Files
RuboCop will run on the following files and extensions:.rb.arb.axlsx.builder.fcgi.gemfile.gemspec.god.jb.jbuilder.mspec.opal.pluginspec.podspec.rabl.rake.rbuild.rbw.rbx.ru.ruby.schema.spec.thor.watchr.irbrc.pryrc.simplecovbuildfileAppraisalsBerksfileBrewfileBuildfileCapfileCheffileDangerfileDeliverfileFastfileFastfileGemfileGuardfileJarfileMavenfilePodfilePuppetfileRakefilerakefileSchemafileSnapfileSteepfileThorfileVagabondfileVagrantfile
Configuration
RuboCop uses a YAML style configuration file. We look for the following files anywhere in the repository:.rubocop.yml.rubocop.yaml
What CodeRabbit runs
We run RuboCop inside a locked-down sandbox with an explicit--config that we generate or wrap. We do not load repository-specified Ruby plugins beyond a minimal safe set.
Security policy and restrictions
- We skip RuboCop if the config (
.rubocop.yml/.rubocop.yaml) includes unsaferequireentries. - Only a small, standardized
requirelist is allowed. Custom gems/plugins loaded viarequireare blocked. - The following
requireentries are currently allowed:rubocoprubocop-performancerubocop-railsrubocop-rspecrubocop-minitestrubocop-rakerubocop-sequelrubocop-capybararubocop-factory_botrubocop-i18nrubocop-packagingrubocop-sorbetrubocop-thread_safetyrubocop-graphqlstandard
When we skip RuboCop
CodeRabbit will skip running RuboCop when:- The config contains
requirewith disallowed entries. - The config cannot be validated or parsed safely.