[Fix #1620] Fix false positives in Rails/StrongParametersExpect#1623
Merged
Conversation
This PR fixes false positives in `Rails/StrongParametersExpect` when `params[:key]` is followed by a type-check method such as `is_a?`, `kind_of?`, or `instance_of?`. These methods are inherited by `NilClass` from `BasicObject`/`Object`, so calling them on a missing parameter simply returns `false` instead of raising. Callers using `params[:key].is_a?(...)` are intentionally treating the parameter as optional, and rewriting the expression to `params.expect(:key).is_a?(...)` changes that semantics because `expect` raises `ActionController::ParameterMissing` when the parameter is absent. Since this shares the same "safe to call on `nil`" rationale as the existing `NIL_SAFE_CONVERSION_METHODS` (`to_a`, `to_f`, `to_h`, `to_i`, `to_s`), the constant is renamed to `NIL_SAFE_METHODS` and the type-check methods are merged into it rather than introducing a separate constant.
koic
deleted the
fix_false_positives_for_rails_strong_parameters_expect_with_type_check_methods
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR fixes false positives in
Rails/StrongParametersExpectwhenparams[:key]is followed by a type-check method such asis_a?,kind_of?, orinstance_of?.These methods are inherited by
NilClassfromBasicObject/Object, so calling them on a missing parameter simply returnsfalseinstead of raising. Callers usingparams[:key].is_a?(...)are intentionally treating the parameter as optional, and rewriting the expression toparams.expect(:key).is_a?(...)changes that semantics becauseexpectraisesActionController::ParameterMissingwhen the parameter is absent.Since this shares the same "safe to call on
nil" rationale as the existingNIL_SAFE_CONVERSION_METHODS(to_a,to_f,to_h,to_i,to_s), the constant is renamed toNIL_SAFE_METHODSand the type-check methods are merged into it rather than introducing a separate constant.Before submitting the PR make sure the following are checked:
[Fix #issue-number](if the related issue exists).master(if not - rebase it).bundle exec rake default. It executes all tests and runs RuboCop on its own code.{change_type}_{change_description}.mdif the new code introduces user-observable changes. See changelog entry format for details.