cocoapods-whitelist 0.5.4 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8affa5e3095c8afa001a78a442fbe816cfad2a4556cfd25db4b542c2b54c2127
-  data.tar.gz: bfd9c8127291d9c7caf6259fcbfbed3eab3a962abdfd8b8ceb2d56db287951c8
+  metadata.gz: 9d685e7d3ecfd6024fdbb0b9577d62d53d280e7f346e14d48dc88e34a0e9784f
+  data.tar.gz: 7dbfabce7783d4ca5272b62247201cda5dcda61c507e8994496fc60d11e764e4
 SHA512:
-  metadata.gz: c6b0ab175f8f6a904ae83970802334fec321aedbf31d88464bcb48189b653c1665ec757acd2945266f99b5f7f32ad1e2b9291b4ea236c0e1e519dff9ae36ccfd
-  data.tar.gz: 9d3c298c7b2ac2971f3e24c7b7975eb8976531ed05462b6e805d83e78ef66353a2f3f03dee8ba78eb06151a5b7cd6e1cbf4cac91851b168303a8389c25ca0b28
+  metadata.gz: 254bbf0617736c0c8887f24a295d5fb17a8582be275d5d1bd70d1632ad4e8d1f96b04993b01fa49170fd054be1073c89a53cd0f39ece5dfa9c59e28379efdc66
+  data.tar.gz: f17cfb337c52ec7fb52daf2b6b212725bdffff2ebb07d7ce80d656941485a5c2303328f39fa977500b7fa5592579329c0cc21497ad5e345c521eb6befbb4e6e2

data/.circleci/config.yml

@@ -21,7 +21,7 @@ jobs:
           name: Run Build
           command: |
             bundle install --quiet --without static-dependencies 
-            gem build cocoapods-whitelist.gemspec --silent -q --backtrace
+            gem build cocoapods-allowlist.gemspec --silent -q --backtrace
             gem install *.gem --silent -q --backtrace
             rm -rf *.gem
             rm -rf Gemfile.lock

data/.pre-commit-config.yaml

@@ -6,10 +6,4 @@ repos:
       - id: pre_commit_hook
         stages: [commit]
       - id: post_commit_hook
-        stages: [post-commit]
-  - repo: https://github.com/melisource/fury_datasec-git-hooks
-    rev: 1.0.3
-    hooks:
-      - id: pre_commit_hook
-        stages: [commit]
-        verbose: true
+        stages: [post-commit]

data/.ruby-version

@@ -1 +1 @@
-2.7.4
+3.1.4

data/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 0.6.0
+### Added
+- Se agrega soporte para allowlist en melisource
+
+## 0.5.5
+### Fixed
+- Update private source spec repo URL to prioritize private sources over public sources in order to address potential Dependency Confusion vulnerability.
+
 ## 0.5.4
 ### Fixed
 - Changed the way dependencies are comparing by name: using regex instead of compare against the beginning of name
@@ -8,7 +16,7 @@
 
 ## 0.4.0
 ### Changed
-- Add "allows_granular_projects" flag to whitelist for support the projects specified
+- Add "allows_granular_projects" flag to allowlist for support the projects specified
 
 ## 0.2.1
 ### Changed
@@ -16,7 +24,7 @@
 
 ## 0.2.0
 ### Changed
-- Avoid using whitelist to validate dependencies source
+- Avoid using allowlist to validate dependencies source
 
 ## 0.1.0
 - Dependency Confusion validation implementation

data/Gemfile

@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-# Specify your gem's dependencies in cocoapods-whitelist.gemspec
+# Specify your gem's dependencies in cocoapods-allowlist.gemspec
 gemspec
 
 group :development do

data/Gemfile.lock

@@ -1,33 +1,44 @@
 PATH
   remote: .
   specs:
-    cocoapods-whitelist (0.5.4)
+    cocoapods-whitelist (0.6.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    CFPropertyList (3.0.6)
+    CFPropertyList (3.0.7)
+      base64
+      nkf
       rexml
-    activesupport (6.1.7.6)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+    activesupport (7.2.2)
+      base64
+      benchmark (>= 0.3)
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
-    addressable (2.8.5)
-      public_suffix (>= 2.0.2, < 6.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     algoliasearch (1.27.5)
       httpclient (~> 2.8, >= 2.8.3)
       json (>= 1.5.1)
     atomos (0.1.3)
     bacon (1.2.0)
+    base64 (0.2.0)
+    benchmark (0.4.0)
+    bigdecimal (3.1.8)
     claide (1.1.0)
-    cocoapods (1.13.0)
+    cocoapods (1.16.2)
       addressable (~> 2.8)
       claide (>= 1.0.2, < 2.0)
-      cocoapods-core (= 1.13.0)
+      cocoapods-core (= 1.16.2)
       cocoapods-deintegrate (>= 1.0.3, < 2.0)
-      cocoapods-downloader (>= 1.6.0, < 2.0)
+      cocoapods-downloader (>= 2.1, < 3.0)
       cocoapods-plugins (>= 1.0.0, < 2.0)
       cocoapods-search (>= 1.0.0, < 2.0)
       cocoapods-trunk (>= 1.6.0, < 2.0)
@@ -39,8 +50,8 @@ GEM
       molinillo (~> 0.8.0)
       nap (~> 1.0)
       ruby-macho (>= 2.3.0, < 3.0)
-      xcodeproj (>= 1.23.0, < 2.0)
-    cocoapods-core (1.13.0)
+      xcodeproj (>= 1.27.0, < 2.0)
+    cocoapods-core (1.16.2)
       activesupport (>= 5.0, < 8)
       addressable (~> 2.8)
       algoliasearch (~> 1.0)
@@ -51,7 +62,7 @@ GEM
       public_suffix (~> 4.0)
       typhoeus (~> 1.0)
     cocoapods-deintegrate (1.0.5)
-    cocoapods-downloader (1.6.3)
+    cocoapods-downloader (2.1)
     cocoapods-plugins (1.0.0)
       nap
     cocoapods-search (1.0.1)
@@ -60,50 +71,73 @@ GEM
       netrc (~> 0.11)
     cocoapods-try (1.2.0)
     colored2 (3.1.2)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.3.4)
+    connection_pool (2.4.1)
+    drb (2.2.1)
     escape (0.0.4)
     ethon (0.16.0)
       ffi (>= 1.15.0)
-    ffi (1.16.3)
+    ffi (1.17.0)
+    ffi (1.17.0-aarch64-linux-gnu)
+    ffi (1.17.0-aarch64-linux-musl)
+    ffi (1.17.0-arm-linux-gnu)
+    ffi (1.17.0-arm-linux-musl)
+    ffi (1.17.0-arm64-darwin)
+    ffi (1.17.0-x86-linux-gnu)
+    ffi (1.17.0-x86-linux-musl)
+    ffi (1.17.0-x86_64-darwin)
+    ffi (1.17.0-x86_64-linux-gnu)
+    ffi (1.17.0-x86_64-linux-musl)
     fourflusher (2.3.1)
     fuzzy_match (2.0.4)
     gh_inspector (1.1.3)
     httpclient (2.8.3)
-    i18n (1.14.1)
+    i18n (1.14.6)
       concurrent-ruby (~> 1.0)
-    json (2.6.3)
-    minitest (5.20.0)
-    mocha (2.1.0)
+    json (2.8.2)
+    logger (1.6.1)
+    minitest (5.25.2)
+    mocha (2.6.1)
       ruby2_keywords (>= 0.0.5)
     mocha-on-bacon (0.2.3)
       mocha (>= 0.13.0)
     molinillo (0.8.0)
-    nanaimo (0.3.0)
+    nanaimo (0.4.0)
     nap (1.1.0)
     netrc (0.11.0)
+    nkf (0.2.0)
     prettybacon (0.0.2)
       bacon (~> 1.2)
     public_suffix (4.0.7)
     rake (12.3.3)
-    rexml (3.2.6)
+    rexml (3.3.9)
     ruby-macho (2.5.1)
     ruby2_keywords (0.0.5)
-    typhoeus (1.4.0)
+    securerandom (0.3.2)
+    typhoeus (1.4.1)
       ethon (>= 0.9.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    xcodeproj (1.23.0)
+    xcodeproj (1.27.0)
       CFPropertyList (>= 2.3.3, < 4.0)
       atomos (~> 0.1.3)
       claide (>= 1.0.2, < 2.0)
       colored2 (~> 3.1)
-      nanaimo (~> 0.3.0)
-      rexml (~> 3.2.4)
-    zeitwerk (2.6.12)
+      nanaimo (~> 0.4.0)
+      rexml (>= 3.3.6, < 4.0)
 
 PLATFORMS
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux-gnu
+  arm-linux-musl
+  arm64-darwin
   ruby
-  universal-darwin-22
+  x86-linux-gnu
+  x86-linux-musl
+  x86_64-darwin
+  x86_64-linux-gnu
+  x86_64-linux-musl
 
 DEPENDENCIES
   bacon
@@ -117,4 +151,4 @@ DEPENDENCIES
   rake (~> 12.0)
 
 BUNDLED WITH
-   2.4.22
+   2.5.21

data/README.md

@@ -1,26 +1,26 @@
-# cocoapods-whitelist
+# cocoapods-allowlist
 
-Validate Podspec's dependencies against a whitelist of pods.
+Validate Podspec's dependencies against a allowlist of pods.
 
 ## Installation
 
-    $ gem install cocoapods-whitelist
+    $ gem install cocoapods-allowlist
 
 ## Usage
 
 - As a command
 ```
-$ pod whitelist [--podspec=PODSPEC] [--config=WHITELIST_FILE_OR_URL] [--outfile=PATH] [--fail-on-error]
+$ pod allowlist [--podspec=PODSPEC] [--config=ALLOWLIST_FILE_OR_URL] [--outfile=PATH] [--fail-on-error]
 ```
 
 - As plugin, add into the Podfile of your tests app
 ```
-  plugin 'cocoapods-whitelist'
+  plugin 'cocoapods-allowlist'
 ```
 
 If not Podspec is passed by parameter, the command search into the current and parent directory.
 
-You can specify a custom whitelist. By default use a whitelist hosted in [GitHub](https://github.com/mercadolibre/mobile-dependencies_whitelist/blob/master/ios-whitelist.json)
+You can specify a custom allowlist. By default use a allowlist hosted in [GitHub](https://github.com/melisource/fury_mobile-dependencies-allowlist/blob/master/ios-allowlist.json)
 
 By default exit with status 0, unless you add the parameter `--fail-on-error`
 
@@ -38,9 +38,9 @@ rake
 ### Publish in RubyGems
 1. Build
 ```
-gem build cocoapods-whitelist.gemspec
+gem build cocoapods-allowlist.gemspec
 ```
 2. Publish
 ```
-gem push cocoapods-whitelist-{version}.gem
+gem push cocoapods-allowlist-{version}.gem
 ```

data/cocoapods-whitelist.gemspec

@@ -1,15 +1,15 @@
 # coding: utf-8
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'cocoapods-whitelist/gem_version.rb'
+require 'cocoapods-allowlist/gem_version.rb'
 
 Gem::Specification.new do |spec|
   spec.name          = 'cocoapods-whitelist'
-  spec.version       = CocoapodsWhitelist::VERSION
+  spec.version       = CocoapodsAllowlist::VERSION
   spec.authors       = ['Mobile Team']
   spec.email         = ['mobile@mercadolibre.com']
-  spec.description   = %q{A short description of cocoapods-whitelist.}
-  spec.summary       = %q{A longer description of cocoapods-whitelist.}
+  spec.description   = %q{A short description of cocoapods-allowlist.}
+  spec.summary       = %q{A longer description of cocoapods-allowlist.}
   spec.homepage      = 'https://github.com/melisource/mobile-cocoapods_whitelist'
   spec.license       = 'MIT'
 

data/lib/cocoapods-allowlist/client/allowlist_resolver.rb

@@ -0,0 +1,84 @@
+
+require 'singleton'
+require 'open-uri'
+require 'json'
+require 'fileutils'
+require_relative '../helpers/git'
+require_relative '../model/allowed_dependency'
+require_relative '../helpers/config_url'
+
+class AllowlistResolver
+    include Singleton
+    attr_accessor :allowlist
+    attr_accessor :allowlist_loaded
+    attr_accessor :allowlist_url
+    attr_accessor :allowlist_directory
+    attr_accessor :allowlist_branch
+
+    def config 
+        @allowlist ||= []
+    end 
+
+    def initialize()
+        @allowlist_url = ConfigURL::ALLOWLIST_SSH
+        @allowlist_directory = nil
+        @allowlist_branch = "master"
+        load_allowlist()
+    end
+
+    def get_allowlist(allowlist_url = ConfigURL::ALLOWLIST_SSH)
+        @allowlist_loaded = @allowlist_url == allowlist_url
+        @allowlist_url = allowlist_url
+
+        load_allowlist() unless @allowlist_loaded
+        return @allowlist
+    end
+
+    def load_allowlist
+        begin
+            create_temp_directory
+            GitHelper.clone_from_branch(@allowlist_url, @allowlist_directory, @allowlist_branch)
+            file_path = File.join(@allowlist_directory, "ios-allowlist.json")
+
+            if File.exist?(file_path)
+                file = File.read(file_path)
+                @allowlist = parse_allowlist(file)
+                @allowlist_loaded = true
+            else
+                raise "File not found: #{file_path}"
+            end
+        rescue OpenURI::HTTPError => e
+            status = e.io.status.join(' ')
+            raise "Failed to fetch allowlist from '#{@allowlist_url}'.\n Error: #{status}"
+        rescue => e
+            raise "Failed to load allowlist: #{e.message}"
+        ensure
+            cleanup
+        end
+    end
+
+    def parse_allowlist(raw_allowlist)
+        json = JSON.parse(raw_allowlist)
+        return json["allowlist"].map { |dependencyJson|
+            AllowedDependency.new(
+                dependencyJson["name"],
+                dependencyJson["version"],
+                dependencyJson["expires"],
+                dependencyJson["source"],
+                dependencyJson["target"],
+                dependencyJson["allows_granular_projects"]
+            )
+        }
+    end
+
+    private
+
+    def create_temp_directory
+        @allowlist_directory ||= File.join(Dir.tmpdir, "allowlist")
+        FileUtils.mkdir_p(@allowlist_directory) unless File.exist?(@allowlist_directory)
+    end
+
+    def cleanup
+        FileUtils.rm_rf(@allowlist_directory) if @allowlist_directory && Dir.exist?(@allowlist_directory)
+    end
+end

data/lib/{cocoapods-whitelist/command/whitelist.rb → cocoapods-allowlist/command/allowlist.rb}

@@ -1,16 +1,15 @@
 require 'open-uri'
 require 'json'
-require_relative '../client/whitelist_resolver'
+require_relative '../client/allowlist_resolver'
 require_relative '../model/validation_excluded'
-
-DEFAULT_WHITELIST_URL = "https://raw.githubusercontent.com/mercadolibre/mobile-dependencies_whitelist/master/ios-whitelist.json"
+require_relative '../helpers/config_url'
 
 module Pod
   class Command
-    class Whitelist < Command
-      self.summary = "Validate Podspec's dependencies against a whitelist of pods."
+    class Allowlist < Command
+      self.summary = "Validate Podspec's dependencies against a allowlist of pods."
       self.description = <<-DESC
-        Validate Podspec's dependencies against a whitelist of pods.
+        Validate Podspec's dependencies against a allowlist of pods.
       DESC
 
       self.arguments = [ CLAide::Argument.new('config', false),
@@ -27,7 +26,7 @@ module Pod
       end
 
       def initialize(argv)
-        @whitelist_url = argv ? argv.option('config', DEFAULT_WHITELIST_URL) : DEFAULT_WHITELIST_URL
+        @allowlist_url = argv ? argv.option('config', ConfigURL::ALLOWLIST_SSH) : ConfigURL::ALLOWLIST_SSH
         @pospec_path = argv ? argv.option('podspec') : nil
         @fail_on_error = argv ? argv.flag?('fail-on-error') : false
         @outfile = argv ? argv.option('outfile') : nil
@@ -36,12 +35,12 @@ module Pod
       end
 
       def validate!
-        help! "A whitelist file or URL is needed." unless @whitelist_url
+        help! "A allowlist file or URL is needed." unless @allowlist_url
       end
 
       def run
         prepare_outfile
-        whitelist = WhitelistResolver.instance.get_whitelist(@whitelist_url)
+        allowlist = AllowlistResolver.instance.get_allowlist(@allowlist_url)
         load_excluded()
         specifications = get_podspec_specifications
 
@@ -53,7 +52,7 @@ module Pod
         specifications.map do |specification|
           unless @excluded_list.one? {|excluded| excluded.name == specification.name }
             Pod::UI.notice "#{specification.name} validating"
-            validate_dependencies(JSON.parse(specification.to_json), whitelist)
+            validate_dependencies(JSON.parse(specification.to_json), allowlist)
           end
         end
 
@@ -62,20 +61,21 @@ module Pod
 
       def show_result_message
         return unless @failure
-        message = "Please check your dependencies.\nYou can see the allowed dependencies at #{@whitelist_url}"
+        message = "Please check your dependencies.\nYou can see the allowed dependencies at #{ConfigURL::ALLOWLIST_URL}"
         show_error_message(message)
         if @fail_on_error
           raise Informative.new()
         end
       end
 
-      # Checks the dependencies the project contains are in the whitelist
-      def validate_dependencies(podspec, whitelist, parentName = nil)
+      # Checks the dependencies the project contains are in the allowlist
+      def validate_dependencies(podspec, allowlist, parentName = nil)
         pod_name = parentName ? "#{parentName}/#{podspec['name']}" : podspec['name']
         UI.puts "Verifying dependencies in #{pod_name}".green
 
         dependencies = podspec["dependencies"] ? podspec["dependencies"] : []
         not_allowed = []
+        alert_allowed = []
 
         dependencies.each do |name, versions|
           # Skip subspec dependency
@@ -83,11 +83,11 @@ module Pod
 
           if versions.length != 1
             not_allowed.push("#{name} (#{versions.join(", ")}) Reason: A specific version must be defined for every dependency (just one). " +
-            "Suggestion: find this dependency in your Podspec and add the version listed in the whitelist.")
+            "Suggestion: find this dependency in your Podspec and add the version listed in the allowlist.")
             next
           end
 
-          allowedDependency = whitelist.select { |item|
+          allowedDependency = allowlist.select { |item|
             (/^#{item.name}/ =~ name) && (!item.version || versions.grep(/#{item.version}/).any?) && (item.target == 'production')
           }
 
@@ -106,14 +106,19 @@ module Pod
             end
           
             # Checks if any of the allowed dependencies are expired, if so, fail with error
-            if dependency.expire?
-              not_allowed.push("#{name} Reason: Expired version. Please check the whitelist.")
+            if dependency.expired?
+              not_allowed.push("#{name} Reason: Expired version. Please check the allowlist.")
+            end
+
+            # Check if any of the allowed dependencies are close to expiring, if so, fail with error
+            if dependency.expiring?
+              alert_allowed.push("#{name} Reason: Version will expire in #{dependency.expires}. Please check your dependencies.")
             end
 
           }
           
           if allowedDependency.empty?
-            not_allowed.push("#{name} (#{versions.join(", ")}) Reason: Specified version hasn't match any whitelisted version or Pod name is not valid")
+            not_allowed.push("#{name} (#{versions.join(", ")}) Reason: Specified version hasn't match any allowlisted version or Pod name is not valid")
             next
           end
         end
@@ -127,10 +132,18 @@ module Pod
           UI.puts " OK".green
         end
 
+
+        if alert_allowed.any?          
+          show_error_message(" Warning: Found dependencies allowed that contain warnings:")
+          alert_allowed.each {|dependency| show_error_message("  - #{dependency}")}
+        else
+          UI.puts " OK".green
+        end
+
         # Validate subspecs dependencies
         if podspec["subspecs"]
           podspec["subspecs"].each do |subspec|
-            validate_dependencies(subspec, whitelist, pod_name)
+            validate_dependencies(subspec, allowlist, pod_name)
           end
         end
       end

data/lib/cocoapods-allowlist/command.rb

@@ -0,0 +1 @@
+require 'cocoapods-allowlist/command/allowlist'

data/lib/cocoapods-allowlist/gem_version.rb

@@ -0,0 +1,3 @@
+module CocoapodsAllowlist
+  VERSION = "0.6.0"
+end

data/lib/cocoapods-allowlist/helpers/config_url.rb

@@ -0,0 +1,4 @@
+module ConfigURL
+  ALLOWLIST_SSH = "git@github.com:melisource/fury_mobile-dependencies-allowlist.git"
+  ALLOWLIST_URL = "https://github.com/melisource/fury_mobile-dependencies-allowlist"
+end

data/lib/cocoapods-allowlist/helpers/git.rb

@@ -0,0 +1,16 @@
+require_relative '../utils/command'
+
+# For execute git commands
+class GitHelper
+    # Download from a specific branch
+    def self.clone_from_branch(url, destination, branch)
+        Command.execute("git clone --quiet --depth 1 -b #{branch} --single-branch #{url} #{destination}")
+    end
+
+    # Get the latest commit hash
+    def self.get_latest_commit(directory)
+        Dir.chdir(directory) do
+            Command.execute("git rev-parse HEAD").strip
+        end
+    end
+end

data/lib/cocoapods-allowlist/hook.rb

@@ -0,0 +1 @@
+require 'cocoapods-allowlist/hook/resolver'

data/lib/{cocoapods-whitelist → cocoapods-allowlist}/model/allowed_dependency.rb

@@ -1,25 +1,29 @@
 class AllowedDependency
     attr_accessor :name
     attr_accessor :version
-    attr_accessor :expire
+    attr_accessor :expires
     attr_accessor :source
     attr_accessor :target
     attr_accessor :allows_granular_projects
 
-    def initialize(name, version, expire, source, target, allows_granular_projects)
+    def initialize(name, version, expires, source, target, allows_granular_projects)
       @name = name
       @version = version
-      @expire = expire
+      @expires = expires
       @source = source
       @target = target
       @allows_granular_projects = allows_granular_projects
     end
   
-    def expire?
-      if @expire != nil
-        expire = DateTime.parse(@expire,"%Y-%m-%d")
-        return expire < DateTime.now
+    def expired?
+      if @expires != nil
+        expires = DateTime.parse(@expires,"%Y-%m-%d")
+        return expires < DateTime.now
       end
       return false
     end
+
+    def expiring?
+      return @expires != nil
+    end
 end

data/lib/cocoapods-allowlist/model/sources.rb

@@ -0,0 +1,3 @@
+def get_private_sources
+    [ "git@github.com:melisource/mobile-ios_specs.git" ] 
+end

data/lib/cocoapods-allowlist/utils/command.rb

@@ -0,0 +1,10 @@
+require 'open3'
+
+class Command
+
+    # This method is for execute commands in terminal
+    def self.execute(command)
+        Open3.capture3(command)
+    end
+
+end

data/lib/cocoapods-allowlist.rb

@@ -0,0 +1 @@
+require 'cocoapods-allowlist/gem_version'

data/lib/cocoapods_plugin.rb

@@ -1,9 +1,9 @@
-require 'cocoapods-whitelist/command'
-require 'cocoapods-whitelist/hook'
+require 'cocoapods-allowlist/command'
+require 'cocoapods-allowlist/hook'
 
-module Whitelist
+module Allowlist
   Pod::HooksManager.register('cocoapods-whitelist', :pre_install) do |context, options|
     argv = CLAide::ARGV.new(options)
-    Pod::Command::Whitelist.new(argv).run
+    Pod::Command::Allowlist.new(argv).run
   end
 end

data/spec/allowlist_resolver_spec.rb

@@ -0,0 +1,24 @@
+require File.expand_path('../spec_helper', __FILE__)
+
+ALLOWLIST_PATH = './spec/mocks/allowlist.json'
+
+describe AllowlistResolver do
+    describe 'functionality' do
+        it 'allowlist should be loaded from an specific url' do
+            allowlist = AllowlistResolver.instance.get_allowlist(ALLOWLIST_PATH)
+            allowlist.size.should.equal 11
+        end
+        
+        it 'if not URL is specified, allowlist comes from default URL' do
+            allowlist = AllowlistResolver.instance.get_allowlist
+            allowlist.should.not.empty?
+        end
+
+        it 'allowlist should not be loaded twice' do
+            AllowlistResolver.instance.get_allowlist(ALLOWLIST_PATH)
+            loaded = AllowlistResolver.instance.allowlist_loaded
+
+            loaded.should.be.true    
+        end
+    end
+end