Rubocop: Adds new cops by default, fixes offences

.rubocop.yml

@@ -1,25 +1,14 @@
 require: rubocop-performance
 AllCops:
+  NewCops: enable
   TargetRubyVersion: 2.5
   Exclude:
   - '*.gemspec'
   - 'vendor/**/*'
-Layout/EmptyLinesAroundAttributeAccessor:
-  Enabled: true
 Layout/LineLength:
   Max: 120
-Layout/SpaceAroundMethodCallOperator:
-  Enabled: true
-Lint/DeprecatedOpenSSLConstant:
-  Enabled: true
-Lint/MixedRegexpCaptureTypes:
-  Enabled: true
 Lint/UriEscapeUnescape:
   Enabled: false
-Lint/RaiseException:
-  Enabled: true
-Lint/StructNewOverride:
-  Enabled: true
 Metrics/AbcSize:
   Max: 25
 Metrics/BlockLength:
@@ -39,24 +28,8 @@ Style/ClassVars:
   Enabled: false
 Style/Documentation:
   Enabled: false
-Style/ExponentialNotation:
-  Enabled: true
 Style/FormatStringToken:
   Enabled: false
-Style/HashEachMethods:
-  Enabled: true
-Style/HashTransformKeys:
-  Enabled: true
-Style/HashTransformValues:
-  Enabled: true
 Style/NumericPredicate:
   Exclude:
   - 'app/controllers/vuln_api.rb'
-Style/RedundantFetchBlock:
-  Enabled: true
-Style/RedundantRegexpCharacterClass:
-  Enabled: true
-Style/RedundantRegexpEscape:
-  Enabled: true
-Style/SlicingWithRange:
-  Enabled: true

app/finders/interesting_findings/multisite.rb

@@ -12,8 +12,8 @@ module WPScan
           location = res.headers_hash['location']
 
           return unless [200, 302].include?(res.code)
-          return if res.code == 302 && location =~ /wp-login\.php\?action=register/
-          return unless res.code == 200 || res.code == 302 && location =~ /wp-signup\.php/
+          return if res.code == 302 && location.include?('wp-login.php?action=register')
+          return unless res.code == 200 || res.code == 302 && location.include?('wp-signup.php')
 
           target.multisite = true
 

app/finders/passwords/wp_login.rb

@@ -13,7 +13,7 @@ module WPScan
 
         def valid_credentials?(response)
           response.code == 302 &&
-            [*response.headers['Set-Cookie']]&.any? { |cookie| cookie =~ /wordpress_logged_in_/i }
+            Array(response.headers['Set-Cookie'])&.any? { |cookie| cookie =~ /wordpress_logged_in_/i }
         end
 
         def errored_response?(response)

app/finders/passwords/xml_rpc.rb

@@ -12,7 +12,7 @@ module WPScan
         end
 
         def valid_credentials?(response)
-          response.code == 200 && response.body =~ /blogName/
+          response.code == 200 && response.body.include?('blogName')
         end
 
         def errored_response?(response)

app/finders/users.rb

@@ -6,7 +6,7 @@ require_relative 'users/oembed_api'
 require_relative 'users/rss_generator'
 require_relative 'users/author_id_brute_forcing'
 require_relative 'users/login_error_messages'
-require_relative 'users/yoast_seo_author_sitemap.rb'
+require_relative 'users/yoast_seo_author_sitemap'
 
 module WPScan
   module Finders

app/finders/users/login_error_messages.rb

@@ -37,7 +37,7 @@ module WPScan
           # usernames from the potential Users found
           unames = opts[:found].map(&:username)
 
-          [*opts[:list]].each { |uname| unames << uname.chomp }
+          Array(opts[:list]).each { |uname| unames << uname.chomp }
 
           unames.uniq
         end

app/models/plugin.rb

@@ -38,7 +38,7 @@ module WPScan
 
       # @return [ Array<String> ]
       def potential_readme_filenames
-        @potential_readme_filenames ||= [*(DB::DynamicFinders::Plugin.df_data.dig(slug, 'Readme', 'path') || super)]
+        @potential_readme_filenames ||= Array((DB::DynamicFinders::Plugin.df_data.dig(slug, 'Readme', 'path') || super))
       end
     end
   end

app/models/wp_item.rb

@@ -39,7 +39,7 @@ module WPScan
 
         @vulnerabilities = []
 
-        [*db_data['vulnerabilities']].each do |json_vuln|
+        Array(db_data['vulnerabilities']).each do |json_vuln|
           vulnerability = Vulnerability.load_from_json(json_vuln)
           @vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
         end

app/models/wp_version.rb

@@ -53,7 +53,7 @@ module WPScan
 
         @vulnerabilities = []
 
-        [*db_data['vulnerabilities']].each do |json_vuln|
+        Array(db_data['vulnerabilities']).each do |json_vuln|
           @vulnerabilities << Vulnerability.load_from_json(json_vuln)
         end
 

lib/wpscan/target.rb

@@ -19,13 +19,13 @@ module WPScan
     # @return [ Boolean ]
     def vulnerable?
       [@wp_version, @main_theme, @plugins, @themes, @timthumbs].each do |e|
-        [*e].each { |ae| return true if ae && ae.vulnerable? } # rubocop:disable Style/SafeNavigation
+        Array(e).each { |ae| return true if ae && ae.vulnerable? } # rubocop:disable Style/SafeNavigation
       end
 
-      return true unless [*@config_backups].empty?
-      return true unless [*@db_exports].empty?
+      return true unless Array(@config_backups).empty?
+      return true unless Array(@db_exports).empty?
 
-      [*@users].each { |u| return true if u.password }
+      Array(@users).each { |u| return true if u.password }
 
       false
     end

spec/lib/finders/dynamic_finder/plugin_version_spec.rb

@@ -74,7 +74,7 @@ WPScan::DB::DynamicFinders::Plugin.versions_finders_configs.each do |slug, confi
                 end
 
                 it 'returns the expected version/s' do
-                  found = [*finder.passive]
+                  found = Array(finder.passive)
 
                   expect(found).to_not be_empty
 
@@ -104,7 +104,7 @@ WPScan::DB::DynamicFinders::Plugin.versions_finders_configs.each do |slug, confi
                 end
 
                 it 'returns the expected version/s' do
-                  found = [*finder.passive]
+                  found = Array(finder.passive)
 
                   expect(found).to_not be_empty
 
@@ -149,7 +149,7 @@ WPScan::DB::DynamicFinders::Plugin.versions_finders_configs.each do |slug, confi
             end
 
             it 'returns the expected version' do
-              found = [*finder.aggressive]
+              found = Array(finder.aggressive)
 
               expect(found).to_not be_empty
 

spec/lib/finders/dynamic_finder/theme_version_spec.rb

@@ -79,7 +79,7 @@ WPScan::DB::DynamicFinders::Theme.versions_finders_configs.each do |slug, config
                 end
 
                 it 'returns the expected version/s' do
-                  found = [*finder.passive]
+                  found = Array(finder.passive)
 
                   expect(found).to_not be_empty
 
@@ -109,7 +109,7 @@ WPScan::DB::DynamicFinders::Theme.versions_finders_configs.each do |slug, config
                 end
 
                 it 'returns the expected version/s' do
-                  found = [*finder.passive]
+                  found = Array(finder.passive)
 
                   expect(found).to_not be_empty
 
@@ -154,7 +154,7 @@ WPScan::DB::DynamicFinders::Theme.versions_finders_configs.each do |slug, config
             end
 
             it 'returns the expected version' do
-              found = [*finder.aggressive]
+              found = Array(finder.aggressive)
 
               expect(found).to_not be_empty
 

spec/lib/finders/dynamic_finder/wp_version_spec.rb

@@ -46,7 +46,7 @@ WPScan::DB::DynamicFinders::Wordpress.versions_finders_configs.each do |finder_c
           end
 
           it 'returns the expected version from the homepage' do
-            found = [*finder.passive]
+            found = Array(finder.passive)
 
             expect(found).to_not be_empty
 
@@ -81,7 +81,7 @@ WPScan::DB::DynamicFinders::Wordpress.versions_finders_configs.each do |finder_c
           end
 
           it 'returns the expected version' do
-            found = [*finder.aggressive]
+            found = Array(finder.aggressive)
 
             expect(found).to_not be_empty