Commit 367e7178 authored by Douwe Maan's avatar Douwe Maan

Enable Security/JSONLoad

parent 1fca4122
...@@ -944,6 +944,9 @@ Rails/TimeZone: ...@@ -944,6 +944,9 @@ Rails/TimeZone:
Rails/Validation: Rails/Validation:
Enabled: true Enabled: true
Security/JSONLoad:
Enabled: true
Style/AlignParameters: Style/AlignParameters:
Enabled: false Enabled: false
......
...@@ -38,18 +38,6 @@ RSpec/SingleArgumentMessageChain: ...@@ -38,18 +38,6 @@ RSpec/SingleArgumentMessageChain:
Exclude: Exclude:
- 'spec/requests/api/internal_spec.rb' - 'spec/requests/api/internal_spec.rb'
# Offense count: 8
# Cop supports --auto-correct.
# Configuration parameters: AutoCorrect.
Security/JSONLoad:
Exclude:
- 'db/migrate/20161019190736_migrate_sidekiq_queues_from_default.rb'
- 'db/migrate/20161024042317_migrate_mailroom_queue_from_default.rb'
- 'db/migrate/20161124141322_migrate_process_commit_worker_jobs.rb'
- 'spec/migrations/migrate_process_commit_worker_jobs_spec.rb'
- 'spec/models/project_services/irker_service_spec.rb'
- 'spec/support/stub_gitlab_calls.rb'
# Offense count: 55 # Offense count: 55
# Cop supports --auto-correct. # Cop supports --auto-correct.
# Configuration parameters: EnforcedStyle, SupportedStyles. # Configuration parameters: EnforcedStyle, SupportedStyles.
......
...@@ -93,7 +93,7 @@ class MigrateSidekiqQueuesFromDefault < ActiveRecord::Migration ...@@ -93,7 +93,7 @@ class MigrateSidekiqQueuesFromDefault < ActiveRecord::Migration
def migrate_from_queue(redis, queue, job_mapping) def migrate_from_queue(redis, queue, job_mapping)
while job = redis.lpop("queue:#{queue}") while job = redis.lpop("queue:#{queue}")
payload = JSON.load(job) payload = JSON.parse(job)
new_queue = job_mapping[payload['class']] new_queue = job_mapping[payload['class']]
# If we have no target queue to migrate to we're probably dealing with # If we have no target queue to migrate to we're probably dealing with
......
...@@ -47,7 +47,7 @@ class MigrateMailroomQueueFromDefault < ActiveRecord::Migration ...@@ -47,7 +47,7 @@ class MigrateMailroomQueueFromDefault < ActiveRecord::Migration
def migrate_from_queue(redis, queue, job_mapping) def migrate_from_queue(redis, queue, job_mapping)
while job = redis.lpop("queue:#{queue}") while job = redis.lpop("queue:#{queue}")
payload = JSON.load(job) payload = JSON.parse(job)
new_queue = job_mapping[payload['class']] new_queue = job_mapping[payload['class']]
# If we have no target queue to migrate to we're probably dealing with # If we have no target queue to migrate to we're probably dealing with
......
...@@ -34,7 +34,7 @@ class MigrateProcessCommitWorkerJobs < ActiveRecord::Migration ...@@ -34,7 +34,7 @@ class MigrateProcessCommitWorkerJobs < ActiveRecord::Migration
new_jobs = [] new_jobs = []
while job = redis.lpop('queue:process_commit') while job = redis.lpop('queue:process_commit')
payload = JSON.load(job) payload = JSON.parse(job)
project = Project.find_including_path(payload['args'][0]) project = Project.find_including_path(payload['args'][0])
next unless project next unless project
...@@ -75,7 +75,7 @@ class MigrateProcessCommitWorkerJobs < ActiveRecord::Migration ...@@ -75,7 +75,7 @@ class MigrateProcessCommitWorkerJobs < ActiveRecord::Migration
new_jobs = [] new_jobs = []
while job = redis.lpop('queue:process_commit') while job = redis.lpop('queue:process_commit')
payload = JSON.load(job) payload = JSON.parse(job)
payload['args'][2] = payload['args'][2]['id'] payload['args'][2] = payload['args'][2]['id']
......
...@@ -62,7 +62,7 @@ describe MigrateProcessCommitWorkerJobs do ...@@ -62,7 +62,7 @@ describe MigrateProcessCommitWorkerJobs do
end end
def pop_job def pop_job
JSON.load(Sidekiq.redis { |r| r.lpop('queue:process_commit') }) JSON.parse(Sidekiq.redis { |r| r.lpop('queue:process_commit') })
end end
before do before do
...@@ -198,7 +198,7 @@ describe MigrateProcessCommitWorkerJobs do ...@@ -198,7 +198,7 @@ describe MigrateProcessCommitWorkerJobs do
let(:job) do let(:job) do
migration.down migration.down
JSON.load(Sidekiq.redis { |r| r.lpop('queue:process_commit') }) JSON.parse(Sidekiq.redis { |r| r.lpop('queue:process_commit') })
end end
it 'includes the project ID' do it 'includes the project ID' do
......
...@@ -59,7 +59,7 @@ describe IrkerService, models: true do ...@@ -59,7 +59,7 @@ describe IrkerService, models: true do
conn = @irker_server.accept conn = @irker_server.accept
conn.readlines.each do |line| conn.readlines.each do |line|
msg = JSON.load(line.chomp("\n")) msg = JSON.parse(line.chomp("\n"))
expect(msg.keys).to match_array(['to', 'privmsg']) expect(msg.keys).to match_array(['to', 'privmsg'])
expect(msg['to']).to match_array(["irc://chat.freenode.net/#commits", expect(msg['to']).to match_array(["irc://chat.freenode.net/#commits",
"irc://test.net/#test"]) "irc://test.net/#test"])
......
...@@ -35,7 +35,7 @@ module StubGitlabCalls ...@@ -35,7 +35,7 @@ module StubGitlabCalls
{ "tags" => tags } { "tags" => tags }
) )
allow_any_instance_of(ContainerRegistry::Client).to receive(:repository_manifest).and_return( allow_any_instance_of(ContainerRegistry::Client).to receive(:repository_manifest).and_return(
JSON.load(File.read(Rails.root + 'spec/fixtures/container_registry/tag_manifest.json')) JSON.parse(File.read(Rails.root + 'spec/fixtures/container_registry/tag_manifest.json'))
) )
allow_any_instance_of(ContainerRegistry::Client).to receive(:blob).and_return( allow_any_instance_of(ContainerRegistry::Client).to receive(:blob).and_return(
File.read(Rails.root + 'spec/fixtures/container_registry/config_blob.json') File.read(Rails.root + 'spec/fixtures/container_registry/config_blob.json')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment