rest of credo complaints

lib/sobelow.ex

@@ -324,7 +324,7 @@ defmodule Sobelow do
     phoenix_files =
       Enum.reduce(meta_files, %{routers: [], endpoints: []}, fn meta_file, acc ->
         cond do
-          meta_file.is_router? ->
+          meta_file.router? ->
             Map.update!(acc, :routers, &[meta_file.file_path | &1])
 
           meta_file.endpoint? ->
@@ -368,7 +368,7 @@ defmodule Sobelow do
         filename: filename,
         raw: raw,
         ast: [ast],
-        is_controller?: false
+        controller?: false
       }
     }
   end
@@ -391,8 +391,8 @@ defmodule Sobelow do
       filename: Utils.normalize_path(filename),
       file_path: Path.expand(filename),
       def_funs: def_funs,
-      is_controller?: Utils.is_controller?(use_funs),
-      is_router?: Utils.is_router?(use_funs),
+      controller?: Utils.controller?(use_funs),
+      router?: Utils.router?(use_funs),
       is_endpoint?: Utils.endpoint?(use_funs)
     }
   end

lib/sobelow/ci/os.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.CI.OS do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/ci/system.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.CI.System do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/config/csp.ex

@@ -46,15 +46,15 @@ defmodule Sobelow.Config.CSP do
   def check_vuln_pipeline({:pipeline, _, [_name, [do: block]]} = pipeline, meta_file) do
     {vuln?, conf, plug} =
       Config.get_plug_list(block)
-      |> Enum.find(&is_header_plug?/1)
+      |> Enum.find(&header_plug?/1)
       |> missing_csp_status(meta_file)
 
     {vuln?, conf, plug, pipeline}
   end
 
-  defp is_header_plug?({:plug, _, [:put_secure_browser_headers]}), do: true
-  defp is_header_plug?({:plug, _, [:put_secure_browser_headers, _]}), do: true
-  defp is_header_plug?(_), do: false
+  defp header_plug?({:plug, _, [:put_secure_browser_headers]}), do: true
+  defp header_plug?({:plug, _, [:put_secure_browser_headers, _]}), do: true
+  defp header_plug?(_), do: false
 
   defp missing_csp_status({_, _, [:put_secure_browser_headers]} = plug, _),
     do: {true, :high, plug}

lib/sobelow/config/secrets.ex

@@ -40,7 +40,7 @@ defmodule Sobelow.Config.Secrets do
 
   defp enumerate_secrets(secrets, file) do
     Enum.each(secrets, fn {fun, key, val} ->
-      if is_binary(val) && String.length(val) > 0 && !is_env_var?(val) do
+      if is_binary(val) && String.length(val) > 0 && !env_var?(val) do
         add_finding(file, Parse.get_fun_line(fun), fun, key, val)
       end
     end)
@@ -49,18 +49,18 @@ defmodule Sobelow.Config.Secrets do
   defp enumerate_fuzzy_secrets(secrets, file) do
     Enum.each(secrets, fn {fun, vals} ->
       Enum.each(vals, fn {k, v} ->
-        if is_binary(v) && String.length(v) > 0 && !is_env_var?(v) do
+        if is_binary(v) && String.length(v) > 0 && !env_var?(v) do
           add_finding(file, Parse.get_fun_line(fun), fun, k, v)
         end
       end)
     end)
   end
 
-  def is_env_var?("${" <> rest) do
+  def env_var?("${" <> rest) do
     String.ends_with?(rest, "}")
   end
 
-  def is_env_var?(_), do: false
+  def env_var?(_), do: false
 
   defp add_finding(file, line_no, fun, key, val) do
     {vuln_line_no, vuln_line_col} = get_vuln_line(file, line_no, val)

lib/sobelow/dos/binary_to_atom.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.DOS.BinToAtom do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/dos/list_to_atom.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.DOS.ListToAtom do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/dos/string_to_atom.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.DOS.StringToAtom do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/parse.ex

@@ -681,7 +681,7 @@ defmodule Sobelow.Parse do
 
     reflected_vars =
       Enum.filter(vars, fn var ->
-        (is_reflected_var?(var) && is_in_params?(var, params)) || is_conn_params?(var)
+        (reflected_var?(var) && in_params?(var, params)) || conn_params?(var)
       end)
 
     var_keys =
@@ -705,16 +705,16 @@ defmodule Sobelow.Parse do
     end
   end
 
-  defp is_reflected_var?({_, {_, _, nil}}), do: true
-  defp is_reflected_var?(_), do: false
+  defp reflected_var?({_, {_, _, nil}}), do: true
+  defp reflected_var?(_), do: false
 
-  defp is_in_params?({_, {var, _, _}}, params) do
+  defp in_params?({_, {var, _, _}}, params) do
     Enum.member?(params, var)
   end
 
-  def is_conn_params?({_, {{:., _, [Access, :get]}, _, access_opts}}),
-    do: is_conn_params?(access_opts)
+  def conn_params?({_, {{:., _, [Access, :get]}, _, access_opts}}),
+    do: conn_params?(access_opts)
 
-  def is_conn_params?([{{:., _, [{:conn, _, nil}, :params]}, _, []}, _]), do: true
-  def is_conn_params?(_), do: false
+  def conn_params?([{{:., _, [{:conn, _, nil}, :params]}, _, []}, _]), do: true
+  def conn_params?(_), do: false
 end

lib/sobelow/rce/code_module.ex

@@ -22,7 +22,7 @@ defmodule Sobelow.RCE.CodeModule do
   @code_funs [:eval_string, :eval_file, :eval_quoted]
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Enum.each(@code_funs, fn code_fun ->
       "RCE.CodeModule: Code Execution in `Code.#{code_fun}`"

lib/sobelow/rce/eex.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.RCE.EEx do
   @eex_funs [:eval_string, :eval_file]
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Enum.each(@eex_funs, fn eex_fun ->
       "RCE.EEx: Code Execution in `EEx.#{eex_fun}`"

lib/sobelow/sql/query.ex

@@ -19,7 +19,7 @@ defmodule Sobelow.SQL.Query do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Enum.each(@query_funcs, fn query_func ->
       Finding.init(@finding_type, meta_file.filename, confidence)

lib/sobelow/sql/stream.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.SQL.Stream do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_sql_def(fun))

lib/sobelow/traversal/file_module.ex

@@ -40,7 +40,7 @@ defmodule Sobelow.Traversal.FileModule do
   @double_file_funcs [:cp, :copy, :cp!, :copy!, :cp_r, :cp_r!, :ln, :ln!, :ln_s, :ln_s!]
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Enum.each(@file_funcs ++ @double_file_funcs, fn file_func ->
       "Traversal.FileModule: Directory Traversal in `File.#{file_func}`"

lib/sobelow/traversal/send_download.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.Traversal.SendDownload do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/traversal/send_file.ex

@@ -17,7 +17,7 @@ defmodule Sobelow.Traversal.SendFile do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/utils.ex

@@ -3,11 +3,11 @@ defmodule Sobelow.Utils do
 
   alias Sobelow.Parse
 
-  def is_controller?(uses) do
+  def controller?(uses) do
     has_use_type?(uses, :controller)
   end
 
-  def is_router?(uses) do
+  def router?(uses) do
     has_use_type?(uses, :router)
   end
 

lib/sobelow/xss.ex

@@ -30,7 +30,7 @@ defmodule Sobelow.XSS do
 
   def get_vulns(fun, meta_file, web_root, skip_mods \\ []) do
     controller =
-      if meta_file.is_controller? do
+      if meta_file.controller? do
         String.replace_suffix(meta_file.filename, "_controller.ex", "")
         |> Path.basename()
       end

lib/sobelow/xss/content_type.ex

@@ -27,7 +27,7 @@ defmodule Sobelow.XSS.ContentType do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/xss/html.ex

@@ -15,7 +15,7 @@ defmodule Sobelow.XSS.HTML do
   use Sobelow.Finding
 
   def run(fun, meta_file) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_def(fun))

lib/sobelow/xss/raw.ex

@@ -15,7 +15,7 @@ defmodule Sobelow.XSS.Raw do
   use Sobelow.Finding
 
   def run(fun, meta_file, _, nil) do
-    confidence = if !meta_file.is_controller?, do: :low
+    confidence = if !meta_file.controller?, do: :low
 
     Finding.init(@finding_type, meta_file.filename, confidence)
     |> Finding.multi_from_def(fun, parse_raw_def(fun))

test/format_test.exs

@@ -2,7 +2,7 @@ defmodule SobelowTest.FormatTest do
   use ExUnit.Case
   alias Sobelow.RCE.CodeModule
 
-  @metafile %{filename: "test.ex", is_controller?: true}
+  @metafile %{filename: "test.ex", controller?: true}
 
   setup do
     Application.put_env(:sobelow, :format, "json")

test/parser_test.exs

@@ -3,7 +3,7 @@ defmodule SobelowTest.ParserTest do
   import ExUnit.CaptureIO
   alias Sobelow.RCE.CodeModule
 
-  @metafile %{filename: "test.ex", is_controller?: true}
+  @metafile %{filename: "test.ex", controller?: true}
 
   setup do
     Application.put_env(:sobelow, :format, "txt")

test/print_test.exs

@@ -3,7 +3,7 @@ defmodule SobelowTest.PrintTest do
   import ExUnit.CaptureIO
   alias Sobelow.RCE.CodeModule
 
-  @metafile %{filename: "test.ex", is_controller?: true}
+  @metafile %{filename: "test.ex", controller?: true}
 
   setup do
     Application.put_env(:sobelow, :format, "txt")

test/sarif_test.exs

@@ -3,7 +3,7 @@ defmodule SobelowTest.SarifTest do
 
   alias Sobelow.RCE.CodeModule
 
-  @metafile %{filename: "test.ex", is_controller?: true}
+  @metafile %{filename: "test.ex", controller?: true}
 
   setup do
     Application.put_env(:sobelow, :format, "sarif")