Favor #public_send over #send using Rubocop's cop #2618
Conversation
Devs keep using `#send` although that method does not preserve private/protected visibility. Watching after this turned out to be quite time-consuming while doing code review. Currently, the Style/Send cop doesn't enforce `#public_send` however (that's what we want). It simply discourages the use of #send. See rubocop/rubocop#2081 (comment) for details. So a new entry on the Code Conventions doc has been added to overcome this limitation: https://github.com/openfoodfoundation/openfoodnetwork/wiki/Code-Conventions#prefer-public_send-over-send
|
There are 50 warnings, this means that when a dev touches one of these files in a PR, they will have to fix it to the new convention. Correct? |
|
AFAIK that Cop doesn't have autocorrect but I can try to fix them |
sauloperez
force-pushed
the
enable-style-send-cop
branch
4 times, most recently
from
c8b0d0f to
e99fee1
Compare
| @@ -44,7 +44,7 @@ def changeable_orders_alert | |||
| private | |||
|
|
|||
| def filtered_json(products_json) | |||
| if applicator.send(:rules).any? | |||
| if applicator.rules.any? | |||
There was a problem hiding this comment.
I made this one public. If we use it from outside, it's part of applicator's public API
| @@ -10,7 +10,7 @@ module Admin | |||
| # Only show payment methods that user has access to and sort by distributor name | |||
| # ! Redundant code copied from Spree::Admin::ResourceController with modifications marked | |||
| def collection | |||
| return parent.send(controller_name) if parent_data.present? | |||
| return parent.controller_name if parent_data.present? | |||
There was a problem hiding this comment.
controller_name is a public method
There was a problem hiding this comment.
The original did not call send(:controller_name). Doesn't it call a method with the same name as the controller?
There was a problem hiding this comment.
💩 yes, I went too fast on this one. Thanks for the heads-up!
| @@ -15,7 +15,7 @@ def ng_form_for(name, *args, &block) | |||
| # spree.foo_path in any view rendered from non-spree-namespaced controllers. | |||
| def method_missing(method, *args, &block) | |||
| if (method.to_s.end_with?('_path') || method.to_s.end_with?('_url')) && spree.respond_to?(method) | |||
| spree.send(method, *args) | |||
| spree.public_send(method, *args) | |||
There was a problem hiding this comment.
Rails' URL helpers are public
| @@ -12,7 +12,7 @@ def initialize(klass, collection, attributes={}, reject_if=nil, delete_if=nil) | |||
| @collection = attributes[:collection] if attributes[:collection] | |||
|
|
|||
| attributes.each do |name, value| | |||
| send("#{name}=", value) | |||
| public_send("#{name}=", value) | |||
There was a problem hiding this comment.
the setters of a model are meant to be public
| @@ -41,7 +41,7 @@ def resume | |||
| return false unless order_cycle.orders_close_at.andand > Time.zone.now | |||
| transaction do | |||
| update_column(:canceled_at, nil) | |||
| order.send('resume') if order | |||
| order.resume if order | |||
There was a problem hiding this comment.
these two methods are public
| @@ -83,7 +83,7 @@ def relevant_address_attrs | |||
|
|
|||
| def addresses_match?(order_address, subscription_address) | |||
| relevant_address_attrs.all? do |attr| | |||
| order_address[attr] == subscription_address.send("#{attr}_was") || | |||
| order_address[attr] == subscription_address.public_send("#{attr}_was") || | |||
There was a problem hiding this comment.
AR's dirty attributes API is public
| @@ -42,7 +42,7 @@ def self.parse(payload, sso_secret = nil) | |||
| if BOOLS.include? k | |||
| val = ["true", "false"].include?(val) ? val == "true" : nil | |||
| end | |||
| sso.send("#{k}=", val) | |||
| sso.public_send("#{k}=", val) | |||
There was a problem hiding this comment.
each of these K are defined as public attr_accessor in line 11
| base.extend(ActiveModel::Naming) | ||
| base.extend(ActiveModel::Callbacks) | ||
| base.include(ActiveModel::Validations) | ||
| base.include(Paperclip::Glue) |
There was a problem hiding this comment.
extend and include are public Module methods in Ruby 2.1.5 https://ruby-doc.org/core-2.1.5/Module.html#method-i-include
| base.send :define_model_callbacks, :save, only: [:after] | ||
| base.send :define_model_callbacks, :commit, only: [:after] | ||
| base.send :define_model_callbacks, :destroy, only: [:before, :after] | ||
| base.define_model_callbacks(:save, only: [:after]) |
There was a problem hiding this comment.
sauloperez
force-pushed
the
enable-style-send-cop
branch
2 times, most recently
from
c376f70 to
7346ed4
Compare
|
Thanks for the heads-up. I think this now deserves a smoke test. |
Looks like the tests are smoking already... |
|
lol @Matt-Yorkley |
sauloperez
force-pushed
the
enable-style-send-cop
branch
from
7346ed4 to
74bf97a
Compare
There was a problem hiding this comment.
That's a lot of changes...
Great stuff.
@sauloperez What parts of the application should be tested more carefully in staging?
| @@ -10,7 +10,7 @@ module Admin | |||
| # Only show payment methods that user has access to and sort by distributor name | |||
| # ! Redundant code copied from Spree::Admin::ResourceController with modifications marked | |||
| def collection | |||
| return parent.send(controller_name) if parent_data.present? | |||
| return parent.controller_name if parent_data.present? | |||
There was a problem hiding this comment.
The original did not call send(:controller_name). Doesn't it call a method with the same name as the controller?
sauloperez
force-pushed
the
enable-style-send-cop
branch
from
74bf97a to
5a06e82
Compare
sauloperez
force-pushed
the
enable-style-send-cop
branch
from
5a06e82 to
b23cb55
Compare
|
I have extended the list of features to test. Thanks @luisramos0 ! |
|
Staged on https://staging.katuma.org/ |
|
FINALLY! |
What? Why?
Devs keep using
#sendalthough that method does not preserveprivate/protected visibility. Watching after this turned out to be quite
time-consuming while doing code review.
Currently, the Style/Send cop doesn't enforce
#public_sendhowever(that's what we want). It simply discourages the use of #send. See
rubocop/rubocop#2081 (comment)
for details. So a new entry on the Code Conventions doc has been added
to overcome this limitation:
https://github.com/openfoodfoundation/openfoodnetwork/wiki/Code-Conventions#prefer-public_send-over-send
What should we test?
A smoke test, including:
admin/variant_overridesURL)admin/orders/:order_id/paymentsURL)Although very little, these features are affected by this change.
Release notes
Ensure devs use
#public_sendover#sendby enabling a Rubocop cop.Changelog Category: Added