cocoapods-whitelist 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a49d340692ecaa352c48b9970b6820303342d5063364296512169b5a317c5db5
-  data.tar.gz: 7e0d1d9a788778ec9dfd2a934a5ef87f7ae12f13d15d3455336fdbcc66966563
+  metadata.gz: 6da1231f35d7f1c52238b04c2768d659be74cd24d77e47dbfc01d412b78fdb96
+  data.tar.gz: b26d0408060bc95c389c13cca463ba0ae53c40c0fe2cf406e064018cc2640ee6
 SHA512:
-  metadata.gz: b48688ae3e2269e569c949229aea2a10b10a617d30ddff8ebb3c905c02984910097076c51de843783077d54539fe9fe32a9411ae61539c27edb78d516cc140db
-  data.tar.gz: 51d17dc94984f8ef2fdcec75e79bb50ef3c0c922af9edeaf7ee3d23360dc47d17d3cc9add6a174357b6db11752faa30b1ced9a712163721217efd4687ce32b08
+  metadata.gz: cdeea15ed4860699ba65725fb5088c7c9072e0cf1fb1c9719855ebc0c6bfe9451aad0069422a886788f5bf35e6d12d4837eefd2d4d86d823d42db644fc80dcac
+  data.tar.gz: 5ea2bdfc77748180a2e0dc4fb0053d932edcaec433ce821a2abd39e269f451119ac4f94682257c2d214e814f0b4d6767adea628230987c3fec398d34f3546574

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.2.1
+### Changed
+- Improve dependency injection message to inform the local source is being used.
+
 ## 0.2.0
 ### Changed
 - Avoid using whitelist to validate dependencies source

data/Gemfile

@@ -9,4 +9,5 @@ group :development do
   gem 'bacon'
   gem 'mocha-on-bacon'
   gem 'prettybacon'
+  gem 'json'
 end

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    cocoapods-whitelist (0.1.0)
+    cocoapods-whitelist (0.2.0)
 
 GEM
   remote: https://rubygems.org/
@@ -109,4 +109,4 @@ DEPENDENCIES
   rake (~> 12.0)
 
 BUNDLED WITH
-   2.0.2
+   2.1.4

data/lib/cocoapods-whitelist/command/whitelist.rb

@@ -1,5 +1,7 @@
 require 'open-uri'
+require 'json'
 require_relative '../client/whitelist_resolver'
+require_relative '../model/validation_excluded'
 
 POD_NAME_REGEX = /^([^\/]+)(?:\/.*)*$/
 POD_BASE_REGEX_POSITION = 0
@@ -42,6 +44,7 @@ module Pod
       def run
         prepare_outfile
         whitelist = WhitelistResolver.instance.get_whitelist(@whitelist_url)
+        load_excluded()
         specifications = get_podspec_specifications
 
         if specifications.empty?
@@ -50,7 +53,10 @@ module Pod
         end
 
         specifications.map do |specification|
-          validate_dependencies(JSON.parse(specification.to_json), whitelist)
+          unless @excluded_list.one? {|excluded| excluded.name == specification.name }
+            Pod::UI.notice "#{specification.name} validating"
+            validate_dependencies(JSON.parse(specification.to_json), whitelist)
+          end
         end
 
         show_result_message
@@ -157,6 +163,21 @@ module Pod
           FileUtils.mkdir_p(File.dirname(@outfile))
         end
       end
+      ## Load a list of pods excluded from the validations, wrapped in ValidationExcluded.
+      def load_excluded
+        path = File.expand_path("../../exclude/excluded.json", __FILE__)
+        Pod::UI.notice "Path for excluded list is @:#{path}"
+        file = File.read(path)
+        @excluded_list = parse_excluded(file)
+        @excluded_list_loaded = true
+      end
+      ## Aux function to populate the ValidationExcluded models from the JSON data.
+      def parse_excluded(list)
+        json = JSON.parse(list)
+        return json.map { |excluded|
+            ValidationExcluded.new(excluded['name'], excluded['rules'])
+        }
+      end
 
     end
   end

data/lib/cocoapods-whitelist/exclude/excluded.json

@@ -0,0 +1,5 @@
+[
+	{ "name": "EverestLibs",
+	  "rules": []	
+	}
+]

data/lib/cocoapods-whitelist/gem_version.rb

@@ -1,3 +1,3 @@
 module CocoapodsWhitelist
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

data/lib/cocoapods-whitelist/hook/resolver.rb

@@ -10,25 +10,35 @@ module Pod
             ## If you have a dependency problem, then no specification is returned from :search_for
             specifications = original_search_for(dependency)
 
-            valid_specifications = validate_dependency(dependency,specifications)
-            if valid_specifications.size != specifications.size 
-                Pod::UI.puts "WARNING: More than 1 specification for dependency #{dependency.root_name} was found.".yellow
-                Pod::UI.puts "WARNING: Check if this could be a potencial dependency inyection".red
+            valid_specifications = validate_dependency(dependency, specifications)
+
+            ## If we have removed some specifications due to dependency injection, inform the user once.
+            if valid_specifications.size != specifications.size and !informed_di_set.include?(dependency.root_name)
+                Pod::UI.puts "WARNING: More than 1 specification for dependency #{dependency.root_name} was found. Using private source.".yellow
+                informed_di_set.add(dependency.root_name)
             end
 
             valid_specifications
         end
 
+        private
+
         # Returns the valids specifications for a given dependency
         # Params:
         # +dependency+:: dependency to be validated
         # +specifications+:: potencial unsecure specs
-        # @returs the result of the validation
+        # @returns the result of the validation
         def validate_dependency(dependency, specifications)
             private_sources = get_private_sources()
             SourceHelper.instance.setup(sources, private_sources) unless SourceHelper.instance.is_filled
             validator = SourceValidator.new(SourceHelper.instance.specs, private_sources)
-            return validator.filter_dependency(dependency.root_name, specifications) 
+            return validator.filter_dependency(dependency.root_name, specifications)
+        end
+
+        # A set where we save the dependencies which already informed of a dependency injection.
+        # @returns a set of dependency_name
+        def informed_di_set
+            @invalid_specifications_set ||= Set.new
         end
     end
 end

data/lib/cocoapods-whitelist/model/validation_excluded.rb

@@ -0,0 +1,15 @@
+## Defines the structure for a pod excluding validations.
+# @name matches the name of the pod name/ the specification filename excluding the extension.
+class ValidationExcluded
+    attr_accessor :name
+    attr_accessor :excluded_rules
+
+    def initialize(name, excluding)
+      @name = name
+      @excluded_rules = excluding
+    end
+
+    def excludes(rule)
+      return true
+    end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cocoapods-whitelist
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Mobile Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-04-16 00:00:00.000000000 Z
+date: 2023-03-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -58,12 +58,14 @@ files:
 - lib/cocoapods-whitelist/client/whitelist_resolver.rb
 - lib/cocoapods-whitelist/command.rb
 - lib/cocoapods-whitelist/command/whitelist.rb
+- lib/cocoapods-whitelist/exclude/excluded.json
 - lib/cocoapods-whitelist/gem_version.rb
 - lib/cocoapods-whitelist/helpers/source_helper.rb
 - lib/cocoapods-whitelist/hook.rb
 - lib/cocoapods-whitelist/hook/resolver.rb
 - lib/cocoapods-whitelist/model/allowed_dependency.rb
 - lib/cocoapods-whitelist/model/sources.rb
+- lib/cocoapods-whitelist/model/validation_excluded.rb
 - lib/cocoapods-whitelist/validator/source_validator.rb
 - lib/cocoapods_plugin.rb
 - spec/mocks/bad_name.podspec
@@ -112,7 +114,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.9
+rubygems_version: 3.2.3
 signing_key:
 specification_version: 4
 summary: A longer description of cocoapods-whitelist.