Lint/DeprecatedOpenSSLConstant suggestion with double quoted string #8035
Labels
Comments
|
And I've just found that it actually tries to concatenate non-strings: FOO = "cbc"
do_something do
OpenSSL::Cipher::AES256.new(FOO)
end |
koic
added a commit
to koic/rubocop
that referenced
this issue
May 26, 2020
…nstant` Fixes rubocop#8035. This PR fixes the following false positive for `Lint/DeprecatedOpenSSLConstant` when using double quoted string argument. ```console % cat example.rb OpenSSL::Cipher::AES256.new('cbc') OpenSSL::Cipher::AES256.new("cbc") % bundle exec rubocop --only Lint/DeprecatedOpenSSLConstant -a (snip) Offenses: example.rb:1:1: W: [Corrected] Lint/DeprecatedOpenSSLConstant: Use OpenSSL::Cipher.new('AES-256-cbc') instead of OpenSSL::Cipher::AES256.new('cbc'). OpenSSL::Cipher::AES256.new('cbc') ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ example.rb:2:1: W: [Corrected] Lint/DeprecatedOpenSSLConstant: Use OpenSSL::Cipher.new('AES-256-"cbc"') instead of OpenSSL::Cipher::AES256.new("cbc"). OpenSSL::Cipher::AES256.new("cbc") ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ % cat example.rb OpenSSL::Cipher.new('AES-256-cbc') OpenSSL::Cipher.new('AES-256-"cbc"') ``` rubocop#8035 has another different false positive, which resolves as another PR.
8 tasks
bbatsov
pushed a commit
that referenced
this issue
May 26, 2020
Fixes #8035. This PR fixes the following false positive for `Lint/DeprecatedOpenSSLConstant` when using double quoted string argument. ```console % cat example.rb OpenSSL::Cipher::AES256.new('cbc') OpenSSL::Cipher::AES256.new("cbc") % bundle exec rubocop --only Lint/DeprecatedOpenSSLConstant -a (snip) Offenses: example.rb:1:1: W: [Corrected] Lint/DeprecatedOpenSSLConstant: Use OpenSSL::Cipher.new('AES-256-cbc') instead of OpenSSL::Cipher::AES256.new('cbc'). OpenSSL::Cipher::AES256.new('cbc') ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ example.rb:2:1: W: [Corrected] Lint/DeprecatedOpenSSLConstant: Use OpenSSL::Cipher.new('AES-256-"cbc"') instead of OpenSSL::Cipher::AES256.new("cbc"). OpenSSL::Cipher::AES256.new("cbc") ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ % cat example.rb OpenSSL::Cipher.new('AES-256-cbc') OpenSSL::Cipher.new('AES-256-"cbc"') ``` #8035 has another different false positive, which resolves as another PR.
8 tasks
koic
added a commit
to koic/rubocop
that referenced
this issue
May 26, 2020
…nstant` Fixes rubocop#8035. This PR fixes a false positive for `Lint/DeprecatedOpenSSLConstant` when argument is a variable, method, or constant. ```console % cat example.rb MODE = 'cbc' OpenSSL::Cipher::AES256.new(MODE) % bundle exec rubocop --only Lint/DeprecatedOpenSSLConstant -a (snip) Offenses: example.rb:2:1: W: [Corrected] Lint/DeprecatedOpenSSLConstant: Use OpenSSL::Cipher.new('AES-256-MODE') instead of OpenSSL::Cipher::AES256.new(MODE). OpenSSL::Cipher::AES256.new(MODE) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 1 file inspected, 1 offense detected, 1 offense corrected % cat example.rb MODE = 'cbc' OpenSSL::Cipher.new('AES-256-MODE') ``` RuboCop does not have a tracing feature a value of variable, (method,) and constant yet. This PR accepts cases where these values are used to prevent auto-correction mistakes. On the other hand, this change produces false negatives for the deprecated APIs. If it is difficult to accept false negatives, I will update this PR to warn against these cases and auto-correction will not performed.
bbatsov
pushed a commit
that referenced
this issue
May 31, 2020
Fixes #8035. This PR fixes a false positive for `Lint/DeprecatedOpenSSLConstant` when argument is a variable, method, or constant. ```console % cat example.rb MODE = 'cbc' OpenSSL::Cipher::AES256.new(MODE) % bundle exec rubocop --only Lint/DeprecatedOpenSSLConstant -a (snip) Offenses: example.rb:2:1: W: [Corrected] Lint/DeprecatedOpenSSLConstant: Use OpenSSL::Cipher.new('AES-256-MODE') instead of OpenSSL::Cipher::AES256.new(MODE). OpenSSL::Cipher::AES256.new(MODE) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 1 file inspected, 1 offense detected, 1 offense corrected % cat example.rb MODE = 'cbc' OpenSSL::Cipher.new('AES-256-MODE') ``` RuboCop does not have a tracing feature a value of variable, (method,) and constant yet. This PR accepts cases where these values are used to prevent auto-correction mistakes. On the other hand, this change produces false negatives for the deprecated APIs. If it is difficult to accept false negatives, I will update this PR to warn against these cases and auto-correction will not performed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The suggestion is valid with single quoted strings, but broken with double quoted ones.
Expected behavior
Suggestion should be
OpenSSL::Cipher::AES256.new("AES-256-cbc")(preserving double quotes) at least, or one of theOpenSSL::Cipher.ciphersentries if we really want consistent casing.Actual behavior
OpenSSL::Cipher.new('AES-256-"cbc"')does not exist.Steps to reproduce the problem
and
RuboCop version
The text was updated successfully, but these errors were encountered: