cocoapods-whitelist 0.4.0 → 0.5.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.pre-commit-config.yaml +15 -0
- data/.ruby-version +1 -1
- data/CHANGELOG.md +8 -0
- data/Gemfile.lock +2 -1
- data/lib/cocoapods-whitelist/command/whitelist.rb +12 -14
- data/lib/cocoapods-whitelist/gem_version.rb +1 -1
- data/spec/mocks/allowed_with_granular.podspec +1 -0
- data/spec/mocks/not_allowed_with_granular_v2.podspec +13 -0
- data/spec/mocks/whitelist.json +23 -0
- data/spec/mocks/with_allowed_subspec_v2.podspec +14 -0
- data/spec/mocks/with_not_allowed_subspec_v2.podspec +14 -0
- data/spec/whitelist_resolver_spec.rb +1 -1
- data/spec/whitelist_spec.rb +34 -11
- metadata +16 -9
- /data/spec/mocks/{not_allowed_with_granular.podspec → not_allowed_with_granular_v1.podspec} +0 -0
- /data/spec/mocks/{with_allowed_subspec.podspec → with_allowed_subspec_v1.podspec} +0 -0
- /data/spec/mocks/{with_not_allowed_subspec.podspec → with_not_allowed_subspec_v1.podspec} +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8affa5e3095c8afa001a78a442fbe816cfad2a4556cfd25db4b542c2b54c2127
|
4
|
+
data.tar.gz: bfd9c8127291d9c7caf6259fcbfbed3eab3a962abdfd8b8ceb2d56db287951c8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c6b0ab175f8f6a904ae83970802334fec321aedbf31d88464bcb48189b653c1665ec757acd2945266f99b5f7f32ad1e2b9291b4ea236c0e1e519dff9ae36ccfd
|
7
|
+
data.tar.gz: 9d3c298c7b2ac2971f3e24c7b7975eb8976531ed05462b6e805d83e78ef66353a2f3f03dee8ba78eb06151a5b7cd6e1cbf4cac91851b168303a8389c25ca0b28
|
@@ -0,0 +1,15 @@
|
|
1
|
+
repos:
|
2
|
+
# Websec hook is MANDATORY, DO NOT comment it.
|
3
|
+
- repo: https://github.com/melisource/fury_websec-git-hooks
|
4
|
+
rev: v1.1.0
|
5
|
+
hooks:
|
6
|
+
- id: pre_commit_hook
|
7
|
+
stages: [commit]
|
8
|
+
- id: post_commit_hook
|
9
|
+
stages: [post-commit]
|
10
|
+
- repo: https://github.com/melisource/fury_datasec-git-hooks
|
11
|
+
rev: 1.0.3
|
12
|
+
hooks:
|
13
|
+
- id: pre_commit_hook
|
14
|
+
stages: [commit]
|
15
|
+
verbose: true
|
data/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
|
1
|
+
2.7.4
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,11 @@
|
|
1
|
+
## 0.5.4
|
2
|
+
### Fixed
|
3
|
+
- Changed the way dependencies are comparing by name: using regex instead of compare against the beginning of name
|
4
|
+
|
5
|
+
## 0.5.3
|
6
|
+
### Changed
|
7
|
+
- Get podspec specification functions changed to support KMP podspec path.
|
8
|
+
|
1
9
|
## 0.4.0
|
2
10
|
### Changed
|
3
11
|
- Add "allows_granular_projects" flag to whitelist for support the projects specified
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
cocoapods-whitelist (0.4
|
4
|
+
cocoapods-whitelist (0.5.4)
|
5
5
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
@@ -102,6 +102,7 @@ GEM
|
|
102
102
|
zeitwerk (2.6.12)
|
103
103
|
|
104
104
|
PLATFORMS
|
105
|
+
ruby
|
105
106
|
universal-darwin-22
|
106
107
|
|
107
108
|
DEPENDENCIES
|
@@ -3,8 +3,6 @@ require 'json'
|
|
3
3
|
require_relative '../client/whitelist_resolver'
|
4
4
|
require_relative '../model/validation_excluded'
|
5
5
|
|
6
|
-
POD_NAME_REGEX = /^([^\/]+)(?:\/.*)*$/
|
7
|
-
POD_BASE_REGEX_POSITION = 0
|
8
6
|
DEFAULT_WHITELIST_URL = "https://raw.githubusercontent.com/mercadolibre/mobile-dependencies_whitelist/master/ios-whitelist.json"
|
9
7
|
|
10
8
|
module Pod
|
@@ -47,7 +45,7 @@ module Pod
|
|
47
45
|
load_excluded()
|
48
46
|
specifications = get_podspec_specifications
|
49
47
|
|
50
|
-
if specifications.empty?
|
48
|
+
if specifications == nil || specifications.empty?
|
51
49
|
UI.puts "No Podspec found".yellow
|
52
50
|
return
|
53
51
|
end
|
@@ -90,7 +88,7 @@ module Pod
|
|
90
88
|
end
|
91
89
|
|
92
90
|
allowedDependency = whitelist.select { |item|
|
93
|
-
|
91
|
+
(/^#{item.name}/ =~ name) && (!item.version || versions.grep(/#{item.version}/).any?) && (item.target == 'production')
|
94
92
|
}
|
95
93
|
|
96
94
|
allowedDependency.each { |dependency|
|
@@ -141,17 +139,17 @@ module Pod
|
|
141
139
|
if @pospec_path
|
142
140
|
return [Pod::Specification.from_file(@pospec_path)]
|
143
141
|
end
|
144
|
-
|
145
|
-
# Search .podspec in
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
142
|
+
# 1 Arg = Search .podspec in current directory
|
143
|
+
# 2 Arg = Search .podspec in parent and sub directories. Some projects have Podfile into a subdirectory ("Example"), and run "pod install" from there.
|
144
|
+
# 3 Arg = Search .podspec in all directories
|
145
|
+
# 4 Arg = Search .podspec in parent and sub directories. Search is executed from children folder.
|
146
|
+
podspec_search_paths = ["./*.podspec", "../*.podspec", "./**/*.podspec", "../**/*.podspec"]
|
147
|
+
podspec_search_paths.each do |regex|
|
148
|
+
pod_specs = Dir.glob(regex)
|
149
|
+
if pod_specs.count != 0
|
150
|
+
return pod_specs.map { |path| Pod::Specification.from_file(path) }
|
151
|
+
end
|
152
152
|
end
|
153
|
-
|
154
|
-
return podspecs.map { |path| Pod::Specification.from_file(path) }
|
155
153
|
end
|
156
154
|
|
157
155
|
def show_error_message(message)
|
@@ -0,0 +1,13 @@
|
|
1
|
+
Pod::Spec.new do |s|
|
2
|
+
s.name = "MLCommons"
|
3
|
+
s.version = "3.17.0"
|
4
|
+
s.summary = "Componente de search"
|
5
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
6
|
+
s.license = "none"
|
7
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
8
|
+
s.platform = :ios, "7.0"
|
9
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
10
|
+
s.requires_arc = true
|
11
|
+
s.dependency 'AndesUI/SwiftUI', '~>5.1'
|
12
|
+
|
13
|
+
end
|
data/spec/mocks/whitelist.json
CHANGED
@@ -41,6 +41,29 @@
|
|
41
41
|
"allows_granular_projects": [
|
42
42
|
"MLSearch"
|
43
43
|
]
|
44
|
+
},
|
45
|
+
{
|
46
|
+
"name": "MercadoPagoSDKV4",
|
47
|
+
"version": null,
|
48
|
+
"target": "production"
|
49
|
+
},
|
50
|
+
{
|
51
|
+
"name": "AndesUI$",
|
52
|
+
"version": "^~>5.[0-9]+$",
|
53
|
+
"target": "production"
|
54
|
+
},
|
55
|
+
{
|
56
|
+
"name": "AndesUI/(Core|AndesCoachmark|AndesBottomSheet|AndesDropdown|AndesTimePicker)",
|
57
|
+
"version": "^~>5.[0-9]+$",
|
58
|
+
"target": "production"
|
59
|
+
},
|
60
|
+
{
|
61
|
+
"name": "AndesUI/SwiftUI",
|
62
|
+
"version": "^~>5.[0-9]+$",
|
63
|
+
"target": "production",
|
64
|
+
"allows_granular_projects": [
|
65
|
+
"MLSearch"
|
66
|
+
]
|
44
67
|
}
|
45
68
|
]
|
46
69
|
}
|
@@ -0,0 +1,14 @@
|
|
1
|
+
|
2
|
+
Pod::Spec.new do |s|
|
3
|
+
s.name = "MLSearch"
|
4
|
+
s.version = "3.17.0"
|
5
|
+
s.summary = "Componente de search"
|
6
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
7
|
+
s.license = "none"
|
8
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
9
|
+
s.platform = :ios, "7.0"
|
10
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
11
|
+
s.requires_arc = true
|
12
|
+
s.dependency 'AndesUI/Core', '~>5.0'
|
13
|
+
|
14
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
|
2
|
+
Pod::Spec.new do |s|
|
3
|
+
s.name = "MLSearch"
|
4
|
+
s.version = "3.17.0"
|
5
|
+
s.summary = "Componente de search"
|
6
|
+
s.homepage = "http://www.mercadolibre.com.ar"
|
7
|
+
s.license = "none"
|
8
|
+
s.author = { "Mobile team" => "mobile@mercadolibre.com" }
|
9
|
+
s.platform = :ios, "7.0"
|
10
|
+
s.source = { :git => "git@github.com:mercadolibre/search-ios.git", :tag => s.version.to_s }
|
11
|
+
s.requires_arc = true
|
12
|
+
s.dependency 'AndesUI/Icons', '~>5.0'
|
13
|
+
|
14
|
+
end
|
@@ -6,7 +6,7 @@ describe WhitelistResolver do
|
|
6
6
|
describe 'functionality' do
|
7
7
|
it 'whitelist should be loaded from an specific url' do
|
8
8
|
whitelist = WhitelistResolver.instance.get_whitelist(WHITELIST_PATH)
|
9
|
-
whitelist.size.should.equal
|
9
|
+
whitelist.size.should.equal 11
|
10
10
|
end
|
11
11
|
|
12
12
|
it 'if not URL is specified, whitelist comes from default URL' do
|
data/spec/whitelist_spec.rb
CHANGED
@@ -27,13 +27,13 @@ module Pod
|
|
27
27
|
lambda { command.run }.should.not.raise
|
28
28
|
end
|
29
29
|
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
30
|
+
it 'dependency with incorrect name should not be valid' do
|
31
|
+
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('Meli', '~>5.0')
|
32
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
33
|
+
specification = Pod::Specification.from_file('./spec/mocks/bad_name.podspec')
|
34
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
35
|
+
lambda { command.run }.should.raise Informative
|
36
|
+
end
|
37
37
|
|
38
38
|
it 'not allowed dependency should not be valid' do
|
39
39
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
@@ -100,15 +100,15 @@ module Pod
|
|
100
100
|
it 'subspec dependency allowed in the whitelist should be valid' do
|
101
101
|
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK/Error')
|
102
102
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
103
|
-
specification = Pod::Specification.from_file('./spec/mocks/
|
103
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec_v1.podspec')
|
104
104
|
command.expects(:get_podspec_specifications).returns([specification])
|
105
105
|
lambda { command.run }.should.not.raise
|
106
106
|
end
|
107
107
|
|
108
|
-
it '
|
108
|
+
it 'dependency not allowed in the whitelist should not be valid' do
|
109
109
|
# Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MyMeliSDK/Error')
|
110
110
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
111
|
-
specification = Pod::Specification.from_file('./spec/mocks/
|
111
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec_v1.podspec')
|
112
112
|
command.expects(:get_podspec_specifications).returns([specification])
|
113
113
|
lambda { command.run }.should.raise Informative
|
114
114
|
end
|
@@ -181,7 +181,30 @@ module Pod
|
|
181
181
|
|
182
182
|
it 'not allowed granular dependency should not be valid' do
|
183
183
|
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
184
|
-
specification = Pod::Specification.from_file('./spec/mocks/
|
184
|
+
specification = Pod::Specification.from_file('./spec/mocks/not_allowed_with_granular_v1.podspec')
|
185
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
186
|
+
lambda { command.run }.should.raise Informative
|
187
|
+
end
|
188
|
+
|
189
|
+
it 'not allowed granular subspec dependency should not be valid' do
|
190
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
191
|
+
specification = Pod::Specification.from_file('./spec/mocks/not_allowed_with_granular_v2.podspec')
|
192
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
193
|
+
lambda { command.run }.should.raise Informative
|
194
|
+
end
|
195
|
+
|
196
|
+
it 'subspec dependency allowed in the whitelist should be valid' do
|
197
|
+
# Whitelist: ('AndesUI/Core') | Podspec: ('AndesUI/Core')
|
198
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
199
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec_v2.podspec')
|
200
|
+
command.expects(:get_podspec_specifications).returns([specification])
|
201
|
+
lambda { command.run }.should.not.raise
|
202
|
+
end
|
203
|
+
|
204
|
+
it 'subspec dependency not allowed in the whitelist should not be valid' do
|
205
|
+
# Whitelist: ('AndesUI/Core') | Podspec: ('AndesUI/Icons')
|
206
|
+
command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
|
207
|
+
specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec_v2.podspec')
|
185
208
|
command.expects(:get_podspec_specifications).returns([specification])
|
186
209
|
lambda { command.run }.should.raise Informative
|
187
210
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cocoapods-whitelist
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4
|
4
|
+
version: 0.5.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mobile Team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-03-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -47,6 +47,7 @@ extra_rdoc_files: []
|
|
47
47
|
files:
|
48
48
|
- ".circleci/config.yml"
|
49
49
|
- ".gitignore"
|
50
|
+
- ".pre-commit-config.yaml"
|
50
51
|
- ".ruby-version"
|
51
52
|
- CHANGELOG.md
|
52
53
|
- Gemfile
|
@@ -74,17 +75,20 @@ files:
|
|
74
75
|
- spec/mocks/free_version.podspec
|
75
76
|
- spec/mocks/major_version_fixed.podspec
|
76
77
|
- spec/mocks/not_allowed.podspec
|
77
|
-
- spec/mocks/
|
78
|
+
- spec/mocks/not_allowed_with_granular_v1.podspec
|
79
|
+
- spec/mocks/not_allowed_with_granular_v2.podspec
|
78
80
|
- spec/mocks/whitelist.json
|
79
81
|
- spec/mocks/whitelist_with_expired_dependencies.json
|
80
82
|
- spec/mocks/whitelisted_podname.podspec
|
81
83
|
- spec/mocks/with_allowed_in_subspec.podspec
|
82
|
-
- spec/mocks/
|
84
|
+
- spec/mocks/with_allowed_subspec_v1.podspec
|
85
|
+
- spec/mocks/with_allowed_subspec_v2.podspec
|
83
86
|
- spec/mocks/with_expired_dependencies.podspec
|
84
87
|
- spec/mocks/with_fixed_version.podspec
|
85
88
|
- spec/mocks/with_more_than_one_version_in_subspec.podspec
|
86
89
|
- spec/mocks/with_not_allowed_in_subspec.podspec
|
87
|
-
- spec/mocks/
|
90
|
+
- spec/mocks/with_not_allowed_subspec_v1.podspec
|
91
|
+
- spec/mocks/with_not_allowed_subspec_v2.podspec
|
88
92
|
- spec/mocks/with_not_yet_expired_dependencies.podspec
|
89
93
|
- spec/mocks/with_similar_name_not_allowed.podspec
|
90
94
|
- spec/mocks/with_two_requirement.podspec
|
@@ -117,7 +121,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
117
121
|
- !ruby/object:Gem::Version
|
118
122
|
version: '0'
|
119
123
|
requirements: []
|
120
|
-
rubygems_version: 3.
|
124
|
+
rubygems_version: 3.1.6
|
121
125
|
signing_key:
|
122
126
|
specification_version: 4
|
123
127
|
summary: A longer description of cocoapods-whitelist.
|
@@ -127,17 +131,20 @@ test_files:
|
|
127
131
|
- spec/mocks/free_version.podspec
|
128
132
|
- spec/mocks/major_version_fixed.podspec
|
129
133
|
- spec/mocks/not_allowed.podspec
|
130
|
-
- spec/mocks/
|
134
|
+
- spec/mocks/not_allowed_with_granular_v1.podspec
|
135
|
+
- spec/mocks/not_allowed_with_granular_v2.podspec
|
131
136
|
- spec/mocks/whitelist.json
|
132
137
|
- spec/mocks/whitelist_with_expired_dependencies.json
|
133
138
|
- spec/mocks/whitelisted_podname.podspec
|
134
139
|
- spec/mocks/with_allowed_in_subspec.podspec
|
135
|
-
- spec/mocks/
|
140
|
+
- spec/mocks/with_allowed_subspec_v1.podspec
|
141
|
+
- spec/mocks/with_allowed_subspec_v2.podspec
|
136
142
|
- spec/mocks/with_expired_dependencies.podspec
|
137
143
|
- spec/mocks/with_fixed_version.podspec
|
138
144
|
- spec/mocks/with_more_than_one_version_in_subspec.podspec
|
139
145
|
- spec/mocks/with_not_allowed_in_subspec.podspec
|
140
|
-
- spec/mocks/
|
146
|
+
- spec/mocks/with_not_allowed_subspec_v1.podspec
|
147
|
+
- spec/mocks/with_not_allowed_subspec_v2.podspec
|
141
148
|
- spec/mocks/with_not_yet_expired_dependencies.podspec
|
142
149
|
- spec/mocks/with_similar_name_not_allowed.podspec
|
143
150
|
- spec/mocks/with_two_requirement.podspec
|
File without changes
|
File without changes
|
File without changes
|