cocoapods-whitelist 0.0.10 → 0.0.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: b5e6eca5022d389d3b4365d67027985c72e8a5e5
-  data.tar.gz: 6c81391a25a039e470609b4f9c5dbbaf82fa325d
+SHA256:
+  metadata.gz: ac35a09134957238dfebe24132c80aa456c46bd4fe0b30e4a8615b210321b614
+  data.tar.gz: ee7d647d915058f1da78c3d86ae95781a0423e98a87b4f43e005c9d37d418c7d
 SHA512:
-  metadata.gz: 22e7d9d0427233fb8f3685422f6ba6839beed969c9de482bb98de6c77ba28cb29ef2f6338fedc8a185642bb6e3e01ce55aefee7c5570bdf4c5c21c4ef88c29e1
-  data.tar.gz: 00c0638eca55e951f4c31820003dd9d2adf75c300a866410e318229c18eef047952289bfeb6b51f6487e793fff0d498d44e43dab39a2324bd2dec72f69a28e5e
+  metadata.gz: 6773f81644aa4b7dfa24c61bac7b4e86a6902a6d6a41d3aa3e05940418bd4cf860437836c577047237f2e4fdb69bd4c82b89f02da84376b6255402605a980888
+  data.tar.gz: 3bffec4b9f7e462532a99fd5dfc1908a6376f21c8dbf2fcb2959c719432034878b29a68230b169bcc3f4d7785151172aca5b0536d68b33cbc414d8b522917b5b

data/.circleci/config.yml

@@ -0,0 +1,30 @@
+version: 2
+jobs:
+  build:
+    docker:
+       - image: circleci/ruby:2.4.4-node
+         environment:
+           BUNDLER_VERSION: 2.0.2
+    resource_class: small
+    steps:
+      - checkout
+      - add_ssh_keys
+      - run:
+          name: Update Bundler
+          command: |
+            sudo gem update --system
+            sudo gem uninstall bundler
+            sudo rm /usr/local/bin/bundle
+            sudo rm /usr/local/bin/bundler
+            sudo gem install bundler
+      - run:
+          name: Run Build
+          command: |
+            bundle install --quiet --without static-dependencies 
+            gem build cocoapods-whitelist.gemspec --silent -q --backtrace
+            gem install *.gem --silent -q --backtrace
+            rm -rf *.gem
+            rm -rf Gemfile.lock
+      - run:
+          name: Run Tests
+          command: rake

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.0.11
+- Enhancing dependencies linter by checking not only name but also version
+- Enabling CI
+
+## 0.0.10
+- Revert 0.0.8 validation rule
+
 ## 0.0.9
 - Revert 0.0.8 validation rule
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    cocoapods-whitelist (0.0.9)
+    cocoapods-whitelist (0.0.11)
 
 GEM
   remote: https://rubygems.org/
@@ -94,4 +94,4 @@ DEPENDENCIES
   rake (~> 12.0)
 
 BUNDLED WITH
-   2.0.1
+   2.0.2

data/lib/cocoapods-whitelist/command/whitelist.rb

@@ -1,6 +1,8 @@
 require 'open-uri'
 
 DEFAULT_WHITELIST_URL = "https://raw.githubusercontent.com/mercadolibre/mobile-dependencies_whitelist/master/ios-whitelist.json"
+POD_NAME_REGEX = /^([^\/]+)(?:\/.*)*$/
+POD_BASE_REGEX_POSITION = 0
 
 class AllowedDependency
   attr_accessor :name
@@ -93,19 +95,25 @@ module Pod
           # Skip subspec dependency
           next if parentName && name.start_with?("#{parentName}/")
 
+          if versions.length != 1
+            not_allowed.push("#{name} (#{versions.join(", ")}) Reason: A specific version must be defined for every dependency (just one). " +
+            "Suggestion: find this dependency in your Podspec and add the version listed in the whitelist.")
+            next
+          end
+
           allowedDependency = whitelist.select { |item|
-            /#{item.name}/ =~ name && (versions.empty? || !item.version || versions.grep(/#{item.version}/).any?)
+            name.start_with?(item.name.match(POD_NAME_REGEX).captures[POD_BASE_REGEX_POSITION]) && (!item.version || versions.grep(/#{item.version}/).any?)
           }
 
           # Checks if any of the allowed dependencies are expired, if so, fail with error
           allowedDependency.each { |dependency|
             if dependency.expire?
-              not_allowed.push("#{name} (Expired)")
+              not_allowed.push("#{name} Reason: Expired version. Please check the whitelist.")
             end
           }
 
           if allowedDependency.empty?
-            not_allowed.push("#{name} (#{versions.join(", ")})")
+            not_allowed.push("#{name} (#{versions.join(", ")}) Reason: Specified version hasn't match any whitelisted version or Pod name is not valid")
             next
           end
         end

data/lib/cocoapods-whitelist/gem_version.rb

@@ -1,3 +1,3 @@
 module CocoapodsWhitelist
-  VERSION = "0.0.10"
+  VERSION = "0.0.11"
 end

data/spec/mocks/whitelist.json

@@ -3,17 +3,24 @@
 		{
 			"name": "MeliSDK",
 			"version": "^~>5.[0-9]+$"
-		}, {
+		},
+		{
 			"name": "MLRecommendations",
 			"version": null
-		}, {
-		 "name": "MLBilling",
-		 "version": null,
-		 "expire" : "2100-11-15"
-	 }, {
-		"name": "MLOnDemandResources",
-		"version": "^~>5.[0-9]+$",
-		"expire" : "2016-11-15"
+		},
+		{
+			"expire": "2100-11-15",
+			"name": "MLBilling",
+			"version": null
+		},
+		{
+			"expire": "2016-11-15",
+			"name": "MLOnDemandResources",
+			"version": "^~>5.[0-9]+$"
+		},
+		{
+			"name": "MLMyDependency",
+			"version": "1.0.0|2.0.0"
 		}
 	]
 }

data/spec/mocks/with_allowed_subspec.podspec

@@ -0,0 +1,18 @@
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+
+  s.subspec "Suggestion" do |suggestion|
+    suggestion.resource = "LibraryComponents/Suggestions/assets/*.*", "LibraryComponents/Suggestions/classes/*.xib"
+    suggestion.source_files = "LibraryComponents/Suggestions/classes/*.{h,m,c}"
+    suggestion.dependency "MeliSDK/Error", "~>5.0"
+  end
+
+end

data/spec/mocks/with_more_than_one_version_in_subspec.podspec

@@ -0,0 +1,19 @@
+
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+
+  s.subspec "Suggestion" do |suggestion|
+    suggestion.resource = "LibraryComponents/Suggestions/assets/*.*", "LibraryComponents/Suggestions/classes/*.xib"
+    suggestion.source_files = "LibraryComponents/Suggestions/classes/*.{h,m,c}"
+    suggestion.dependency "MeliSDK", ">5.0", "<6.0"
+  end
+
+end

data/spec/mocks/with_not_allowed_subspec.podspec

@@ -0,0 +1,18 @@
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+
+  s.subspec "Suggestion" do |suggestion|
+    suggestion.resource = "LibraryComponents/Suggestions/assets/*.*", "LibraryComponents/Suggestions/classes/*.xib"
+    suggestion.source_files = "LibraryComponents/Suggestions/classes/*.{h,m,c}"
+    suggestion.dependency "MyMeliSDK/Error", "~>5.0"
+  end
+
+end

data/spec/mocks/with_similar_name_not_allowed.podspec

@@ -0,0 +1,13 @@
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+  s.dependency 'MercadoPagoSDK', '~>1.0.0'
+
+end

data/spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec

@@ -0,0 +1,13 @@
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+  s.dependency 'MLMyDependency', '1.0.0'
+
+end

data/spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec

@@ -0,0 +1,13 @@
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+  s.dependency 'MLMyDependency', '2.0.0'
+
+end

data/spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec

@@ -0,0 +1,13 @@
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+  s.dependency 'MLMyDependency', '~> 1.0'
+
+end

data/spec/whitelist_spec.rb

@@ -12,17 +12,17 @@ module Pod
       it 'parse whitelist json' do
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}"])
         dependencies = command.get_whitelist
-        dependencies.size.should.equal 4
+        dependencies.size.should.equal 5
       end
     end
 
     describe 'validations' do
-      it 'dependency without version should be valid' do
+      it 'dependency without version should not be valid' do
         # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK')
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
         specification = Pod::Specification.from_file('./spec/mocks/without_version.podspec')
         command.expects(:get_podspec_specifications).returns([specification])
-        lambda { command.run }.should.not.raise
+        lambda { command.run }.should.raise Informative
       end
 
       it 'dependency with major version fixed should be valid' do
@@ -48,6 +48,14 @@ module Pod
         lambda { command.run }.should.raise Informative
       end
 
+      it 'not allowed similar dependency should not be valid' do
+        # Whitelist: ('MercadoPagoSDKV4', '~>5.*') | Podspec: ('MercadoPagoSDK')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_similar_name_not_allowed.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.raise Informative
+      end
+
       it 'dependency with not allowed version should be valid' do
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
         specification = Pod::Specification.from_file('./spec/mocks/with_fixed_version.podspec')
@@ -79,6 +87,14 @@ module Pod
         lambda { command.run }.should.raise Informative
       end
 
+      it 'dependency with two versions requierement should not be valid' do
+        # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_more_than_one_version_in_subspec.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.raise Informative
+      end
+
       it 'dependency not allowed in subspec should not be valid' do
         # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
@@ -87,6 +103,22 @@ module Pod
         lambda { command.run }.should.raise Informative
       end
 
+      it 'subspec dependency allowed in the whitelist should be valid' do
+        # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK/Error')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.not.raise
+      end
+
+      it 'subspec dependency not allowed in the whitelist should not be valid' do
+        # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MyMeliSDK/Error')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.raise Informative
+      end
+
       it 'podspec without dependencies should be valid' do
         # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
@@ -111,6 +143,30 @@ module Pod
         lambda { command.run }.should.not.raise
       end
 
+      it 'fixed mayor dependency in whitelist and podspec should not fail on first option' do
+        # Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency',  '1.0.0')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.not.raise
+      end
+
+      it 'fixed mayor dependency in whitelist and podspec should not fail on second option' do
+        # Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency',  '2.0.0')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.not.raise
+      end
+
+      it 'fixed mayor dependency in whitelist but not in podspec should fail' do
+        # Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency',  '~> 1.0')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.raise Informative
+      end
+
       it 'not allowed dependency should not raise exception if --fail-on-error is not present' do
         # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--podspec=./spec/mocks/not_allowed.podspec"])
@@ -121,7 +177,6 @@ module Pod
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}"])
         lambda { command.run }.should.not.raise
       end
-
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cocoapods-whitelist
 version: !ruby/object:Gem::Version
-  version: 0.0.10
+  version: 0.0.11
 platform: ruby
 authors:
 - Mobile Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-10 00:00:00.000000000 Z
+date: 2019-07-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -45,6 +45,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".circleci/config.yml"
 - ".gitignore"
 - CHANGELOG.md
 - Gemfile
@@ -65,11 +66,18 @@ files:
 - spec/mocks/whitelist.json
 - spec/mocks/whitelist_with_expired_dependencies.json
 - spec/mocks/with_allowed_in_subspec.podspec
+- spec/mocks/with_allowed_subspec.podspec
 - spec/mocks/with_expired_dependencies.podspec
 - spec/mocks/with_fixed_version.podspec
+- spec/mocks/with_more_than_one_version_in_subspec.podspec
 - spec/mocks/with_not_allowed_in_subspec.podspec
+- spec/mocks/with_not_allowed_subspec.podspec
 - spec/mocks/with_not_yet_expired_dependencies.podspec
+- spec/mocks/with_similar_name_not_allowed.podspec
 - spec/mocks/with_two_requirement.podspec
+- spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec
+- spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec
+- spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec
 - spec/mocks/without_dependencies.podspec
 - spec/mocks/without_version.podspec
 - spec/spec_helper.rb
@@ -94,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 2.7.8
 signing_key: 
 specification_version: 4
 summary: A longer description of cocoapods-whitelist.
@@ -106,11 +114,18 @@ test_files:
 - spec/mocks/whitelist.json
 - spec/mocks/whitelist_with_expired_dependencies.json
 - spec/mocks/with_allowed_in_subspec.podspec
+- spec/mocks/with_allowed_subspec.podspec
 - spec/mocks/with_expired_dependencies.podspec
 - spec/mocks/with_fixed_version.podspec
+- spec/mocks/with_more_than_one_version_in_subspec.podspec
 - spec/mocks/with_not_allowed_in_subspec.podspec
+- spec/mocks/with_not_allowed_subspec.podspec
 - spec/mocks/with_not_yet_expired_dependencies.podspec
+- spec/mocks/with_similar_name_not_allowed.podspec
 - spec/mocks/with_two_requirement.podspec
+- spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec
+- spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec
+- spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec
 - spec/mocks/without_dependencies.podspec
 - spec/mocks/without_version.podspec
 - spec/spec_helper.rb