Merge pull request #8 from rapid7/master

hhhh

Author: Pedro Ribeiro

.rubocop.yml

@@ -9,7 +9,7 @@
 # inherit_from: .rubocop_todo.yml
 
 AllCops:
-  TargetRubyVersion: 2.2
+  TargetRubyVersion: 2.4
 
 Metrics/ClassLength:
   Description: 'Most Metasploit modules are quite large. This is ok.'
@@ -45,6 +45,10 @@ Style/RedundantReturn:
   Description: 'This often looks weird when mixed with actual returns, and hurts nothing'
   Enabled: false
 
+Naming/VariableNumber:
+  Description: 'To make it easier to use reference code, disable this cop'
+  Enabled: false
+
 Style/NumericPredicate:
   Description: 'This adds no efficiency nor space saving'
   Enabled: false
@@ -55,14 +59,18 @@ Style/Documentation:
   Exclude:
     - 'modules/**/*'
 
-Layout/IndentHeredoc:
+Layout/SpaceInsideArrayLiteralBrackets:
   Enabled: false
-  Description: 'We need to leave this disabled for Ruby 2.2 compat, remove in 2018'
+  Description: 'Almost all module metadata have space in brackets'
 
 Style/GuardClause:
   Enabled: false
   Description: 'This often introduces bugs in tested code'
 
+Style/EmptyLiteral:
+  Enabled: false
+  Description: 'This looks awkward when you mix empty and non-empty literals'
+
 Style/NegatedIf:
   Enabled: false
   Description: 'This often introduces bugs in tested code'
@@ -72,9 +80,16 @@ Style/ConditionalAssignment:
   Description: 'This is confusing for folks coming from other languages'
 
 Style/Encoding:
-  Enabled: true
   Description: 'We prefer binary to UTF-8.'
-  EnforcedStyle: 'when_needed'
+  Enabled: false
+
+Style/ParenthesesAroundCondition:
+  Enabled: false
+  Description: 'This is used in too many places to discount, especially in ported code. Has little effect'
+
+Style/TrailingCommaInArrayLiteral:
+  Enabled: false
+  Description: 'This is often a useful pattern, and is actually required by other languages. It does not hurt.'
 
 Metrics/LineLength:
   Description: >-
@@ -83,17 +98,24 @@ Metrics/LineLength:
   Enabled: true
   Max: 180
 
+Metrics/BlockLength:
+  Enabled: true
+  Description: >-
+                  While the style guide suggests 10 lines, exploit definitions
+                  often exceed 200 lines.
+  Max: 300
+
 Metrics/MethodLength:
   Enabled: true
   Description: >-
                   While the style guide suggests 10 lines, exploit definitions
                   often exceed 200 lines.
   Max: 300
 
-# Basically everything in metasploit needs binary encoding, not UTF-8.
-# Disable this here and enforce it through msftidy
-Style/Encoding:
-  Enabled: false
+Naming/UncommunicativeMethodParamName:
+  Enabled: true
+  Description: 'Whoever made this requirement never looked at crypto methods, IV'
+  MinNameLength: 2
 
 # %q() is super useful for long strings split over multiple lines and
 # is very common in module constructors for things like descriptions
@@ -104,11 +126,31 @@ Style/NumericLiterals:
   Enabled: false
   Description: 'This often hurts readability for exploit-ish code.'
 
+Layout/AlignHash:
+  Enabled: false
+  Description: 'aligning info hashes to match these rules is almost impossible to get right'
+
+Layout/EmptyLines:
+  Enabled: false
+  Description: 'these are used to increase readability'
+
+Layout/EmptyLinesAroundClassBody:
+  Enabled: false
+  Description: 'these are used to increase readability'
+
+Layout/EmptyLinesAroundMethodBody:
+  Enabled: false
+  Description: 'these are used to increase readability'
+
 Layout/AlignParameters:
   Enabled: true
   EnforcedStyle: 'with_fixed_indentation'
   Description: 'initialize method of every module has fixed indentation for Name, Description, etc'
 
+Style/For:
+  Enabled: false
+  Description: 'if a module is written with a for loop, it cannot always be logically replaced with each'
+
 Style/StringLiterals:
   Enabled: false
   Description: 'Single vs double quote fights are largely unproductive.'

.ruby-version

@@ -1 +1 @@
-2.6.1
+2.6.2

.travis.yml

@@ -11,10 +11,8 @@ addons:
       - graphviz
 language: ruby
 rvm:
-  - '2.3.8'
-  - '2.4.5'
-  - '2.5.3'
-  - '2.6.1'
+  - '2.5.5'
+  - '2.6.2'
 
 env:
   - CMD='bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content"'
@@ -25,11 +23,6 @@ env:
 
 matrix:
   fast_finish: true
-  exclude:
-  - rvm: '2.3.8'
-    env: CMD='bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" REMOTE_DB=1'
-  - rvm: '2.4.5'
-    env: CMD='bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" REMOTE_DB=1'
 
 jobs:
   # build docker image

CONTRIBUTING.md

@@ -20,12 +20,15 @@ it into Metasploit's master branch.  If you do not care to follow these rules, y
 * **Do** stick to the [Ruby style guide] and use [Rubocop] to find common style issues.
 * **Do** follow the [50/72 rule] for Git commit messages.
 * **Do** license your code as BSD 3-clause, BSD 2-clause, or MIT.
-* **Do** create a [topic branch] to work on instead of working directly on `master` to preserve the
-  history of your pull request.  See [PR#8000] for an example of losing commit history as soon as
-  you update your own master branch.
+* **Do** create a [topic branch] to work on instead of working directly on `master`.
+  This helps protect the process, ensures users are aware of commits on the branch being considered for merge,
+  allows for a location for more commits to be offered without mingling with other contributor changes,
+  and allows contributors to make progress while a PR is still being reviewed.
+
 
 ### Pull Requests
 
+* **Do** write "WIP" on your PR and/or open a [draft PR] if submitting **working** yet unfinished code.
 * **Do** target your pull request to the **master branch**.
 * **Do** specify a descriptive title to make searching for your pull request easier.
 * **Do** include [console output], especially for witnessable effects in `msfconsole`.
@@ -84,7 +87,7 @@ curve, so keep it up!
 [Rubocop]:https://rubygems.org/search?query=rubocop
 [50/72 rule]:http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
 [topic branch]:http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches
-[PR#8000]:https://github.com/rapid7/metasploit-framework/pull/8000
+[draft PR]:https://help.github.com/en/articles/about-pull-requests#draft-pull-requests
 [console output]:https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks
 [verification steps]:https://help.github.com/articles/writing-on-github#task-lists
 [reference associated issues]:https://github.com/blog/1506-closing-issues-via-pull-requests

Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:2.6.1-alpine3.9 AS builder
+FROM ruby:2.6.2-alpine3.9 AS builder
 LABEL maintainer="Rapid7"
 
 ARG BUNDLER_ARGS="--jobs=8 --without development test coverage"
@@ -29,15 +29,14 @@ RUN apk add --no-cache \
       git \
     && echo "gem: --no-ri --no-rdoc" > /etc/gemrc \
     && gem update --system \
-    && gem install bundler \
     && bundle install --clean --no-cache --system $BUNDLER_ARGS \
     # temp fix for https://github.com/bundler/bundler/issues/6680
     && rm -rf /usr/local/bundle/cache \
     # needed so non root users can read content of the bundle
     && chmod -R a+r /usr/local/bundle
 
 
-FROM ruby:2.6.1-alpine3.9
+FROM ruby:2.6.2-alpine3.9
 LABEL maintainer="Rapid7"
 
 ENV APP_HOME=/usr/src/metasploit-framework