Bundler
Bundler/DuplicatedGem
Enabled by default | Safe | Supports autocorrection | VersionAdded | VersionChanged |
---|---|---|---|---|
Enabled |
Yes |
No |
0.46 |
- |
A Gem’s requirements should be listed only once in a Gemfile.
Examples
# bad
gem 'rubocop'
gem 'rubocop'
# bad
group :development do
gem 'rubocop'
end
group :test do
gem 'rubocop'
end
# good
group :development, :test do
gem 'rubocop'
end
# good
gem 'rubocop', groups: [:development, :test]
# good - conditional declaration
if Dir.exist?(local)
gem 'rubocop', path: local
elsif ENV['RUBOCOP_VERSION'] == 'master'
gem 'rubocop', git: 'https://github.com/rubocop/rubocop.git'
else
gem 'rubocop', '~> 0.90.0'
end
Bundler/GemComment
Enabled by default | Safe | Supports autocorrection | VersionAdded | VersionChanged |
---|---|---|---|---|
Disabled |
Yes |
No |
0.59 |
0.85 |
Each gem in the Gemfile should have a comment explaining its purpose in the project, or the reason for its version or source.
The optional "OnlyFor" configuration array can be used to only register offenses when the gems use certain options or have version specifiers.
When "version_specifiers" is included, a comment will be enforced if the gem has any version specifier.
When "restrictive_version_specifiers" is included, a comment will be enforced if the gem has a version specifier that holds back the version of the gem.
For any other value in the array, a comment will be enforced for a gem if an option by the same name is present. A useful use case is to enforce a comment when using options that change the source of a gem:
-
bitbucket
-
gist
-
git
-
github
-
source
For a full list of options supported by bundler, see https://bundler.io/man/gemfile.5.html .
Bundler/InsecureProtocolSource
Enabled by default | Safe | Supports autocorrection | VersionAdded | VersionChanged |
---|---|---|---|---|
Enabled |
Yes |
Yes |
0.50 |
- |
The symbol argument :gemcutter
, :rubygems
, and :rubyforge
are deprecated. So please change your source to URL string that
'https://rubygems.org' if possible, or 'http://rubygems.org' if not.
This autocorrect will replace these symbols with 'https://rubygems.org'. Because it is secure, HTTPS request is strongly recommended. And in most use cases HTTPS will be fine.
However, it don’t replace all sources
of http://
with https://
.
For example, when specifying an internal gem server using HTTP on the
intranet, a use case where HTTPS cannot be specified was considered.
Consider using HTTP only if you cannot use HTTPS.
Bundler/OrderedGems
Enabled by default | Safe | Supports autocorrection | VersionAdded | VersionChanged |
---|---|---|---|---|
Enabled |
Yes |
Yes |
0.46 |
0.47 |
Gems should be alphabetically sorted within groups.