.rubocop.yml

require:
  - rubocop-rspec
  - rubocop-gitlab-security
  - ./rubocop/rubocop

inherit_from: .rubocop_todo.yml

AllCops:
  TargetRubyVersion: 2.3
  TargetRailsVersion: 4.2
  # Cop names are not d§splayed in offense messages by default. Change behavior
  # by overriding DisplayCopNames, or by giving the -D/--display-cop-names
  # option.
  DisplayCopNames: true
  # Style guide URLs are not displayed in offense messages by default. Change
  # behavior by overriding DisplayStyleGuide, or by giving the
  # -S/--display-style-guide option.
  DisplayStyleGuide: false
  # Exclude some GitLab files
  Exclude:
    - 'vendor/**/*'
    - 'node_modules/**/*'
    - 'db/*'
    - 'db/fixtures/**/*'
    - 'tmp/**/*'
    - 'bin/**/*'
    - 'generator_templates/**/*'
    - 'builds/**/*'

# Gems in consecutive lines should be alphabetically sorted
Bundler/OrderedGems:
  Enabled: false

# Layout ######################################################################

# Check indentation of private/protected visibility modifiers.
Layout/AccessModifierIndentation:
  Enabled: true

# Align the elements of an array literal if they span more than one line.
Layout/AlignArray:
  Enabled: true

# Align the elements of a hash literal if they span more than one line.
Layout/AlignHash:
  Enabled: true

# Here we check if the parameters on a multi-line method call or
# definition are aligned.
Layout/AlignParameters:
  Enabled: false

# Put end statement of multiline block on its own line.
Layout/BlockEndNewline:
  Enabled: true

# Indentation of when in a case/when/[else/]end.
Layout/CaseIndentation:
  Enabled: true

# Indentation of comments.
Layout/CommentIndentation:
  Enabled: true

# Multi-line method chaining should be done with leading dots.
Layout/DotPosition:
  Enabled: true
  EnforcedStyle: leading

# Align elses and elsifs correctly.
Layout/ElseAlignment:
  Enabled: true

# Add an empty line after magic comments to separate them from code.
Layout/EmptyLineAfterMagicComment:
  Enabled: false

# Use empty lines between defs.
Layout/EmptyLineBetweenDefs:
  Enabled: true

# Don't use several empty lines in a row.
Layout/EmptyLines:
  Enabled: true

# Keep blank lines around access modifiers.
Layout/EmptyLinesAroundAccessModifier:
  Enabled: true

# Keeps track of empty lines around block bodies.
Layout/EmptyLinesAroundBlockBody:
  Enabled: true

# Keeps track of empty lines around class bodies.
Layout/EmptyLinesAroundClassBody:
  Enabled: true

# Keeps track of empty lines around exception handling keywords.
Layout/EmptyLinesAroundExceptionHandlingKeywords:
  Enabled: false

# Keeps track of empty lines around method bodies.
Layout/EmptyLinesAroundMethodBody:
  Enabled: true

# Keeps track of empty lines around module bodies.
Layout/EmptyLinesAroundModuleBody:
  Enabled: true

# Use Unix-style line endings.
Layout/EndOfLine:
  Enabled: true

# Checks for a line break before the first parameter in a multi-line method
# parameter definition.
Layout/FirstMethodParameterLineBreak:
  Enabled: true

# Keep indentation straight.
Layout/IndentationConsistency:
  Enabled: true

# Use 2 spaces for indentation.
Layout/IndentationWidth:
  Enabled: true

# Checks the indentation of the first line of the right-hand-side of a
# multi-line assignment.
Layout/IndentAssignment:
  Enabled: true

# This cops checks the indentation of the here document bodies.
Layout/IndentHeredoc:
  Enabled: false

# Comments should start with a space.
Layout/LeadingCommentSpace:
  Enabled: true

# Checks that the closing brace in an array literal is either on the same line
# as the last array element, or a new line.
Layout/MultilineArrayBraceLayout:
  Enabled: true
  EnforcedStyle: symmetrical

# Ensures newlines after multiline block do statements.
Layout/MultilineBlockLayout:
  Enabled: true

# Checks that the closing brace in a hash literal is either on the same line as
# the last hash element, or a new line.
Layout/MultilineHashBraceLayout:
  Enabled: true
  EnforcedStyle: symmetrical

# Checks that the closing brace in a method call is either on the same line as
# the last method argument, or a new line.
Layout/MultilineMethodCallBraceLayout:
  Enabled: false
  EnforcedStyle: symmetrical

# Checks indentation of method calls with the dot operator that span more than
# one line.
Layout/MultilineMethodCallIndentation:
  Enabled: false

# Checks that the closing brace in a method definition is symmetrical with
# respect to the opening brace and the method parameters.
Layout/MultilineMethodDefinitionBraceLayout:
  Enabled: false

# Checks indentation of binary operations that span more than one line.
Layout/MultilineOperationIndentation:
  Enabled: true
  EnforcedStyle: indented

# Use spaces after colons.
Layout/SpaceAfterColon:
  Enabled: true

# Use spaces after commas.
Layout/SpaceAfterComma:
  Enabled: true

# Do not put a space between a method name and the opening parenthesis in a
# method definition.
Layout/SpaceAfterMethodName:
  Enabled: true

# Tracks redundant space after the ! operator.
Layout/SpaceAfterNot:
  Enabled: true

# Use spaces after semicolons.
Layout/SpaceAfterSemicolon:
  Enabled: true

# Use space around equals in parameter default
Layout/SpaceAroundEqualsInParameterDefault:
  Enabled: true

# Use a space around keywords if appropriate.
Layout/SpaceAroundKeyword:
  Enabled: true

# Use a single space around operators.
Layout/SpaceAroundOperators:
  Enabled: true

# Checks that block braces have or don't have a space before the opening
# brace depending on configuration.
# Configuration parameters: EnforcedStyle, SupportedStyles.
# SupportedStyles: space, no_space
Layout/SpaceBeforeBlockBraces:
  Enabled: true

# No spaces before commas.
Layout/SpaceBeforeComma:
  Enabled: true

# Checks for missing space between code and a comment on the same line.
Layout/SpaceBeforeComment:
  Enabled: true

# No spaces before semicolons.
Layout/SpaceBeforeSemicolon:
  Enabled: true

# Checks for spaces inside square brackets.
Layout/SpaceInsideBrackets:
  Enabled: true

# Use spaces inside hash literal braces - or don't.
Layout/SpaceInsideHashLiteralBraces:
  Enabled: true

# No spaces inside range literals.
Layout/SpaceInsideRangeLiteral:
  Enabled: true

# Checks for padding/surrounding spaces inside string interpolation.
Layout/SpaceInsideStringInterpolation:
  EnforcedStyle: no_space
  Enabled: true

# No hard tabs.
Layout/Tab:
  Enabled: true

# Checks trailing blank lines and final newline.
Layout/TrailingBlankLines:
  Enabled: true

# Style #######################################################################

# Check the naming of accessor methods for get_/set_.
Style/AccessorMethodName:
  Enabled: false

# Use alias_method instead of alias.
Style/Alias:
  EnforcedStyle: prefer_alias_method
  Enabled: true

# Whether `and` and `or` are banned only in conditionals (conditionals)
# or completely (always).
Style/AndOr:
  Enabled: true

# Use `Array#join` instead of `Array#*`.
Style/ArrayJoin:
  Enabled: true

# Use only ascii symbols in comments.
Style/AsciiComments:
  Enabled: true

# Use only ascii symbols in identifiers.
Style/AsciiIdentifiers:
  Enabled: true

# Checks for uses of Module#attr.
Style/Attr:
  Enabled: true

# Avoid the use of BEGIN blocks.
Style/BeginBlock:
  Enabled: true

# Do not use block comments.
Style/BlockComments:
  Enabled: true

# Avoid using {...} for multi-line blocks (multiline chaining is # always
# ugly). Prefer {...} over do...end for single-line blocks.
Style/BlockDelimiters:
  Enabled: true

 # This cop checks for braces around the last parameter in a method call
# if the last parameter is a hash.
Style/BracesAroundHashParameters:
  Enabled: false

# This cop checks for uses of the case equality operator(===).
Style/CaseEquality:
  Enabled: false

# Checks for uses of character literals.
Style/CharacterLiteral:
  Enabled: true

# Use CamelCase for classes and modules.'
Style/ClassAndModuleCamelCase:
  Enabled: true

# Checks style of children classes and modules.
Style/ClassAndModuleChildren:
  Enabled: false

# Enforces consistent use of `Object#is_a?` or `Object#kind_of?`.
Style/ClassCheck:
  Enabled: true

# Use self when defining module/class methods.
Style/ClassMethods:
  Enabled: true

# Avoid the use of class variables.
Style/ClassVars:
  Enabled: true

# This cop checks for methods invoked via the :: operator instead
# of the . operator (like FileUtils::rmdir instead of FileUtils.rmdir).
Style/ColonMethodCall:
  Enabled: true

# This cop checks that comment annotation keywords are written according
# to guidelines.
Style/CommentAnnotation:
  Enabled: false

# Check for `if` and `case` statements where each branch is used for
# assignment to the same variable when using the return of the
# condition can be used instead.
Style/ConditionalAssignment:
  Enabled: true

# Constants should use SCREAMING_SNAKE_CASE.
Style/ConstantName:
  Enabled: true

# Use def with parentheses when there are arguments.
Style/DefWithParentheses:
  Enabled: true

# Document classes and non-namespace modules.
Style/Documentation:
  Enabled: false

# This cop checks for uses of double negation (!!) to convert something
# to a boolean value. As this is both cryptic and usually redundant, it
# should be avoided.
Style/DoubleNegation:
  Enabled: false

# Avoid the use of END blocks.
Style/EndBlock:
  Enabled: true

# Favor the use of Fixnum#even? && Fixnum#odd?
Style/EvenOdd:
  Enabled: true

# Use snake_case for source file names.
Style/FileName:
  Enabled: true

# Checks for flip flops.
Style/FlipFlop:
  Enabled: true

# Checks use of for or each in multiline loops.
Style/For:
  Enabled: true

# Use a consistent style for format string tokens.
Style/FormatStringToken:
  Enabled: false

# Checks if there is a magic comment to enforce string literals
Style/FrozenStringLiteralComment:
  Enabled: false

# Do not introduce global variables.
Style/GlobalVars:
  Enabled: true
  Exclude:
    - 'lib/backup/**/*'
    - 'lib/tasks/**/*'

# Prefer Ruby 1.9 hash syntax `{ a: 1, b: 2 }`
# over 1.8 syntax `{ :a => 1, :b => 2 }`.
Style/HashSyntax:
  Enabled: true

# Checks that conditional statements do not have an identical line at the
# end of each branch, which can validly be moved out of the conditional.
Style/IdenticalConditionalBranches:
  Enabled: true

# Do not use if x; .... Use the ternary operator instead.
Style/IfWithSemicolon:
  Enabled: true

# Use Kernel#loop for infinite loops.
Style/InfiniteLoop:
  Enabled: true

# Use the inverse method instead of `!.method`
# if an inverse method is defined.
Style/InverseMethods:
  Enabled: false

# Use lambda.call(...) instead of lambda.(...).
Style/LambdaCall:
  Enabled: true

# Checks if the method definitions have or don't have parentheses.
Style/MethodDefParentheses:
  Enabled: true

# Use the configured style when naming methods.
Style/MethodName:
  Enabled: true

# Checks for usage of `extend self` in modules.
Style/ModuleFunction:
  Enabled: false

# Avoid multi-line chains of blocks.
Style/MultilineBlockChain:
  Enabled: true

# Do not use then for multi-line if/unless.
Style/MultilineIfThen:
  Enabled: true

# Avoid multi-line `? :` (the ternary operator), use if/unless instead.
Style/MultilineTernaryOperator:
  Enabled: true

# Avoid comparing a variable with multiple items in a conditional,
# use Array#include? instead.
Style/MultipleComparison:
  Enabled: false

# This cop checks whether some constant value isn't a
# mutable literal (e.g. array or hash).
Style/MutableConstant:
  Enabled: true
  Exclude:
    - 'db/migrate/**/*'
    - 'db/post_migrate/**/*'

# Favor unless over if for negative conditions (or control flow or).
Style/NegatedIf:
  Enabled: true

# Avoid using nested modifiers.
Style/NestedModifier:
  Enabled: true

# Use one expression per branch in a ternary operator.
Style/NestedTernaryOperator:
  Enabled: true

# Prefer x.nil? to x == nil.
Style/NilComparison:
  Enabled: true

# Checks for redundant nil checks.
Style/NonNilCheck:
  Enabled: true

# Use ! instead of not.
Style/Not:
  Enabled: true

# Add underscores to large numeric literals to improve their readability.
Style/NumericLiterals:
  Enabled: false

# Favor the ternary operator(?:) over if/then/else/end constructs.
Style/OneLineConditional:
  Enabled: true

# When defining binary operators, name the argument other.
Style/OpMethod:
  Enabled: true

# Don't use parentheses around the condition of an if/unless/while.
Style/ParenthesesAroundCondition:
  Enabled: true

# This cop (by default) checks for uses of methods Hash#has_key? and
# Hash#has_value? where it enforces Hash#key? and Hash#value?
# It is configurable to enforce the inverse, using `verbose` method
# names also.
# Configuration parameters: EnforcedStyle, SupportedStyles.
# SupportedStyles: short, verbose
Style/PreferredHashMethods:
  Enabled: false

# Checks for an obsolete RuntimeException argument in raise/fail.
Style/RedundantException:
  Enabled: true

# Checks for parentheses that seem not to serve any purpose.
Style/RedundantParentheses:
  Enabled: true

# Don't use semicolons to terminate expressions.
Style/Semicolon:
  Enabled: true

# Checks for proper usage of fail and raise.
Style/SignalException:
  EnforcedStyle: only_raise
  Enabled: true

# Check for the usage of parentheses around stabby lambda arguments.
Style/StabbyLambdaParentheses:
  EnforcedStyle: require_parentheses
  Enabled: true

# Checks if uses of quotes match the configured preference.
Style/StringLiterals:
  Enabled: false

# Checks if configured preferred methods are used over non-preferred.
Style/StringMethods:
  PreferredMethods:
    intern: to_sym
  Enabled: true

# Use %i or %I for arrays of symbols.
Style/SymbolArray:
  Enabled: false

# This cop checks for trailing comma in array and hash literals.
Style/TrailingCommaInLiteral:
  Enabled: true
  EnforcedStyleForMultiline: no_comma

# This cop checks for trailing comma in argument lists.
Style/TrailingCommaInArguments:
  Enabled: true
  EnforcedStyleForMultiline: no_comma

# Checks for %W when interpolation is not needed.
Style/UnneededCapitalW:
  Enabled: true

# Checks for %q/%Q when single quotes or double quotes would do.
Style/UnneededPercentQ:
  Enabled: false

# Don't interpolate global, instance and class variables directly in strings.
Style/VariableInterpolation:
  Enabled: true

# Use the configured style when naming variables.
Style/VariableName:
  EnforcedStyle: snake_case
  Enabled: true

# Use the configured style when numbering variables.
Style/VariableNumber:
  Enabled: false

# Use when x then ... for one-line cases.
Style/WhenThen:
  Enabled: true

# Checks for redundant do after while or until.
Style/WhileUntilDo:
  Enabled: true

# Favor modifier while/until usage when you have a single-line body.
Style/WhileUntilModifier:
  Enabled: true

# Use %w or %W for arrays of words.
Style/WordArray:
  Enabled: true

# Do not use literals as the first operand of a comparison.
Style/YodaCondition:
  Enabled: false

# Use `proc` instead of `Proc.new`.
Style/Proc:
  Enabled: true

# Metrics #####################################################################

# A calculated magnitude based on number of assignments,
# branches, and conditions.
Metrics/AbcSize:
  Enabled: true
  Max: 56.96

# This cop checks if the length of a block exceeds some maximum value.
Metrics/BlockLength:
  Enabled: false

# Avoid excessive block nesting.
Metrics/BlockNesting:
  Enabled: true
  Max: 4

# Avoid classes longer than 100 lines of code.
Metrics/ClassLength:
  Enabled: false

# A complexity metric that is strongly correlated to the number
# of test cases needed to validate a method.
Metrics/CyclomaticComplexity:
  Enabled: true
  Max: 16

# Limit lines to 80 characters.
Metrics/LineLength:
  Enabled: false

# Avoid methods longer than 10 lines of code.
Metrics/MethodLength:
  Enabled: false

# Avoid modules longer than 100 lines of code.
Metrics/ModuleLength:
  Enabled: false

# Avoid parameter lists longer than three or four parameters.
Metrics/ParameterLists:
  Enabled: true
  Max: 8

# A complexity metric geared towards measuring complexity for a human reader.
Metrics/PerceivedComplexity:
  Enabled: true
  Max: 18

# Lint ########################################################################

# Checks for ambiguous block association with method when param passed without
# parentheses.
Lint/AmbiguousBlockAssociation:
  Enabled: false

# Checks for ambiguous operators in the first argument of a method invocation
# without parentheses.
Lint/AmbiguousOperator:
  Enabled: true

# This cop checks for ambiguous regexp literals in the first argument of
# a method invocation without parentheses.
Lint/AmbiguousRegexpLiteral:
  Enabled: false

# This cop checks for assignments in the conditions of
# if/while/until.
Lint/AssignmentInCondition:
  Enabled: false

# Align block ends correctly.
Lint/BlockAlignment:
  Enabled: true

# Default values in optional keyword arguments and optional ordinal arguments
# should not refer back to the name of the argument.
Lint/CircularArgumentReference:
  Enabled: true

# Checks for condition placed in a confusing position relative to the keyword.
Lint/ConditionPosition:
  Enabled: true

# Check for debugger calls.
Lint/Debugger:
  Enabled: true

# Align ends corresponding to defs correctly.
Lint/DefEndAlignment:
  Enabled: true

# Check for deprecated class method calls.
Lint/DeprecatedClassMethods:
  Enabled: true

# Check for immutable argument given to each_with_object.
Lint/EachWithObjectArgument:
  Enabled: true

# Check for odd code arrangement in an else block.
Lint/ElseLayout:
  Enabled: true

# Checks for empty ensure block.
Lint/EmptyEnsure:
  Enabled: true

# Checks for the presence of `when` branches without a body.
Lint/EmptyWhen:
  Enabled: true

# Align ends correctly.
Lint/EndAlignment:
  Enabled: true

# END blocks should not be placed inside method definitions.
Lint/EndInMethod:
  Enabled: true

# Do not use return in an ensure block.
Lint/EnsureReturn:
  Enabled: true

# Catches floating-point literals too large or small for Ruby to represent.
Lint/FloatOutOfRange:
  Enabled: true

# The number of parameters to format/sprint must match the fields.
Lint/FormatParameterMismatch:
  Enabled: true

# This cop checks for *rescue* blocks with no body.
Lint/HandleExceptions:
  Enabled: false

# Checks for adjacent string literals on the same line, which could better be
# represented as a single string literal.
Lint/ImplicitStringConcatenation:
  Enabled: true

# Checks for attempts to use `private` or `protected` to set the visibility
# of a class method, which does not work.
Lint/IneffectiveAccessModifier:
  Enabled: false

# Checks for invalid character literals with a non-escaped whitespace
# character.
Lint/InvalidCharacterLiteral:
  Enabled: true

# Checks of literals used in conditions.
Lint/LiteralInCondition:
  Enabled: true

# Checks for literals used in interpolation.
Lint/LiteralInInterpolation:
  Enabled: true

# This cop checks for uses of *begin...end while/until something*.
Lint/Loop:
  Enabled: false

# Do not use nested method definitions.
Lint/NestedMethodDefinition:
  Enabled: true

# Do not omit the accumulator when calling `next` in a `reduce`/`inject` block.
Lint/NextWithoutAccumulator:
  Enabled: true

# Checks for method calls with a space before the opening parenthesis.
Lint/ParenthesesAsGroupedExpression:
  Enabled: true

# Checks for `rand(1)` calls. Such calls always return `0` and most likely
# a mistake.
Lint/RandOne:
  Enabled: true

# Use parentheses in the method call to avoid confusion about precedence.
Lint/RequireParentheses:
  Enabled: true

# Avoid rescuing the Exception class.
Lint/RescueException:
  Enabled: true

# Checks for the order which exceptions are rescued to avoid rescueing a less specific exception before a more specific exception.
Lint/ShadowedException:
  Enabled: false

# This cop looks for use of the same name as outer local variables
# for block arguments or block local variables.
Lint/ShadowingOuterLocalVariable:
  Enabled: false

# Checks for Object#to_s usage in string interpolation.
Lint/StringConversionInInterpolation:
  Enabled: true

# Do not use prefix `_` for a variable that is used.
Lint/UnderscorePrefixedVariableName:
  Enabled: true

# This cop checks for using Fixnum or Bignum constant
Lint/UnifiedInteger:
  Enabled: true

# Checks for rubocop:disable comments that can be removed.
# Note: this cop is not disabled when disabling all cops.
# It must be explicitly disabled.
Lint/UnneededDisable:
  Enabled: false

# This cop checks for unneeded usages of splat expansion
Lint/UnneededSplatExpansion:
  Enabled: false

# Unreachable code.
Lint/UnreachableCode:
  Enabled: true

# This cop checks for unused block arguments.
Lint/UnusedBlockArgument:
  Enabled: false

# This cop checks for unused method arguments.
Lint/UnusedMethodArgument:
  Enabled: false

# Checks for useless access modifiers.
Lint/UselessAccessModifier:
  Enabled: true

# Checks for useless assignment to a local variable.
Lint/UselessAssignment:
  Enabled: true

# Checks for comparison of something with itself.
Lint/UselessComparison:
  Enabled: true

# Checks for useless `else` in `begin..end` without `rescue`.
Lint/UselessElseWithoutRescue:
  Enabled: true

# Checks for useless setter call to a local variable.
Lint/UselessSetterCall:
  Enabled: true

# Possible use of operator/literal/variable in void context.
Lint/Void:
  Enabled: true

# Performance #################################################################

# Use `caller(n..n)` instead of `caller`.
Performance/Caller:
  Enabled: false

# Use `casecmp` rather than `downcase ==`.
Performance/Casecmp:
  Enabled: true

# Use `str.{start,end}_with?(x, ..., y, ...)` instead of
# `str.{start,end}_with?(x, ...) || str.{start,end}_with?(y, ...)`.
Performance/DoubleStartEndWith:
  Enabled: true

# Use `strip` instead of `lstrip.rstrip`.
Performance/LstripRstrip:
  Enabled: true

# Use `Range#cover?` instead of `Range#include?`.
Performance/RangeInclude:
  Enabled: true

# This cop identifies the use of a `&block` parameter and `block.call`
# where `yield` would do just as well.
Performance/RedundantBlockCall:
  Enabled: true

# This cop identifies use of `Regexp#match` or `String#match in a context
# where the integral return value of `=~` would do just as well.
Performance/RedundantMatch:
  Enabled: true

# This cop identifies places where `Hash#merge!` can be replaced by
# `Hash#[]=`.
Performance/RedundantMerge:
  Enabled: true
  MaxKeyValuePairs: 1

# Use `sort` instead of `sort_by { |x| x }`.
Performance/RedundantSortBy:
  Enabled: true

# Use `start_with?` instead of a regex match anchored to the beginning of a
# string.
Performance/StartWith:
  Enabled: true

# Use `tr` instead of `gsub` when you are replacing the same number of
# characters. Use `delete` instead of `gsub` when you are deleting
# characters.
Performance/StringReplacement:
  Enabled: true

# Checks for `.times.map` calls.
Performance/TimesMap:
  Enabled: true

# Security ####################################################################

# This cop checks for the use of JSON class methods which have potential
# security issues.
Security/JSONLoad:
  Enabled: true

# This cop checks for the use of *Kernel#eval*.
Security/Eval:
  Enabled: true

# Rails #######################################################################

# Enables Rails cops.
Rails:
  Enabled: true

# Enforces consistent use of action filter methods.
Rails/ActionFilter:
  Enabled: true
  EnforcedStyle: action

# Check that models subclass ApplicationRecord.
Rails/ApplicationRecord:
  Enabled: false

# Enforce using `blank?` and `present?`.
Rails/Blank:
  Enabled: false

# Checks the correct usage of date aware methods, such as `Date.today`,
# `Date.current`, etc.
Rails/Date:
  Enabled: false

# Prefer delegate method for delegations.
# Disabled per https://gitlab.com/gitlab-org/gitlab-ce/issues/35869
Rails/Delegate:
  Enabled: false

# This cop checks dynamic `find_by_*` methods.
Rails/DynamicFindBy:
  Enabled: false

# This cop enforces that 'exit' calls are not used within a rails app.
Rails/Exit:
  Enabled: true
  Exclude:
    - lib/gitlab/upgrader.rb
    - 'lib/backup/**/*'

# Prefer `find_by` over `where.first`.
Rails/FindBy:
  Enabled: true

# Prefer `all.find_each` over `all.find`.
Rails/FindEach:
  Enabled: true

# Prefer has_many :through to has_and_belongs_to_many.
Rails/HasAndBelongsToMany:
  Enabled: true

# This cop is used to identify usages of http methods like `get`, `post`,
# `put`, `patch` without the usage of keyword arguments in your tests and
# change them to use keyword args.
Rails/HttpPositionalArguments:
  Enabled: false

# Checks for calls to puts, print, etc.
Rails/Output:
  Enabled: true
  Exclude:
    - lib/gitlab/seeder.rb
    - lib/gitlab/upgrader.rb
    - 'lib/backup/**/*'
    - 'lib/tasks/**/*'

# This cop checks for the use of output safety calls like html_safe and
# raw.
Rails/OutputSafety:
  Enabled: false

# Checks for incorrect grammar when using methods like `3.day.ago`.
Rails/PluralizationGrammar:
  Enabled: true

# Enforce using `blank?` and `present?`.
Rails/Present:
  Enabled: false

# Checks for `read_attribute(:attr)` and `write_attribute(:attr, val)`.
Rails/ReadWriteAttribute:
  Enabled: false

# Do not assign relative date to constants.
Rails/RelativeDateConstant:
  Enabled: false

# Checks the arguments of ActiveRecord scopes.
Rails/ScopeArgs:
  Enabled: true

# This cop checks for the use of Time methods without zone.
Rails/TimeZone:
  Enabled: false

# This cop checks for the use of old-style attribute validation macros.
Rails/Validation:
  Enabled: true

# RSpec #######################################################################

# Check that instances are not being stubbed globally.
RSpec/AnyInstance:
  Enabled: false

# Check for expectations where `be(...)` can replace `eql(...)`.
RSpec/BeEql:
  Enabled: true

# We don't enforce this as we use this technique in a few places.
RSpec/BeforeAfterAll:
  Enabled: false

# Check that the first argument to the top level describe is the tested class or
# module.
RSpec/DescribeClass:
  Enabled: false

# Checks that the second argument to `describe` specifies a method.
RSpec/DescribeMethod:
  Enabled: false

# Avoid describing symbols.
RSpec/DescribeSymbol:
  Enabled: true

# Checks that tests use `described_class`.
RSpec/DescribedClass:
  Enabled: true

# Checks if an example group does not include any tests.
RSpec/EmptyExampleGroup:
  Enabled: true
  CustomIncludeMethods:
    - run_permission_checks

# Checks for long example.
RSpec/ExampleLength:
  Enabled: false
  Max: 5

# Do not use should when describing your tests.
RSpec/ExampleWording:
  Enabled: false
  CustomTransform:
    be: is
    have: has
    not: does not
  IgnoredWords: []

# Checks for `expect(...)` calls containing literal values.
RSpec/ExpectActual:
  Enabled: true

# Checks for opportunities to use `expect { … }.to output`.
RSpec/ExpectOutput:
  Enabled: true

# Checks the file and folder naming of the spec file.
RSpec/FilePath:
  Enabled: true
  IgnoreMethods: true
  Exclude:
    - 'qa/**/*'
    - 'spec/javascripts/fixtures/*'
    - 'spec/requests/api/v3/*'

# Checks if there are focused specs.
RSpec/Focus:
  Enabled: true

# Checks the arguments passed to `before`, `around`, and `after`.
RSpec/HookArgument:
  Enabled: true
  EnforcedStyle: implicit

# Configuration parameters: EnforcedStyle, SupportedStyles.
# SupportedStyles: is_expected, should
RSpec/ImplicitExpect:
  Enabled: true
  EnforcedStyle: is_expected

# Checks for the usage of instance variables.
RSpec/InstanceVariable:
  Enabled: false

# Checks for `subject` definitions that come after `let` definitions.
RSpec/LeadingSubject:
  Enabled: false

# Checks unreferenced `let!` calls being used for test setup.
RSpec/LetSetup:
  Enabled: false

# Check that chains of messages are not being stubbed.
RSpec/MessageChain:
  Enabled: false

# Checks that message expectations are set using spies.
RSpec/MessageSpies:
  Enabled: false

# Checks for multiple top-level describes.
RSpec/MultipleDescribes:
  Enabled: false

# Checks if examples contain too many `expect` calls.
RSpec/MultipleExpectations:
  Enabled: false

# Checks for explicitly referenced test subjects.
RSpec/NamedSubject:
  Enabled: false

# Checks for nested example groups.
RSpec/NestedGroups:
  Enabled: false

# Enforces the usage of the same method on all negative message expectations.
RSpec/NotToNot:
  EnforcedStyle: not_to
  Enabled: true

# Check for repeated description strings in example groups.
RSpec/RepeatedDescription:
  Enabled: false

# Ensure RSpec hook blocks are always multi-line.
RSpec/SingleLineHook:
  Enabled: true
  Exclude:
    - 'spec/factories/*'
    - 'spec/requests/api/v3/*'

# Checks for stubbed test subjects.
RSpec/SubjectStub:
  Enabled: false

# Prefer using verifying doubles over normal doubles.
RSpec/VerifiedDoubles:
  Enabled: false

# GitlabSecurity ##############################################################

GitlabSecurity/DeepMunge:
  Enabled: true
  Exclude:
    - 'lib/**/*.rake'
    - 'spec/**/*'

GitlabSecurity/PublicSend:
  Enabled: true
  Exclude:
    - 'config/**/*'
    - 'db/**/*'
    - 'features/**/*'
    - 'lib/**/*.rake'
    - 'qa/**/*'
    - 'spec/**/*'

GitlabSecurity/RedirectToParamsUpdate:
  Enabled: true
  Exclude:
    - 'lib/**/*.rake'
    - 'spec/**/*'

GitlabSecurity/SqlInjection:
  Enabled: true
  Exclude:
    - 'lib/**/*.rake'
    - 'spec/**/*'

GitlabSecurity/SystemCommandInjection:
  Enabled: true
  Exclude:
    - 'lib/**/*.rake'
    - 'spec/**/*'