cocoapods-whitelist 0.4.0 → 0.5.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ffc625c9e77a33e388bb3ab6aefa68a411c867566c5ce36b5940968379158392
-  data.tar.gz: cc94531be7b38d3083602ed904b1db8b5ff2a10fd754a2a231ee2a2cecbbbc3a
+  metadata.gz: 8affa5e3095c8afa001a78a442fbe816cfad2a4556cfd25db4b542c2b54c2127
+  data.tar.gz: bfd9c8127291d9c7caf6259fcbfbed3eab3a962abdfd8b8ceb2d56db287951c8
 SHA512:
-  metadata.gz: e0584e160d8a3d3882df0e6160ad4e6bd2618dda858b6bbe0bf29895dd65cfc664beff4984bf02dc8e5af66c5da53a37611bc23425575e57d4ef371154a6383b
-  data.tar.gz: f138505fea9899de8b1e5a91391071dc5b114f2520ffb4fa1f5a59ae2b01eed614db6320228ac72a967febfff5fae6beea0c0cb620b0188ac7306bcbbabba2cf
+  metadata.gz: c6b0ab175f8f6a904ae83970802334fec321aedbf31d88464bcb48189b653c1665ec757acd2945266f99b5f7f32ad1e2b9291b4ea236c0e1e519dff9ae36ccfd
+  data.tar.gz: 9d3c298c7b2ac2971f3e24c7b7975eb8976531ed05462b6e805d83e78ef66353a2f3f03dee8ba78eb06151a5b7cd6e1cbf4cac91851b168303a8389c25ca0b28

data/.pre-commit-config.yaml

@@ -0,0 +1,15 @@
+repos:
+  # Websec hook is MANDATORY, DO NOT comment it.
+  - repo: https://github.com/melisource/fury_websec-git-hooks
+    rev: v1.1.0
+    hooks:
+      - id: pre_commit_hook
+        stages: [commit]
+      - id: post_commit_hook
+        stages: [post-commit]
+  - repo: https://github.com/melisource/fury_datasec-git-hooks
+    rev: 1.0.3
+    hooks:
+      - id: pre_commit_hook
+        stages: [commit]
+        verbose: true

data/.ruby-version

@@ -1 +1 @@
-3.1.4
+2.7.4

data/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 0.5.4
+### Fixed
+- Changed the way dependencies are comparing by name: using regex instead of compare against the beginning of name
+
+## 0.5.3
+### Changed
+- Get podspec specification functions changed to support KMP podspec path.
+
 ## 0.4.0
 ### Changed
 - Add "allows_granular_projects" flag to whitelist for support the projects specified

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    cocoapods-whitelist (0.4.0)
+    cocoapods-whitelist (0.5.4)
 
 GEM
   remote: https://rubygems.org/
@@ -102,6 +102,7 @@ GEM
     zeitwerk (2.6.12)
 
 PLATFORMS
+  ruby
   universal-darwin-22
 
 DEPENDENCIES

data/lib/cocoapods-whitelist/command/whitelist.rb

@@ -3,8 +3,6 @@ require 'json'
 require_relative '../client/whitelist_resolver'
 require_relative '../model/validation_excluded'
 
-POD_NAME_REGEX = /^([^\/]+)(?:\/.*)*$/
-POD_BASE_REGEX_POSITION = 0
 DEFAULT_WHITELIST_URL = "https://raw.githubusercontent.com/mercadolibre/mobile-dependencies_whitelist/master/ios-whitelist.json"
 
 module Pod
@@ -47,7 +45,7 @@ module Pod
         load_excluded()
         specifications = get_podspec_specifications
 
-        if specifications.empty?
+        if specifications == nil || specifications.empty?
             UI.puts "No Podspec found".yellow
             return
         end
@@ -90,7 +88,7 @@ module Pod
           end
 
           allowedDependency = whitelist.select { |item|
-            name.start_with?(item.name.match(POD_NAME_REGEX).captures[POD_BASE_REGEX_POSITION]) && (!item.version || versions.grep(/#{item.version}/).any?) && (item.target == 'production')
+            (/^#{item.name}/ =~ name) && (!item.version || versions.grep(/#{item.version}/).any?) && (item.target == 'production')
           }
 
           allowedDependency.each { |dependency|
@@ -141,17 +139,17 @@ module Pod
         if @pospec_path
           return [Pod::Specification.from_file(@pospec_path)]
         end
-
-        # Search .podspec in current directory
-        podspecs = Dir.glob("./*.podspec")
-
-        if podspecs.count == 0
-          # Search .podspec in parent directory.
-          # Some projects has Podfile into a subdirectory ("Example"), and run "pod install" from there.
-          podspecs = Dir.glob("../*.podspec")
+        # 1 Arg = Search .podspec in current directory
+        # 2 Arg = Search .podspec in parent and sub directories. Some projects have Podfile into a subdirectory ("Example"), and run "pod install" from there.
+        # 3 Arg = Search .podspec in all directories
+        # 4 Arg = Search .podspec in parent and sub directories. Search is executed from children folder.
+        podspec_search_paths = ["./*.podspec", "../*.podspec", "./**/*.podspec", "../**/*.podspec"]
+        podspec_search_paths.each do |regex|
+          pod_specs = Dir.glob(regex)
+          if pod_specs.count != 0
+            return pod_specs.map { |path|  Pod::Specification.from_file(path) }
+          end
         end
-
-        return podspecs.map { |path|  Pod::Specification.from_file(path) }
       end
 
       def show_error_message(message)

data/lib/cocoapods-whitelist/gem_version.rb

@@ -1,3 +1,3 @@
 module CocoapodsWhitelist
-  VERSION = "0.4.0"
+  VERSION = "0.5.4"
 end

data/spec/mocks/allowed_with_granular.podspec

@@ -9,5 +9,6 @@ Pod::Spec.new do |s|
   s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
   s.requires_arc = true
   s.dependency 'Analytics', '~>5.1'
+  s.dependency 'AndesUI/SwiftUI', '~>5.1'
 
 end

data/spec/mocks/not_allowed_with_granular_v2.podspec

@@ -0,0 +1,13 @@
+Pod::Spec.new do |s|
+  s.name         = "MLCommons"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+  s.dependency 'AndesUI/SwiftUI', '~>5.1'
+
+end

data/spec/mocks/whitelist.json

@@ -41,6 +41,29 @@
 			"allows_granular_projects": [
 				"MLSearch"
 			]
+		},
+		{
+			"name": "MercadoPagoSDKV4",
+			"version": null,
+			"target": "production"
+		},
+		{
+			"name": "AndesUI$",
+			"version": "^~>5.[0-9]+$",
+			"target": "production"
+		},
+		{
+			"name": "AndesUI/(Core|AndesCoachmark|AndesBottomSheet|AndesDropdown|AndesTimePicker)",
+			"version": "^~>5.[0-9]+$",
+			"target": "production"
+		},
+		{
+			"name": "AndesUI/SwiftUI",
+			"version": "^~>5.[0-9]+$",
+			"target": "production",
+			"allows_granular_projects": [
+				"MLSearch"
+			]
 		}
 	]
 }

data/spec/mocks/with_allowed_subspec_v2.podspec

@@ -0,0 +1,14 @@
+
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+  s.dependency 'AndesUI/Core', '~>5.0'
+
+end

data/spec/mocks/with_not_allowed_subspec_v2.podspec

@@ -0,0 +1,14 @@
+
+Pod::Spec.new do |s|
+  s.name         = "MLSearch"
+  s.version      = "3.17.0"
+  s.summary      = "Componente de search"
+  s.homepage     = "http://www.mercadolibre.com.ar"
+  s.license      = "none"
+  s.author       = { "Mobile team" => "mobile@mercadolibre.com" }
+  s.platform     = :ios, "7.0"
+  s.source       = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
+  s.requires_arc = true
+  s.dependency 'AndesUI/Icons', '~>5.0'
+
+end

data/spec/whitelist_resolver_spec.rb

@@ -6,7 +6,7 @@ describe WhitelistResolver do
     describe 'functionality' do
         it 'whitelist should be loaded from an specific url' do
             whitelist = WhitelistResolver.instance.get_whitelist(WHITELIST_PATH)
-            whitelist.size.should.equal 7
+            whitelist.size.should.equal 11
         end
         
         it 'if not URL is specified, whitelist comes from default URL' do

data/spec/whitelist_spec.rb

@@ -27,13 +27,13 @@ module Pod
         lambda { command.run }.should.not.raise
       end
 
-      # it 'dependency with incorrect name should not be valid' do
-      #   # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('Meli', '~>5.0')
-      #   command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
-      #   specification = Pod::Specification.from_file('./spec/mocks/bad_name.podspec')
-      #   command.expects(:get_podspec_specifications).returns([specification])
-      #   lambda { command.run }.should.raise Informative
-      # end
+      it 'dependency with incorrect name should not be valid' do
+        # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('Meli', '~>5.0')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/bad_name.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.raise Informative
+      end
 
       it 'not allowed dependency should not be valid' do
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
@@ -100,15 +100,15 @@ module Pod
       it 'subspec dependency allowed in the whitelist should be valid' do
         # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK/Error')
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
-        specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec.podspec')
+        specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec_v1.podspec')
         command.expects(:get_podspec_specifications).returns([specification])
         lambda { command.run }.should.not.raise
       end
 
-      it 'subspec dependency not allowed in the whitelist should not be valid' do
+      it 'dependency not allowed in the whitelist should not be valid' do
         # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MyMeliSDK/Error')
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
-        specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec.podspec')
+        specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec_v1.podspec')
         command.expects(:get_podspec_specifications).returns([specification])
         lambda { command.run }.should.raise Informative
       end
@@ -181,7 +181,30 @@ module Pod
 
       it 'not allowed granular dependency should not be valid' do
         command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
-        specification = Pod::Specification.from_file('./spec/mocks/not_allowed_with_granular.podspec')
+        specification = Pod::Specification.from_file('./spec/mocks/not_allowed_with_granular_v1.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.raise Informative
+      end
+
+      it 'not allowed granular subspec dependency should not be valid' do
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/not_allowed_with_granular_v2.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.raise Informative
+      end
+
+      it 'subspec dependency allowed in the whitelist should be valid' do
+        # Whitelist: ('AndesUI/Core') | Podspec: ('AndesUI/Core')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec_v2.podspec')
+        command.expects(:get_podspec_specifications).returns([specification])
+        lambda { command.run }.should.not.raise
+      end
+
+      it 'subspec dependency not allowed in the whitelist should not be valid' do
+        # Whitelist: ('AndesUI/Core') | Podspec: ('AndesUI/Icons')
+        command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
+        specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec_v2.podspec')
         command.expects(:get_podspec_specifications).returns([specification])
         lambda { command.run }.should.raise Informative
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cocoapods-whitelist
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.4
 platform: ruby
 authors:
 - Mobile Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-28 00:00:00.000000000 Z
+date: 2024-03-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -47,6 +47,7 @@ extra_rdoc_files: []
 files:
 - ".circleci/config.yml"
 - ".gitignore"
+- ".pre-commit-config.yaml"
 - ".ruby-version"
 - CHANGELOG.md
 - Gemfile
@@ -74,17 +75,20 @@ files:
 - spec/mocks/free_version.podspec
 - spec/mocks/major_version_fixed.podspec
 - spec/mocks/not_allowed.podspec
-- spec/mocks/not_allowed_with_granular.podspec
+- spec/mocks/not_allowed_with_granular_v1.podspec
+- spec/mocks/not_allowed_with_granular_v2.podspec
 - spec/mocks/whitelist.json
 - spec/mocks/whitelist_with_expired_dependencies.json
 - spec/mocks/whitelisted_podname.podspec
 - spec/mocks/with_allowed_in_subspec.podspec
-- spec/mocks/with_allowed_subspec.podspec
+- spec/mocks/with_allowed_subspec_v1.podspec
+- spec/mocks/with_allowed_subspec_v2.podspec
 - spec/mocks/with_expired_dependencies.podspec
 - spec/mocks/with_fixed_version.podspec
 - spec/mocks/with_more_than_one_version_in_subspec.podspec
 - spec/mocks/with_not_allowed_in_subspec.podspec
-- spec/mocks/with_not_allowed_subspec.podspec
+- spec/mocks/with_not_allowed_subspec_v1.podspec
+- spec/mocks/with_not_allowed_subspec_v2.podspec
 - spec/mocks/with_not_yet_expired_dependencies.podspec
 - spec/mocks/with_similar_name_not_allowed.podspec
 - spec/mocks/with_two_requirement.podspec
@@ -117,7 +121,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: A longer description of cocoapods-whitelist.
@@ -127,17 +131,20 @@ test_files:
 - spec/mocks/free_version.podspec
 - spec/mocks/major_version_fixed.podspec
 - spec/mocks/not_allowed.podspec
-- spec/mocks/not_allowed_with_granular.podspec
+- spec/mocks/not_allowed_with_granular_v1.podspec
+- spec/mocks/not_allowed_with_granular_v2.podspec
 - spec/mocks/whitelist.json
 - spec/mocks/whitelist_with_expired_dependencies.json
 - spec/mocks/whitelisted_podname.podspec
 - spec/mocks/with_allowed_in_subspec.podspec
-- spec/mocks/with_allowed_subspec.podspec
+- spec/mocks/with_allowed_subspec_v1.podspec
+- spec/mocks/with_allowed_subspec_v2.podspec
 - spec/mocks/with_expired_dependencies.podspec
 - spec/mocks/with_fixed_version.podspec
 - spec/mocks/with_more_than_one_version_in_subspec.podspec
 - spec/mocks/with_not_allowed_in_subspec.podspec
-- spec/mocks/with_not_allowed_subspec.podspec
+- spec/mocks/with_not_allowed_subspec_v1.podspec
+- spec/mocks/with_not_allowed_subspec_v2.podspec
 - spec/mocks/with_not_yet_expired_dependencies.podspec
 - spec/mocks/with_similar_name_not_allowed.podspec
 - spec/mocks/with_two_requirement.podspec