cocoapods-whitelist 0.0.7 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.circleci/config.yml +30 -0
- data/CHANGELOG.md +16 -0
- data/Gemfile.lock +64 -45
- data/README.md +22 -1
- data/cocoapods-whitelist.gemspec +1 -1
- data/lib/cocoapods-whitelist/client/whitelist_resolver.rb +46 -0
- data/lib/cocoapods-whitelist/command/whitelist.rb +20 -32
- data/lib/cocoapods-whitelist/gem_version.rb +1 -1
- data/lib/cocoapods-whitelist/hook.rb +1 -0
- data/lib/cocoapods-whitelist/hook/resolver.rb +23 -0
- data/lib/cocoapods-whitelist/model/allowed_dependency.rb +23 -0
- data/lib/cocoapods-whitelist/model/sources.rb +6 -0
- data/lib/cocoapods-whitelist/validator/source_validator.rb +52 -0
- data/lib/cocoapods_plugin.rb +1 -0
- data/spec/mocks/bad_name.podspec +13 -0
- data/spec/mocks/whitelist.json +36 -7
- data/spec/mocks/whitelist_with_expired_dependencies.json +24 -0
- data/spec/mocks/whitelisted_podname.podspec +13 -0
- data/spec/mocks/with_allowed_subspec.podspec +18 -0
- data/spec/mocks/with_expired_dependencies.podspec +12 -0
- data/spec/mocks/with_more_than_one_version_in_subspec.podspec +19 -0
- data/spec/mocks/with_not_allowed_subspec.podspec +18 -0
- data/spec/mocks/with_not_yet_expired_dependencies.podspec +12 -0
- data/spec/mocks/with_similar_name_not_allowed.podspec +13 -0
- data/spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec +13 -0
- data/spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec +13 -0
- data/spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec +13 -0
- data/spec/source_validator_spec.rb +95 -0
- data/spec/spec_helper.rb +1 -1
- data/spec/whitelist_resolver_spec.rb +22 -0
- data/spec/whitelist_spec.rb +84 -13
- metadata +50 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 4723e3d52ded2d24e5ea0fd987f13c26e50e75f4b4f3d8e3c331bf3f0917e7d9
|
4
|
+
data.tar.gz: 3cc1e0c08620d6d500299acfae29328e9a4230438073ea5d9b64defd3eea9b72
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f45764d3004aecd106e8003e4999dbb31636092376d093aecb0e68d0a6de19c7aa75372d43113b1f17147ceeb541af70f34647c7141c5efc319eae3f3418669d
|
7
|
+
data.tar.gz: e8791f4a18accaef77551c5c864c923b2aecdd18072c9703716fff7c3668637d7f47b983b1c5db6aec96e165bda72adbc20e823f5a37fc7d5f9dc1508cd8dd25
|
@@ -0,0 +1,30 @@
|
|
1
|
+
version: 2
|
2
|
+
jobs:
|
3
|
+
build:
|
4
|
+
docker:
|
5
|
+
- image: circleci/ruby:2.4.4-node
|
6
|
+
environment:
|
7
|
+
BUNDLER_VERSION: 2.0.2
|
8
|
+
resource_class: small
|
9
|
+
steps:
|
10
|
+
- checkout
|
11
|
+
- add_ssh_keys
|
12
|
+
- run:
|
13
|
+
name: Update Bundler
|
14
|
+
command: |
|
15
|
+
sudo gem update --system
|
16
|
+
sudo gem uninstall bundler
|
17
|
+
sudo rm /usr/local/bin/bundle
|
18
|
+
sudo rm /usr/local/bin/bundler
|
19
|
+
sudo gem install bundler
|
20
|
+
- run:
|
21
|
+
name: Run Build
|
22
|
+
command: |
|
23
|
+
bundle install --quiet --without static-dependencies
|
24
|
+
gem build cocoapods-whitelist.gemspec --silent -q --backtrace
|
25
|
+
gem install *.gem --silent -q --backtrace
|
26
|
+
rm -rf *.gem
|
27
|
+
rm -rf Gemfile.lock
|
28
|
+
- run:
|
29
|
+
name: Run Tests
|
30
|
+
command: rake
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,19 @@
|
|
1
|
+
## 0.1.0
|
2
|
+
- Dependency Confusion validation implementation
|
3
|
+
|
4
|
+
## 0.0.11
|
5
|
+
- Enhancing dependencies linter by checking not only name but also version
|
6
|
+
- Enabling CI
|
7
|
+
|
8
|
+
## 0.0.10
|
9
|
+
- Revert 0.0.8 validation rule
|
10
|
+
|
11
|
+
## 0.0.9
|
12
|
+
- Revert 0.0.8 validation rule
|
13
|
+
|
14
|
+
## 0.0.8
|
15
|
+
- Fix name validation rule
|
16
|
+
|
1
17
|
## 0.0.7
|
2
18
|
- Add `outfile` parameter
|
3
19
|
|
data/Gemfile.lock
CHANGED
@@ -1,87 +1,106 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
cocoapods-whitelist (0.0.
|
4
|
+
cocoapods-whitelist (0.0.11)
|
5
5
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
8
8
|
specs:
|
9
|
-
CFPropertyList (
|
10
|
-
activesupport (
|
11
|
-
|
9
|
+
CFPropertyList (3.0.3)
|
10
|
+
activesupport (5.2.4.5)
|
11
|
+
concurrent-ruby (~> 1.0, >= 1.0.2)
|
12
|
+
i18n (>= 0.7, < 2)
|
12
13
|
minitest (~> 5.1)
|
13
|
-
thread_safe (~> 0.3, >= 0.3.4)
|
14
14
|
tzinfo (~> 1.1)
|
15
|
+
addressable (2.7.0)
|
16
|
+
public_suffix (>= 2.0.2, < 5.0)
|
17
|
+
algoliasearch (1.27.5)
|
18
|
+
httpclient (~> 2.8, >= 2.8.3)
|
19
|
+
json (>= 1.5.1)
|
20
|
+
atomos (0.1.3)
|
15
21
|
bacon (1.2.0)
|
16
|
-
claide (1.0.
|
17
|
-
cocoapods (1.
|
18
|
-
|
19
|
-
claide (>= 1.0.
|
20
|
-
cocoapods-core (= 1.
|
21
|
-
cocoapods-deintegrate (>= 1.0.
|
22
|
-
cocoapods-downloader (>= 1.
|
22
|
+
claide (1.0.3)
|
23
|
+
cocoapods (1.10.1)
|
24
|
+
addressable (~> 2.6)
|
25
|
+
claide (>= 1.0.2, < 2.0)
|
26
|
+
cocoapods-core (= 1.10.1)
|
27
|
+
cocoapods-deintegrate (>= 1.0.3, < 2.0)
|
28
|
+
cocoapods-downloader (>= 1.4.0, < 2.0)
|
23
29
|
cocoapods-plugins (>= 1.0.0, < 2.0)
|
24
30
|
cocoapods-search (>= 1.0.0, < 2.0)
|
25
|
-
cocoapods-
|
26
|
-
cocoapods-trunk (>= 1.2.0, < 2.0)
|
31
|
+
cocoapods-trunk (>= 1.4.0, < 2.0)
|
27
32
|
cocoapods-try (>= 1.1.0, < 2.0)
|
28
33
|
colored2 (~> 3.1)
|
29
34
|
escape (~> 0.0.4)
|
30
|
-
fourflusher (
|
35
|
+
fourflusher (>= 2.3.0, < 3.0)
|
31
36
|
gh_inspector (~> 1.0)
|
32
|
-
molinillo (~> 0.
|
37
|
+
molinillo (~> 0.6.6)
|
33
38
|
nap (~> 1.0)
|
34
|
-
ruby-macho (~> 1.
|
35
|
-
xcodeproj (>= 1.
|
36
|
-
cocoapods-core (1.
|
37
|
-
activesupport (
|
39
|
+
ruby-macho (~> 1.4)
|
40
|
+
xcodeproj (>= 1.19.0, < 2.0)
|
41
|
+
cocoapods-core (1.10.1)
|
42
|
+
activesupport (> 5.0, < 6)
|
43
|
+
addressable (~> 2.6)
|
44
|
+
algoliasearch (~> 1.0)
|
45
|
+
concurrent-ruby (~> 1.1)
|
38
46
|
fuzzy_match (~> 2.0.4)
|
39
47
|
nap (~> 1.0)
|
40
|
-
|
41
|
-
|
48
|
+
netrc (~> 0.11)
|
49
|
+
public_suffix
|
50
|
+
typhoeus (~> 1.0)
|
51
|
+
cocoapods-deintegrate (1.0.4)
|
52
|
+
cocoapods-downloader (1.4.0)
|
42
53
|
cocoapods-plugins (1.0.0)
|
43
54
|
nap
|
44
55
|
cocoapods-search (1.0.0)
|
45
|
-
cocoapods-
|
46
|
-
cocoapods-trunk (1.2.0)
|
56
|
+
cocoapods-trunk (1.5.0)
|
47
57
|
nap (>= 0.8, < 2.0)
|
48
|
-
netrc (
|
49
|
-
cocoapods-try (1.
|
58
|
+
netrc (~> 0.11)
|
59
|
+
cocoapods-try (1.2.0)
|
50
60
|
colored2 (3.1.2)
|
61
|
+
concurrent-ruby (1.1.8)
|
51
62
|
escape (0.0.4)
|
52
|
-
|
63
|
+
ethon (0.12.0)
|
64
|
+
ffi (>= 1.3.0)
|
65
|
+
ffi (1.14.2)
|
66
|
+
fourflusher (2.3.1)
|
53
67
|
fuzzy_match (2.0.4)
|
54
|
-
gh_inspector (1.
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
68
|
+
gh_inspector (1.1.3)
|
69
|
+
httpclient (2.8.3)
|
70
|
+
i18n (1.8.9)
|
71
|
+
concurrent-ruby (~> 1.0)
|
72
|
+
json (2.5.1)
|
73
|
+
minitest (5.14.4)
|
74
|
+
mocha (1.12.0)
|
60
75
|
mocha-on-bacon (0.2.3)
|
61
76
|
mocha (>= 0.13.0)
|
62
|
-
molinillo (0.
|
63
|
-
nanaimo (0.
|
77
|
+
molinillo (0.6.6)
|
78
|
+
nanaimo (0.3.0)
|
64
79
|
nap (1.1.0)
|
65
|
-
netrc (0.
|
80
|
+
netrc (0.11.0)
|
66
81
|
prettybacon (0.0.2)
|
67
82
|
bacon (~> 1.2)
|
68
|
-
|
69
|
-
|
83
|
+
public_suffix (4.0.6)
|
84
|
+
rake (12.3.3)
|
85
|
+
ruby-macho (1.4.0)
|
70
86
|
thread_safe (0.3.6)
|
71
|
-
|
87
|
+
typhoeus (1.4.0)
|
88
|
+
ethon (>= 0.9.0)
|
89
|
+
tzinfo (1.2.9)
|
72
90
|
thread_safe (~> 0.1)
|
73
|
-
xcodeproj (1.
|
74
|
-
CFPropertyList (
|
75
|
-
|
91
|
+
xcodeproj (1.19.0)
|
92
|
+
CFPropertyList (>= 2.3.3, < 4.0)
|
93
|
+
atomos (~> 0.1.3)
|
94
|
+
claide (>= 1.0.2, < 2.0)
|
76
95
|
colored2 (~> 3.1)
|
77
|
-
nanaimo (~> 0.
|
96
|
+
nanaimo (~> 0.3.0)
|
78
97
|
|
79
98
|
PLATFORMS
|
80
99
|
ruby
|
81
100
|
|
82
101
|
DEPENDENCIES
|
83
102
|
bacon
|
84
|
-
bundler (~>
|
103
|
+
bundler (~> 2.0)
|
85
104
|
cocoapods
|
86
105
|
cocoapods-whitelist!
|
87
106
|
mocha
|
@@ -90,4 +109,4 @@ DEPENDENCIES
|
|
90
109
|
rake (~> 12.0)
|
91
110
|
|
92
111
|
BUNDLED WITH
|
93
|
-
|
112
|
+
2.0.2
|
data/README.md
CHANGED
@@ -10,7 +10,7 @@ Validate Podspec's dependencies against a whitelist of pods.
|
|
10
10
|
|
11
11
|
- As a command
|
12
12
|
```
|
13
|
-
$ pod whitelist [--podspec=PODSPEC] [--config=WHITELIST_FILE_OR_URL] [--fail-on-error]
|
13
|
+
$ pod whitelist [--podspec=PODSPEC] [--config=WHITELIST_FILE_OR_URL] [--outfile=PATH] [--fail-on-error]
|
14
14
|
```
|
15
15
|
|
16
16
|
- As plugin, add into the Podfile of your tests app
|
@@ -23,3 +23,24 @@ If not Podspec is passed by parameter, the command search into the current and p
|
|
23
23
|
You can specify a custom whitelist. By default use a whitelist hosted in [GitHub](https://github.com/mercadolibre/mobile-dependencies_whitelist/blob/master/ios-whitelist.json)
|
24
24
|
|
25
25
|
By default exit with status 0, unless you add the parameter `--fail-on-error`
|
26
|
+
|
27
|
+
## Development
|
28
|
+
### Install dependencies
|
29
|
+
```
|
30
|
+
bundle install
|
31
|
+
```
|
32
|
+
|
33
|
+
### Run test
|
34
|
+
```
|
35
|
+
rake
|
36
|
+
```
|
37
|
+
|
38
|
+
### Publish in RubyGems
|
39
|
+
1. Build
|
40
|
+
```
|
41
|
+
gem build cocoapods-whitelist.gemspec
|
42
|
+
```
|
43
|
+
2. Publish
|
44
|
+
```
|
45
|
+
gem push cocoapods-whitelist-{version}.gem
|
46
|
+
```
|
data/cocoapods-whitelist.gemspec
CHANGED
@@ -18,6 +18,6 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
19
|
spec.require_paths = ['lib']
|
20
20
|
|
21
|
-
spec.add_development_dependency 'bundler', '~>
|
21
|
+
spec.add_development_dependency 'bundler', '~> 2.0'
|
22
22
|
spec.add_development_dependency 'rake', '~> 12.0'
|
23
23
|
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
require 'singleton'
|
2
|
+
require 'cocoapods-whitelist/model/allowed_dependency'
|
3
|
+
|
4
|
+
class WhitelistResolver
|
5
|
+
include Singleton
|
6
|
+
attr_accessor :whitelist
|
7
|
+
attr_accessor :whitelist_loaded
|
8
|
+
attr_accessor :whitelist_url
|
9
|
+
|
10
|
+
def config
|
11
|
+
@whitelist ||= []
|
12
|
+
end
|
13
|
+
|
14
|
+
def initialize()
|
15
|
+
@whitelist_url = DEFAULT_WHITELIST_URL
|
16
|
+
load_whitelist()
|
17
|
+
end
|
18
|
+
|
19
|
+
def get_whitelist(whitelist_url = DEFAULT_WHITELIST_URL)
|
20
|
+
@whitelist_loaded = @whitelist_url == whitelist_url
|
21
|
+
@whitelist_url = whitelist_url
|
22
|
+
|
23
|
+
load_whitelist() unless @whitelist_loaded
|
24
|
+
return @whitelist
|
25
|
+
end
|
26
|
+
|
27
|
+
def load_whitelist
|
28
|
+
begin
|
29
|
+
open(@whitelist_url) { |io|
|
30
|
+
buffer = io.read
|
31
|
+
@whitelist = parse_whitelist(buffer)
|
32
|
+
@whitelist_loaded = true
|
33
|
+
}
|
34
|
+
rescue OpenURI::HTTPError => e
|
35
|
+
status = e.io.status.join(' ')
|
36
|
+
raise "Failed to fetch whitelist from '#{@whitelist_url}'.\n Error: #{status}"
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def parse_whitelist(raw_whitelist)
|
41
|
+
json = JSON.parse(raw_whitelist)
|
42
|
+
return json["whitelist"].map { |dependencyJson|
|
43
|
+
AllowedDependency.new(dependencyJson["name"], dependencyJson["version"], dependencyJson["expire"], dependencyJson["source"], dependencyJson["target"])
|
44
|
+
}
|
45
|
+
end
|
46
|
+
end
|
@@ -1,16 +1,10 @@
|
|
1
1
|
require 'open-uri'
|
2
|
+
require_relative '../client/whitelist_resolver'
|
2
3
|
|
4
|
+
POD_NAME_REGEX = /^([^\/]+)(?:\/.*)*$/
|
5
|
+
POD_BASE_REGEX_POSITION = 0
|
3
6
|
DEFAULT_WHITELIST_URL = "https://raw.githubusercontent.com/mercadolibre/mobile-dependencies_whitelist/master/ios-whitelist.json"
|
4
7
|
|
5
|
-
class AllowedDependency
|
6
|
-
attr_accessor :name
|
7
|
-
attr_accessor :version
|
8
|
-
def initialize(name, version)
|
9
|
-
@name = name
|
10
|
-
@version = version
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
8
|
module Pod
|
15
9
|
class Command
|
16
10
|
class Whitelist < Command
|
@@ -47,7 +41,7 @@ module Pod
|
|
47
41
|
|
48
42
|
def run
|
49
43
|
prepare_outfile
|
50
|
-
whitelist = get_whitelist
|
44
|
+
whitelist = WhitelistResolver.instance.get_whitelist(@whitelist_url)
|
51
45
|
specifications = get_podspec_specifications
|
52
46
|
|
53
47
|
if specifications.empty?
|
@@ -83,12 +77,25 @@ module Pod
|
|
83
77
|
# Skip subspec dependency
|
84
78
|
next if parentName && name.start_with?("#{parentName}/")
|
85
79
|
|
80
|
+
if versions.length != 1
|
81
|
+
not_allowed.push("#{name} (#{versions.join(", ")}) Reason: A specific version must be defined for every dependency (just one). " +
|
82
|
+
"Suggestion: find this dependency in your Podspec and add the version listed in the whitelist.")
|
83
|
+
next
|
84
|
+
end
|
85
|
+
|
86
86
|
allowedDependency = whitelist.select { |item|
|
87
|
-
|
87
|
+
name.start_with?(item.name.match(POD_NAME_REGEX).captures[POD_BASE_REGEX_POSITION]) && (!item.version || versions.grep(/#{item.version}/).any?) && (item.target == 'production')
|
88
|
+
}
|
89
|
+
|
90
|
+
# Checks if any of the allowed dependencies are expired, if so, fail with error
|
91
|
+
allowedDependency.each { |dependency|
|
92
|
+
if dependency.expire?
|
93
|
+
not_allowed.push("#{name} Reason: Expired version. Please check the whitelist.")
|
94
|
+
end
|
88
95
|
}
|
89
96
|
|
90
97
|
if allowedDependency.empty?
|
91
|
-
not_allowed.push("#{name} (#{versions.join(", ")})")
|
98
|
+
not_allowed.push("#{name} (#{versions.join(", ")}) Reason: Specified version hasn't match any whitelisted version or Pod name is not valid")
|
92
99
|
next
|
93
100
|
end
|
94
101
|
end
|
@@ -110,25 +117,6 @@ module Pod
|
|
110
117
|
end
|
111
118
|
end
|
112
119
|
|
113
|
-
def get_whitelist
|
114
|
-
begin
|
115
|
-
open(@whitelist_url) { |io|
|
116
|
-
buffer = io.read
|
117
|
-
parse_whitelist(buffer)
|
118
|
-
}
|
119
|
-
rescue OpenURI::HTTPError => e
|
120
|
-
status = e.io.status.join(' ')
|
121
|
-
raise "Failed to fetch whitelist from '#{@whitelist_url}'.\n Error: #{status}"
|
122
|
-
end
|
123
|
-
end
|
124
|
-
|
125
|
-
def parse_whitelist(raw_whitelist)
|
126
|
-
json = JSON.parse(raw_whitelist)
|
127
|
-
return json["whitelist"].map { |dependencyJson|
|
128
|
-
AllowedDependency.new(dependencyJson["name"], dependencyJson["version"])
|
129
|
-
}
|
130
|
-
end
|
131
|
-
|
132
120
|
def get_podspec_specifications
|
133
121
|
if @pospec_path
|
134
122
|
return [Pod::Specification.from_file(@pospec_path)]
|
@@ -146,7 +134,7 @@ module Pod
|
|
146
134
|
return podspecs.map { |path| Pod::Specification.from_file(path) }
|
147
135
|
end
|
148
136
|
|
149
|
-
def show_error_message(message)
|
137
|
+
def show_error_message(message)
|
150
138
|
unless @outfile == nil
|
151
139
|
IO.write(@outfile, "#{message}\n", mode: 'a')
|
152
140
|
end
|
@@ -0,0 +1 @@
|
|
1
|
+
require 'cocoapods-whitelist/hook/resolver'
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require_relative '../validator/source_validator'
|
2
|
+
require_relative '../model/sources'
|
3
|
+
|
4
|
+
module Pod
|
5
|
+
class Resolver
|
6
|
+
alias original_search_for search_for
|
7
|
+
## Filter specifications
|
8
|
+
def search_for(dependency)
|
9
|
+
specifications = original_search_for(dependency)
|
10
|
+
|
11
|
+
validator = SourceValidator.new(get_sources())
|
12
|
+
filtered = validator.filter_dependency(dependency.root_name, specifications)
|
13
|
+
|
14
|
+
if filtered.empty? && specifications.first ## If you have a dependency problem, then no specification is returned from :search_for
|
15
|
+
Pod::UI.puts "Dependency #{dependency.root_name} comes from source #{specifications.first.spec_source.url} is NOT allowed".red
|
16
|
+
Pod::UI.puts "If you thing this is a mistake, please check the whitelist".red
|
17
|
+
raise Informative.new()
|
18
|
+
end
|
19
|
+
|
20
|
+
specifications
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
class AllowedDependency
|
2
|
+
attr_accessor :name
|
3
|
+
attr_accessor :version
|
4
|
+
attr_accessor :expire
|
5
|
+
attr_accessor :source
|
6
|
+
attr_accessor :target
|
7
|
+
|
8
|
+
def initialize(name, version, expire, source, target)
|
9
|
+
@name = name
|
10
|
+
@version = version
|
11
|
+
@expire = expire
|
12
|
+
@source = source
|
13
|
+
@target = target
|
14
|
+
end
|
15
|
+
|
16
|
+
def expire?
|
17
|
+
if @expire != nil
|
18
|
+
expire = DateTime.parse(@expire,"%Y-%m-%d")
|
19
|
+
return expire < DateTime.now
|
20
|
+
end
|
21
|
+
return false
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
require_relative '../client/whitelist_resolver'
|
2
|
+
require 'singleton'
|
3
|
+
|
4
|
+
class SourceValidator
|
5
|
+
attr_accessor :sources
|
6
|
+
def initialize(sources)
|
7
|
+
@sources = sources
|
8
|
+
end
|
9
|
+
|
10
|
+
def filter_dependency(pod, specifications)
|
11
|
+
## Avoid checking the same pod many times
|
12
|
+
return [specifications.first] if DependencyCounter.instance.is_checked(pod) && !specifications.empty?
|
13
|
+
|
14
|
+
filtered = specifications.select { |spec| spec_is_valid(pod, spec) }
|
15
|
+
|
16
|
+
return filtered
|
17
|
+
end
|
18
|
+
|
19
|
+
def spec_is_valid(pod, spec)
|
20
|
+
|
21
|
+
# Allow external dependencies (using :git or :path), which create a local podspec
|
22
|
+
return true if !spec.defined_in_file.nil? && spec.defined_in_file.to_s.include?('/Pods/Local Podspecs')
|
23
|
+
|
24
|
+
# Allow every dependency that comes from our private specs sources
|
25
|
+
return true if spec.spec_source.url == @sources["private"]
|
26
|
+
|
27
|
+
whitelist = WhitelistResolver.instance.get_whitelist
|
28
|
+
whitelist.each { |dependency|
|
29
|
+
next unless dependency.name == pod
|
30
|
+
return true unless spec.spec_source.url != @sources[dependency.source]
|
31
|
+
}
|
32
|
+
return false
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
|
37
|
+
class DependencyCounter
|
38
|
+
include Singleton
|
39
|
+
attr_accessor :dependencies_checked
|
40
|
+
|
41
|
+
def initialize()
|
42
|
+
@dependencies_checked ||= []
|
43
|
+
end
|
44
|
+
|
45
|
+
def is_checked(podname)
|
46
|
+
included = @dependencies_checked.include? podname
|
47
|
+
@dependencies_checked.push(podname) unless included
|
48
|
+
|
49
|
+
return included
|
50
|
+
end
|
51
|
+
|
52
|
+
end
|
data/lib/cocoapods_plugin.rb
CHANGED
@@ -0,0 +1,13 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
s.dependency 'Meli', '~>5.1'
|
12
|
+
|
13
|
+
end
|
data/spec/mocks/whitelist.json
CHANGED
@@ -1,9 +1,38 @@
|
|
1
1
|
{
|
2
|
-
"whitelist": [
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
2
|
+
"whitelist": [
|
3
|
+
{
|
4
|
+
"name": "MeliSDK",
|
5
|
+
"version": "^~>5.[0-9]+$",
|
6
|
+
"target": "production"
|
7
|
+
},
|
8
|
+
{
|
9
|
+
"name": "MLRecommendations",
|
10
|
+
"version": null,
|
11
|
+
"target": "production"
|
12
|
+
},
|
13
|
+
{
|
14
|
+
"expire": "2100-11-15",
|
15
|
+
"name": "MLBilling",
|
16
|
+
"version": null,
|
17
|
+
"target": "production"
|
18
|
+
},
|
19
|
+
{
|
20
|
+
"expire": "2016-11-15",
|
21
|
+
"name": "MLOnDemandResources",
|
22
|
+
"version": "^~>5.[0-9]+$",
|
23
|
+
"source": "public",
|
24
|
+
"target": "production"
|
25
|
+
},
|
26
|
+
{
|
27
|
+
"name": "MLMyPod",
|
28
|
+
"version": "^~>1.[0-9]+$",
|
29
|
+
"source": "public",
|
30
|
+
"target": "production"
|
31
|
+
},
|
32
|
+
{
|
33
|
+
"name": "MLMyDependency",
|
34
|
+
"version": "1.0.0|2.0.0",
|
35
|
+
"target": "production"
|
36
|
+
}
|
37
|
+
]
|
9
38
|
}
|
@@ -0,0 +1,24 @@
|
|
1
|
+
{
|
2
|
+
"whitelist": [{
|
3
|
+
"name": "MeliSDK",
|
4
|
+
"version": "^~>5.[0-9]+$"
|
5
|
+
}, {
|
6
|
+
"name": "MLRecommendations",
|
7
|
+
"version": null
|
8
|
+
}, {
|
9
|
+
"name": "CHTCollectionViewWaterfallLayout2",
|
10
|
+
"version": "^~>\\s?0.[0-9]+$",
|
11
|
+
"expire": "2017-11-01"
|
12
|
+
},
|
13
|
+
{
|
14
|
+
"name": "CHTCollectionViewWaterfallLayout3",
|
15
|
+
"version": "^~>\\s?0.[0-9]+$",
|
16
|
+
"expire" : "2017-12-01"
|
17
|
+
},
|
18
|
+
{
|
19
|
+
"name": "CHTCollectionViewWaterfallLayout4",
|
20
|
+
"version": "^~>\\s?0.[0-9]+$",
|
21
|
+
"expire" : "2017-11-01"
|
22
|
+
}
|
23
|
+
]
|
24
|
+
}
|
@@ -0,0 +1,13 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLMyPod"
|
3
|
+
s.version = "1.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
|
12
|
+
end
|
13
|
+
|
@@ -0,0 +1,18 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
|
12
|
+
s.subspec "Suggestion" do |suggestion|
|
13
|
+
suggestion.resource = "LibraryComponents/Suggestions/assets/*.*", "LibraryComponents/Suggestions/classes/*.xib"
|
14
|
+
suggestion.source_files = "LibraryComponents/Suggestions/classes/*.{h,m,c}"
|
15
|
+
suggestion.dependency "MeliSDK/Error", "~>5.0"
|
16
|
+
end
|
17
|
+
|
18
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
s.dependency 'MLOnDemandResources', '~>5.8'
|
12
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
|
2
|
+
Pod::Spec.new do |s|
|
3
|
+
s.name = "MLSearch"
|
4
|
+
s.version = "3.17.0"
|
5
|
+
s.summary = "Componente de search"
|
6
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
7
|
+
s.license = "none"
|
8
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
9
|
+
s.platform = :ios, "7.0"
|
10
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
11
|
+
s.requires_arc = true
|
12
|
+
|
13
|
+
s.subspec "Suggestion" do |suggestion|
|
14
|
+
suggestion.resource = "LibraryComponents/Suggestions/assets/*.*", "LibraryComponents/Suggestions/classes/*.xib"
|
15
|
+
suggestion.source_files = "LibraryComponents/Suggestions/classes/*.{h,m,c}"
|
16
|
+
suggestion.dependency "MeliSDK", ">5.0", "<6.0"
|
17
|
+
end
|
18
|
+
|
19
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
|
12
|
+
s.subspec "Suggestion" do |suggestion|
|
13
|
+
suggestion.resource = "LibraryComponents/Suggestions/assets/*.*", "LibraryComponents/Suggestions/classes/*.xib"
|
14
|
+
suggestion.source_files = "LibraryComponents/Suggestions/classes/*.{h,m,c}"
|
15
|
+
suggestion.dependency "MyMeliSDK/Error", "~>5.0"
|
16
|
+
end
|
17
|
+
|
18
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
s.dependency 'MLBilling', '~>5.8'
|
12
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
s.dependency 'MercadoPagoSDK', '~>1.0.0'
|
12
|
+
|
13
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
s.dependency 'MLMyDependency', '1.0.0'
|
12
|
+
|
13
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
s.dependency 'MLMyDependency', '2.0.0'
|
12
|
+
|
13
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLSearch"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
s.dependency 'MLMyDependency', '~> 1.0'
|
12
|
+
|
13
|
+
end
|
@@ -0,0 +1,95 @@
|
|
1
|
+
require File.expand_path('../spec_helper', __FILE__)
|
2
|
+
|
3
|
+
describe SourceValidator do
|
4
|
+
describe 'functionality' do
|
5
|
+
it 'external dependency that is not on the whitelist should not be valid' do
|
6
|
+
|
7
|
+
sources = {
|
8
|
+
"public" => "https://cdn.cocoapods.org/",
|
9
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
10
|
+
}
|
11
|
+
|
12
|
+
stub_url = stub(:url => 'https://cdn.cocoapods.org/')
|
13
|
+
spec_mock = mock()
|
14
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
15
|
+
spec_mock.stubs(:defined_in_file).returns(nil?)
|
16
|
+
|
17
|
+
validator = SourceValidator.new(sources)
|
18
|
+
filtered = validator.filter_dependency('MyExternalPod', [spec_mock])
|
19
|
+
|
20
|
+
filtered.should.empty?
|
21
|
+
|
22
|
+
end
|
23
|
+
|
24
|
+
it 'external dependency that is on the whitelist should be valid' do
|
25
|
+
|
26
|
+
sources = {
|
27
|
+
"public" => "https://cdn.cocoapods.org/",
|
28
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
29
|
+
}
|
30
|
+
|
31
|
+
stub_url = stub(:url => 'https://cdn.cocoapods.org/')
|
32
|
+
spec_mock = mock()
|
33
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
34
|
+
spec_mock.stubs(:defined_in_file).returns(nil?)
|
35
|
+
|
36
|
+
validator = SourceValidator.new(sources)
|
37
|
+
filtered = validator.filter_dependency('RxSwift', [spec_mock])
|
38
|
+
|
39
|
+
filtered.size.should.equal 1
|
40
|
+
|
41
|
+
end
|
42
|
+
|
43
|
+
it 'internal dependency that comes from private source should be valid' do
|
44
|
+
sources = {
|
45
|
+
"public" => "https://cdn.cocoapods.org/",
|
46
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
47
|
+
}
|
48
|
+
|
49
|
+
stub_url = stub(:url => 'git@github.com:mercadolibre/mobile-ios_specs.git')
|
50
|
+
spec_mock = mock()
|
51
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
52
|
+
spec_mock.stubs(:defined_in_file).returns(nil?)
|
53
|
+
|
54
|
+
validator = SourceValidator.new(sources)
|
55
|
+
filtered = validator.filter_dependency('MLMyPod', [spec_mock])
|
56
|
+
|
57
|
+
filtered.size.should.equal 1
|
58
|
+
|
59
|
+
end
|
60
|
+
|
61
|
+
it 'internal dependency that comes from unknown source should not be valid' do
|
62
|
+
sources = {
|
63
|
+
"public" => "https://cdn.cocoapods.org/",
|
64
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
65
|
+
}
|
66
|
+
|
67
|
+
stub_url = stub(:url => 'https://cdn.malicious.source.org/')
|
68
|
+
spec_mock = mock()
|
69
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
70
|
+
spec_mock.stubs(:defined_in_file).returns(nil?)
|
71
|
+
|
72
|
+
validator = SourceValidator.new(sources)
|
73
|
+
filtered = validator.filter_dependency('MLOnDemandResources', [spec_mock])
|
74
|
+
|
75
|
+
filtered.should.empty?
|
76
|
+
end
|
77
|
+
|
78
|
+
it 'development pods should be valid' do
|
79
|
+
sources = {
|
80
|
+
"public" => "https://cdn.cocoapods.org/",
|
81
|
+
"private" => "git@github.com:mercadolibre/mobile-ios_specs.git"
|
82
|
+
}
|
83
|
+
|
84
|
+
stub_url = stub(:url => '')
|
85
|
+
spec_mock = mock()
|
86
|
+
spec_mock.stubs(:spec_source).returns(stub_url)
|
87
|
+
spec_mock.stubs(:defined_in_file).returns('./Users/Pods/Local Podspecs/MLMyDevelopmentPod.podspec')
|
88
|
+
|
89
|
+
validator = SourceValidator.new(sources)
|
90
|
+
filtered = validator.filter_dependency('MLMyDevelopmentPod', [spec_mock])
|
91
|
+
|
92
|
+
filtered.size.should.equal 1
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
data/spec/spec_helper.rb
CHANGED
@@ -0,0 +1,22 @@
|
|
1
|
+
require File.expand_path('../spec_helper', __FILE__)
|
2
|
+
|
3
|
+
describe WhitelistResolver do
|
4
|
+
describe 'functionality' do
|
5
|
+
it 'whitelist should be loaded from an specific url' do
|
6
|
+
whitelist = WhitelistResolver.instance.get_whitelist(WHITELIST_FILE)
|
7
|
+
whitelist.size.should.equal 6
|
8
|
+
end
|
9
|
+
|
10
|
+
it 'if not URL is specified, whitelist comes from default URL' do
|
11
|
+
whitelist = WhitelistResolver.instance.get_whitelist
|
12
|
+
whitelist.should.not.empty?
|
13
|
+
end
|
14
|
+
|
15
|
+
it 'whitelist should not be loaded twice' do
|
16
|
+
WhitelistResolver.instance.get_whitelist(WHITELIST_FILE)
|
17
|
+
loaded = WhitelistResolver.instance.whitelist_loaded
|
18
|
+
|
19
|
+
loaded.should.be.true
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
data/spec/whitelist_spec.rb
CHANGED
@@ -8,21 +8,15 @@ module Pod
|
|
8
8
|
it 'registers itself' do
|
9
9
|
Command.parse(%w{ whitelist }).should.be.instance_of Command::Whitelist
|
10
10
|
end
|
11
|
-
|
12
|
-
it 'parse whitelist json' do
|
13
|
-
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}"])
|
14
|
-
dependencies = command.get_whitelist
|
15
|
-
dependencies.size.should.equal 2
|
16
|
-
end
|
17
11
|
end
|
18
12
|
|
19
13
|
describe 'validations' do
|
20
|
-
it 'dependency without version should be valid' do
|
14
|
+
it 'dependency without version should not be valid' do
|
21
15
|
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK')
|
22
16
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
23
17
|
specification = Pod::Specification.from_file('./spec/mocks/without_version.podspec')
|
24
18
|
command.expects(:get_podspec_specifications).returns([specification])
|
25
|
-
lambda { command.run }.should.
|
19
|
+
lambda { command.run }.should.raise Informative
|
26
20
|
end
|
27
21
|
|
28
22
|
it 'dependency with major version fixed should be valid' do
|
@@ -33,23 +27,53 @@ module Pod
|
|
33
27
|
lambda { command.run }.should.not.raise
|
34
28
|
end
|
35
29
|
|
30
|
+
# it 'dependency with incorrect name should not be valid' do
|
31
|
+
# # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('Meli', '~>5.0')
|
32
|
+
# command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
33
|
+
# specification = Pod::Specification.from_file('./spec/mocks/bad_name.podspec')
|
34
|
+
# command.expects(:get_podspec_specifications).returns([specification])
|
35
|
+
# lambda { command.run }.should.raise Informative
|
36
|
+
# end
|
37
|
+
|
36
38
|
it 'not allowed dependency should not be valid' do
|
37
|
-
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
|
38
39
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
39
40
|
specification = Pod::Specification.from_file('./spec/mocks/not_allowed.podspec')
|
40
41
|
command.expects(:get_podspec_specifications).returns([specification])
|
41
42
|
lambda { command.run }.should.raise Informative
|
42
43
|
end
|
43
44
|
|
44
|
-
it '
|
45
|
-
# Whitelist: ('
|
45
|
+
it 'not allowed similar dependency should not be valid' do
|
46
|
+
# Whitelist: ('MercadoPagoSDKV4', '~>5.*') | Podspec: ('MercadoPagoSDK')
|
47
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
48
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_similar_name_not_allowed.podspec')
|
49
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
50
|
+
lambda { command.run }.should.raise Informative
|
51
|
+
end
|
52
|
+
|
53
|
+
it 'dependency with not allowed version should be valid' do
|
46
54
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
47
55
|
specification = Pod::Specification.from_file('./spec/mocks/with_fixed_version.podspec')
|
48
56
|
command.expects(:get_podspec_specifications).returns([specification])
|
49
57
|
lambda { command.run }.should.raise Informative
|
50
58
|
end
|
51
59
|
|
52
|
-
it 'dependency
|
60
|
+
it 'expired dependency should not be valid' do
|
61
|
+
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
|
62
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
63
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_expired_dependencies.podspec')
|
64
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
65
|
+
lambda { command.run }.should.raise Informative
|
66
|
+
end
|
67
|
+
|
68
|
+
it 'not yet expired dependency should be valid' do
|
69
|
+
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
|
70
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
71
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_not_yet_expired_dependencies.podspec')
|
72
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
73
|
+
lambda { command.run }.should.not.raise Informative
|
74
|
+
end
|
75
|
+
|
76
|
+
it 'dependency with two versions requierement should not be valid' do
|
53
77
|
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
|
54
78
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
55
79
|
specification = Pod::Specification.from_file('./spec/mocks/with_two_requirement.podspec')
|
@@ -57,6 +81,14 @@ module Pod
|
|
57
81
|
lambda { command.run }.should.raise Informative
|
58
82
|
end
|
59
83
|
|
84
|
+
it 'dependency with two versions requierement should not be valid' do
|
85
|
+
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
|
86
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
87
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_more_than_one_version_in_subspec.podspec')
|
88
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
89
|
+
lambda { command.run }.should.raise Informative
|
90
|
+
end
|
91
|
+
|
60
92
|
it 'dependency not allowed in subspec should not be valid' do
|
61
93
|
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
|
62
94
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
@@ -65,6 +97,22 @@ module Pod
|
|
65
97
|
lambda { command.run }.should.raise Informative
|
66
98
|
end
|
67
99
|
|
100
|
+
it 'subspec dependency allowed in the whitelist should be valid' do
|
101
|
+
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK/Error')
|
102
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
103
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec.podspec')
|
104
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
105
|
+
lambda { command.run }.should.not.raise
|
106
|
+
end
|
107
|
+
|
108
|
+
it 'subspec dependency not allowed in the whitelist should not be valid' do
|
109
|
+
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MyMeliSDK/Error')
|
110
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
111
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec.podspec')
|
112
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
113
|
+
lambda { command.run }.should.raise Informative
|
114
|
+
end
|
115
|
+
|
68
116
|
it 'podspec without dependencies should be valid' do
|
69
117
|
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
|
70
118
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
@@ -89,6 +137,30 @@ module Pod
|
|
89
137
|
lambda { command.run }.should.not.raise
|
90
138
|
end
|
91
139
|
|
140
|
+
it 'fixed mayor dependency in whitelist and podspec should not fail on first option' do
|
141
|
+
# Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '1.0.0')
|
142
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
143
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec')
|
144
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
145
|
+
lambda { command.run }.should.not.raise
|
146
|
+
end
|
147
|
+
|
148
|
+
it 'fixed mayor dependency in whitelist and podspec should not fail on second option' do
|
149
|
+
# Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '2.0.0')
|
150
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
151
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec')
|
152
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
153
|
+
lambda { command.run }.should.not.raise
|
154
|
+
end
|
155
|
+
|
156
|
+
it 'fixed mayor dependency in whitelist but not in podspec should fail' do
|
157
|
+
# Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '~> 1.0')
|
158
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
159
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec')
|
160
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
161
|
+
lambda { command.run }.should.raise Informative
|
162
|
+
end
|
163
|
+
|
92
164
|
it 'not allowed dependency should not raise exception if --fail-on-error is not present' do
|
93
165
|
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
|
94
166
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--podspec=./spec/mocks/not_allowed.podspec"])
|
@@ -99,7 +171,6 @@ module Pod
|
|
99
171
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}"])
|
100
172
|
lambda { command.run }.should.not.raise
|
101
173
|
end
|
102
|
-
|
103
174
|
end
|
104
175
|
end
|
105
176
|
end
|
metadata
CHANGED
@@ -1,41 +1,41 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cocoapods-whitelist
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mobile Team
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-03-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- - ~>
|
17
|
+
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '
|
19
|
+
version: '2.0'
|
20
20
|
type: :development
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- - ~>
|
24
|
+
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '
|
26
|
+
version: '2.0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rake
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- - ~>
|
31
|
+
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
33
|
version: '12.0'
|
34
34
|
type: :development
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
|
-
- - ~>
|
38
|
+
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '12.0'
|
41
41
|
description: A short description of cocoapods-whitelist.
|
@@ -45,7 +45,8 @@ executables: []
|
|
45
45
|
extensions: []
|
46
46
|
extra_rdoc_files: []
|
47
47
|
files:
|
48
|
-
- .
|
48
|
+
- ".circleci/config.yml"
|
49
|
+
- ".gitignore"
|
49
50
|
- CHANGELOG.md
|
50
51
|
- Gemfile
|
51
52
|
- Gemfile.lock
|
@@ -54,56 +55,89 @@ files:
|
|
54
55
|
- Rakefile
|
55
56
|
- cocoapods-whitelist.gemspec
|
56
57
|
- lib/cocoapods-whitelist.rb
|
58
|
+
- lib/cocoapods-whitelist/client/whitelist_resolver.rb
|
57
59
|
- lib/cocoapods-whitelist/command.rb
|
58
60
|
- lib/cocoapods-whitelist/command/whitelist.rb
|
59
61
|
- lib/cocoapods-whitelist/gem_version.rb
|
62
|
+
- lib/cocoapods-whitelist/hook.rb
|
63
|
+
- lib/cocoapods-whitelist/hook/resolver.rb
|
64
|
+
- lib/cocoapods-whitelist/model/allowed_dependency.rb
|
65
|
+
- lib/cocoapods-whitelist/model/sources.rb
|
66
|
+
- lib/cocoapods-whitelist/validator/source_validator.rb
|
60
67
|
- lib/cocoapods_plugin.rb
|
68
|
+
- spec/mocks/bad_name.podspec
|
61
69
|
- spec/mocks/free_version.podspec
|
62
70
|
- spec/mocks/major_version_fixed.podspec
|
63
71
|
- spec/mocks/not_allowed.podspec
|
64
72
|
- spec/mocks/whitelist.json
|
73
|
+
- spec/mocks/whitelist_with_expired_dependencies.json
|
74
|
+
- spec/mocks/whitelisted_podname.podspec
|
65
75
|
- spec/mocks/with_allowed_in_subspec.podspec
|
76
|
+
- spec/mocks/with_allowed_subspec.podspec
|
77
|
+
- spec/mocks/with_expired_dependencies.podspec
|
66
78
|
- spec/mocks/with_fixed_version.podspec
|
79
|
+
- spec/mocks/with_more_than_one_version_in_subspec.podspec
|
67
80
|
- spec/mocks/with_not_allowed_in_subspec.podspec
|
81
|
+
- spec/mocks/with_not_allowed_subspec.podspec
|
82
|
+
- spec/mocks/with_not_yet_expired_dependencies.podspec
|
83
|
+
- spec/mocks/with_similar_name_not_allowed.podspec
|
68
84
|
- spec/mocks/with_two_requirement.podspec
|
85
|
+
- spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec
|
86
|
+
- spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec
|
87
|
+
- spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec
|
69
88
|
- spec/mocks/without_dependencies.podspec
|
70
89
|
- spec/mocks/without_version.podspec
|
90
|
+
- spec/source_validator_spec.rb
|
71
91
|
- spec/spec_helper.rb
|
92
|
+
- spec/whitelist_resolver_spec.rb
|
72
93
|
- spec/whitelist_spec.rb
|
73
94
|
homepage: https://github.com/mercadolibre/mobile-cocoapods_whitelist
|
74
95
|
licenses:
|
75
96
|
- MIT
|
76
97
|
metadata: {}
|
77
|
-
post_install_message:
|
98
|
+
post_install_message:
|
78
99
|
rdoc_options: []
|
79
100
|
require_paths:
|
80
101
|
- lib
|
81
102
|
required_ruby_version: !ruby/object:Gem::Requirement
|
82
103
|
requirements:
|
83
|
-
- -
|
104
|
+
- - ">="
|
84
105
|
- !ruby/object:Gem::Version
|
85
106
|
version: '0'
|
86
107
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
87
108
|
requirements:
|
88
|
-
- -
|
109
|
+
- - ">="
|
89
110
|
- !ruby/object:Gem::Version
|
90
111
|
version: '0'
|
91
112
|
requirements: []
|
92
|
-
|
93
|
-
|
94
|
-
signing_key:
|
113
|
+
rubygems_version: 3.0.9
|
114
|
+
signing_key:
|
95
115
|
specification_version: 4
|
96
116
|
summary: A longer description of cocoapods-whitelist.
|
97
117
|
test_files:
|
118
|
+
- spec/mocks/bad_name.podspec
|
98
119
|
- spec/mocks/free_version.podspec
|
99
120
|
- spec/mocks/major_version_fixed.podspec
|
100
121
|
- spec/mocks/not_allowed.podspec
|
101
122
|
- spec/mocks/whitelist.json
|
123
|
+
- spec/mocks/whitelist_with_expired_dependencies.json
|
124
|
+
- spec/mocks/whitelisted_podname.podspec
|
102
125
|
- spec/mocks/with_allowed_in_subspec.podspec
|
126
|
+
- spec/mocks/with_allowed_subspec.podspec
|
127
|
+
- spec/mocks/with_expired_dependencies.podspec
|
103
128
|
- spec/mocks/with_fixed_version.podspec
|
129
|
+
- spec/mocks/with_more_than_one_version_in_subspec.podspec
|
104
130
|
- spec/mocks/with_not_allowed_in_subspec.podspec
|
131
|
+
- spec/mocks/with_not_allowed_subspec.podspec
|
132
|
+
- spec/mocks/with_not_yet_expired_dependencies.podspec
|
133
|
+
- spec/mocks/with_similar_name_not_allowed.podspec
|
105
134
|
- spec/mocks/with_two_requirement.podspec
|
135
|
+
- spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec
|
136
|
+
- spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec
|
137
|
+
- spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec
|
106
138
|
- spec/mocks/without_dependencies.podspec
|
107
139
|
- spec/mocks/without_version.podspec
|
140
|
+
- spec/source_validator_spec.rb
|
108
141
|
- spec/spec_helper.rb
|
142
|
+
- spec/whitelist_resolver_spec.rb
|
109
143
|
- spec/whitelist_spec.rb
|