/`reject`RB-PR1006 Use the more efficient `detect` methodRB-PR1007 Double `start_with?`/`end_with?` can be combinedRB-PR1008 Use efficient method for searching hashesRB-PR1012 Consider using `Struct` over `OpenStruct` to optimize the performanceRB-PR1013 Rails 5 jobs should subclass `ApplicationJob`RB-RL1006 Rails 5 mailers should subclass `ApplicationMailer`RB-RL1007 Use of deprecated `required` detected in `belongs_to`RB-RL1010 Conditional can be simplified using `Object#blank?`RB-RL1011 Alter queries can be combinedRB-RL1012 Tables should be created with timestampsRB-RL1013 `delegate` could be used for delegationRB-RL1015 Use of `find_by_*` detectedRB-RL1017 Method skips model validationRB-RL1053 Use of `dependent` option detectedRB-RL1026 Use of helper instance variables detectedRB-RL1027 Use symbolic value of HTTP status codesRB-RL1029 `if` used with `only` or `except` in `skip_*` filterRB-RL1030 Inverse relation cannot be determined automaticallyRB-RL1031 Action filter is not defined in the scope it is used inRB-RL1032 `link_to` has `_blank`, but no `rel: 'noopener'`RB-RL1033 Replace output statements with loggerRB-RL1035 Time should be used with zoneRB-RL1054 Use of output-unsafe functions detectedRB-RL1036 Use of `present` or `blank` can be replaced with `presence`RB-RL1038 `present?` can be used to simplify conditionalsRB-RL1039 Rake task found without `:environment` task dependencyRB-RL1040 Square brackets are preferred for accessing/writing attributesRB-RL1041 Redundant `allow_nil` detectedRB-RL1042 Redundant receiver in `with_options` detectedRB-RL1043 Non-preferred way of asserting falseness detectedRB-RL1045 Relative date used as constantRB-RL1046 Irreversible migration detectedRB-RL1048 Methods with `!` should be usedRB-RL1051 Method should be used before `pluck`RB-RL1055 Old-style attribute validation macro detectedRB-RL1057 `index_by` can be used to create a hash from an enumerableRB-RL1058 Ambiguous association of block with methodRB-LI1001 Ambiguous operators in first arg of method invocationRB-LI1002 Ambiguous regular expression literal in method invocationRB-LI1003 Use of deprecated `BigDecimal.new`RB-LI1005 Circular argument referenceRB-LI1007 Use of deprecated class methodsRB-LI1009 Nested methods detectedRB-LI1036 `next` is used without accumulatorRB-LI1038 Require order is undeterministicRB-LI1039 Non-local exit from iterator without return valueRB-LI1040 Unsafe number conversionRB-LI1041 Invalid construction of percent symbol arrayRB-LI1045 Iterable is called with `with_index`, but its value is never usedRB-LI1052 Invalid `rescue` type detectedRB-LI1057 Bad ordering of exception rescue detectedRB-LI1065 Suppressed exceptions detectedRB-LI1067 `#to_json` requires an optional argumentRB-LI1069 Deprecated URI escape/unescape usedRB-LI1075 Use of deprected `URI.regexp` detectedRB-LI1076 Useless access modifier detectedRB-LI1077 Deprecated way of initializing OpenSSL::Cipher and OpenSSL::DigestRB-LI1083 Do not mix named captures and numbered captures in a Regexp literalRB-LI1084 Certain constants are not fully qualifiedRB-LI1085 Duplicate elsif block detectedRB-LI1086 Unreachable loop detectedRB-LI1090 Multiple rescues for the same exception detectedRB-LI1091 A block can be used that cleans up resources automatically on closingRB-ST1007 Use `__dir__` to get an absolute path to the current file's directoryRB-ST1030 Inconsistent use of safe navigation detectedRB-RL1049 Bad usage of `Date` methods detectedRB-RL1014 `:allow_blank` detected with delegationRB-RL1016 Hash merging can be replaced by hash key assignmentRB-PR1017 Bad comparison of `Rails.env` valueRB-RL1020 Non-null column should specify a defaultRB-RL1034 Redundant `ActiveRecord` foreign KeyRB-LI1105 ActiveRecord callback being overriddenRB-LI1106 Use `URI::DEFAULT_PARSER` instead of `URI::Parser.new`RB-PR1025 Controllers should subclass `ApplicationController`RB-RL1005 `class_name` should be a stringRB-RL1044 Detected use of discouraged ways to define class methodsRB-ST1194 `else` statement followed by expression on same lineRB-LI1015 Useless comparison detectedRB-LI1079 Useless call to setter detectedRB-LI1081 If/Elsif/Unless branches without a body detectedRB-LI1094 Command literal without backtick detectedRB-ST1022 Use of implicit block detectedRB-ST1186 Manually combining hashes is error proneRB-W1000 Deprecated attribute assignment in Gemspec fileRB-W1001 Renamed column accessed from ActiveRecord modelRB-E1012 Use of `BEGIN` block detectedRB-ST1009 Purposeless method definition detectedRB-LI1097 Unused block argument detectedRB-LI1073 Replace with `Integer#odd?`/`Integer#even?`RB-ST1046 Use of `is_a` is preferredRB-ST1016 Use of class variables detectedRB-ST1018 Use `Integer#times` for a simple loop which iterates a fixed number of timesRB-ST1035 Inconsistent class/module namespace nestingRB-ST1015 Redundant coercion of stringRB-LI1051 Out of range references of Regexp captures detectedRB-LI1095 `*send*` methods used for mixinRB-LI1063 Variable prefixed with underscore is being usedRB-LI1070 Check for `Bignum` or `Fixnum` detectedRB-LI1071 Missing super callRB-LI1087 Floating point comparisons detectedRB-LI1089 Bad use of `alias` detectedRB-ST1002 `*` used as a substitute for `join`RB-ST1004 Improper use of `%q()` or `%()`RB-ST1008 Use of block comments detectedRB-ST1010 Improper use of block delimiter detectedRB-ST1011 Braces not found around hash in method callRB-ST1012 Use of case equality operator detectedRB-ST1013 Use of inconsistent method from `Enumerable` module detectedRB-ST1019 Improper use of `::` detectedRB-ST1020 Use of `::` in defining class methods detectedRB-ST1021 Invalid annotation keyword format detectedRB-ST1023 Improper position of commentsRB-ST1024 Use the return of the conditional for variable assignment and comparisonRB-ST1025 Prefer Time over DateTimeRB-ST1028 Missing top-level documentation commentRB-ST1031 Documentation missing for public methodRB-ST1032 Avoid the use of double negation (`!!`)RB-ST1034 Omit pipes for the empty block parametersRB-ST1037 Do not use empty `case` condition, instead use an `if` expressionRB-ST1038 Omit parentheses for the empty lambda parametersRB-ST1040 Literal should be used instead of a method that results in literalRB-ST1041 Put empty method definitions on a single lineRB-ST1042 Pass `__FILE__` and `__LINE__` to `eval` method, as they are used by backtracesRB-ST1045 Improper parameters to `expand_path`RB-ST1047 Redundant self assignment was detectedRB-ST1190 Incorrect order of keyword parameters detectedRB-ST1192 Combinable loop statements detectedRB-ST1193 Space found between receiver name and opening bracketsRB-C1013 Pass conditions to `where` as a HashRB-W1012 `require_relative` called with current file pathRB-W1002 Consider writing method chains on separate linesRB-W1010 Empty object shoud be asserted with `assert_empty`RB-W1016 `require` call found for `lib` folderRB-W1015 PascalCase not used in class or module nameRB-C1012 Use of character literal detectedRB-ST1014 Redundant `else`-clause detectedRB-ST1039 Sole nested conditionals detectedRB-ST1191 Use `<=` for checking inheritance instead of `ancestors.include?`RB-P1003 Redundant usage of `%q`RB-ST1123 Mailer class name without `Mailer` suffixRB-C1018 Use `Comparable#clamp` to limit value to a rangeRB-C1019 Unnecessary nested calls to `File.dirname`RB-W1017 Column in `ignored_columns` does not existRB-W1020 `rescue MethodError` can be replaced with `respond_to?`RB-P1001 Use `while true` instead of `loop`RB-P1002

Ruby

Static Analysis, SAST, Code Coverage, Code Complexity

Sample Configuration

.deepsource.toml

version = 1

[[analyzers]]

name = "ruby"

Explore the docs for all configuration options.