cocoapods-whitelist 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile +1 -0
- data/Gemfile.lock +2 -2
- data/lib/cocoapods-whitelist/command/whitelist.rb +22 -1
- data/lib/cocoapods-whitelist/exclude/excluded.json +5 -0
- data/lib/cocoapods-whitelist/gem_version.rb +1 -1
- data/lib/cocoapods-whitelist/hook/resolver.rb +16 -6
- data/lib/cocoapods-whitelist/model/validation_excluded.rb +15 -0
- metadata +5 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6da1231f35d7f1c52238b04c2768d659be74cd24d77e47dbfc01d412b78fdb96
|
4
|
+
data.tar.gz: b26d0408060bc95c389c13cca463ba0ae53c40c0fe2cf406e064018cc2640ee6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cdeea15ed4860699ba65725fb5088c7c9072e0cf1fb1c9719855ebc0c6bfe9451aad0069422a886788f5bf35e6d12d4837eefd2d4d86d823d42db644fc80dcac
|
7
|
+
data.tar.gz: 5ea2bdfc77748180a2e0dc4fb0053d932edcaec433ce821a2abd39e269f451119ac4f94682257c2d214e814f0b4d6767adea628230987c3fec398d34f3546574
|
data/CHANGELOG.md
CHANGED
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,5 +1,7 @@
|
|
1
1
|
require 'open-uri'
|
2
|
+
require 'json'
|
2
3
|
require_relative '../client/whitelist_resolver'
|
4
|
+
require_relative '../model/validation_excluded'
|
3
5
|
|
4
6
|
POD_NAME_REGEX = /^([^\/]+)(?:\/.*)*$/
|
5
7
|
POD_BASE_REGEX_POSITION = 0
|
@@ -42,6 +44,7 @@ module Pod
|
|
42
44
|
def run
|
43
45
|
prepare_outfile
|
44
46
|
whitelist = WhitelistResolver.instance.get_whitelist(@whitelist_url)
|
47
|
+
load_excluded()
|
45
48
|
specifications = get_podspec_specifications
|
46
49
|
|
47
50
|
if specifications.empty?
|
@@ -50,7 +53,10 @@ module Pod
|
|
50
53
|
end
|
51
54
|
|
52
55
|
specifications.map do |specification|
|
53
|
-
|
56
|
+
unless @excluded_list.one? {|excluded| excluded.name == specification.name }
|
57
|
+
Pod::UI.notice "#{specification.name} validating"
|
58
|
+
validate_dependencies(JSON.parse(specification.to_json), whitelist)
|
59
|
+
end
|
54
60
|
end
|
55
61
|
|
56
62
|
show_result_message
|
@@ -157,6 +163,21 @@ module Pod
|
|
157
163
|
FileUtils.mkdir_p(File.dirname(@outfile))
|
158
164
|
end
|
159
165
|
end
|
166
|
+
## Load a list of pods excluded from the validations, wrapped in ValidationExcluded.
|
167
|
+
def load_excluded
|
168
|
+
path = File.expand_path("../../exclude/excluded.json", __FILE__)
|
169
|
+
Pod::UI.notice "Path for excluded list is @:#{path}"
|
170
|
+
file = File.read(path)
|
171
|
+
@excluded_list = parse_excluded(file)
|
172
|
+
@excluded_list_loaded = true
|
173
|
+
end
|
174
|
+
## Aux function to populate the ValidationExcluded models from the JSON data.
|
175
|
+
def parse_excluded(list)
|
176
|
+
json = JSON.parse(list)
|
177
|
+
return json.map { |excluded|
|
178
|
+
ValidationExcluded.new(excluded['name'], excluded['rules'])
|
179
|
+
}
|
180
|
+
end
|
160
181
|
|
161
182
|
end
|
162
183
|
end
|
@@ -10,25 +10,35 @@ module Pod
|
|
10
10
|
## If you have a dependency problem, then no specification is returned from :search_for
|
11
11
|
specifications = original_search_for(dependency)
|
12
12
|
|
13
|
-
valid_specifications = validate_dependency(dependency,specifications)
|
14
|
-
|
15
|
-
|
16
|
-
|
13
|
+
valid_specifications = validate_dependency(dependency, specifications)
|
14
|
+
|
15
|
+
## If we have removed some specifications due to dependency injection, inform the user once.
|
16
|
+
if valid_specifications.size != specifications.size and !informed_di_set.include?(dependency.root_name)
|
17
|
+
Pod::UI.puts "WARNING: More than 1 specification for dependency #{dependency.root_name} was found. Using private source.".yellow
|
18
|
+
informed_di_set.add(dependency.root_name)
|
17
19
|
end
|
18
20
|
|
19
21
|
valid_specifications
|
20
22
|
end
|
21
23
|
|
24
|
+
private
|
25
|
+
|
22
26
|
# Returns the valids specifications for a given dependency
|
23
27
|
# Params:
|
24
28
|
# +dependency+:: dependency to be validated
|
25
29
|
# +specifications+:: potencial unsecure specs
|
26
|
-
# @
|
30
|
+
# @returns the result of the validation
|
27
31
|
def validate_dependency(dependency, specifications)
|
28
32
|
private_sources = get_private_sources()
|
29
33
|
SourceHelper.instance.setup(sources, private_sources) unless SourceHelper.instance.is_filled
|
30
34
|
validator = SourceValidator.new(SourceHelper.instance.specs, private_sources)
|
31
|
-
return validator.filter_dependency(dependency.root_name, specifications)
|
35
|
+
return validator.filter_dependency(dependency.root_name, specifications)
|
36
|
+
end
|
37
|
+
|
38
|
+
# A set where we save the dependencies which already informed of a dependency injection.
|
39
|
+
# @returns a set of dependency_name
|
40
|
+
def informed_di_set
|
41
|
+
@invalid_specifications_set ||= Set.new
|
32
42
|
end
|
33
43
|
end
|
34
44
|
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
## Defines the structure for a pod excluding validations.
|
2
|
+
# @name matches the name of the pod name/ the specification filename excluding the extension.
|
3
|
+
class ValidationExcluded
|
4
|
+
attr_accessor :name
|
5
|
+
attr_accessor :excluded_rules
|
6
|
+
|
7
|
+
def initialize(name, excluding)
|
8
|
+
@name = name
|
9
|
+
@excluded_rules = excluding
|
10
|
+
end
|
11
|
+
|
12
|
+
def excludes(rule)
|
13
|
+
return true
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cocoapods-whitelist
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mobile Team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-03-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -58,12 +58,14 @@ files:
|
|
58
58
|
- lib/cocoapods-whitelist/client/whitelist_resolver.rb
|
59
59
|
- lib/cocoapods-whitelist/command.rb
|
60
60
|
- lib/cocoapods-whitelist/command/whitelist.rb
|
61
|
+
- lib/cocoapods-whitelist/exclude/excluded.json
|
61
62
|
- lib/cocoapods-whitelist/gem_version.rb
|
62
63
|
- lib/cocoapods-whitelist/helpers/source_helper.rb
|
63
64
|
- lib/cocoapods-whitelist/hook.rb
|
64
65
|
- lib/cocoapods-whitelist/hook/resolver.rb
|
65
66
|
- lib/cocoapods-whitelist/model/allowed_dependency.rb
|
66
67
|
- lib/cocoapods-whitelist/model/sources.rb
|
68
|
+
- lib/cocoapods-whitelist/model/validation_excluded.rb
|
67
69
|
- lib/cocoapods-whitelist/validator/source_validator.rb
|
68
70
|
- lib/cocoapods_plugin.rb
|
69
71
|
- spec/mocks/bad_name.podspec
|
@@ -112,7 +114,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
112
114
|
- !ruby/object:Gem::Version
|
113
115
|
version: '0'
|
114
116
|
requirements: []
|
115
|
-
rubygems_version: 3.
|
117
|
+
rubygems_version: 3.2.3
|
116
118
|
signing_key:
|
117
119
|
specification_version: 4
|
118
120
|
summary: A longer description of cocoapods-whitelist.
|