cocoapods-whitelist 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile +1 -0
- data/Gemfile.lock +2 -2
- data/lib/cocoapods-whitelist/command/whitelist.rb +22 -1
- data/lib/cocoapods-whitelist/exclude/excluded.json +5 -0
- data/lib/cocoapods-whitelist/gem_version.rb +1 -1
- data/lib/cocoapods-whitelist/hook/resolver.rb +16 -6
- data/lib/cocoapods-whitelist/model/validation_excluded.rb +15 -0
- metadata +5 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6da1231f35d7f1c52238b04c2768d659be74cd24d77e47dbfc01d412b78fdb96
|
|
4
|
+
data.tar.gz: b26d0408060bc95c389c13cca463ba0ae53c40c0fe2cf406e064018cc2640ee6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cdeea15ed4860699ba65725fb5088c7c9072e0cf1fb1c9719855ebc0c6bfe9451aad0069422a886788f5bf35e6d12d4837eefd2d4d86d823d42db644fc80dcac
|
|
7
|
+
data.tar.gz: 5ea2bdfc77748180a2e0dc4fb0053d932edcaec433ce821a2abd39e269f451119ac4f94682257c2d214e814f0b4d6767adea628230987c3fec398d34f3546574
|
data/CHANGELOG.md
CHANGED
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
require 'open-uri'
|
|
2
|
+
require 'json'
|
|
2
3
|
require_relative '../client/whitelist_resolver'
|
|
4
|
+
require_relative '../model/validation_excluded'
|
|
3
5
|
|
|
4
6
|
POD_NAME_REGEX = /^([^\/]+)(?:\/.*)*$/
|
|
5
7
|
POD_BASE_REGEX_POSITION = 0
|
|
@@ -42,6 +44,7 @@ module Pod
|
|
|
42
44
|
def run
|
|
43
45
|
prepare_outfile
|
|
44
46
|
whitelist = WhitelistResolver.instance.get_whitelist(@whitelist_url)
|
|
47
|
+
load_excluded()
|
|
45
48
|
specifications = get_podspec_specifications
|
|
46
49
|
|
|
47
50
|
if specifications.empty?
|
|
@@ -50,7 +53,10 @@ module Pod
|
|
|
50
53
|
end
|
|
51
54
|
|
|
52
55
|
specifications.map do |specification|
|
|
53
|
-
|
|
56
|
+
unless @excluded_list.one? {|excluded| excluded.name == specification.name }
|
|
57
|
+
Pod::UI.notice "#{specification.name} validating"
|
|
58
|
+
validate_dependencies(JSON.parse(specification.to_json), whitelist)
|
|
59
|
+
end
|
|
54
60
|
end
|
|
55
61
|
|
|
56
62
|
show_result_message
|
|
@@ -157,6 +163,21 @@ module Pod
|
|
|
157
163
|
FileUtils.mkdir_p(File.dirname(@outfile))
|
|
158
164
|
end
|
|
159
165
|
end
|
|
166
|
+
## Load a list of pods excluded from the validations, wrapped in ValidationExcluded.
|
|
167
|
+
def load_excluded
|
|
168
|
+
path = File.expand_path("../../exclude/excluded.json", __FILE__)
|
|
169
|
+
Pod::UI.notice "Path for excluded list is @:#{path}"
|
|
170
|
+
file = File.read(path)
|
|
171
|
+
@excluded_list = parse_excluded(file)
|
|
172
|
+
@excluded_list_loaded = true
|
|
173
|
+
end
|
|
174
|
+
## Aux function to populate the ValidationExcluded models from the JSON data.
|
|
175
|
+
def parse_excluded(list)
|
|
176
|
+
json = JSON.parse(list)
|
|
177
|
+
return json.map { |excluded|
|
|
178
|
+
ValidationExcluded.new(excluded['name'], excluded['rules'])
|
|
179
|
+
}
|
|
180
|
+
end
|
|
160
181
|
|
|
161
182
|
end
|
|
162
183
|
end
|
|
@@ -10,25 +10,35 @@ module Pod
|
|
|
10
10
|
## If you have a dependency problem, then no specification is returned from :search_for
|
|
11
11
|
specifications = original_search_for(dependency)
|
|
12
12
|
|
|
13
|
-
valid_specifications = validate_dependency(dependency,specifications)
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
13
|
+
valid_specifications = validate_dependency(dependency, specifications)
|
|
14
|
+
|
|
15
|
+
## If we have removed some specifications due to dependency injection, inform the user once.
|
|
16
|
+
if valid_specifications.size != specifications.size and !informed_di_set.include?(dependency.root_name)
|
|
17
|
+
Pod::UI.puts "WARNING: More than 1 specification for dependency #{dependency.root_name} was found. Using private source.".yellow
|
|
18
|
+
informed_di_set.add(dependency.root_name)
|
|
17
19
|
end
|
|
18
20
|
|
|
19
21
|
valid_specifications
|
|
20
22
|
end
|
|
21
23
|
|
|
24
|
+
private
|
|
25
|
+
|
|
22
26
|
# Returns the valids specifications for a given dependency
|
|
23
27
|
# Params:
|
|
24
28
|
# +dependency+:: dependency to be validated
|
|
25
29
|
# +specifications+:: potencial unsecure specs
|
|
26
|
-
# @
|
|
30
|
+
# @returns the result of the validation
|
|
27
31
|
def validate_dependency(dependency, specifications)
|
|
28
32
|
private_sources = get_private_sources()
|
|
29
33
|
SourceHelper.instance.setup(sources, private_sources) unless SourceHelper.instance.is_filled
|
|
30
34
|
validator = SourceValidator.new(SourceHelper.instance.specs, private_sources)
|
|
31
|
-
return validator.filter_dependency(dependency.root_name, specifications)
|
|
35
|
+
return validator.filter_dependency(dependency.root_name, specifications)
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
# A set where we save the dependencies which already informed of a dependency injection.
|
|
39
|
+
# @returns a set of dependency_name
|
|
40
|
+
def informed_di_set
|
|
41
|
+
@invalid_specifications_set ||= Set.new
|
|
32
42
|
end
|
|
33
43
|
end
|
|
34
44
|
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
## Defines the structure for a pod excluding validations.
|
|
2
|
+
# @name matches the name of the pod name/ the specification filename excluding the extension.
|
|
3
|
+
class ValidationExcluded
|
|
4
|
+
attr_accessor :name
|
|
5
|
+
attr_accessor :excluded_rules
|
|
6
|
+
|
|
7
|
+
def initialize(name, excluding)
|
|
8
|
+
@name = name
|
|
9
|
+
@excluded_rules = excluding
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def excludes(rule)
|
|
13
|
+
return true
|
|
14
|
+
end
|
|
15
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cocoapods-whitelist
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mobile Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-03-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -58,12 +58,14 @@ files:
|
|
|
58
58
|
- lib/cocoapods-whitelist/client/whitelist_resolver.rb
|
|
59
59
|
- lib/cocoapods-whitelist/command.rb
|
|
60
60
|
- lib/cocoapods-whitelist/command/whitelist.rb
|
|
61
|
+
- lib/cocoapods-whitelist/exclude/excluded.json
|
|
61
62
|
- lib/cocoapods-whitelist/gem_version.rb
|
|
62
63
|
- lib/cocoapods-whitelist/helpers/source_helper.rb
|
|
63
64
|
- lib/cocoapods-whitelist/hook.rb
|
|
64
65
|
- lib/cocoapods-whitelist/hook/resolver.rb
|
|
65
66
|
- lib/cocoapods-whitelist/model/allowed_dependency.rb
|
|
66
67
|
- lib/cocoapods-whitelist/model/sources.rb
|
|
68
|
+
- lib/cocoapods-whitelist/model/validation_excluded.rb
|
|
67
69
|
- lib/cocoapods-whitelist/validator/source_validator.rb
|
|
68
70
|
- lib/cocoapods_plugin.rb
|
|
69
71
|
- spec/mocks/bad_name.podspec
|
|
@@ -112,7 +114,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
112
114
|
- !ruby/object:Gem::Version
|
|
113
115
|
version: '0'
|
|
114
116
|
requirements: []
|
|
115
|
-
rubygems_version: 3.
|
|
117
|
+
rubygems_version: 3.2.3
|
|
116
118
|
signing_key:
|
|
117
119
|
specification_version: 4
|
|
118
120
|
summary: A longer description of cocoapods-whitelist.
|