Merge branch 'sh-upgrade-rubocop-0.68.0-ce' into 'master'

Upgrade to Rubocop 0.68.1

See merge request gitlab-org/gitlab-ce!28046

.haml-lint.yml

@@ -97,6 +97,7 @@ linters:
       - Cop/LineBreakAroundConditionalBlock
       - Cop/ProjectPathHelper
       - GitlabSecurity/PublicSend
+      - Layout/EmptyLineAfterGuardClause
       - Layout/LeadingCommentSpace
       - Layout/SpaceAfterColon
       - Layout/SpaceAfterComma
@@ -112,11 +113,13 @@ linters:
       - Lint/LiteralInInterpolation
       - Lint/ParenthesesAsGroupedExpression
       - Lint/RedundantWithIndex
+      - Lint/SafeNavigationConsistency
       - Lint/Syntax
       - Metrics/BlockNesting
       - Naming/VariableName
       - Performance/RedundantMatch
       - Performance/StringReplacement
+      - Rails/LinkToBlank
       - Rails/Presence
       - Rails/RequestReferer
       - Style/AndOr
@@ -134,6 +137,7 @@ linters:
       - Style/TernaryParentheses
       - Style/TrailingCommaInHashLiteral
       - Style/UnlessElse
+      - Style/UnneededCondition
       - Style/WordArray
       - Style/ZeroLengthPredicate
 

Gemfile

@@ -349,13 +349,14 @@ group :development, :test do
   gem 'spring', '~> 2.0.0'
   gem 'spring-commands-rspec', '~> 1.0.4'
 
-  gem 'gitlab-styles', '~> 2.5', require: false
+  gem 'gitlab-styles', '~> 2.6', require: false
   # Pin these dependencies, otherwise a new rule could break the CI pipelines
-  gem 'rubocop', '~> 0.54.0'
+  gem 'rubocop', '~> 0.68.1'
+  gem 'rubocop-performance', '~> 1.1.0'
   gem 'rubocop-rspec', '~> 1.22.1'
 
   gem 'scss_lint', '~> 0.56.0', require: false
-  gem 'haml_lint', '~> 0.28.0', require: false
+  gem 'haml_lint', '~> 0.30.0', require: false
   gem 'simplecov', '~> 0.14.0', require: false
   gem 'bundler-audit', '~> 0.5.0', require: false
 

Gemfile.lock

@@ -297,9 +297,10 @@ GEM
     gitlab-markup (1.7.0)
     gitlab-sidekiq-fetcher (0.4.0)
       sidekiq (~> 5)
-    gitlab-styles (2.5.2)
-      rubocop (~> 0.54.0)
+    gitlab-styles (2.6.2)
+      rubocop (~> 0.68.1)
       rubocop-gitlab-security (~> 0.1.0)
+      rubocop-performance (~> 1.1.0)
       rubocop-rspec (~> 1.19)
     gitlab_omniauth-ldap (2.1.1)
       net-ldap (~> 0.16)
@@ -357,7 +358,7 @@ GEM
     haml (5.0.4)
       temple (>= 0.8.0)
       tilt
-    haml_lint (0.28.0)
+    haml_lint (0.30.0)
       haml (>= 4.0, < 5.1)
       rainbow
       rake (>= 10, < 13)
@@ -407,6 +408,7 @@ GEM
     jaeger-client (0.10.0)
       opentracing (~> 0.3)
       thrift
+    jaro_winkler (1.5.2)
     jira-ruby (1.4.1)
       activesupport
       multipart-post
@@ -585,7 +587,7 @@ GEM
       rubypants (~> 0.2)
     orm_adapter (0.5.0)
     os (1.0.0)
-    parallel (1.12.1)
+    parallel (1.17.0)
     parser (2.5.3.0)
       ast (~> 2.4.0)
     parslet (1.8.2)
@@ -615,7 +617,6 @@ GEM
     pg (1.1.4)
     po_to_json (1.0.1)
       json (>= 1.6.0)
-    powerpack (0.1.1)
     premailer (1.10.4)
       addressable
       css_parser (>= 1.4.10)
@@ -787,15 +788,17 @@ GEM
       pg
       rails
       sqlite3
-    rubocop (0.54.0)
+    rubocop (0.68.1)
+      jaro_winkler (~> 1.5.1)
       parallel (~> 1.10)
-      parser (>= 2.5)
-      powerpack (~> 0.1)
+      parser (>= 2.5, != 2.5.1.1)
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (~> 1.0, >= 1.0.1)
+      unicode-display_width (>= 1.4.0, < 1.6)
     rubocop-gitlab-security (0.1.1)
       rubocop (>= 0.51)
+    rubocop-performance (1.1.0)
+      rubocop (>= 0.67.0)
     rubocop-rspec (1.22.2)
       rubocop (>= 0.52.1)
     ruby-enum (0.7.2)
@@ -803,7 +806,7 @@ GEM
     ruby-fogbugz (0.2.1)
       crack (~> 0.4)
     ruby-prof (0.17.0)
-    ruby-progressbar (1.9.0)
+    ruby-progressbar (1.10.0)
     ruby-saml (1.7.2)
       nokogiri (>= 1.5.10)
     ruby_parser (3.11.0)
@@ -929,7 +932,7 @@ GEM
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.7.5)
-    unicode-display_width (1.3.2)
+    unicode-display_width (1.5.0)
     unicorn (5.4.1)
       kgio (~> 2.6)
       raindrops (~> 0.7)
@@ -1065,7 +1068,7 @@ DEPENDENCIES
   gitlab-labkit (~> 0.2.0)
   gitlab-markup (~> 1.7.0)
   gitlab-sidekiq-fetcher (~> 0.4.0)
-  gitlab-styles (~> 2.5)
+  gitlab-styles (~> 2.6)
   gitlab_omniauth-ldap (~> 2.1.1)
   gon (~> 6.2)
   google-api-client (~> 0.23)
@@ -1078,7 +1081,7 @@ DEPENDENCIES
   graphiql-rails (~> 1.4.10)
   graphql (~> 1.8.0)
   grpc (~> 1.19.0)
-  haml_lint (~> 0.28.0)
+  haml_lint (~> 0.30.0)
   hamlit (~> 2.8.8)
   hangouts-chat (~> 0.0.5)
   hashie-forbidden_attributes
@@ -1171,7 +1174,8 @@ DEPENDENCIES
   rspec-set (~> 0.1.3)
   rspec_junit_formatter
   rspec_profiling (~> 0.0.5)
-  rubocop (~> 0.54.0)
+  rubocop (~> 0.68.1)
+  rubocop-performance (~> 1.1.0)
   rubocop-rspec (~> 1.22.1)
   ruby-fogbugz (~> 0.2.1)
   ruby-prof (~> 0.17.0)

app/controllers/help_controller.rb

@@ -7,7 +7,7 @@ class HelpController < ApplicationController
 
   # Taken from Jekyll
   # https://github.com/jekyll/jekyll/blob/3.5-stable/lib/jekyll/document.rb#L13
-  YAML_FRONT_MATTER_REGEXP = /\A(---\s*\n.*?\n?)^((---|\.\.\.)\s*$\n?)/m
+  YAML_FRONT_MATTER_REGEXP = /\A(---\s*\n.*?\n?)^((---|\.\.\.)\s*$\n?)/m.freeze
 
   def index
     # Remove YAML frontmatter so that it doesn't look weird

app/controllers/import/bitbucket_server_controller.rb

@@ -15,8 +15,8 @@ class Import::BitbucketServerController < Import::BaseController
   # (https://community.atlassian.com/t5/Answers-Developer-Questions/stash-repository-names/qaq-p/499054)
   #
   # Bitbucket Server starts personal project names with a tilde.
-  VALID_BITBUCKET_PROJECT_CHARS = /\A~?[\w\-\.\s]+\z/
-  VALID_BITBUCKET_CHARS = /\A[\w\-\.\s]+\z/
+  VALID_BITBUCKET_PROJECT_CHARS = /\A~?[\w\-\.\s]+\z/.freeze
+  VALID_BITBUCKET_CHARS = /\A[\w\-\.\s]+\z/.freeze
 
   def new
   end

app/helpers/auth_helper.rb

@@ -2,7 +2,7 @@
 
 module AuthHelper
   PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2 authentiq).freeze
-  LDAP_PROVIDER = /\Aldap/
+  LDAP_PROVIDER = /\Aldap/.freeze
 
   def ldap_enabled?
     Gitlab::Auth::LDAP::Config.enabled?

app/helpers/sidekiq_helper.rb

@@ -8,7 +8,7 @@ module SidekiqHelper
     (?<state>[DIEKNRSTVWXZNLpsl\+<>/\d]+)\s+
     (?<start>.+?)\s+
     (?<command>(?:ruby\d+:\s+)?sidekiq.*\].*)
-    \z}x
+    \z}x.freeze
 
   def parse_sidekiq_ps(line)
     match = line.strip.match(SIDEKIQ_PS_REGEXP)

app/models/application_setting_implementation.rb

@@ -8,7 +8,7 @@ module ApplicationSettingImplementation
                             \s              # any whitespace character
                             |               # or
                             [\r\n]          # any number of newline characters
-                          }x
+                          }x.freeze
 
   # Setting a key restriction to `-1` means that all keys of this type are
   # forbidden.

app/models/commit_range.rb

@@ -28,12 +28,12 @@ class CommitRange
 
   # The beginning and ending refs can be named or SHAs, and
   # the range notation can be double- or triple-dot.
-  REF_PATTERN = /[0-9a-zA-Z][0-9a-zA-Z_.-]*[0-9a-zA-Z\^]/
-  PATTERN = /#{REF_PATTERN}\.{2,3}#{REF_PATTERN}/
+  REF_PATTERN = /[0-9a-zA-Z][0-9a-zA-Z_.-]*[0-9a-zA-Z\^]/.freeze
+  PATTERN = /#{REF_PATTERN}\.{2,3}#{REF_PATTERN}/.freeze
 
   # In text references, the beginning and ending refs can only be SHAs
   # between 7 and 40 hex characters.
-  STRICT_PATTERN = /\h{7,40}\.{2,3}\h{7,40}/
+  STRICT_PATTERN = /\h{7,40}\.{2,3}\h{7,40}/.freeze
 
   def self.reference_prefix
     '@'

app/models/concerns/maskable.rb

@@ -9,7 +9,7 @@ module Maskable
   # * No spaces
   # * Minimal length of 8 characters
   # * Absolutely no fun is allowed
-  REGEX = /\A\w{8,}\z/
+  REGEX = /\A\w{8,}\z/.freeze
 
   included do
     validates :masked, inclusion: { in: [true, false] }

app/models/concerns/redactable.rb

@@ -10,7 +10,7 @@
 module Redactable
   extend ActiveSupport::Concern
 
-  UNSUBSCRIBE_PATTERN = %r{/sent_notifications/\h{32}/unsubscribe}
+  UNSUBSCRIBE_PATTERN = %r{/sent_notifications/\h{32}/unsubscribe}.freeze
 
   class_methods do
     def redact_field(field)

app/models/concerns/taskable.rb

@@ -19,7 +19,7 @@ module Taskable
     \s+                       # whitespace prefix has to be always presented for a list item
     (\[\s\]|\[[xX]\])         # checkbox
     (\s.+)                    # followed by whitespace and some text.
-  }x
+  }x.freeze
 
   def self.get_tasks(content)
     content.to_s.scan(ITEM_PATTERN).map do |checkbox, label|

app/models/environment.rb

@@ -3,8 +3,8 @@
 class Environment < ApplicationRecord
   include Gitlab::Utils::StrongMemoize
   # Used to generate random suffixes for the slug
-  LETTERS = 'a'..'z'
-  NUMBERS = '0'..'9'
+  LETTERS = ('a'..'z').freeze
+  NUMBERS = ('0'..'9').freeze
   SUFFIX_CHARS = LETTERS.to_a + NUMBERS.to_a
 
   belongs_to :project, required: true

app/models/error_tracking/project_error_tracking_setting.rb

@@ -16,7 +16,7 @@ module ErrorTracking
           (?<project>[^/]+)/*
         )?
       \z
-    }x
+    }x.freeze
 
     self.reactive_cache_key = ->(setting) { [setting.class.model_name.singular, setting.project_id] }
 

app/services/projects/import_error_filter.rb

@@ -4,7 +4,7 @@ module Projects
   # Used by project imports, it removes any potential paths
   # included in an error message that could be stored in the DB
   class ImportErrorFilter
-    ERROR_MESSAGE_FILTER = /[^\s]*#{File::SEPARATOR}[^\s]*(?=(\s|\z))/
+    ERROR_MESSAGE_FILTER = /[^\s]*#{File::SEPARATOR}[^\s]*(?=(\s|\z))/.freeze
     FILTER_MESSAGE = '[FILTERED]'
 
     def self.filter_message(message)

app/uploaders/file_uploader.rb

@@ -14,8 +14,8 @@ class FileUploader < GitlabUploader
   include ObjectStorage::Concern
   prepend ObjectStorage::Extension::RecordsUploads
 
-  MARKDOWN_PATTERN = %r{\!?\[.*?\]\(/uploads/(?<secret>[0-9a-f]{32})/(?<file>.*?)\)}
-  DYNAMIC_PATH_PATTERN = %r{.*(?<secret>\h{32})/(?<identifier>.*)}
+  MARKDOWN_PATTERN = %r{\!?\[.*?\]\(/uploads/(?<secret>[0-9a-f]{32})/(?<file>.*?)\)}.freeze
+  DYNAMIC_PATH_PATTERN = %r{.*(?<secret>\h{32})/(?<identifier>.*)}.freeze
 
   after :remove, :prune_store_dir
 

config/initializers/gettext_rails_i18n_patch.rb

@@ -2,7 +2,7 @@ require 'gettext_i18n_rails/haml_parser'
 require 'gettext_i18n_rails_js/parser/javascript'
 require 'json'
 
-VUE_TRANSLATE_REGEX = /((%[\w.-]+)(?:\s))?{{ (N|n|s)?__\((.*)\) }}/
+VUE_TRANSLATE_REGEX = /((%[\w.-]+)(?:\s))?{{ (N|n|s)?__\((.*)\) }}/.freeze
 
 module GettextI18nRails
   class HamlParser

danger/commit_messages/Dangerfile

@@ -21,7 +21,7 @@ class EmojiChecker
   # alone is not enough, as we'd match `:foo:bar:baz`. Instead, we use this
   # regex to save us from having to check for all possible emoji names when we
   # know one definitely is not included.
-  LIKELY_EMOJI = /:[\+a-z0-9_\-]+:/
+  LIKELY_EMOJI = /:[\+a-z0-9_\-]+:/.freeze
 
   def initialize
     names = JSON.parse(File.read(DIGESTS)).keys +

db/migrate/20140414131055_change_state_to_allow_empty_merge_request_diffs.rb

-# rubocop:disable all
 class ChangeStateToAllowEmptyMergeRequestDiffs < ActiveRecord::Migration[4.2]
   def up
     change_column :merge_request_diffs, :state, :string, null: true,

lib/api/api.rb

@@ -6,7 +6,7 @@ module API
 
     LOG_FILENAME = Rails.root.join("log", "api_json.log")
 
-    NO_SLASH_URL_PART_REGEX = %r{[^/]+}
+    NO_SLASH_URL_PART_REGEX = %r{[^/]+}.freeze
     NAMESPACE_OR_PROJECT_REQUIREMENTS = { id: NO_SLASH_URL_PART_REGEX }.freeze
     COMMIT_ENDPOINT_REQUIREMENTS = NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(sha: NO_SLASH_URL_PART_REGEX).freeze
     USER_REQUIREMENTS = { user_id: NO_SLASH_URL_PART_REGEX }.freeze

lib/banzai/color_parser.rb

@@ -2,13 +2,13 @@
 
 module Banzai
   module ColorParser
-    ALPHA = /0(?:\.\d+)?|\.\d+|1(?:\.0+)?/ # 0.0..1.0
-    PERCENTS = /(?:\d{1,2}|100)%/ # 00%..100%
-    ALPHA_CHANNEL = /(?:,\s*(?:#{ALPHA}|#{PERCENTS}))?/
-    BITS = /\d{1,2}|1\d\d|2(?:[0-4]\d|5[0-5])/ # 00..255
-    DEGS = /-?\d+(?:deg)?/i # [-]digits[deg]
-    RADS = /-?(?:\d+(?:\.\d+)?|\.\d+)rad/i # [-](digits[.digits] OR .digits)rad
-    HEX_FORMAT = /\#(?:\h{3}|\h{4}|\h{6}|\h{8})/
+    ALPHA = /0(?:\.\d+)?|\.\d+|1(?:\.0+)?/.freeze # 0.0..1.0
+    PERCENTS = /(?:\d{1,2}|100)%/.freeze # 00%..100%
+    ALPHA_CHANNEL = /(?:,\s*(?:#{ALPHA}|#{PERCENTS}))?/.freeze
+    BITS = /\d{1,2}|1\d\d|2(?:[0-4]\d|5[0-5])/.freeze # 00..255
+    DEGS = /-?\d+(?:deg)?/i.freeze # [-]digits[deg]
+    RADS = /-?(?:\d+(?:\.\d+)?|\.\d+)rad/i.freeze # [-](digits[.digits] OR .digits)rad
+    HEX_FORMAT = /\#(?:\h{3}|\h{4}|\h{6}|\h{8})/.freeze
     RGB_FORMAT = %r{
       (?:rgba?
         \(
@@ -20,7 +20,7 @@ module Banzai
           #{ALPHA_CHANNEL}
         \)
       )
-    }xi
+    }xi.freeze
     HSL_FORMAT = %r{
       (?:hsla?
         \(
@@ -28,11 +28,11 @@ module Banzai
           #{ALPHA_CHANNEL}
         \)
       )
-    }xi
+    }xi.freeze
 
     FORMATS = [HEX_FORMAT, RGB_FORMAT, HSL_FORMAT].freeze
 
-    COLOR_FORMAT = /\A(#{Regexp.union(FORMATS)})\z/ix
+    COLOR_FORMAT = /\A(#{Regexp.union(FORMATS)})\z/ix.freeze
 
     # Public: Analyzes whether the String is a color code.
     #

lib/banzai/filter/autolink_filter.rb

@@ -33,7 +33,7 @@ module Banzai
       # https://github.com/vmg/rinku/blob/v2.0.1/ext/rinku/autolink.c#L65
       #
       # Rubular: http://rubular.com/r/nrL3r9yUiq
-      LINK_PATTERN = %r{([a-z][a-z0-9\+\.-]+://[^\s>]+)(?<!\?|!|\.|,|:)}
+      LINK_PATTERN = %r{([a-z][a-z0-9\+\.-]+://[^\s>]+)(?<!\?|!|\.|,|:)}.freeze
 
       # Text matching LINK_PATTERN inside these elements will not be linked
       IGNORE_PARENTS = %w(a code kbd pre script style).to_set

lib/banzai/filter/front_matter_filter.rb

@@ -20,7 +20,7 @@ module Banzai
         \s*
         ^\k<delim>                             # closing front matter marker
         \s*
-      }mx
+      }mx.freeze
 
       def call
         html.sub(PATTERN) do |_match|

lib/banzai/filter/spaced_link_filter.rb

@@ -33,7 +33,7 @@ module Banzai
           (?<new_link>.+?)
           (?<title>\ ".+?")?
         \)
-      }x
+      }x.freeze
 
       # Text matching LINK_OR_IMAGE_PATTERN inside these elements will not be linked
       IGNORE_PARENTS = %w(a code kbd pre script style).to_set

lib/banzai/filter/table_of_contents_filter.rb

@@ -17,7 +17,7 @@ module Banzai
     #   :toc - String containing Table of Contents data as a `ul` element with
     #          `li` child elements.
     class TableOfContentsFilter < HTML::Pipeline::Filter
-      PUNCTUATION_REGEXP = /[^\p{Word}\- ]/u
+      PUNCTUATION_REGEXP = /[^\p{Word}\- ]/u.freeze
 
       def call
         return doc if context[:no_header_anchors]

lib/declarative_policy/preferred_scope.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module DeclarativePolicy

lib/gitlab.rb

@@ -36,8 +36,8 @@ module Gitlab
   end
 
   COM_URL = 'https://gitlab.com'.freeze
-  APP_DIRS_PATTERN = %r{^/?(app|config|ee|lib|spec|\(\w*\))}
-  SUBDOMAIN_REGEX = %r{\Ahttps://[a-z0-9]+\.gitlab\.com\z}
+  APP_DIRS_PATTERN = %r{^/?(app|config|ee|lib|spec|\(\w*\))}.freeze
+  SUBDOMAIN_REGEX = %r{\Ahttps://[a-z0-9]+\.gitlab\.com\z}.freeze
   VERSION = File.read(root.join("VERSION")).strip.freeze
   INSTALLATION_TYPE = File.read(root.join("INSTALLATION_TYPE")).strip.freeze
 

lib/gitlab/auth/result.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module Gitlab

lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb

@@ -8,8 +8,8 @@ module Gitlab
         self.table_name = 'untracked_files_for_uploads'
 
         # Ends with /:random_hex/:filename
-        FILE_UPLOADER_PATH = %r{/\h+/[^/]+\z}
-        FULL_PATH_CAPTURE = /\A(.+)#{FILE_UPLOADER_PATH}/
+        FILE_UPLOADER_PATH = %r{/\h+/[^/]+\z}.freeze
+        FULL_PATH_CAPTURE = /\A(.+)#{FILE_UPLOADER_PATH}/.freeze
 
         # These regex patterns are tested against a relative path, relative to
         # the upload directory.

lib/gitlab/background_migration/prepare_untracked_uploads.rb

@@ -16,7 +16,7 @@ module Gitlab
         RELATIVE_UPLOAD_DIR
       )
       FOLLOW_UP_MIGRATION = 'PopulateUntrackedUploads'.freeze
-      START_WITH_ROOT_REGEX = %r{\A#{Gitlab.config.uploads.storage_path}/}
+      START_WITH_ROOT_REGEX = %r{\A#{Gitlab.config.uploads.storage_path}/}.freeze
       EXCLUDED_HASHED_UPLOADS_PATH = "#{ABSOLUTE_UPLOAD_DIR}/@hashed/*".freeze
       EXCLUDED_TMP_UPLOADS_PATH = "#{ABSOLUTE_UPLOAD_DIR}/tmp/*".freeze
 

lib/gitlab/ci/build/artifacts/metadata.rb

@@ -11,8 +11,8 @@ module Gitlab
           ParserError = Class.new(StandardError)
           InvalidStreamError = Class.new(StandardError)
 
-          VERSION_PATTERN = /^[\w\s]+(\d+\.\d+\.\d+)/
-          INVALID_PATH_PATTERN = %r{(^\.?\.?/)|(/\.?\.?/)}
+          VERSION_PATTERN = /^[\w\s]+(\d+\.\d+\.\d+)/.freeze
+          INVALID_PATH_PATTERN = %r{(^\.?\.?/)|(/\.?\.?/)}.freeze
 
           attr_reader :stream, :path, :full_version
 

lib/gitlab/ci/pipeline/chain/command.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module Gitlab

lib/gitlab/ci/pipeline/chain/skip.rb

@@ -7,7 +7,7 @@ module Gitlab
         class Skip < Chain::Base
           include ::Gitlab::Utils::StrongMemoize
 
-          SKIP_PATTERN = /\[(ci[ _-]skip|skip[ _-]ci)\]/i
+          SKIP_PATTERN = /\[(ci[ _-]skip|skip[ _-]ci)\]/i.freeze
 
           def perform!
             if skipped?

lib/gitlab/content_disposition.rb

@@ -22,13 +22,13 @@ module Gitlab
     end
 
     # rubocop:disable Style/VariableInterpolation
-    TRADITIONAL_ESCAPED_CHAR = /[^ A-Za-z0-9!#$+.^_`|~-]/
+    TRADITIONAL_ESCAPED_CHAR = /[^ A-Za-z0-9!#$+.^_`|~-]/.freeze
 
     def ascii_filename
       'filename="' + percent_escape(::I18n.transliterate(filename), TRADITIONAL_ESCAPED_CHAR) + '"'
     end
 
-    RFC_5987_ESCAPED_CHAR = /[^A-Za-z0-9!#$&+.^_`|~-]/
+    RFC_5987_ESCAPED_CHAR = /[^A-Za-z0-9!#$&+.^_`|~-]/.freeze
     # rubocop:enable Style/VariableInterpolation
 
     def utf8_filename

lib/gitlab/danger/helper.rb

@@ -103,8 +103,6 @@ module Gitlab
         none: "",
         qa: "~QA"
       }.freeze
-
-      # rubocop:disable Style/RegexpLiteral
       CATEGORIES = {
         %r{\Adoc/} => :none, # To reinstate roulette for documentation, set to `:docs`.
         %r{\A(CONTRIBUTING|LICENSE|MAINTENANCE|PHILOSOPHY|PROCESS|README)(\.md)?\z} => :none, # To reinstate roulette for documentation, set to `:docs`.
@@ -151,7 +149,6 @@ module Gitlab
         %r{\.(md|txt)\z} => :none, # To reinstate roulette for documentation, set to `:docs`.
         %r{\.js\z} => :frontend
       }.freeze
-      # rubocop:enable Style/RegexpLiteral
     end
   end
 end

lib/gitlab/git/pre_receive_error.rb

@@ -14,7 +14,7 @@ module Gitlab
         'GL-HOOK-ERR:' # Messages marked as safe by user
       ].freeze
 
-      SAFE_MESSAGE_REGEX = /^(#{SAFE_MESSAGE_PREFIXES.join('|')})\s*(?<safe_message>.+)/
+      SAFE_MESSAGE_REGEX = /^(#{SAFE_MESSAGE_PREFIXES.join('|')})\s*(?<safe_message>.+)/.freeze
 
       def initialize(message = '')
         super(sanitize(message))

lib/gitlab/gitaly_client.rb

@@ -26,7 +26,7 @@ module Gitlab
       end
     end
 
-    PEM_REGEX = /\-+BEGIN CERTIFICATE\-+.+?\-+END CERTIFICATE\-+/m
+    PEM_REGEX = /\-+BEGIN CERTIFICATE\-+.+?\-+END CERTIFICATE\-+/m.freeze
     SERVER_VERSION_FILE = 'GITALY_SERVER_VERSION'
     MAXIMUM_GITALY_CALLS = 30
     CLIENT_NAME = (Sidekiq.server? ? 'gitlab-sidekiq' : 'gitlab-web').freeze

lib/gitlab/github_import/representation/diff_note.rb

@@ -13,7 +13,7 @@ module Gitlab
                          :diff_hunk, :author, :note, :created_at, :updated_at,
                          :github_id
 
-        NOTEABLE_ID_REGEX = %r{/pull/(?<iid>\d+)}i
+        NOTEABLE_ID_REGEX = %r{/pull/(?<iid>\d+)}i.freeze
 
         # Builds a diff note from a GitHub API response.
         #

lib/gitlab/github_import/representation/note.rb

@@ -12,7 +12,7 @@ module Gitlab
         expose_attribute :noteable_id, :noteable_type, :author, :note,
                          :created_at, :updated_at, :github_id
 
-        NOTEABLE_TYPE_REGEX = %r{/(?<type>(pull|issues))/(?<iid>\d+)}i
+        NOTEABLE_TYPE_REGEX = %r{/(?<type>(pull|issues))/(?<iid>\d+)}i.freeze
 
         # Builds a note from a GitHub API response.
         #

lib/gitlab/health_checks/metric.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module Gitlab::HealthChecks

lib/gitlab/health_checks/result.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module Gitlab::HealthChecks

lib/gitlab/metrics/metric.rb

@@ -4,7 +4,7 @@ module Gitlab
   module Metrics
     # Class for storing details of a single metric (label, value, etc).
     class Metric
-      JITTER_RANGE = 0.000001..0.001
+      JITTER_RANGE = (0.000001..0.001).freeze
 
       attr_reader :series, :values, :tags, :type
 

lib/gitlab/middleware/read_only.rb

@@ -3,7 +3,7 @@
 module Gitlab
   module Middleware
     class ReadOnly
-      API_VERSIONS = (3..4)
+      API_VERSIONS = (3..4).freeze
 
       def self.internal_routes
         @internal_routes ||=

lib/gitlab/middleware/release_env.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module Gitlab

lib/gitlab/push_options.rb

@@ -15,7 +15,7 @@ module Gitlab
       mr: :merge_request
     }).freeze
 
-    OPTION_MATCHER = /(?<namespace>[^\.]+)\.(?<key>[^=]+)=?(?<value>.*)/
+    OPTION_MATCHER = /(?<namespace>[^\.]+)\.(?<key>[^=]+)=?(?<value>.*)/.freeze
 
     attr_reader :options
 

lib/gitlab/quick_actions/spend_time_and_date_separator.rb

@@ -11,7 +11,7 @@ module Gitlab
     # if date doesn't present return time with current date
     # in other cases return nil
     class SpendTimeAndDateSeparator
-      DATE_REGEX = %r{(\d{2,4}[/\-.]\d{1,2}[/\-.]\d{1,2})}
+      DATE_REGEX = %r{(\d{2,4}[/\-.]\d{1,2}[/\-.]\d{1,2})}.freeze
 
       def initialize(spend_command_arg)
         @spend_arg = spend_command_arg

lib/gitlab/sanitizers/svg.rb

@@ -9,7 +9,7 @@ module Gitlab
 
       class Scrubber < Loofah::Scrubber
         # http://www.whatwg.org/specs/web-apps/current-work/multipage/elements.html#embedding-custom-non-visible-data-with-the-data-*-attributes
-        DATA_ATTR_PATTERN = /\Adata-(?!xml)[a-z_][\w.\u00E0-\u00F6\u00F8-\u017F\u01DD-\u02AF-]*\z/u
+        DATA_ATTR_PATTERN = /\Adata-(?!xml)[a-z_][\w.\u00E0-\u00F6\u00F8-\u017F\u01DD-\u02AF-]*\z/u.freeze
 
         def scrub(node)
           unless Whitelist::ALLOWED_ELEMENTS.include?(node.name)

lib/gitlab/sherlock/middleware.rb

@@ -4,9 +4,9 @@ module Gitlab
   module Sherlock
     # Rack middleware used for tracking request metrics.
     class Middleware
-      CONTENT_TYPES = %r{text/html|application/json}i
+      CONTENT_TYPES = %r{text/html|application/json}i.freeze
 
-      IGNORE_PATHS = %r{^/sherlock}
+      IGNORE_PATHS = %r{^/sherlock}.freeze
 
       def initialize(app)
         @app = app

lib/gitlab/sherlock/query.rb

@@ -15,7 +15,7 @@ module Gitlab
           |GROUP\s+BY
           |ORDER\s+BY
           |LIMIT
-          |OFFSET)\s+}ix # Vim indent breaks when this is on a newline :<
+          |OFFSET)\s+}ix.freeze # Vim indent breaks when this is on a newline :<
 
       # Creates a new Query using a String and a separate Array of bindings.
       #

lib/gitlab/slash_commands/result.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module Gitlab

lib/gitlab/sql/pattern.rb

@@ -6,7 +6,7 @@ module Gitlab
       extend ActiveSupport::Concern
 
       MIN_CHARS_FOR_PARTIAL_MATCHING = 3
-      REGEX_QUOTED_WORD = /(?<=\A| )"[^"]+"(?= |\z)/
+      REGEX_QUOTED_WORD = /(?<=\A| )"[^"]+"(?= |\z)/.freeze
 
       class_methods do
         def fuzzy_search(query, columns)

lib/gitlab/user_extractor.rb

@@ -7,7 +7,7 @@ module Gitlab
   class UserExtractor
     # Not using `Devise.email_regexp` to filter out any chars that an email
     # does not end with and not pinning the email to a start of end of a string.
-    EMAIL_REGEXP = /(?<email>([^@\s]+@[^@\s]+(?<!\W)))/
+    EMAIL_REGEXP = /(?<email>([^@\s]+@[^@\s]+(?<!\W)))/.freeze
     USERNAME_REGEXP = User.reference_pattern
 
     def initialize(text)

lib/haml_lint/inline_javascript.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 unless Rails.env.production?

lib/tasks/gemojione.rake

@@ -209,7 +209,7 @@ namespace :gemojione do
     image.destroy!
   end
 
-  EMOJI_IMAGE_PATH_RE = /(.*?)(([0-9a-f]-?)+)\.png$/i
+  EMOJI_IMAGE_PATH_RE = /(.*?)(([0-9a-f]-?)+)\.png$/i.freeze
   def rename_to_named_emoji_image!(emoji_unicode_string_to_name_map, image_path)
     # Rename file from unicode to emoji name
     matches = EMOJI_IMAGE_PATH_RE.match(image_path)

qa/qa/page/project/settings/ci_cd.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module QA

qa/qa/runtime/key/ecdsa.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module QA

qa/qa/runtime/key/ed25519.rb

-# rubocop:disable Naming/FileName
 # frozen_string_literal: true
 
 module QA

rubocop/cop/gitlab/finder_with_find_by.rb

@@ -2,7 +2,7 @@ module RuboCop
   module Cop
     module Gitlab
       class FinderWithFindBy < RuboCop::Cop::Cop
-        FIND_PATTERN = /\Afind(_by\!?)?\z/
+        FIND_PATTERN = /\Afind(_by\!?)?\z/.freeze
         ALLOWED_MODULES = ['FinderMethods'].freeze
 
         def message(used_method)
@@ -36,7 +36,7 @@ module RuboCop
         def find_on_execute?(node)
           chained_on_node = node.descendants.first
           node.method_name.to_s =~ FIND_PATTERN &&
-            chained_on_node&.method_name == :execute
+            chained_on_node.is_a?(RuboCop::AST::SendNode) && chained_on_node.method_name == :execute
         end
 
         def allowed_module?(node)

rubocop/rubocop.rb

-# rubocop:disable Naming/FileName
 require_relative 'cop/gitlab/module_with_instance_variables'
 require_relative 'cop/gitlab/predicate_memoization'
 require_relative 'cop/gitlab/httparty'

spec/initializers/secret_token_spec.rb

@@ -6,8 +6,8 @@ describe 'create_tokens' do
 
   let(:secrets) { ActiveSupport::OrderedOptions.new }
 
-  HEX_KEY = /\h{128}/
-  RSA_KEY = /\A-----BEGIN RSA PRIVATE KEY-----\n.+\n-----END RSA PRIVATE KEY-----\n\Z/m
+  HEX_KEY = /\h{128}/.freeze
+  RSA_KEY = /\A-----BEGIN RSA PRIVATE KEY-----\n.+\n-----END RSA PRIVATE KEY-----\n\Z/m.freeze
 
   before do
     allow(File).to receive(:write)

spec/lib/gitlab/path_regex_spec.rb

@@ -120,10 +120,10 @@ describe Gitlab::PathRegex do
   # - Followed by one or more path-parts not starting with `:` or `*`
   # - Followed by a path-part that includes a wildcard parameter `*`
   # At the time of writing these routes match: http://rubular.com/r/Rv2pDE5Dvw
-  STARTING_WITH_NAMESPACE = %r{^/\*namespace_id/:(project_)?id}
-  NON_PARAM_PARTS = %r{[^:*][a-z\-_/]*}
-  ANY_OTHER_PATH_PART = %r{[a-z\-_/:]*}
-  WILDCARD_SEGMENT = /\*/
+  STARTING_WITH_NAMESPACE = %r{^/\*namespace_id/:(project_)?id}.freeze
+  NON_PARAM_PARTS = %r{[^:*][a-z\-_/]*}.freeze
+  ANY_OTHER_PATH_PART = %r{[a-z\-_/:]*}.freeze
+  WILDCARD_SEGMENT = /\*/.freeze
   let(:namespaced_wildcard_routes) do
     routes_without_format.select do |p|
       p =~ %r{#{STARTING_WITH_NAMESPACE}/#{NON_PARAM_PARTS}/#{ANY_OTHER_PATH_PART}#{WILDCARD_SEGMENT}}
@@ -144,7 +144,7 @@ describe Gitlab::PathRegex do
     end.uniq
   end
 
-  STARTING_WITH_GROUP = %r{^/groups/\*(group_)?id/}
+  STARTING_WITH_GROUP = %r{^/groups/\*(group_)?id/}.freeze
   let(:group_routes) do
     routes_without_format.select do |path|
       path =~ STARTING_WITH_GROUP