additional rubocop coverage and packages

.rubocop.yml

@@ -0,0 +1,27 @@
+require:
+  - rubocop-minitest
+  - rubocop-performance
+  - rubocop-rake
+inherit_gem:
+  rubocop-shopify: rubocop.yml
+inherit_from: .rubocop_todo.yml
+
+AllCops:
+  NewCops: enable
+  TargetRubyVersion: "2.5"
+
+Style/ClassAndModuleChildren:
+  Exclude:
+    - test/**
+
+Naming/InclusiveLanguage:
+  Exclude:
+    - lib/loofah/helpers.rb
+    - lib/loofah/html5/safelist.rb
+
+Performance/CollectionLiteralInLoop:
+  Exclude:
+    - test/**/*.rb
+
+Rake/DuplicateTask:
+  Enabled: false

.rubocop_todo.yml

@@ -0,0 +1,14 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config --exclude-limit 50`
+# on 2023-04-02 19:26:30 UTC using RuboCop version 1.48.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 3
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
+# URISchemes: http, https
+Layout/LineLength:
+  Max: 146

Gemfile

@@ -1,2 +1,21 @@
+# frozen_string_literal: true
+
 source "https://rubygems.org/"
+
 gemspec
+
+group :development do
+  gem("hoe-markdown", ["~> 1.3"])
+  gem("json", ["~> 2.2"])
+  gem("minitest", ["~> 5.14"])
+  gem("rake", ["~> 13.0"])
+  gem("rdoc", [">= 4.0", "< 7"])
+
+  if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new("3.0.0")
+    gem("rubocop", "~> 1.1")
+    gem("rubocop-minitest", "0.29.0")
+    gem("rubocop-performance", "1.16.0")
+    gem("rubocop-rake", "0.6.0")
+    gem("rubocop-shopify", "2.12.0")
+  end
+end

Rakefile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "hoe/markdown"
 Hoe::Markdown::Standalone.new("loofah").define_markdown_tasks
 
@@ -12,17 +14,44 @@ task :generate_safelists do
   load "tasks/generate-safelists"
 end
 
-task :rubocop => [:rubocop_security, :rubocop_frozen_string_literals]
-task :rubocop_security do
-  sh "rubocop lib --only Security"
-end
-task :rubocop_frozen_string_literals do
-  sh "rubocop lib --auto-correct --only Style/FrozenStringLiteralComment"
-end
+begin
+  require "rubocop/rake_task"
+
+  module RubocopHelper
+    class << self
+      def common_options(task)
+        task.patterns += [
+          "Gemfile",
+          "Rakefile",
+          "lib",
+          "loofah.gemspec",
+          "test",
+        ]
+      end
+    end
+  end
 
-task :default => [:rubocop, :test]
+  RuboCop::RakeTask.new do |task|
+    RubocopHelper.common_options(task)
+  end
 
+  desc("Generate the rubocop todo list")
+  RuboCop::RakeTask.new("rubocop:todo") do |task|
+    RubocopHelper.common_options(task)
+    task.options << "--auto-gen-config"
+    task.options << "--exclude-limit=50"
+  end
+  Rake::Task["rubocop:todo:autocorrect"].clear
+  Rake::Task["rubocop:todo:autocorrect_all"].clear
+
+  task(default: :rubocop)
+rescue LoadError
+  warn("NOTE: rubocop not available")
+end
+
+desc "Print out the files packaged in the gem"
 task :debug_manifest do
-  spec = eval(File.read("loofah.gemspec"))
-  puts spec.files
+  puts Bundler.load_gemspec("loofah.gemspec").files
 end
+
+task(default: :test)

lib/loofah.rb

@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__))) unless $LOAD_PATH.include?(File.expand_path(File.dirname(__FILE__)))
 
 require "nokogiri"
 

lib/loofah/concerns.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 module Loofah
   #
   #  Mixes +scrub!+ into Document, DocumentFragment, Node and NodeSet.
@@ -39,7 +40,7 @@ def scrub!(scrubber)
         when Nokogiri::XML::Document
           scrubber.traverse(root) if root
         when Nokogiri::XML::DocumentFragment
-          children.scrub! scrubber
+          children.scrub!(scrubber)
         else
           scrubber.traverse(self)
         end
@@ -54,12 +55,15 @@ def scrub!(scrubber)
       end
     end
 
-    def ScrubBehavior.resolve_scrubber(scrubber) # :nodoc:
-      scrubber = Scrubbers::MAP[scrubber].new if Scrubbers::MAP[scrubber]
-      unless scrubber.is_a?(Loofah::Scrubber)
-        raise Loofah::ScrubberNotFound, "not a Scrubber or a scrubber name: #{scrubber.inspect}"
+    class << self
+      def resolve_scrubber(scrubber) # :nodoc:
+        scrubber = Scrubbers::MAP[scrubber].new if Scrubbers::MAP[scrubber]
+        unless scrubber.is_a?(Loofah::Scrubber)
+          raise Loofah::ScrubberNotFound, "not a Scrubber or a scrubber name: #{scrubber.inspect}"
+        end
+
+        scrubber
       end
-      scrubber
     end
   end
 
@@ -96,12 +100,12 @@ def text(options = {})
       if options[:encode_special_chars] == false
         result # possibly dangerous if rendered in a browser
       else
-        encode_special_chars result
+        encode_special_chars(result)
       end
     end
 
-    alias :inner_text :text
-    alias :to_str :text
+    alias_method :inner_text, :text
+    alias_method :to_str, :text
 
     #
     #  Returns a plain-text version of the markup contained by the fragment, with HTML entities
@@ -114,15 +118,15 @@ def text(options = {})
     #    # => "\nTitle\n\nContent\nNext line\n"
     #
     def to_text(options = {})
-      Loofah.remove_extraneous_whitespace self.dup.scrub!(:newline_block_elements).text(options)
+      Loofah.remove_extraneous_whitespace(dup.scrub!(:newline_block_elements).text(options))
     end
   end
 
   module DocumentDecorator # :nodoc:
     def initialize(*args, &block)
       super
-      self.decorators(Nokogiri::XML::Node) << ScrubBehavior::Node
-      self.decorators(Nokogiri::XML::NodeSet) << ScrubBehavior::NodeSet
+      decorators(Nokogiri::XML::Node) << ScrubBehavior::Node
+      decorators(Nokogiri::XML::NodeSet) << ScrubBehavior::NodeSet
     end
   end
 
@@ -151,8 +155,10 @@ def remove_comments_before_html_element(doc)
       end
     end
 
-    def self.included(base)
-      base.extend(ClassMethods)
+    class << self
+      def included(base)
+        base.extend(ClassMethods)
+      end
     end
 
     def serialize_root
@@ -172,29 +178,30 @@ def parse(tags, encoding = nil)
       end
 
       def document_klass
-        @document_klass ||= if (Loofah.html5_support? && self == Loofah::HTML5::DocumentFragment)
+        @document_klass ||= if Loofah.html5_support? && self == Loofah::HTML5::DocumentFragment
           Loofah::HTML5::Document
-        elsif (self == Loofah::HTML4::DocumentFragment)
+        elsif self == Loofah::HTML4::DocumentFragment
           Loofah::HTML4::Document
         else
           raise ArgumentError, "unexpected class: #{self}"
         end
       end
     end
 
-    def self.included(base)
-      base.extend(ClassMethods)
+    class << self
+      def included(base)
+        base.extend(ClassMethods)
+      end
     end
 
     def to_s
       serialize_root.children.to_s
     end
 
-    alias :serialize :to_s
+    alias_method :serialize, :to_s
 
     def serialize_root
       at_xpath("./body") || self
     end
   end
 end
-