Add Security/Open rubocop rule
The `open` method can be used to open files or URLs and it's deprecated in Ruby 2.7. In this case, it's clear we're dealing with a URL, so we can use `URI.parse`. The code was a bit strange, since it returned a value and had a side effect: opening the URL. I'm not sure about the intention of the code; my best guess is we wanted to test the URL exists and was accessible before returning it (and, if that's the case, IMHO the code should be a bit more explicit in order to show the intention behind it), but it could also be an unintended side effect which was there by accident. Now the URL is no longer opened; if the URL isn't accessible, we'll find out when trying to connect to it with the Savon client.
This commit is contained in:
Javi Martín
@@ -446,6 +446,9 @@ Security/Eval:
|
|||||||
Security/JSONLoad:
|
Security/JSONLoad:
|
||||||
Enabled: true
|
Enabled: true
|
||||||
|
|
||||||
|
Security/Open:
|
||||||
|
Enabled: true
|
||||||
|
|
||||||
Security/YAMLLoad:
|
Security/YAMLLoad:
|
||||||
Enabled: true
|
Enabled: true
|
||||||
|
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ class SMSApi
|
|||||||
def url
|
def url
|
||||||
return "" unless end_point_available?
|
return "" unless end_point_available?
|
||||||
|
|
||||||
open(Rails.application.secrets.sms_end_point).base_uri.to_s
|
URI.parse(Rails.application.secrets.sms_end_point).to_s
|
||||||
end
|
end
|
||||||
|
|
||||||
def authorization
|
def authorization
|
||||||
|
|||||||
Reference in New Issue
Block a user