Add RuboCop linting and newline enforcement

[justin808]

Summary

Adds comprehensive linting and code quality enforcement using RuboCop.

Changes

1. RuboCop Configuration

• Added RuboCop with extensions (rubocop-rake, rubocop-rspec)
• Created .rubocop.yml with sensible defaults
• Enforces frozen string literals, trailing newlines, consistent style

2. Rake Tasks (rakelib/lint.rake)

• rake lint - Run all linters
• rake lint:fix - Auto-fix issues
• rake check_newlines - Verify files end with newlines
• rake fix_newlines - Fix missing newlines
• rake ci - Run all checks (specs, lint, newlines)

3. Pre-commit Hook (bin/install-hooks)

• Installable script for git pre-commit hook
• Checks newlines on all files
• Runs RuboCop on staged Ruby files
• Prevents commits with issues

4. GitHub Actions (.github/workflows/lint.yml)

• Runs on all PRs and pushes to master
• Enforces linting in CI
• Checks for missing newlines

Benefits

• ✅ Consistent code style across the project
• ✅ All files guaranteed to end with newlines
• ✅ Automated enforcement both locally and in CI
• ✅ Easy to fix issues with rake lint:fix and rake fix_newlines

Installation

To install pre-commit hook locally:

./bin/install-hooks

This is a separate PR from the release script changes for independent review.

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features

  • Installer for a Git pre-commit hook that runs lint and trailing-newline checks before commits.
  • Local "ci" task to run tests, linting, and newline validation in one command.
  • Tasks to check and auto-fix missing final newlines.

• Chores

  • CI lint workflow added to run on pushes and pull requests.
  • RuboCop configuration and lint/auto-correct tasks introduced.
  • Development tooling updated and minimum Ruby requirement raised to >= 3.0; one CI job's Ruby version bumped.

[coderabbitai]

Walkthrough

Adds linting infrastructure: GitHub Actions lint workflow, RuboCop configs (.rubocop.yml and .rubocop_todo.yml) and dev dependencies, Rake lint/newline tasks and a CI aggregate task, a git pre-commit hook installer, and updates Ruby to 3.0.6 for the rails_6_1 CI job.

Changes

Cohort / File(s)	Summary of Changes
CI Lint Workflow \.github/workflows/lint\.yml	New GitHub Actions workflow triggering on push/PR to main/master; checks out repo, sets up Ruby 3.0.6 with Bundler cache, runs bundle exec rubocop and bundle exec rake check_newlines.
CI Job Update \.github/workflows/ruby\.yml	Updated Ruby version for rails_6_1 job: 2.7.6 → 3.0.6.
RuboCop Configuration .rubocop.yml, .rubocop_todo.yml	Adds project RuboCop config and generated todo file, sets TargetRubyVersion 3.0, enables plugins (rubocop-rake, rubocop-rspec), many per-cop settings, excludes, and a large set of suppressed offenses in the todo file.
Rake Lint Tasks Rakefile, rakelib/lint.rake	Adds ci aggregate task (spec, lint, check_newlines) and lint tasks: rubocop, rubocop:autocorrect, lint, lint:fix, check_newlines (detect missing final newline), and fix_newlines (append final newline). Introduces binary_file? helper and MAX_FILE_SIZE.
Git Hook Installer bin/install-hooks	New installer script that writes a pre-commit hook running rake check_newlines and RuboCop on staged Ruby files; creates hooks dir, writes hook, sets executable bit, and prints installation/skip messages with error handling.
Gemspec / Ruby Requirement cypress-on-rails.gemspec	Adds development dependencies: rubocop (~> 1.81), rubocop-rake (~> 0.7), rubocop-rspec (~> 3.7) and sets s.required_ruby_version = '>= 3.0.0'.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant GH as GitHub
  participant GA as Actions: Lint Job
  participant Runner as ubuntu-latest
  participant Bundler as Bundler/Ruby
  participant Rake as Rake

  Dev->>GH: Push / Open PR (main/master)
  GH-->>GA: Trigger lint workflow
  GA->>Runner: checkout repo
  GA->>Bundler: setup Ruby 3.0.6 + bundler cache
  GA->>Bundler: bundle install
  GA->>Bundler: bundle exec rubocop
  GA->>Rake: bundle exec rake check_newlines
  GA-->>GH: Report status (pass/fail)
  note right of GA: RuboCop + newline checks run in CI

Loading

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant Git as Git client
  participant Hook as pre-commit hook
  participant Rake as Rake
  participant RuboCop as RuboCop

  Dev->>Git: git commit
  Git->>Hook: run pre-commit
  Hook->>Rake: bundle exec rake check_newlines
  alt Missing final newline
    Rake-->>Hook: exit non-zero
    Hook-->>Dev: abort commit, print message
  else All files OK
    Hook->>Hook: detect staged *.rb / *.rake
    alt Ruby files staged
      Hook->>RuboCop: bundle exec rubocop on staged files
      alt Lint failures
        RuboCop-->>Hook: exit non-zero
        Hook-->>Dev: abort commit, print instructions
      else Clean
        RuboCop-->>Hook: zero exit
        Hook-->>Git: allow commit
      end
    else No Ruby files
      Hook-->>Git: allow commit
    end
  end
  note over Hook: Local guardrails for newline and RuboCop

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Pay attention to: rakelib/lint.rake newline detection/fixing logic and binary-file heuristic; pre-commit installer error handling; CI workflow Ruby version consistency and Bundler/cache steps.

Suggested reviewers

• grantspeelman

Poem

I hop where tidy rubies shine,
Newlines placed at every line.
RuboCop hums, Rake beats the drum,
Hooks guard commits till checks are done.
Carrots, code, and clean release — hooray! 🥕🐇

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "Add RuboCop linting and newline enforcement" accurately captures the primary objectives of the changeset. The modifications across multiple files—including new RuboCop configuration files (.rubocop.yml, .rubocop_todo.yml), Rake tasks for linting and newline checks (rakelib/lint.rake), a GitHub Actions workflow (.github/workflows/lint.yml), a pre-commit hook installer (bin/install-hooks), and updated gemspec dependencies—all directly support these two core goals. The title is clear, specific, and concise (43 characters), avoiding vague or misleading language. It provides sufficient clarity for a developer scanning the PR history to understand the main purpose without requiring additional context.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch justin808/add-rubocop-linting

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Code Review - PR #193: Add RuboCop linting and newline enforcement

Summary

This PR adds comprehensive linting infrastructure with RuboCop, automated newline enforcement, and CI/CD integration. Overall, this is a well-structured and valuable addition to the project that will improve code quality and consistency.

✅ Strengths

1. Comprehensive Linting Setup

• Well-configured .rubocop.yml with sensible defaults for a gem project
• Appropriate exclusions (vendor, tmp, pkg, node_modules, specs_e2e)
• Target Ruby version 2.6 aligns with gem compatibility needs
• Good balance between strictness and pragmatism

2. Developer Experience

• Clear rake tasks with intuitive naming (lint, lint:fix, check_newlines, fix_newlines)
• Excellent pre-commit hook with helpful error messages and auto-fix suggestions
• Optional hook installation via ./bin/install-hooks - non-invasive approach
• CI task consolidation with rake ci

3. CI/CD Integration

• Separate workflow file keeps concerns separated
• Uses modern GitHub Actions (checkout@v4, ruby/setup-ruby@v1)
• Bundler caching for faster CI runs

⚠️ Issues & Suggestions

High Priority

1. Ruby Version Mismatch in CI (.github/workflows/lint.yml:19)
The lint workflow uses Ruby 3.2, but .rubocop.yml targets Ruby 2.6, and the main test workflow tests against 2.7.6, 3.1.3, and 3.2.2. Recommend using Ruby 2.7.6 (minimum supported) to ensure RuboCop rules work across all versions.

2. Missing File Encoding Check in Newline Tasks (rakelib/lint.rake:28, 50)
File.read without explicit encoding may fail on files with non-UTF-8 encoding or binary files. Add encoding handling and rescue for binary files.

3. Inefficient File Globbing (rakelib/lint.rake:23, 45)
Reads all files then filters, including large directories like vendor/ and node_modules/. Exclude directories in glob pattern or use regex-based rejection.

Medium Priority

4. Pre-commit Hook Runs Against All Files (bin/install-hooks:16)
Checks ALL files on every commit, even if only one file changed. This can be slow in large repos. Only check staged files to improve performance.

5. Shell Script Quoting Issue (bin/install-hooks:24, 26)
If filenames contain spaces, the RuboCop command will break. Use xargs for proper handling of filenames with spaces.

6. RuboCop Configuration: Frozen String Literals (.rubocop.yml:54-58)
Enabling this will require adding frozen_string_literal comments to ALL Ruby files in the project. This wasn't mentioned in the PR description. Either run rake lint:fix before merging to add all frozen string literals across the codebase, or start with Enabled: false and enable in a follow-up PR.

7. Missing Version Constraints (cypress-on-rails.gemspec:25-27)
No version constraints could lead to breaking changes when RuboCop releases major versions. Add version constraints like '~> 1.50' for rubocop.

Low Priority

8. Task Description Clarity (rakelib/lint.rake:8-9)
The -A flag does auto-correct all (unsafe corrections too). Consider documenting this in the task description.

9. CI Task Doesn't Match Default (Rakefile:9, 11)
default doesn't include linting, but ci does. This inconsistency means local rake runs won't catch lint issues. Consider whether default should also run lint.

10. Missing CHANGELOG Entry
No CHANGELOG.md entry for these significant changes. Add entry documenting new rake tasks, RuboCop addition, and pre-commit hook.

🔒 Security Considerations

✅ No security concerns identified:

• Pre-commit hook is opt-in (requires manual installation)
• No credentials or secrets handling
• RuboCop extensions are from trusted sources

🧪 Test Coverage

⚠️ Missing Tests:

• No tests for the new rake tasks (check_newlines, fix_newlines)
• bin/install-hooks script is untested

Consider adding basic specs to verify the rake tasks work correctly.

📊 Performance Considerations

• CI Impact: Adds ~30-60 seconds to CI runtime (acceptable)
• Pre-commit Impact: Could be slow if checking all files (see issue Define the scenario_bank instance variable before calling it #4)
• File I/O: Newline tasks read files twice (once in check, once in fix) - acceptable for current use

🎯 Recommendations Summary

Before Merging:

1. ✋ Fix Ruby version mismatch in lint.yml (Usage instructions #1)
2. ✋ Add encoding handling to newline tasks (Seems to generate a cypress directory in the main folder #2)
3. ✋ Either disable frozen string literals or run autofixes on entire codebase (Fixes for first run #6)
4. 👍 Add version constraints to RuboCop gems (Making cypress on rails more generic #7)
5. 👍 Add CHANGELOG entry (Add deprecation warnings #10)

Follow-up PRs:

• Optimize file globbing (Tests failing after initial installation and configuration #3)
• Optimize pre-commit hook to only check staged files (Define the scenario_bank instance variable before calling it #4)
• Fix shell script quoting (uninitialized constant Cypress::Runner::Open3 (NameError) #5)
• Add tests for rake tasks
• Consider adding lint to default rake task (setupScenario returning a response #9)

Overall Assessment

LGTM with changes requested 🟡

This is high-quality work that will significantly improve the project's code quality and maintainability. The configuration is sensible, the developer experience is excellent, and the CI integration is clean. The issues identified are mostly minor optimizations, except for items #1, #2, and #6 which should be addressed before merging.

Great job on this PR! 🎉

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (3)

cypress-on-rails.gemspec (1)

25-27: Pin RuboCop versions to prevent breaking changes.

Development dependencies without version constraints can introduce breaking changes or security vulnerabilities when newer versions are released. Consider pinning to major versions to ensure consistent behavior across environments.

Apply this diff to add version constraints:

-  s.add_development_dependency 'rubocop'
-  s.add_development_dependency 'rubocop-rake'
-  s.add_development_dependency 'rubocop-rspec'
+  s.add_development_dependency 'rubocop', '~> 1.0'
+  s.add_development_dependency 'rubocop-rake', '~> 0.6'
+  s.add_development_dependency 'rubocop-rspec', '~> 3.0'

rakelib/lint.rake (2)

23-29: Consider memory efficiency for large files.

Reading entire files into memory (line 28) could cause issues with large files (e.g., lockfiles, generated assets). Consider checking file size before reading or using a buffered approach that only reads the last bytes.

Apply this diff to add a size check:

     next unless File.file?(file)
 
+    # Skip files larger than 10MB to avoid memory issues
+    next if File.size(file) > 10 * 1024 * 1024
+    
     content = File.read(file)
     files_without_newline << file unless content.empty? || content.end_with?("\n")

Alternatively, for a more robust solution that handles large files:

# Check only the last byte(s) for newline without loading entire file
File.open(file, 'rb') do |f|
  f.seek(-1, IO::SEEK_END) rescue next
  files_without_newline << file unless f.read(1) == "\n"
end

---

23-25: Extract duplicate file filtering logic.

The file exclusion logic is duplicated between check_newlines and fix_newlines. Extract this into a shared helper method to follow DRY principles and ease maintenance.

Add this helper at the top of the file (after line 1):

# frozen_string_literal: true

def files_to_check
  Dir.glob('**/*.{rb,rake,yml,yaml,md,gemspec,ru,erb,js,json}').each do |file|
    next if file.include?('vendor/') || file.include?('node_modules/') || file.include?('.git/')
    next if file.include?('pkg/') || file.include?('tmp/') || file.include?('coverage/')
    next unless File.file?(file)
    yield file
  end
end

Then update both tasks:

 task :check_newlines do
   files_without_newline = []
 
-  Dir.glob('**/*.{rb,rake,yml,yaml,md,gemspec,ru,erb,js,json}').each do |file|
-    next if file.include?('vendor/') || file.include?('node_modules/') || file.include?('.git/')
-    next if file.include?('pkg/') || file.include?('tmp/') || file.include?('coverage/')
-    next unless File.file?(file)
-
+  files_to_check do |file|
     content = File.read(file)
     files_without_newline << file unless content.empty? || content.end_with?("\n")
   end

Also applies to: 45-47

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8615fc7 and 5c95af2.

📒 Files selected for processing (6)

• .github/workflows/lint.yml (1 hunks)
• .rubocop.yml (1 hunks)
• Rakefile (1 hunks)
• bin/install-hooks (1 hunks)
• cypress-on-rails.gemspec (1 hunks)
• rakelib/lint.rake (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: claude-review
• GitHub Check: rails_6_1
• GitHub Check: rails_7_2
• GitHub Check: rails_8

🔇 Additional comments (3)

rakelib/lint.rake (1)

3-11: LGTM!

The RuboCop task definitions are correct and use safe, hardcoded commands.

Rakefile (1)

8-9: LGTM!

The CI task provides a convenient entry point for running all checks. The task dependencies are correctly defined and the tasks exist in the appropriate files.

.rubocop.yml (1)

5-7: Verify Ruby 2.6 support or update to a supported version
Ruby 2.6 reached EOL in March 2022 and no longer receives security updates. Confirm whether the project must still support 2.6; if not, bump TargetRubyVersion in .rubocop.yml to 2.7 or 3.x.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Add error handling and consider TOCTOU risks.

The current implementation has potential issues:

1. Memory efficiency: Same concern as check_newlines - reading large files into memory
2. TOCTOU race condition: File could be modified between read (line 50) and write (line 52)
3. No error handling: File.write could fail partway through, potentially corrupting files
4. Atomicity: Should write to temp file and rename for atomic updates

Apply this diff to improve safety:

     content = File.read(file)
     unless content.empty? || content.end_with?("\n")
-      File.write(file, content + "\n")
-      fixed_files << file
+      begin
+        # Write to temp file first for atomicity
+        temp_file = "#{file}.tmp"
+        File.write(temp_file, content + "\n")
+        File.rename(temp_file, file)
+        fixed_files << file
+      rescue => e
+        warn "Failed to fix #{file}: #{e.message}"
+        File.delete(temp_file) if File.exist?(temp_file)
+      end
     end

Or consider using File.open with append mode which is safer for just adding a newline:

unless content.empty? || content.end_with?("\n")
  begin
    File.open(file, 'a') { |f| f.write("\n") }
    fixed_files << file
  rescue => e
    warn "Failed to fix #{file}: #{e.message}"
  end
end

🤖 Prompt for AI Agents

In rakelib/lint.rake around lines 45–55, avoid reading entire file into memory
and fix TOCTOU/atomicity and error handling: instead of File.read + File.write,
open the file and check only the final byte (seek to the end or use File.size?)
to determine if a trailing newline is missing, then either append a newline with
File.open(file, 'a') inside a begin/rescue to handle and log errors, or write to
a temporary file and perform an atomic rename (write to tmp in same directory,
fsync, then File.rename) to avoid corruption; ensure you rescue exceptions from
IO operations, warn or log failures including the filename and error message,
and only add the file to fixed_files on successful write/rename.

[MUTOgen]

LGTM
Let's try this out on CI

[claude]

PR Review: Add RuboCop linting and newline enforcement

Summary

This PR adds comprehensive linting infrastructure with RuboCop, custom rake tasks, pre-commit hooks, and CI integration. Overall, this is a well-structured and valuable addition to the project that will improve code quality and consistency.

Strengths

1. Comprehensive Implementation

• Well-organized rake tasks for linting and newline enforcement
• Both local pre-commit hooks and CI integration
• Auto-fix capabilities (rake lint:fix, rake fix_newlines)
• Clear documentation in the PR description

2. Good RuboCop Configuration

• Reasonable line length limit (120 chars)
• Appropriate exclusions for specs, rake tasks, and generated code
• Plugin support for RSpec and Rake
• Sensible defaults that aren't overly strict

3. Developer Experience

• Clear installation script (bin/install-hooks)
• Helpful error messages with guidance
• Optional hook bypass with --no-verify
• Unified CI task for all checks

Issues & Concerns

Critical: Ruby Version Inconsistency

Issue: The PR enforces Ruby 3.0+ but the existing CI workflow still tests against Ruby 2.7.6 for Rails 6.1:

• .rubocop.yml:6 sets TargetRubyVersion: 3.0
• cypress-on-rails.gemspec:29 requires >= 3.0.0
• .github/workflows/lint.yml:19 uses Ruby 3.0
• BUT .github/workflows/ruby.yml:18 uses Ruby 2.7.6 for the rails_6_1 job

Impact:

• The rails_6_1 CI job will fail with the new gemspec requirement
• Potential breaking change for users on Ruby 2.7

Recommendation: Either:

1. Keep Ruby 2.7 support and update all configs to 2.7, OR
2. Update .github/workflows/ruby.yml to use Ruby 3.0+ for all jobs (may require dropping Rails 6.1 on Ruby 2.7 support)

Medium: Missing Lint CI Integration

Issue: The new lint workflow (.github/workflows/lint.yml) is not integrated with the main CI workflow.

Current State:

• Linting runs as a separate workflow
• Main test workflow doesn't include lint checks
• Developers might push code that passes tests but fails linting

Recommendation: Add lint checks to the existing .github/workflows/ruby.yml or ensure both workflows are required for PRs.

Low: Pre-commit Hook Shell Compatibility

File: bin/install-hooks:50

Issue: The pre-commit hook uses #!/bin/sh but includes Bash-specific syntax patterns (particularly the grep with complex regex).

Code:

files=$(git diff --cached --name-only --diff-filter=ACM | grep -E '\\.(rb|rake)$')

Recommendation: Change shebang to #!/usr/bin/env bash for better compatibility, or ensure the script is POSIX-compliant.

Low: File Globbing Patterns Could Be More Efficient

File: rakelib/lint.rake:23,45

Issue: The glob pattern includes many file types but manually checks directories:

Dir.glob('**/*.{rb,rake,yml,yaml,md,gemspec,ru,erb,js,json}').each do |file|
  next if file.include?('vendor/') || file.include?('node_modules/')
  # ...

Recommendation: Use glob exclusions instead:

Dir.glob('**/*.{rb,rake,yml,yaml,md,gemspec,ru,erb,js,json}', File::FNM_EXTGLOB)
  .reject { |f| f.start_with?('vendor/', 'node_modules/', '.git/', 'pkg/', 'tmp/', 'coverage/') }

This is more efficient and cleaner.

Low: Hardcoded File Extensions

Files: rakelib/lint.rake:23,45 and bin/install-hooks:24

Issue: File extensions are hardcoded in multiple places. If you need to add/remove extensions, you'd have to update multiple locations.

Recommendation: Consider defining file patterns in a shared location (e.g., in the Rakefile or a shared module).

Performance Considerations

Pre-commit Hook Performance

The pre-commit hook runs RuboCop on all staged Ruby files, which is good. However, for large commits, this could be slow. Consider:

• Adding a timeout or file count warning
• Documenting the expected performance impact

Newline Checks

The check_newlines task reads entire file contents into memory for each file. For large projects, this could be memory-intensive. Consider using File.foreach with a single-line read or checking just the last character.

Security Concerns

No Major Security Issues

The changes don't introduce security vulnerabilities. The pre-commit hook is local-only and doesn't expose sensitive data.

Minor: Shell Injection in Pre-commit Hook

File: bin/install-hooks:26

While not currently exploitable (since $files comes from git diff), it's good practice to quote variables:

bundle exec rubocop "$files"

However, this might break if there are multiple files. A more robust approach:

if [ -n "$files" ]; then
  echo "$files" | xargs bundle exec rubocop
fi

Test Coverage

Missing Tests for New Rake Tasks

The PR doesn't include tests for the new rake tasks in rakelib/lint.rake. Consider adding specs for:

• check_newlines behavior
• fix_newlines behavior
• File exclusion logic

Missing Tests for Pre-commit Hook Installer

No tests for bin/install-hooks. Consider adding integration tests or at least manual testing documentation.

Code Quality & Best Practices

Excellent Use of Frozen String Literals

Good adherence to Ruby best practices with frozen string literal comments.

Clear Task Descriptions

All rake tasks have clear descriptions, which is excellent for discoverability.

Good Error Handling

The tasks provide helpful output and exit codes, making debugging easier.

Recommendations Summary

Must Fix (Before Merge)

1. Resolve Ruby version inconsistency - Critical compatibility issue

Should Fix (High Priority)

2. Integrate lint checks into main CI workflow
3. Add tests for new rake tasks

Nice to Have (Low Priority)

4. Fix shell compatibility in pre-commit hook
5. Optimize file globbing patterns
6. Quote variables in shell script
7. Document performance characteristics

Conclusion

This is a high-quality PR that adds important infrastructure for code quality. The implementation is thoughtful and well-documented. The main blocker is the Ruby version inconsistency that needs to be resolved before merging.

Recommendation: Request changes to fix the Ruby version issue, then approve with suggestions for follow-up improvements.

---

Great work on this PR! The linting infrastructure will definitely help maintain code quality going forward. 🎉

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

rakelib/lint.rake (1)

41-63: Issues with memory, atomicity, and error handling are covered in prior review.

The prior review comment on lines 45-55 thoroughly addresses the concerns with this task including memory efficiency, TOCTOU risks, lack of error handling, and non-atomic writes. Please refer to that comment for detailed recommendations.

🧹 Nitpick comments (1)

rakelib/lint.rake (1)

19-39: Consider optimizing memory usage for large files.

The task reads entire file contents into memory to check the final character. For large files, this could be inefficient. Consider checking only the last byte using File.size and File.read(file, 1, File.size(file) - 1) or similar approach.

Example optimization:

-    content = File.read(file)
-    files_without_newline << file unless content.empty? || content.end_with?("\n")
+    if File.size(file) > 0
+      File.open(file, 'rb') do |f|
+        f.seek(-1, IO::SEEK_END)
+        files_without_newline << file unless f.read(1) == "\n"
+      end
+    end

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5c95af2 and 2b30230.

📒 Files selected for processing (6)

• .github/workflows/lint.yml (1 hunks)
• .rubocop.yml (1 hunks)
• Rakefile (1 hunks)
• bin/install-hooks (1 hunks)
• cypress-on-rails.gemspec (1 hunks)
• rakelib/lint.rake (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• bin/install-hooks

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: claude-review
• GitHub Check: rails_8
• GitHub Check: rails_7_2

🔇 Additional comments (6)

.github/workflows/lint.yml (2)

1-11: LGTM: Workflow triggers and job setup are appropriate.

The workflow correctly triggers on pushes and PRs to the main branches, ensuring linting runs on all relevant changes.

---

16-26: Ruby version consistency achieved.

The workflow uses Ruby 3.0, which correctly aligns with .rubocop.yml (TargetRubyVersion: 3.0) and cypress-on-rails.gemspec (required_ruby_version >= 3.0.0). The linting steps are properly configured.

Rakefile (1)

6-9: LGTM: CI task composition is clean and comprehensive.

The new ci task effectively orchestrates specs, linting, and newline checks. Preserving the existing default task maintains backward compatibility for developers who run rake without arguments.

cypress-on-rails.gemspec (1)

25-29: LGTM: Development dependencies and Ruby requirement are properly configured.

The RuboCop dependencies use appropriate version constraints, and the Ruby version requirement (>= 3.0.0) aligns with the workflow and RuboCop configuration. All dependencies are correctly scoped as development-only.

.rubocop.yml (1)

1-76: LGTM: RuboCop configuration is well-balanced and properly aligned.

The configuration appropriately:

• Targets Ruby 3.0 (matching workflow and gemspec)
• Enables NewCops for ongoing maintenance
• Excludes common vendor/generated directories
• Relaxes metrics for specs and rake files where verbosity is acceptable
• Enforces trailing newlines and frozen string literals (best practices)
• Sets reasonable RSpec limits

rakelib/lint.rake (1)

1-17: LGTM: Lint task wrappers are clean and properly structured.

The RuboCop wrapper tasks and orchestration tasks (lint/lint:fix) are well-organized. The use of sh will automatically fail the rake task if RuboCop exits with a non-zero status, providing appropriate error propagation.

[claude]

Pull Request Review: Add RuboCop linting and newline enforcement

Summary

This PR introduces comprehensive linting infrastructure with RuboCop and newline enforcement, which is a valuable addition to the project's code quality tooling. The implementation is generally well-structured, but there are several areas that need attention.

---

🔴 Critical Issues

1. Pre-commit Hook Security & Compatibility Issues (bin/install-hooks:24-26)

files=$(git diff --cached --name-only --diff-filter=ACM | grep -E '\.(rb|rake)$')
if [ -n "$files" ]; then
  bundle exec rubocop $files

Problems:

• Shell injection vulnerability: $files is unquoted, which can break or cause security issues with filenames containing spaces or special characters
• Word splitting: Unquoted variables will undergo word splitting, potentially breaking the command

Recommendation:

files=$(git diff --cached --name-only --diff-filter=ACM | grep -E '\.(rb|rake)$')
if [ -n "$files" ]; then
  echo "$files" | xargs -r bundle exec rubocop
fi

Or use an array-based approach for better safety.

2. Potential Performance Issue in Rake Tasks (rakelib/lint.rake:27-32, 52-60)

The newline checking tasks read entire file contents into memory for every file, which could be problematic for:

• Large files (especially in specs_e2e/ which is excluded by RuboCop but not by newline checks)
• Binary files that slip through the glob pattern

Recommendations:

1. Add explicit size limit or streaming approach for large files
2. Add binary file detection to skip non-text files
3. Consider excluding the same directories as RuboCop (specs_e2e, e2e, vendor, etc.)

---

⚠️ Moderate Issues

3. Inconsistent Exclusion Patterns

The RuboCop config excludes specs_e2e/**/* and e2e/**/*, but the newline rake tasks don't. This creates an inconsistency where:

• RuboCop won't lint these files
• But newline checks will still run on them

Recommendation: Align the excluded directories between RuboCop and newline tasks.

4. GitHub Actions: Redundant Lint Execution (.github/workflows/ruby.yml:23-24)

The main workflow now runs bundle exec rake lint in each job, but there's also a separate lint.yml workflow. This means:

• Lint checks run twice on every PR (once in lint.yml, once in each ruby.yml job)
• This increases CI time and resource usage unnecessarily

My recommendation: Remove the lint steps from ruby.yml since you have a dedicated lint workflow.

5. Ruby Version Pinning in CI (.github/workflows/lint.yml:19)

This uses Ruby 3.0 (latest patch), but ruby.yml uses 3.0.6 for Rails 6.1. For consistency and reproducibility, consider pinning to the same version across all workflows.

---

📝 Code Quality & Best Practices

6. Missing Error Handling

bin/install-hooks doesn't handle edge cases:

• What if .git/hooks creation fails (permissions)?
• What if the hook file write fails?
• No validation that we're in a git repository

Recommendation: Add basic error handling

7. Code Style: Prefer Consistent Naming

In rakelib/lint.rake:9-10, the naming auto_correct doesn't match RuboCop's actual flag -A. Consider renaming to rubocop:autocorrect or rubocop:fix.

---

🔒 Security Considerations

8. No Major Security Issues

Beyond the shell injection issue in #1, the code is secure. Consider adding the rubocop-security gem for additional security-focused linting rules.

---

✅ What's Good

1. Excellent documentation in the PR description
2. Frozen string literals enforced - good for performance
3. Sensible RuboCop defaults that aren't overly strict
4. Pre-commit hook is a great developer experience improvement
5. Rake task organization is clean and follows conventions
6. CI integration ensures linting is enforced
7. Auto-fix capabilities (rake lint:fix, rake fix_newlines) are very helpful

---

🧪 Test Coverage

Issue: No tests were added for the new functionality.

Missing test coverage:

• Tests for check_newlines and fix_newlines rake tasks
• Tests for the pre-commit hook installer behavior
• Edge cases: empty files, files without extensions, binary files, etc.

---

🎯 Action Items

Must Fix (Before Merge)

1. Fix shell injection vulnerability in bin/install-hooks (quoting issue)
2. Decide on lint workflow duplication strategy (remove from one workflow)

Should Fix

3. Add excluded directories to newline tasks to match RuboCop exclusions
4. Add binary file detection to prevent reading non-text files
5. Add error handling to bin/install-hooks
6. Pin Ruby version consistently across all workflows

Nice to Have

7. Add test coverage for new rake tasks
8. Consider adding more RuboCop plugins (security, performance)
9. Add file size limits for newline checking

---

📊 Overall Assessment

Code Quality: 7/10 - Good structure, but has some bugs and missing error handling
Security: 8/10 - One shell injection issue, otherwise safe
Performance: 7/10 - Potential issues with large files
Test Coverage: 3/10 - No tests for new functionality
Best Practices: 8/10 - Follows Ruby conventions well

Recommendation: Request changes to fix the critical issues, then approve after those are addressed.

---

Great work on improving code quality infrastructure! Once the critical issues are addressed, this will be a solid addition to the project. 🚀

[claude]

Pull Request Review: Add RuboCop Linting and Newline Enforcement

Overall Assessment

This is a well-structured PR that adds comprehensive linting infrastructure to the project. The implementation is clean, thoughtful, and follows best practices. The changes are isolated and won't impact existing functionality while providing valuable code quality improvements.

✅ Strengths

1. Excellent RuboCop Configuration

• Sensible defaults with appropriate exclusions for generated and external code
• Good balance between strictness and practicality (e.g., 120 char line limit)
• Proper use of RuboCop plugins (rubocop-rake, rubocop-rspec)
• Thoughtful exemptions for specs and generated files

2. Robust Newline Checking Implementation

The rakelib/lint.rake file shows strong engineering:

• Binary file detection with proper error handling
• File size limits (10MB) to prevent performance issues
• Efficient file reading (only checks last 2 bytes for newlines)
• Clear, actionable error messages
• Both check and auto-fix capabilities

3. Developer Experience

• Clear, user-friendly error messages with emojis
• Pre-commit hook installer with comprehensive error handling
• Multiple ways to run lints (manual, rake tasks, CI)
• Hook can be bypassed with --no-verify when needed

4. CI/CD Integration

• Clean separation of lint workflow from test workflow
• Runs on both PRs and pushes to master/main
• Uses modern GitHub Actions (v4 for checkout, v1 for ruby/setup-ruby)

🔍 Issues & Recommendations

Critical Issues

None found. This PR is production-ready.

Minor Suggestions

1. Pre-commit Hook: Check for Bundle Install

File: bin/install-hooks:22,33

The pre-commit hook assumes bundle exec will work, but doesn't verify. Consider adding a check:

if ! command -v bundle &> /dev/null; then
  echo "⚠️  Warning: bundler not found. Install with: gem install bundler"
  exit 1
fi

2. Rake Task: Potential Edge Case

File: rakelib/lint.rake:54-57

The newline check seeks to [f.size - 2, 0].max but only checks if it ends with \n. On Windows, files might use \r\n (CRLF). While this project likely targets Unix-like systems, consider documenting this behavior or handling CRLF.

3. Binary File Detection: Non-printable Character Range

File: rakelib/lint.rake:30

The regex "\x01-\x08\x0B\x0C\x0E-\x1F\x7F-\xFF" is correct but could benefit from a comment explaining why certain bytes (like \x09 tab, \x0A newline, \x0D carriage return) are excluded from the range.

4. Gemspec: Potential Compatibility Issue

File: cypress-on-rails.gemspec:29

The new required_ruby_version = '>= 3.0.0' is a breaking change for users on Ruby 2.7 (which the previous CI used). Consider:

• Documenting this in the CHANGELOG/release notes
• Bumping the major/minor version when this is released
• Alternatively, keeping Ruby 2.7 support if there's no strong need for 3.0+ features in this gem

The PR description doesn't mention this breaking change, so it might catch users off guard.

5. GitHub Actions: Ruby Version Consistency

File: .github/workflows/lint.yml:19

The lint workflow uses Ruby 3.0.6, but the main ruby.yml workflow now also uses 3.0.6 (changed from 2.7.6). This is good consistency, but the higher Rails versions use 3.1.3 and 3.2.2. Consider:

• Using the same Ruby version as the minimum supported (3.0.6) across all linting
• Or using the latest stable Ruby for linting to catch any future compatibility issues early

6. Documentation: Installation Instructions

The PR body mentions ./bin/install-hooks but doesn't document that users need to run this after pulling the PR. Consider adding to:

• Project README
• CONTRIBUTING.md (if one exists)
• A notice in the PR description for existing contributors

🎯 Code Quality Assessment

Category	Rating	Notes
Code Quality	⭐⭐⭐⭐⭐	Clean, idiomatic Ruby with proper error handling
Best Practices	⭐⭐⭐⭐⭐	Follows Ruby and RuboCop community standards
Security	⭐⭐⭐⭐⭐	No security concerns; safe file operations
Performance	⭐⭐⭐⭐⭐	Efficient implementations with size limits
Maintainability	⭐⭐⭐⭐⭐	Well-organized, easy to extend
Documentation	⭐⭐⭐⭐	Good inline comments; could use more user docs
Testing	⭐⭐⭐	No tests for new rake tasks (see below)

🧪 Test Coverage Concerns

The new rake tasks in rakelib/lint.rake don't have accompanying tests. While these are relatively simple scripts, consider adding specs for:

• Binary file detection logic
• Newline checking edge cases (empty files, very small files, CRLF files)
• File exclusion patterns

Example test structure:

# spec/rake/lint_rake_spec.rb
RSpec.describe 'lint rake tasks' do
  describe 'binary_file?' do
    it 'detects files with null bytes as binary'
    it 'detects files with high non-printable ratio as binary'
    it 'identifies text files correctly'
  end
end

🔒 Security Review

✅ No security concerns identified

• File operations use safe Ruby methods
• No shell injection risks (proper use of arrays with sh and xargs)
• Binary file detection prevents reading potentially dangerous files
• File size limits prevent DoS through large file reads
• Git hook doesn't introduce security vulnerabilities

📊 Performance Considerations

✅ Performance is well-considered

• 10MB file size limit prevents memory issues
• Efficient seeking to file end rather than reading entire file
• Excluded directories reduce unnecessary file scanning
• .reject and .select chains could be combined for minor performance gain, but current implementation is more readable

🎬 Next Steps / Recommendations

1. ✅ Merge this PR - It's ready and adds significant value
2. Document the Ruby version requirement change in release notes
3. Consider adding a CONTRIBUTING.md with setup instructions including hook installation
4. Add tests for the new rake tasks (can be a follow-up PR)
5. Consider adding the ci rake task to your main CI workflow

📝 Nitpicks (Optional)

1. bin/install-hooks:16 - The heredoc for bash could use proper quoting for the variable references (though they're fine in this context)
2. The ci task in Rakefile could have a desc that mentions it's useful locally to simulate CI

---

Recommendation: ✅ APPROVE with minor suggestions

This is excellent work! The linting infrastructure is well-implemented and will significantly improve code quality going forward. The minor suggestions above are optional improvements that could be addressed in follow-up PRs.

Great job, @justin808! 🎉

🤖 Review generated with Claude Code

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (2)

bin/install-hooks (1)

20-26: Inconsistency: Newline check runs on all files, not just staged files.

The check_newlines task checks the entire repository, while the RuboCop check (lines 28-38) only lints staged files. This inconsistency means developers could be blocked from committing due to pre-existing issues in unstaged files, making incremental fixes difficult.

Consider one of these approaches:

1. Document this as intentional behavior if the goal is to enforce repository-wide newline compliance
2. Make check_newlines accept a file list parameter and pass only staged files

For approach 2, you could modify the Rake task to accept files as arguments and update the hook:

  # Check for files missing newlines
  echo "Checking for files missing newlines..."
- bundle exec rake check_newlines
+ staged_files=$(git diff --cached --name-only --diff-filter=ACM)
+ if [ -n "$staged_files" ]; then
+   echo "$staged_files" | xargs bundle exec ruby -e '
+     files = ARGV
+     files_without_newline = files.select do |f|
+       File.file?(f) && File.size(f) > 0 && File.size(f) < 10485760 &&
+       File.open(f, "rb") { |file| file.seek([file.size - 2, 0].max); tail = file.read; !tail.end_with?("\n") }
+     end
+     if files_without_newline.any?
+       puts "Files missing final newline:"
+       files_without_newline.each { |f| puts "  #{f}" }
+       exit 1
+     end
+   '
+ fi
  if [ $? -ne 0 ]; then
    echo "❌ Some files are missing final newlines. Run 'bundle exec rake fix_newlines' to fix."
    exit 1
  fi

rakelib/lint.rake (1)

82-87: Add error handling and atomic writes to prevent file corruption.

The current implementation has risks flagged in previous reviews that remain unaddressed:

1. Memory inefficiency: Line 83 reads the entire file into memory, problematic for files approaching the 10MB limit
2. No atomic writes: Writing directly (line 85) without a temp file risks corruption if the write fails partway
3. No error handling: File.write failures are not caught

Apply this diff to add error handling and atomic writes:

    # Read file to check if it needs a newline
-   content = File.read(file)
-   unless content.empty? || content.end_with?("\n")
-     File.write(file, content + "\n")
-     fixed_files << file
+   # Check if newline is needed by reading only the end
+   needs_newline = File.open(file, 'rb') do |f|
+     return false if f.size == 0
+     f.seek([f.size - 2, 0].max)
+     tail = f.read
+     !tail.end_with?("\n")
+   end
+   
+   if needs_newline
+     begin
+       # Atomic write: write to temp file, then rename
+       temp_file = "#{file}.tmp.#{Process.pid}"
+       content = File.read(file)
+       File.write(temp_file, content + "\n")
+       File.rename(temp_file, file)
+       fixed_files << file
+     rescue StandardError => e
+       warn "Failed to fix #{file}: #{e.message}"
+       File.delete(temp_file) if File.exist?(temp_file)
+     end
    end

Alternatively, for a simpler approach that just appends:

-   content = File.read(file)
-   unless content.empty? || content.end_with?("\n")
-     File.write(file, content + "\n")
-     fixed_files << file
+   # Check if newline is needed
+   needs_newline = File.open(file, 'rb') do |f|
+     next false if f.size == 0
+     f.seek([f.size - 2, 0].max)
+     tail = f.read
+     !tail.end_with?("\n")
+   end
+   
+   if needs_newline
+     begin
+       File.open(file, 'a') { |f| f.write("\n") }
+       fixed_files << file
+     rescue StandardError => e
+       warn "Failed to fix #{file}: #{e.message}"
+     end
    end

🧹 Nitpick comments (1)

rakelib/lint.rake (1)

41-68: LGTM: Memory-efficient newline checking.

The implementation efficiently reads only the last 2 bytes (line 55) rather than loading entire files into memory. The file filtering chain (size, type, binary check) is well-designed.

Minor: Line 57 could be simplified slightly:

-      files_without_newline << file unless tail.nil? || tail.empty? || tail.end_with?("\n")
+      files_without_newline << file if tail && !tail.empty? && !tail.end_with?("\n")

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between df7bcfd and ec4e82a.

📒 Files selected for processing (4)

• .github/workflows/lint.yml (1 hunks)
• .github/workflows/ruby.yml (1 hunks)
• bin/install-hooks (1 hunks)
• rakelib/lint.rake (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• .github/workflows/ruby.yml
• .github/workflows/lint.yml

🔇 Additional comments (6)

bin/install-hooks (4)

1-10: LGTM: Git repository validation.

The repository check and error handling are appropriate. The frozen string literal pragma and clean script structure follow Ruby best practices.

---

28-38: Good: Safe handling of filenames with special characters.

The use of printf with xargs correctly handles filenames containing spaces and special characters, addressing the command injection vulnerability from previous reviews. The || true on line 30 prevents grep from failing when no Ruby files are staged.

---

43-65: LGTM: Comprehensive error handling for file operations.

Each file operation (directory creation, file write, chmod) is properly wrapped with error handling that provides clear error messages and exits with a non-zero status.

---

67-72: LGTM: Clear user guidance.

The success message clearly explains what the hook does and provides the --no-verify option for emergency bypasses.

rakelib/lint.rake (2)

3-17: LGTM: Clean task definitions and dependency structure.

The RuboCop tasks and lint aliases are well-structured using standard Rake patterns. The use of task dependencies (:rubocop, 'rubocop:autocorrect') is idiomatic.

---

19-36: LGTM: Robust binary file detection.

The binary_file? helper appropriately checks for null bytes and non-printable character ratios. The error handling (lines 33-35) that assumes unreadable files are binary is a safe default for this use case.

[claude]

Pull Request Review: Add RuboCop Linting and Newline Enforcement

Summary

This PR adds comprehensive linting infrastructure using RuboCop with automated enforcement via pre-commit hooks and CI. The implementation is well-structured and addresses code quality systematically.

✅ Strengths

1. Excellent Progressive Enhancement Strategy

• Using .rubocop_todo.yml to document existing violations without blocking progress is the right approach
• Allows CI to pass while tracking technical debt for future cleanup
• The inherit_from pattern is clean and maintainable

2. Comprehensive Security Fixes (commit ec4e82a)

• Fixed shell injection vulnerability in pre-commit hook using printf and xargs
• Proper handling of filenames with spaces/special characters
• Good security awareness shown in the evolution of the code

3. Performance Optimizations

• Binary file detection prevents unnecessary processing
• 10MB file size limit prevents memory issues
• Efficient file filtering using reject/select chains
• Reading only last bytes for newline detection instead of entire file (rakelib/lint.rake:54-57)

4. Good CI/CD Integration

• Dedicated lint workflow (.github/workflows/lint.yml)
• Consistent Ruby version (3.0.6) across workflows
• Proper separation of concerns (dedicated lint.yml vs main ruby.yml)

5. Developer Experience

• Clear error messages with actionable remediation steps
• Pre-commit hook is installable via simple script
• Ability to skip hooks with --no-verify for emergencies
• Well-documented rake tasks

🔍 Issues and Recommendations

Critical Issues

None found - The security and performance issues identified during development were properly addressed.

Test Coverage - Main Gap

The PR adds significant new functionality but doesn't include tests for:

• check_newlines task behavior
• fix_newlines task behavior
• binary_file? helper method
• Edge cases: empty files, files without extensions, symlinks

Code Quality Improvements

1. Hardcoded Excluded Directories

The excluded directories are duplicated between check_newlines and fix_newlines. Extract to a constant at the top of rakelib/lint.rake

2. Magic Numbers (rakelib/lint.rake:30-31)

Document the binary detection thresholds as constants

3. Pre-commit Hook Performance

The hook checks ALL files for newlines on every commit. For large repos, consider only checking staged files

📋 Checklist for Merge

• ✅ Code follows Ruby best practices
• ✅ Security vulnerabilities addressed
• ✅ Performance optimizations implemented
• ✅ CI/CD integration complete
• ⚠️ Test coverage for new rake tasks - Consider adding
• ✅ Documentation complete (PR description is excellent)
• ✅ Ruby version consistency enforced

Overall Assessment

This is a high-quality PR that adds valuable tooling to the project. The security fixes, performance optimizations, and progressive enhancement strategy (using .rubocop_todo.yml) demonstrate excellent engineering judgment.

The main gap is test coverage for the new rake tasks, but this doesn't block the PR given the quality of the implementation and the comprehensive manual testing evident from the commit history.

Recommendation: APPROVE with suggestion to add tests in follow-up PR

Great work on this contribution! The attention to security, performance, and developer experience is commendable.

---

Review generated by Claude Code

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.rubocop_todo.yml (1)

1-582: Consider documenting the plan to gradually resolve todo items.

The todo file effectively captures all current RuboCop violations, which is valuable for an incremental linting rollout. However, the codebase would benefit from a brief note (e.g., in a DEVELOPMENT.md or similar) documenting the plan to progressively shrink this file over time—for example, by targeting specific files or cops in future PRs. This helps set expectations and keeps the team focused on making progress.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ec4e82a and 90366b0.

📒 Files selected for processing (4)

• .rubocop.yml (1 hunks)
• .rubocop_todo.yml (1 hunks)
• cypress-on-rails.gemspec (1 hunks)
• rakelib/lint.rake (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• cypress-on-rails.gemspec
• rakelib/lint.rake
• .rubocop.yml

🔇 Additional comments (3)

.rubocop_todo.yml (3)

1-7: Verify inheritance relationship with .rubocop.yml.

This auto-generated todo file is a standard way to suppress existing RuboCop violations in an existing codebase. Per the PR description, .rubocop.yml should inherit from this file. Confirm that the inheritance is correctly configured in .rubocop.yml (typically via inherit_from: .rubocop_todo.yml).

---

428-429: Clarify rationale for disabling Style/FrozenStringLiteralComment and Style/StringLiterals globally.

Unlike other cops which exclude specific files, these two style rules are disabled entirely (Enabled: false). This is an unusual pattern for a todo file—most violations are typically excluded per-file. Confirm whether this is intentional, and consider documenting the reasoning (e.g., performance, scope reduction, or planned future enforcement).

Also applies to: 556-557

---

212-237: Metric thresholds are reasonable for an existing codebase.

The configured maximums (e.g., AbcSize: 51, MethodLength: 28, ClassLength: 200) are appropriate for gradually introducing linting. These allow the team to address high-priority violations first while maintaining a feasible baseline.