cocoapods-whitelist 0.0.11 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/Gemfile.lock +44 -29
- data/lib/cocoapods-whitelist/client/whitelist_resolver.rb +46 -0
- data/lib/cocoapods-whitelist/command/whitelist.rb +4 -41
- data/lib/cocoapods-whitelist/gem_version.rb +1 -1
- data/lib/cocoapods-whitelist/hook.rb +1 -0
- data/lib/cocoapods-whitelist/hook/resolver.rb +23 -0
- data/lib/cocoapods-whitelist/model/allowed_dependency.rb +23 -0
- data/lib/cocoapods-whitelist/model/sources.rb +6 -0
- data/lib/cocoapods-whitelist/validator/source_validator.rb +52 -0
- data/lib/cocoapods_plugin.rb +1 -0
- data/spec/mocks/whitelist.json +17 -5
- data/spec/mocks/whitelisted_podname.podspec +13 -0
- data/spec/source_validator_spec.rb +95 -0
- data/spec/spec_helper.rb +1 -1
- data/spec/whitelist_resolver_spec.rb +22 -0
- data/spec/whitelist_spec.rb +0 -6
- metadata +18 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4723e3d52ded2d24e5ea0fd987f13c26e50e75f4b4f3d8e3c331bf3f0917e7d9
|
4
|
+
data.tar.gz: 3cc1e0c08620d6d500299acfae29328e9a4230438073ea5d9b64defd3eea9b72
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f45764d3004aecd106e8003e4999dbb31636092376d093aecb0e68d0a6de19c7aa75372d43113b1f17147ceeb541af70f34647c7141c5efc319eae3f3418669d
|
7
|
+
data.tar.gz: e8791f4a18accaef77551c5c864c923b2aecdd18072c9703716fff7c3668637d7f47b983b1c5db6aec96e165bda72adbc20e823f5a37fc7d5f9dc1508cd8dd25
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
@@ -6,25 +6,29 @@ PATH
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
8
8
|
specs:
|
9
|
-
CFPropertyList (3.0.
|
10
|
-
activesupport (
|
11
|
-
|
9
|
+
CFPropertyList (3.0.3)
|
10
|
+
activesupport (5.2.4.5)
|
11
|
+
concurrent-ruby (~> 1.0, >= 1.0.2)
|
12
|
+
i18n (>= 0.7, < 2)
|
12
13
|
minitest (~> 5.1)
|
13
|
-
thread_safe (~> 0.3, >= 0.3.4)
|
14
14
|
tzinfo (~> 1.1)
|
15
|
+
addressable (2.7.0)
|
16
|
+
public_suffix (>= 2.0.2, < 5.0)
|
17
|
+
algoliasearch (1.27.5)
|
18
|
+
httpclient (~> 2.8, >= 2.8.3)
|
19
|
+
json (>= 1.5.1)
|
15
20
|
atomos (0.1.3)
|
16
21
|
bacon (1.2.0)
|
17
|
-
claide (1.0.
|
18
|
-
cocoapods (1.
|
19
|
-
|
22
|
+
claide (1.0.3)
|
23
|
+
cocoapods (1.10.1)
|
24
|
+
addressable (~> 2.6)
|
20
25
|
claide (>= 1.0.2, < 2.0)
|
21
|
-
cocoapods-core (= 1.
|
26
|
+
cocoapods-core (= 1.10.1)
|
22
27
|
cocoapods-deintegrate (>= 1.0.3, < 2.0)
|
23
|
-
cocoapods-downloader (>= 1.
|
28
|
+
cocoapods-downloader (>= 1.4.0, < 2.0)
|
24
29
|
cocoapods-plugins (>= 1.0.0, < 2.0)
|
25
30
|
cocoapods-search (>= 1.0.0, < 2.0)
|
26
|
-
cocoapods-
|
27
|
-
cocoapods-trunk (>= 1.3.1, < 2.0)
|
31
|
+
cocoapods-trunk (>= 1.4.0, < 2.0)
|
28
32
|
cocoapods-try (>= 1.1.0, < 2.0)
|
29
33
|
colored2 (~> 3.1)
|
30
34
|
escape (~> 0.0.4)
|
@@ -33,52 +37,63 @@ GEM
|
|
33
37
|
molinillo (~> 0.6.6)
|
34
38
|
nap (~> 1.0)
|
35
39
|
ruby-macho (~> 1.4)
|
36
|
-
xcodeproj (>= 1.
|
37
|
-
cocoapods-core (1.
|
38
|
-
activesupport (
|
40
|
+
xcodeproj (>= 1.19.0, < 2.0)
|
41
|
+
cocoapods-core (1.10.1)
|
42
|
+
activesupport (> 5.0, < 6)
|
43
|
+
addressable (~> 2.6)
|
44
|
+
algoliasearch (~> 1.0)
|
45
|
+
concurrent-ruby (~> 1.1)
|
39
46
|
fuzzy_match (~> 2.0.4)
|
40
47
|
nap (~> 1.0)
|
48
|
+
netrc (~> 0.11)
|
49
|
+
public_suffix
|
50
|
+
typhoeus (~> 1.0)
|
41
51
|
cocoapods-deintegrate (1.0.4)
|
42
|
-
cocoapods-downloader (1.
|
52
|
+
cocoapods-downloader (1.4.0)
|
43
53
|
cocoapods-plugins (1.0.0)
|
44
54
|
nap
|
45
55
|
cocoapods-search (1.0.0)
|
46
|
-
cocoapods-
|
47
|
-
cocoapods-trunk (1.3.1)
|
56
|
+
cocoapods-trunk (1.5.0)
|
48
57
|
nap (>= 0.8, < 2.0)
|
49
58
|
netrc (~> 0.11)
|
50
|
-
cocoapods-try (1.
|
59
|
+
cocoapods-try (1.2.0)
|
51
60
|
colored2 (3.1.2)
|
52
|
-
concurrent-ruby (1.1.
|
61
|
+
concurrent-ruby (1.1.8)
|
53
62
|
escape (0.0.4)
|
63
|
+
ethon (0.12.0)
|
64
|
+
ffi (>= 1.3.0)
|
65
|
+
ffi (1.14.2)
|
54
66
|
fourflusher (2.3.1)
|
55
67
|
fuzzy_match (2.0.4)
|
56
68
|
gh_inspector (1.1.3)
|
57
|
-
|
69
|
+
httpclient (2.8.3)
|
70
|
+
i18n (1.8.9)
|
58
71
|
concurrent-ruby (~> 1.0)
|
59
|
-
|
60
|
-
minitest (5.
|
61
|
-
mocha (1.
|
62
|
-
metaclass (~> 0.0.1)
|
72
|
+
json (2.5.1)
|
73
|
+
minitest (5.14.4)
|
74
|
+
mocha (1.12.0)
|
63
75
|
mocha-on-bacon (0.2.3)
|
64
76
|
mocha (>= 0.13.0)
|
65
77
|
molinillo (0.6.6)
|
66
|
-
nanaimo (0.
|
78
|
+
nanaimo (0.3.0)
|
67
79
|
nap (1.1.0)
|
68
80
|
netrc (0.11.0)
|
69
81
|
prettybacon (0.0.2)
|
70
82
|
bacon (~> 1.2)
|
71
|
-
|
83
|
+
public_suffix (4.0.6)
|
84
|
+
rake (12.3.3)
|
72
85
|
ruby-macho (1.4.0)
|
73
86
|
thread_safe (0.3.6)
|
74
|
-
|
87
|
+
typhoeus (1.4.0)
|
88
|
+
ethon (>= 0.9.0)
|
89
|
+
tzinfo (1.2.9)
|
75
90
|
thread_safe (~> 0.1)
|
76
|
-
xcodeproj (1.
|
91
|
+
xcodeproj (1.19.0)
|
77
92
|
CFPropertyList (>= 2.3.3, < 4.0)
|
78
93
|
atomos (~> 0.1.3)
|
79
94
|
claide (>= 1.0.2, < 2.0)
|
80
95
|
colored2 (~> 3.1)
|
81
|
-
nanaimo (~> 0.
|
96
|
+
nanaimo (~> 0.3.0)
|
82
97
|
|
83
98
|
PLATFORMS
|
84
99
|
ruby
|
@@ -0,0 +1,46 @@
|
|
1
|
+
require 'singleton'
|
2
|
+
require 'cocoapods-whitelist/model/allowed_dependency'
|
3
|
+
|
4
|
+
class WhitelistResolver
|
5
|
+
include Singleton
|
6
|
+
attr_accessor :whitelist
|
7
|
+
attr_accessor :whitelist_loaded
|
8
|
+
attr_accessor :whitelist_url
|
9
|
+
|
10
|
+
def config
|
11
|
+
@whitelist ||= []
|
12
|
+
end
|
13
|
+
|
14
|
+
def initialize()
|
15
|
+
@whitelist_url = DEFAULT_WHITELIST_URL
|
16
|
+
load_whitelist()
|
17
|
+
end
|
18
|
+
|
19
|
+
def get_whitelist(whitelist_url = DEFAULT_WHITELIST_URL)
|
20
|
+
@whitelist_loaded = @whitelist_url == whitelist_url
|
21
|
+
@whitelist_url = whitelist_url
|
22
|
+
|
23
|
+
load_whitelist() unless @whitelist_loaded
|
24
|
+
return @whitelist
|
25
|
+
end
|
26
|
+
|
27
|
+
def load_whitelist
|
28
|
+
begin
|
29
|
+
open(@whitelist_url) { |io|
|
30
|
+
buffer = io.read
|
31
|
+
@whitelist = parse_whitelist(buffer)
|
32
|
+
@whitelist_loaded = true
|
33
|
+
}
|
34
|
+
rescue OpenURI::HTTPError => e
|
35
|
+
status = e.io.status.join(' ')
|
36
|
+
raise "Failed to fetch whitelist from '#{@whitelist_url}'.\n Error: #{status}"
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def parse_whitelist(raw_whitelist)
|
41
|
+
json = JSON.parse(raw_whitelist)
|
42
|
+
return json["whitelist"].map { |dependencyJson|
|
43
|
+
AllowedDependency.new(dependencyJson["name"], dependencyJson["version"], dependencyJson["expire"], dependencyJson["source"], dependencyJson["target"])
|
44
|
+
}
|
45
|
+
end
|
46
|
+
end
|
@@ -1,27 +1,9 @@
|
|
1
1
|
require 'open-uri'
|
2
|
+
require_relative '../client/whitelist_resolver'
|
2
3
|
|
3
|
-
DEFAULT_WHITELIST_URL = "https://raw.githubusercontent.com/mercadolibre/mobile-dependencies_whitelist/master/ios-whitelist.json"
|
4
4
|
POD_NAME_REGEX = /^([^\/]+)(?:\/.*)*$/
|
5
5
|
POD_BASE_REGEX_POSITION = 0
|
6
|
-
|
7
|
-
class AllowedDependency
|
8
|
-
attr_accessor :name
|
9
|
-
attr_accessor :version
|
10
|
-
attr_accessor :expire
|
11
|
-
def initialize(name, version, expire)
|
12
|
-
@name = name
|
13
|
-
@version = version
|
14
|
-
@expire = expire
|
15
|
-
end
|
16
|
-
|
17
|
-
def expire?
|
18
|
-
if @expire != nil
|
19
|
-
expire = DateTime.parse(@expire,"%Y-%m-%d")
|
20
|
-
return expire < DateTime.now
|
21
|
-
end
|
22
|
-
return false
|
23
|
-
end
|
24
|
-
end
|
6
|
+
DEFAULT_WHITELIST_URL = "https://raw.githubusercontent.com/mercadolibre/mobile-dependencies_whitelist/master/ios-whitelist.json"
|
25
7
|
|
26
8
|
module Pod
|
27
9
|
class Command
|
@@ -59,7 +41,7 @@ module Pod
|
|
59
41
|
|
60
42
|
def run
|
61
43
|
prepare_outfile
|
62
|
-
whitelist = get_whitelist
|
44
|
+
whitelist = WhitelistResolver.instance.get_whitelist(@whitelist_url)
|
63
45
|
specifications = get_podspec_specifications
|
64
46
|
|
65
47
|
if specifications.empty?
|
@@ -102,7 +84,7 @@ module Pod
|
|
102
84
|
end
|
103
85
|
|
104
86
|
allowedDependency = whitelist.select { |item|
|
105
|
-
name.start_with?(item.name.match(POD_NAME_REGEX).captures[POD_BASE_REGEX_POSITION]) && (!item.version || versions.grep(/#{item.version}/).any?)
|
87
|
+
name.start_with?(item.name.match(POD_NAME_REGEX).captures[POD_BASE_REGEX_POSITION]) && (!item.version || versions.grep(/#{item.version}/).any?) && (item.target == 'production')
|
106
88
|
}
|
107
89
|
|
108
90
|
# Checks if any of the allowed dependencies are expired, if so, fail with error
|
@@ -135,25 +117,6 @@ module Pod
|
|
135
117
|
end
|
136
118
|
end
|
137
119
|
|
138
|
-
def get_whitelist
|
139
|
-
begin
|
140
|
-
open(@whitelist_url) { |io|
|
141
|
-
buffer = io.read
|
142
|
-
parse_whitelist(buffer)
|
143
|
-
}
|
144
|
-
rescue OpenURI::HTTPError => e
|
145
|
-
status = e.io.status.join(' ')
|
146
|
-
raise "Failed to fetch whitelist from '#{@whitelist_url}'.\n Error: #{status}"
|
147
|
-
end
|
148
|
-
end
|
149
|
-
|
150
|
-
def parse_whitelist(raw_whitelist)
|
151
|
-
json = JSON.parse(raw_whitelist)
|
152
|
-
return json["whitelist"].map { |dependencyJson|
|
153
|
-
AllowedDependency.new(dependencyJson["name"], dependencyJson["version"], dependencyJson["expire"])
|
154
|
-
}
|
155
|
-
end
|
156
|
-
|
157
120
|
def get_podspec_specifications
|
158
121
|
if @pospec_path
|
159
122
|
return [Pod::Specification.from_file(@pospec_path)]
|
@@ -0,0 +1 @@
|
|
1
|
+
require 'cocoapods-whitelist/hook/resolver'
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require_relative '../validator/source_validator'
|
2
|
+
require_relative '../model/sources'
|
3
|
+
|
4
|
+
module Pod
|
5
|
+
class Resolver
|
6
|
+
alias original_search_for search_for
|
7
|
+
## Filter specifications
|
8
|
+
def search_for(dependency)
|
9
|
+
specifications = original_search_for(dependency)
|
10
|
+
|
11
|
+
validator = SourceValidator.new(get_sources())
|
12
|
+
filtered = validator.filter_dependency(dependency.root_name, specifications)
|
13
|
+
|
14
|
+
if filtered.empty? && specifications.first ## If you have a dependency problem, then no specification is returned from :search_for
|
15
|
+
Pod::UI.puts "Dependency #{dependency.root_name} comes from source #{specifications.first.spec_source.url} is NOT allowed".red
|
16
|
+
Pod::UI.puts "If you thing this is a mistake, please check the whitelist".red
|
17
|
+
raise Informative.new()
|
18
|
+
end
|
19
|
+
|
20
|
+
specifications
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
class AllowedDependency
|
2
|
+
attr_accessor :name
|
3
|
+
attr_accessor :version
|
4
|
+
attr_accessor :expire
|
5
|
+
attr_accessor :source
|
6
|
+
attr_accessor :target
|
7
|
+
|
8
|
+
def initialize(name, version, expire, source, target)
|
9
|
+
@name = name
|
10
|
+
@version = version
|
11
|
+
@expire = expire
|
12
|
+
@source = source
|
13
|
+
@target = target
|
14
|
+
end
|
15
|
+
|
16
|
+
def expire?
|
17
|
+
if @expire != nil
|
18
|
+
expire = DateTime.parse(@expire,"%Y-%m-%d")
|
19
|
+
return expire < DateTime.now
|
20
|
+
end
|
21
|
+
return false
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
require_relative '../client/whitelist_resolver'
|
2
|
+
require 'singleton'
|
3
|
+
|
4
|
+
class SourceValidator
|
5
|
+
attr_accessor :sources
|
6
|
+
def initialize(sources)
|
7
|
+
@sources = sources
|
8
|
+
end
|
9
|
+
|
10
|
+
def filter_dependency(pod, specifications)
|
11
|
+
## Avoid checking the same pod many times
|
12
|
+
return [specifications.first] if DependencyCounter.instance.is_checked(pod) && !specifications.empty?
|
13
|
+
|
14
|
+
filtered = specifications.select { |spec| spec_is_valid(pod, spec) }
|
15
|
+
|
16
|
+
return filtered
|
17
|
+
end
|
18
|
+
|
19
|
+
def spec_is_valid(pod, spec)
|
20
|
+
|
21
|
+
# Allow external dependencies (using :git or :path), which create a local podspec
|
22
|
+
return true if !spec.defined_in_file.nil? && spec.defined_in_file.to_s.include?('/Pods/Local Podspecs')
|
23
|
+
|
24
|
+
# Allow every dependency that comes from our private specs sources
|
25
|
+
return true if spec.spec_source.url == @sources["private"]
|
26
|
+
|
27
|
+
whitelist = WhitelistResolver.instance.get_whitelist
|
28
|
+
whitelist.each { |dependency|
|
29
|
+
next unless dependency.name == pod
|
30
|
+
return true unless spec.spec_source.url != @sources[dependency.source]
|
31
|
+
}
|
32
|
+
return false
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
|
37
|
+
class DependencyCounter
|
38
|
+
include Singleton
|
39
|
+
attr_accessor :dependencies_checked
|
40
|
+
|
41
|
+
def initialize()
|
42
|
+
@dependencies_checked ||= []
|
43
|
+
end
|
44
|
+
|
45
|
+
def is_checked(podname)
|
46
|
+
included = @dependencies_checked.include? podname
|
47
|
+
@dependencies_checked.push(podname) unless included
|
48
|
+
|
49
|
+
return included
|
50
|
+
end
|
51
|
+
|
52
|
+
end
|
data/lib/cocoapods_plugin.rb
CHANGED
data/spec/mocks/whitelist.json
CHANGED
@@ -2,25 +2,37 @@
|
|
2
2
|
"whitelist": [
|
3
3
|
{
|
4
4
|
"name": "MeliSDK",
|
5
|
-
"version": "^~>5.[0-9]+$"
|
5
|
+
"version": "^~>5.[0-9]+$",
|
6
|
+
"target": "production"
|
6
7
|
},
|
7
8
|
{
|
8
9
|
"name": "MLRecommendations",
|
9
|
-
"version": null
|
10
|
+
"version": null,
|
11
|
+
"target": "production"
|
10
12
|
},
|
11
13
|
{
|
12
14
|
"expire": "2100-11-15",
|
13
15
|
"name": "MLBilling",
|
14
|
-
"version": null
|
16
|
+
"version": null,
|
17
|
+
"target": "production"
|
15
18
|
},
|
16
19
|
{
|
17
20
|
"expire": "2016-11-15",
|
18
21
|
"name": "MLOnDemandResources",
|
19
|
-
"version": "^~>5.[0-9]+$"
|
22
|
+
"version": "^~>5.[0-9]+$",
|
23
|
+
"source": "public",
|
24
|
+
"target": "production"
|
25
|
+
},
|
26
|
+
{
|
27
|
+
"name": "MLMyPod",
|
28
|
+
"version": "^~>1.[0-9]+$",
|
29
|
+
"source": "public",
|
30
|
+
"target": "production"
|
20
31
|
},
|
21
32
|
{
|
22
33
|
"name": "MLMyDependency",
|
23
|
-
"version": "1.0.0|2.0.0"
|
34
|
+
"version": "1.0.0|2.0.0",
|
35
|
+
"target": "production"
|
24
36
|
}
|
25
37
|
]
|
26
38
|
}
|
@@ -0,0 +1,13 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLMyPod"
|
3
|
+
s.version = "1.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
|
12
|
+
end
|
13
|
+
|
@@ -0,0 +1,95 @@
|
|
1
|
+
require File.expand_path('../spec_helper', __FILE__)
|
2
|
+
|
3
|
+
describe SourceValidator do
|
4
|
+
describe 'functionality' do
|
5
|
+
it 'external dependency that is not on the whitelist should not be valid' do
|
6
|
+
|
7
|
+
sources = {
|
8
|
+
"public" => "https://cdn.cocoapods.org/",
|
9
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
10
|
+
}
|
11
|
+
|
12
|
+
stub_url = stub(:url => 'https://cdn.cocoapods.org/')
|
13
|
+
spec_mock = mock()
|
14
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
15
|
+
spec_mock.stubs(:defined_in_file).returns(nil?)
|
16
|
+
|
17
|
+
validator = SourceValidator.new(sources)
|
18
|
+
filtered = validator.filter_dependency('MyExternalPod', [spec_mock])
|
19
|
+
|
20
|
+
filtered.should.empty?
|
21
|
+
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'external dependency that is on the whitelist should be valid' do
|
25
|
+
|
26
|
+
sources = {
|
27
|
+
"public" => "https://cdn.cocoapods.org/",
|
28
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
29
|
+
}
|
30
|
+
|
31
|
+
stub_url = stub(:url => 'https://cdn.cocoapods.org/')
|
32
|
+
spec_mock = mock()
|
33
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
34
|
+
spec_mock.stubs(:defined_in_file).returns(nil?)
|
35
|
+
|
36
|
+
validator = SourceValidator.new(sources)
|
37
|
+
filtered = validator.filter_dependency('RxSwift', [spec_mock])
|
38
|
+
|
39
|
+
filtered.size.should.equal 1
|
40
|
+
|
41
|
+
end
|
42
|
+
|
43
|
+
it 'internal dependency that comes from private source should be valid' do
|
44
|
+
sources = {
|
45
|
+
"public" => "https://cdn.cocoapods.org/",
|
46
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
47
|
+
}
|
48
|
+
|
49
|
+
stub_url = stub(:url => 'git@github.com:mercadolibre/mobile-ios_specs.git')
|
50
|
+
spec_mock = mock()
|
51
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
52
|
+
spec_mock.stubs(:defined_in_file).returns(nil?)
|
53
|
+
|
54
|
+
validator = SourceValidator.new(sources)
|
55
|
+
filtered = validator.filter_dependency('MLMyPod', [spec_mock])
|
56
|
+
|
57
|
+
filtered.size.should.equal 1
|
58
|
+
|
59
|
+
end
|
60
|
+
|
61
|
+
it 'internal dependency that comes from unknown source should not be valid' do
|
62
|
+
sources = {
|
63
|
+
"public" => "https://cdn.cocoapods.org/",
|
64
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
65
|
+
}
|
66
|
+
|
67
|
+
stub_url = stub(:url => 'https://cdn.malicious.source.org/')
|
68
|
+
spec_mock = mock()
|
69
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
70
|
+
spec_mock.stubs(:defined_in_file).returns(nil?)
|
71
|
+
|
72
|
+
validator = SourceValidator.new(sources)
|
73
|
+
filtered = validator.filter_dependency('MLOnDemandResources', [spec_mock])
|
74
|
+
|
75
|
+
filtered.should.empty?
|
76
|
+
end
|
77
|
+
|
78
|
+
it 'development pods should be valid' do
|
79
|
+
sources = {
|
80
|
+
"public" => "https://cdn.cocoapods.org/",
|
81
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
82
|
+
}
|
83
|
+
|
84
|
+
stub_url = stub(:url => '')
|
85
|
+
spec_mock = mock()
|
86
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
87
|
+
spec_mock.stubs(:defined_in_file).returns('./Users/Pods/Local Podspecs/MLMyDevelopmentPod.podspec')
|
88
|
+
|
89
|
+
validator = SourceValidator.new(sources)
|
90
|
+
filtered = validator.filter_dependency('MLMyDevelopmentPod', [spec_mock])
|
91
|
+
|
92
|
+
filtered.size.should.equal 1
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
data/spec/spec_helper.rb
CHANGED
@@ -0,0 +1,22 @@
|
|
1
|
+
require File.expand_path('../spec_helper', __FILE__)
|
2
|
+
|
3
|
+
describe WhitelistResolver do
|
4
|
+
describe 'functionality' do
|
5
|
+
it 'whitelist should be loaded from an specific url' do
|
6
|
+
whitelist = WhitelistResolver.instance.get_whitelist(WHITELIST_FILE)
|
7
|
+
whitelist.size.should.equal 6
|
8
|
+
end
|
9
|
+
|
10
|
+
it 'if not URL is specified, whitelist comes from default URL' do
|
11
|
+
whitelist = WhitelistResolver.instance.get_whitelist
|
12
|
+
whitelist.should.not.empty?
|
13
|
+
end
|
14
|
+
|
15
|
+
it 'whitelist should not be loaded twice' do
|
16
|
+
WhitelistResolver.instance.get_whitelist(WHITELIST_FILE)
|
17
|
+
loaded = WhitelistResolver.instance.whitelist_loaded
|
18
|
+
|
19
|
+
loaded.should.be.true
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
data/spec/whitelist_spec.rb
CHANGED
@@ -8,12 +8,6 @@ module Pod
|
|
8
8
|
it 'registers itself' do
|
9
9
|
Command.parse(%w{ whitelist }).should.be.instance_of Command::Whitelist
|
10
10
|
end
|
11
|
-
|
12
|
-
it 'parse whitelist json' do
|
13
|
-
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}"])
|
14
|
-
dependencies = command.get_whitelist
|
15
|
-
dependencies.size.should.equal 5
|
16
|
-
end
|
17
11
|
end
|
18
12
|
|
19
13
|
describe 'validations' do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cocoapods-whitelist
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mobile Team
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-03-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -55,9 +55,15 @@ files:
|
|
55
55
|
- Rakefile
|
56
56
|
- cocoapods-whitelist.gemspec
|
57
57
|
- lib/cocoapods-whitelist.rb
|
58
|
+
- lib/cocoapods-whitelist/client/whitelist_resolver.rb
|
58
59
|
- lib/cocoapods-whitelist/command.rb
|
59
60
|
- lib/cocoapods-whitelist/command/whitelist.rb
|
60
61
|
- lib/cocoapods-whitelist/gem_version.rb
|
62
|
+
- lib/cocoapods-whitelist/hook.rb
|
63
|
+
- lib/cocoapods-whitelist/hook/resolver.rb
|
64
|
+
- lib/cocoapods-whitelist/model/allowed_dependency.rb
|
65
|
+
- lib/cocoapods-whitelist/model/sources.rb
|
66
|
+
- lib/cocoapods-whitelist/validator/source_validator.rb
|
61
67
|
- lib/cocoapods_plugin.rb
|
62
68
|
- spec/mocks/bad_name.podspec
|
63
69
|
- spec/mocks/free_version.podspec
|
@@ -65,6 +71,7 @@ files:
|
|
65
71
|
- spec/mocks/not_allowed.podspec
|
66
72
|
- spec/mocks/whitelist.json
|
67
73
|
- spec/mocks/whitelist_with_expired_dependencies.json
|
74
|
+
- spec/mocks/whitelisted_podname.podspec
|
68
75
|
- spec/mocks/with_allowed_in_subspec.podspec
|
69
76
|
- spec/mocks/with_allowed_subspec.podspec
|
70
77
|
- spec/mocks/with_expired_dependencies.podspec
|
@@ -80,13 +87,15 @@ files:
|
|
80
87
|
- spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec
|
81
88
|
- spec/mocks/without_dependencies.podspec
|
82
89
|
- spec/mocks/without_version.podspec
|
90
|
+
- spec/source_validator_spec.rb
|
83
91
|
- spec/spec_helper.rb
|
92
|
+
- spec/whitelist_resolver_spec.rb
|
84
93
|
- spec/whitelist_spec.rb
|
85
94
|
homepage: https://github.com/mercadolibre/mobile-cocoapods_whitelist
|
86
95
|
licenses:
|
87
96
|
- MIT
|
88
97
|
metadata: {}
|
89
|
-
post_install_message:
|
98
|
+
post_install_message:
|
90
99
|
rdoc_options: []
|
91
100
|
require_paths:
|
92
101
|
- lib
|
@@ -101,9 +110,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
101
110
|
- !ruby/object:Gem::Version
|
102
111
|
version: '0'
|
103
112
|
requirements: []
|
104
|
-
|
105
|
-
|
106
|
-
signing_key:
|
113
|
+
rubygems_version: 3.0.9
|
114
|
+
signing_key:
|
107
115
|
specification_version: 4
|
108
116
|
summary: A longer description of cocoapods-whitelist.
|
109
117
|
test_files:
|
@@ -113,6 +121,7 @@ test_files:
|
|
113
121
|
- spec/mocks/not_allowed.podspec
|
114
122
|
- spec/mocks/whitelist.json
|
115
123
|
- spec/mocks/whitelist_with_expired_dependencies.json
|
124
|
+
- spec/mocks/whitelisted_podname.podspec
|
116
125
|
- spec/mocks/with_allowed_in_subspec.podspec
|
117
126
|
- spec/mocks/with_allowed_subspec.podspec
|
118
127
|
- spec/mocks/with_expired_dependencies.podspec
|
@@ -128,5 +137,7 @@ test_files:
|
|
128
137
|
- spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec
|
129
138
|
- spec/mocks/without_dependencies.podspec
|
130
139
|
- spec/mocks/without_version.podspec
|
140
|
+
- spec/source_validator_spec.rb
|
131
141
|
- spec/spec_helper.rb
|
142
|
+
- spec/whitelist_resolver_spec.rb
|
132
143
|
- spec/whitelist_spec.rb
|