DEV Community

Sourya Vatsyayan for DeepSource

Posted on • Edited on • Originally published at deepsource.io

Release: DeepSource Ruby analyzer lands in beta

Ever since its inception in 1995, Ruby has been a programming language that is "a simple Lisp language at its core, with an object system like that of Smalltalk, blocks inspired by higher-order functions, and practical utility like that of Perl".

Add to it the fact that you get to use Rails, and you have one of the most loved and widely used programming languages in the world. What's not to love!

Today, we are excited to launch continuous static analysis for Ruby, detecting 170+ issues, like bug risks, anti-patterns, security vulnerabilities, and style issues.

Using the Ruby analyzer

To start analyzing your Ruby code, just enable the ruby analyzer in your .deepsource.toml file, and you are good to go.

Sample configuration

version = 1

test_patterns = [
  "test/**",
  "*_test.rb"
]

exclude_patterns = [
  "vendor/**",
  "**/examples/**"
]

[[analyzers]]
name = "ruby"
enabled = true

Issues detected by the Ruby analyzer

At the time of writing this, the analyzer detects 170+ issues in your Ruby code, across categories like bug risks, anti-patterns, security vulnerabilities, and style issues. Here's some of them to give you an idea:

Bug risks:

  • Iterable is called with with_index, but its value is never used
  • Unreachable code detected

Security issues:

  • Use of Kernel#open detected
  • Use of Kernel#eval/Binding#eval detected

Antipatterns:

  • A block can be used that cleans up resources automatically on closing
  • Use of class variables detected

We're very excited about this release, and hope that this will help you avoid many issues in your code, and make writing Ruby even more fun! Head over to the docs or tell us what you think!

Top comments (0)