cocoapods-privacy 0.4.0 → 0.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c4f7ccdf608fd542826f1c394ff71582844055dcc56b89640eeeafa1f145fab3
-  data.tar.gz: 8fa3fd48b5af2c593fa3d3228430b7e14adbb896c16e3f5361ff78c4c211b390
+  metadata.gz: 517e776e5936689d58b230349587b62cae56b02f1204934bed0620cf1117785c
+  data.tar.gz: 4ece159c7db2ff224dd1958a5707911410f4f71fb00e337aa12493c53fb4bcdb
 SHA512:
-  metadata.gz: be57d03bef6be72e12048d92e0b78b9b0557db7af38e209bd38207f7bd895ffbc4dfa65548fe7437fbfae88207b4b57300f3ebb5f7783191ea3511e7c240dc53
-  data.tar.gz: 191b66a04667d812add2a3b621b5aec81540363f08481040e4407d2a2624c932d66edebe618f525512e88e5a36ea956f66fdf50d028e7b2d3cef459eb34eb610
+  metadata.gz: 5404d58d4e398f9d7074f252960546e9272912ee536687ef6d5c2d9f8577888916e54b5d36399512693b04ebe15aac1b7a7e358236215cf59112a174ffef8dbc
+  data.tar.gz: 4169159705cf07dd3f8e994c26bc9b3c65593d680434dc0dea23787fee59c51113559bab1652fcfa9c75e24987fac52fcb257a66bc0f280eae19a313ea068375

data/README.md

@@ -1,35 +1,59 @@
 # cocoapods-privacy
 
-Apple 2024 will review the App's privacy list in the spring, and any apps that don't submit a privacy list may be called back. For now, the privacy list is broken down by component, to facilitate the maintenance of component privacy, cocoapods-privacy is developed for management.
+Apple 2024 will review the App's privacy manifests in the spring, and any apps that don't submit a privacy list may be called back. For now, the privacy list is broken down by component, to facilitate the maintenance of component privacy, cocoapods-privacy is developed for management.
 [Click to view details on Apple](https://developer.apple.com/documentation/bundleresources/privacy_manifest_files)
 
+# Introduction
+As name as,cocoapods-privacy is a plugin for privacy manifests, and focus on cocoapods!
+
 ## Installation
 ```
 $ gem install cocoapods-privacy
 ```
 
 ## Usage
-#### init
+### init
 First of all, you must set a json config to cocoapods-privacy, this is a defalut config.json
 ```
 $ pod privacy config https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/config.json
 ```
 
-There has 3 keys in defalut config, you should custom it!
-* source.white.list : a white list of source, defalut is empty, so, you should add you self component sources, and it work in command 'pod privacy install' or 'pod install --privacy', will search white list for NSPrivacyAccessedAPITypes.
-* source.black.list : a black list of source, defalut is empty, it work in command 'pod privacy install' or 'pod install --privacy'.
-* api.template.url : its required, a template for search NSPrivacyAccessedAPITypes
+There has 3 keys in defalut config, defalut rule is ：To exclude retrieval a component that git source contains certain ‘github.com’ keywords
+```
+"source.white.list": [],
+"source.black.list": ["github.com"], 
+"api.template.url": "https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/NSPrivacyAccessedAPITypes.plist"
+```
+* source.white.list : a white list of source, it effective in command 'pod privacy install' or 'pod install --privacy', will search white list for NSPrivacyAccessedAPITypes.
+  * when the whitelist is an empty array, it means all components are whitelist(default config).
+  * when the whitelist is not empty, it means only the components in the whitelist array are retrieved.
+* source.black.list : a black list of source, defalut is ‘github.com’, based on the whitelist, the components need to be excluded。 it effective in command 'pod privacy install' or 'pod install --privacy'. 
+* api.template.url : its required, a template for search NSPrivacyAccessedAPITypes, you can use the provided by default。
+
+If your needs are not met, you can custom! For example, there has some components，and it‘s your local config
 ```
-"source.white.list": ["replace me with yourserver"], 
-"source.black.list": ["replace me such as github.com"],
+"source.white.list": ["https://github.com/ReactiveCocoa/ReactiveObjC.git","git.yourserver.com","git.otherserver.com"],
+"source.black.list": ["github.com","https://github.com/AFNetworking/AFNetworking.git"], 
 "api.template.url": "https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/NSPrivacyAccessedAPITypes.plist"
 ```
-After custom,you can set local config like this
+
+```
+https://github.com/AFNetworking/AFNetworking.git ❌ (it's in 'github.com' black list)
+https://github.com/ReactiveCocoa/ReactiveObjC.git ❌ (it's in 'github.com' black list, although also on the white list,but the blacklist priority is high when conflict)
+https://git.yourserver.com/xxx/xxxx.git ✅
+https://git.yourserver.com/mmm/mmm.git ✅
+https://git.otherserver.com/ssss/ssss.git ✅
+https://git.yourserver.com/AFNetworking/AFNetworking.git ✅
+```
+
+After custom,you just update config by local like this
 ```
 $ pod privacy config /yourfilepath/config.json
 ```
+In a word, if you define both white and black lists ,final search range: white list minus black list, and empty white list means all!
 
-#### To Component
+
+### To Component
 ```
 $ pod privacy spec [podspec_file_path]
 ```
@@ -71,7 +95,7 @@ end
 
 
     
-#### To Project
+### To Project
 ```
 $ pod install --privacy
 or
@@ -83,6 +107,8 @@ After command, a PrivacyInfo.xcprivacy will create to you project Resources if e
 
 ## Notice
 The plugin is focus on NSPrivacyAccessedAPITypes and automatically search and create workflow.
-you should manager NSPrivacyCollectedDataTypes by yourself！
-    
+you should manager NSPrivacyCollectedDataTypes by yourself！ 
+
+##
+Could you please consider giving our repository a star🌟🌟🌟? It would mean a lot to us and help our project gain more visibility. Thank you! 
 

data/lib/cocoapods-privacy/gem_version.rb

@@ -1,3 +1,3 @@
 module CocoapodsPrivacy
-  VERSION = "0.4.0"
+  VERSION = "0.5.1"
 end

data/lib/cocoapods-privacy/privacy/PrivacyHunter.rb

@@ -190,15 +190,122 @@ module PrivacyHunter
     # 文件是否包含内容
     def self.contains_apis?(file_path, apis)
       file_content = File.read(file_path)
+
+      #核心文件检查段落注释 /* */
+      file_extension = File.extname(file_path).downcase
+      need_check_paragraph_comment = ['.m', '.c', '.swift', '.mm', '.h', '.hap', '.hpp', '.cpp'].include?(file_extension)
+
+      if need_check_paragraph_comment 
+        # 计算段注释 /**/
+        apis_found = contains_apis_ignore_all_comment(file_content.lines,apis)
+      else
+        # 计算单独行注释 //
+        apis_found = contains_apis_ignore_line_comment(file_content.lines,apis)
+      end
+      apis_found
+    end
+
+    def self.contains_apis_ignore_line_comment(lines,apis) 
       apis_found = {}
-      apis.each do |keyword, value|
-        if file_content.include?(keyword)
-          apis_found[keyword] = value
+      # 初始化状态机，表示不在注释块内
+      in_block_comment_count = 0  
+      in_block_comment = false
+      lines.each do |line|
+        next if line.strip.empty? #忽略空行
+        next if line.strip.start_with?('//') #忽略单行
+
+        apis.each do |keyword, value|
+          if line.include?(keyword)
+            apis_found[keyword] = value
+          end
         end
       end
 
       apis_found
     end
+    
+    def self.contains_apis_ignore_all_comment(lines,apis) 
+      apis_found = {}
+
+      # 段注释和单行注释标志
+      in_block_comment = false
+      in_line_comment = false
+
+      # 是否可以触发注释标识，当为true 时可以触发 /*段注释 或者 //单行注释
+      can_trigger_comments_flag = true
+
+      # 统计计数器
+      count_comments = 0
+
+      lines.each do |line|
+        next if line.strip.empty? #忽略空行
+        next if line.strip.start_with?('//') && !in_block_comment  #忽略单行
+
+        chars = line.chars
+        index = 0
+        while index < chars.size
+          char = chars[index]
+
+          if char == '/'
+            if chars[index + 1] == '*'
+              # 检测到 /* 且can_trigger_comments_flag标识为true时，判定为进入 段注释
+              if can_trigger_comments_flag 
+                in_line_comment = false #重置行标识
+                in_block_comment = true #标记正在段注释中
+                can_trigger_comments_flag = false #回收头部重置标识
+              end
+
+              #段注释每次 遇到 /* 都累加1
+              if in_block_comment
+                count_comments += 1
+              end
+
+              #跳过当前 /* 两个字符
+              index += 2
+              next
+            # 检测到 can_trigger_comments_flag 为true,且 // 时，说明触发了段注释之后的单行注释 ==》 /**///abcd
+            elsif chars[index + 1] == '/' && can_trigger_comments_flag 
+                in_line_comment = true
+                in_block_comment = false
+                can_trigger_comments_flag = true
+                break            
+            end
+          # 检测到段注释的end 标识 */
+          elsif in_block_comment && char == '*' && chars[index + 1] == '/'
+
+            #段注释每次 遇到 */ 都累减1
+            count_comments -= 1
+
+            #当/* */ 配对时，说明当前段注释结束了
+            if count_comments == 0
+              in_line_comment = false
+              in_block_comment = false 
+              can_trigger_comments_flag = true
+            end
+
+            #跳过当前 */ 两个字符
+            index += 2
+            next
+          end
+
+          # 其他情况，前进一个字符
+          index += 1
+        end
+
+        if !in_block_comment && !in_line_comment
+          apis.each do |keyword, value|
+            if line.include?(keyword)
+              apis_found[keyword] = value
+            end
+          end
+        end
+
+        #每行结束时，重置行标识
+        in_line_comment = false
+      end
+      apis_found
+    end
+
 
     #搜索所有子文件夹
     def self.search_files(folder_paths, exclude_folders, apis)

data/lib/cocoapods-privacy/privacy/privacy_specification_hook.rb

@@ -33,8 +33,15 @@ module Pod
 
             # 判断域名白名单 和 黑名单，确保该组件是自己的组件，第三方sdk不做检索
             config = Privacy::Config.instance          
-            git_source_whitelisted = config.source_white_list.any? { |item| git_source.include?(item) }
+
+            ## 规则：
+            ## 1、白名单/黑名单是通过组件podspec 中 source 字段的值来匹配，包含关键词即为命中，所有可以是git关键的域名，也可以是完整的git链接
+            ## 2、白名单：当白名单为空数组时：默认为全部组件都为白名单！！！； 当白名单不为空时，仅检索白名单数组内的组件
+            git_source_whitelisted = config.source_white_list.empty? ? true : config.source_white_list.any? { |item| git_source.include?(item) }
+
+            ## 3、黑名单：在白名单基础上，需要排除的组件
             git_source_blacklisted = config.source_black_list.any? { |item| git_source.include?(item) }
+            ## 4、最终检索的范围：白名单 - 黑名单
             git_source_whitelisted && !git_source_blacklisted
         end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cocoapods-privacy
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.1
 platform: ruby
 authors:
 - youhui
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-19 00:00:00.000000000 Z
+date: 2024-04-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler