test: add rubocop security checks to the default rake task

Closes #564
sparklemotion · Feb 7, 2021 · b5bd4ac · b5bd4ac
1 parent 91d9d0b
commit b5bd4ac
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 2 deletions.
diff --git a/Rakefile b/Rakefile
@@ -38,4 +38,9 @@ task publish_docs: %w[rdoc] do
   sh 'rsync', '-avzO', '--delete', 'doc/', 'docs-push.seattlerb.org:/data/www/docs.seattlerb.org/mechanize/'
 end
 
-task default: :test
+desc "Run rubocop security check"
+task :rubocop_security do
+  sh "rubocop lib --only Security"
+end
+
+task default: [:rubocop_security, :test]
diff --git a/lib/mechanize/cookie_jar.rb b/lib/mechanize/cookie_jar.rb
@@ -148,7 +148,7 @@ def load(input, *options)
       return super(input, opthash) if opthash[:format] != :yaml
 
       begin
-        data = YAML.load(input)
+        data = YAML.load(input) # rubocop:disable Security/YAMLLoad
       rescue ArgumentError
         @logger.warn "unloadable YAML cookie data discarded" if @logger
         return self

diff --git a/mechanize.gemspec b/mechanize.gemspec
@@ -56,4 +56,6 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency("webrobots", ["< 0.2", ">= 0.0.9"])
   spec.add_runtime_dependency('addressable', "~> 2.7")
   spec.add_runtime_dependency('webrick', "~> 1.7")
+
+  spec.add_development_dependency("rubocop", "~> 1.7")
 end