cocoapods-whitelist 0.5.5 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +1 -1
  3. data/.pre-commit-config.yaml +1 -7
  4. data/CHANGELOG.md +6 -2
  5. data/Gemfile +1 -1
  6. data/Gemfile.lock +63 -29
  7. data/README.md +8 -8
  8. data/cocoapods-whitelist.gemspec +4 -4
  9. data/lib/cocoapods-allowlist/client/allowlist_resolver.rb +84 -0
  10. data/lib/{cocoapods-whitelist/command/whitelist.rb → cocoapods-allowlist/command/allowlist.rb} +32 -19
  11. data/lib/cocoapods-allowlist/command.rb +1 -0
  12. data/lib/cocoapods-allowlist/gem_version.rb +3 -0
  13. data/lib/cocoapods-allowlist/helpers/config_url.rb +4 -0
  14. data/lib/cocoapods-allowlist/helpers/git.rb +16 -0
  15. data/lib/cocoapods-allowlist/hook.rb +1 -0
  16. data/lib/{cocoapods-whitelist → cocoapods-allowlist}/model/allowed_dependency.rb +11 -7
  17. data/lib/cocoapods-allowlist/utils/command.rb +10 -0
  18. data/lib/cocoapods-allowlist.rb +1 -0
  19. data/lib/cocoapods_plugin.rb +4 -4
  20. data/spec/allowlist_resolver_spec.rb +24 -0
  21. data/spec/{whitelist_spec.rb → allowlist_spec.rb} +59 -59
  22. data/spec/mocks/{whitelist.json → allowlist.json} +3 -3
  23. data/spec/mocks/{whitelist_with_expired_dependencies.json → allowlist_with_expired_dependencies.json} +4 -4
  24. metadata +36 -33
  25. data/lib/cocoapods-whitelist/client/whitelist_resolver.rb +0 -54
  26. data/lib/cocoapods-whitelist/command.rb +0 -1
  27. data/lib/cocoapods-whitelist/gem_version.rb +0 -3
  28. data/lib/cocoapods-whitelist/hook.rb +0 -1
  29. data/lib/cocoapods-whitelist.rb +0 -1
  30. data/spec/whitelist_resolver_spec.rb +0 -24
  31. /data/lib/{cocoapods-whitelist → cocoapods-allowlist}/exclude/excluded.json +0 -0
  32. /data/lib/{cocoapods-whitelist → cocoapods-allowlist}/helpers/source_helper.rb +0 -0
  33. /data/lib/{cocoapods-whitelist → cocoapods-allowlist}/hook/resolver.rb +0 -0
  34. /data/lib/{cocoapods-whitelist → cocoapods-allowlist}/model/sources.rb +0 -0
  35. /data/lib/{cocoapods-whitelist → cocoapods-allowlist}/model/validation_excluded.rb +0 -0
  36. /data/lib/{cocoapods-whitelist → cocoapods-allowlist}/validator/source_validator.rb +0 -0
  37. /data/spec/mocks/{whitelisted_podname.podspec → allowlisted_podname.podspec} +0 -0
  38. /data/spec/mocks/{with_whitelisted_dependency_fixed_versions_v1.podspec → with_allowlisted_dependency_fixed_versions_v1.podspec} +0 -0
  39. /data/spec/mocks/{with_whitelisted_dependency_fixed_versions_v2.podspec → with_allowlisted_dependency_fixed_versions_v2.podspec} +0 -0
  40. /data/spec/mocks/{with_whitelisted_dependency_fixed_versions_variable.podspec → with_allowlisted_dependency_fixed_versions_variable.podspec} +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: be3cc02cfe363851d3557978df76db710357563f06ccc737d92f1fb459551690
4
- data.tar.gz: 7a4126cc964d3bfff3f72b021595158fd7c773cda14816921c6b98a81d09dc52
3
+ metadata.gz: 9d685e7d3ecfd6024fdbb0b9577d62d53d280e7f346e14d48dc88e34a0e9784f
4
+ data.tar.gz: 7dbfabce7783d4ca5272b62247201cda5dcda61c507e8994496fc60d11e764e4
5
5
  SHA512:
6
- metadata.gz: '04942cc1897281a5faaf62cb7c4ca472adc3fc9062e1c4584eb2947b94baa64c1d4b638831b3856cdc278a6cc5c716c9a49a9bc9ca77a5f1eb9c930231f6e452'
7
- data.tar.gz: cd8c782f138e868610fe79f7ef9f009a8e478a14b08e90b6979e992c41f3c3227deaa65f99528adb8e04e8571b627f1c0fed45913eb66076c94d4cc4ccbe7771
6
+ metadata.gz: 254bbf0617736c0c8887f24a295d5fb17a8582be275d5d1bd70d1632ad4e8d1f96b04993b01fa49170fd054be1073c89a53cd0f39ece5dfa9c59e28379efdc66
7
+ data.tar.gz: f17cfb337c52ec7fb52daf2b6b212725bdffff2ebb07d7ce80d656941485a5c2303328f39fa977500b7fa5592579329c0cc21497ad5e345c521eb6befbb4e6e2
data/.circleci/config.yml CHANGED
@@ -21,7 +21,7 @@ jobs:
21
21
  name: Run Build
22
22
  command: |
23
23
  bundle install --quiet --without static-dependencies
24
- gem build cocoapods-whitelist.gemspec --silent -q --backtrace
24
+ gem build cocoapods-allowlist.gemspec --silent -q --backtrace
25
25
  gem install *.gem --silent -q --backtrace
26
26
  rm -rf *.gem
27
27
  rm -rf Gemfile.lock
@@ -6,10 +6,4 @@ repos:
6
6
  - id: pre_commit_hook
7
7
  stages: [commit]
8
8
  - id: post_commit_hook
9
- stages: [post-commit]
10
- - repo: https://github.com/melisource/fury_datasec-git-hooks
11
- rev: 1.0.3
12
- hooks:
13
- - id: pre_commit_hook
14
- stages: [commit]
15
- verbose: true
9
+ stages: [post-commit]
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 0.6.0
2
+ ### Added
3
+ - Se agrega soporte para allowlist en melisource
4
+
1
5
  ## 0.5.5
2
6
  ### Fixed
3
7
  - Update private source spec repo URL to prioritize private sources over public sources in order to address potential Dependency Confusion vulnerability.
@@ -12,7 +16,7 @@
12
16
 
13
17
  ## 0.4.0
14
18
  ### Changed
15
- - Add "allows_granular_projects" flag to whitelist for support the projects specified
19
+ - Add "allows_granular_projects" flag to allowlist for support the projects specified
16
20
 
17
21
  ## 0.2.1
18
22
  ### Changed
@@ -20,7 +24,7 @@
20
24
 
21
25
  ## 0.2.0
22
26
  ### Changed
23
- - Avoid using whitelist to validate dependencies source
27
+ - Avoid using allowlist to validate dependencies source
24
28
 
25
29
  ## 0.1.0
26
30
  - Dependency Confusion validation implementation
data/Gemfile CHANGED
@@ -1,6 +1,6 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
- # Specify your gem's dependencies in cocoapods-whitelist.gemspec
3
+ # Specify your gem's dependencies in cocoapods-allowlist.gemspec
4
4
  gemspec
5
5
 
6
6
  group :development do
data/Gemfile.lock CHANGED
@@ -1,33 +1,44 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- cocoapods-whitelist (0.5.5)
4
+ cocoapods-whitelist (0.6.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
8
8
  specs:
9
- CFPropertyList (3.0.6)
9
+ CFPropertyList (3.0.7)
10
+ base64
11
+ nkf
10
12
  rexml
11
- activesupport (6.1.7.6)
12
- concurrent-ruby (~> 1.0, >= 1.0.2)
13
+ activesupport (7.2.2)
14
+ base64
15
+ benchmark (>= 0.3)
16
+ bigdecimal
17
+ concurrent-ruby (~> 1.0, >= 1.3.1)
18
+ connection_pool (>= 2.2.5)
19
+ drb
13
20
  i18n (>= 1.6, < 2)
21
+ logger (>= 1.4.2)
14
22
  minitest (>= 5.1)
15
- tzinfo (~> 2.0)
16
- zeitwerk (~> 2.3)
17
- addressable (2.8.5)
18
- public_suffix (>= 2.0.2, < 6.0)
23
+ securerandom (>= 0.3)
24
+ tzinfo (~> 2.0, >= 2.0.5)
25
+ addressable (2.8.7)
26
+ public_suffix (>= 2.0.2, < 7.0)
19
27
  algoliasearch (1.27.5)
20
28
  httpclient (~> 2.8, >= 2.8.3)
21
29
  json (>= 1.5.1)
22
30
  atomos (0.1.3)
23
31
  bacon (1.2.0)
32
+ base64 (0.2.0)
33
+ benchmark (0.4.0)
34
+ bigdecimal (3.1.8)
24
35
  claide (1.1.0)
25
- cocoapods (1.13.0)
36
+ cocoapods (1.16.2)
26
37
  addressable (~> 2.8)
27
38
  claide (>= 1.0.2, < 2.0)
28
- cocoapods-core (= 1.13.0)
39
+ cocoapods-core (= 1.16.2)
29
40
  cocoapods-deintegrate (>= 1.0.3, < 2.0)
30
- cocoapods-downloader (>= 1.6.0, < 2.0)
41
+ cocoapods-downloader (>= 2.1, < 3.0)
31
42
  cocoapods-plugins (>= 1.0.0, < 2.0)
32
43
  cocoapods-search (>= 1.0.0, < 2.0)
33
44
  cocoapods-trunk (>= 1.6.0, < 2.0)
@@ -39,8 +50,8 @@ GEM
39
50
  molinillo (~> 0.8.0)
40
51
  nap (~> 1.0)
41
52
  ruby-macho (>= 2.3.0, < 3.0)
42
- xcodeproj (>= 1.23.0, < 2.0)
43
- cocoapods-core (1.13.0)
53
+ xcodeproj (>= 1.27.0, < 2.0)
54
+ cocoapods-core (1.16.2)
44
55
  activesupport (>= 5.0, < 8)
45
56
  addressable (~> 2.8)
46
57
  algoliasearch (~> 1.0)
@@ -51,7 +62,7 @@ GEM
51
62
  public_suffix (~> 4.0)
52
63
  typhoeus (~> 1.0)
53
64
  cocoapods-deintegrate (1.0.5)
54
- cocoapods-downloader (1.6.3)
65
+ cocoapods-downloader (2.1)
55
66
  cocoapods-plugins (1.0.0)
56
67
  nap
57
68
  cocoapods-search (1.0.1)
@@ -60,50 +71,73 @@ GEM
60
71
  netrc (~> 0.11)
61
72
  cocoapods-try (1.2.0)
62
73
  colored2 (3.1.2)
63
- concurrent-ruby (1.2.2)
74
+ concurrent-ruby (1.3.4)
75
+ connection_pool (2.4.1)
76
+ drb (2.2.1)
64
77
  escape (0.0.4)
65
78
  ethon (0.16.0)
66
79
  ffi (>= 1.15.0)
67
- ffi (1.16.3)
80
+ ffi (1.17.0)
81
+ ffi (1.17.0-aarch64-linux-gnu)
82
+ ffi (1.17.0-aarch64-linux-musl)
83
+ ffi (1.17.0-arm-linux-gnu)
84
+ ffi (1.17.0-arm-linux-musl)
85
+ ffi (1.17.0-arm64-darwin)
86
+ ffi (1.17.0-x86-linux-gnu)
87
+ ffi (1.17.0-x86-linux-musl)
88
+ ffi (1.17.0-x86_64-darwin)
89
+ ffi (1.17.0-x86_64-linux-gnu)
90
+ ffi (1.17.0-x86_64-linux-musl)
68
91
  fourflusher (2.3.1)
69
92
  fuzzy_match (2.0.4)
70
93
  gh_inspector (1.1.3)
71
94
  httpclient (2.8.3)
72
- i18n (1.14.1)
95
+ i18n (1.14.6)
73
96
  concurrent-ruby (~> 1.0)
74
- json (2.6.3)
75
- minitest (5.20.0)
76
- mocha (2.1.0)
97
+ json (2.8.2)
98
+ logger (1.6.1)
99
+ minitest (5.25.2)
100
+ mocha (2.6.1)
77
101
  ruby2_keywords (>= 0.0.5)
78
102
  mocha-on-bacon (0.2.3)
79
103
  mocha (>= 0.13.0)
80
104
  molinillo (0.8.0)
81
- nanaimo (0.3.0)
105
+ nanaimo (0.4.0)
82
106
  nap (1.1.0)
83
107
  netrc (0.11.0)
108
+ nkf (0.2.0)
84
109
  prettybacon (0.0.2)
85
110
  bacon (~> 1.2)
86
111
  public_suffix (4.0.7)
87
112
  rake (12.3.3)
88
- rexml (3.2.6)
113
+ rexml (3.3.9)
89
114
  ruby-macho (2.5.1)
90
115
  ruby2_keywords (0.0.5)
91
- typhoeus (1.4.0)
116
+ securerandom (0.3.2)
117
+ typhoeus (1.4.1)
92
118
  ethon (>= 0.9.0)
93
119
  tzinfo (2.0.6)
94
120
  concurrent-ruby (~> 1.0)
95
- xcodeproj (1.23.0)
121
+ xcodeproj (1.27.0)
96
122
  CFPropertyList (>= 2.3.3, < 4.0)
97
123
  atomos (~> 0.1.3)
98
124
  claide (>= 1.0.2, < 2.0)
99
125
  colored2 (~> 3.1)
100
- nanaimo (~> 0.3.0)
101
- rexml (~> 3.2.4)
102
- zeitwerk (2.6.12)
126
+ nanaimo (~> 0.4.0)
127
+ rexml (>= 3.3.6, < 4.0)
103
128
 
104
129
  PLATFORMS
130
+ aarch64-linux-gnu
131
+ aarch64-linux-musl
132
+ arm-linux-gnu
133
+ arm-linux-musl
134
+ arm64-darwin
105
135
  ruby
106
- universal-darwin-22
136
+ x86-linux-gnu
137
+ x86-linux-musl
138
+ x86_64-darwin
139
+ x86_64-linux-gnu
140
+ x86_64-linux-musl
107
141
 
108
142
  DEPENDENCIES
109
143
  bacon
@@ -117,4 +151,4 @@ DEPENDENCIES
117
151
  rake (~> 12.0)
118
152
 
119
153
  BUNDLED WITH
120
- 2.4.22
154
+ 2.5.21
data/README.md CHANGED
@@ -1,26 +1,26 @@
1
- # cocoapods-whitelist
1
+ # cocoapods-allowlist
2
2
 
3
- Validate Podspec's dependencies against a whitelist of pods.
3
+ Validate Podspec's dependencies against a allowlist of pods.
4
4
 
5
5
  ## Installation
6
6
 
7
- $ gem install cocoapods-whitelist
7
+ $ gem install cocoapods-allowlist
8
8
 
9
9
  ## Usage
10
10
 
11
11
  - As a command
12
12
  ```
13
- $ pod whitelist [--podspec=PODSPEC] [--config=WHITELIST_FILE_OR_URL] [--outfile=PATH] [--fail-on-error]
13
+ $ pod allowlist [--podspec=PODSPEC] [--config=ALLOWLIST_FILE_OR_URL] [--outfile=PATH] [--fail-on-error]
14
14
  ```
15
15
 
16
16
  - As plugin, add into the Podfile of your tests app
17
17
  ```
18
- plugin 'cocoapods-whitelist'
18
+ plugin 'cocoapods-allowlist'
19
19
  ```
20
20
 
21
21
  If not Podspec is passed by parameter, the command search into the current and parent directory.
22
22
 
23
- You can specify a custom whitelist. By default use a whitelist hosted in [GitHub](https://github.com/mercadolibre/mobile-dependencies_whitelist/blob/master/ios-whitelist.json)
23
+ You can specify a custom allowlist. By default use a allowlist hosted in [GitHub](https://github.com/melisource/fury_mobile-dependencies-allowlist/blob/master/ios-allowlist.json)
24
24
 
25
25
  By default exit with status 0, unless you add the parameter `--fail-on-error`
26
26
 
@@ -38,9 +38,9 @@ rake
38
38
  ### Publish in RubyGems
39
39
  1. Build
40
40
  ```
41
- gem build cocoapods-whitelist.gemspec
41
+ gem build cocoapods-allowlist.gemspec
42
42
  ```
43
43
  2. Publish
44
44
  ```
45
- gem push cocoapods-whitelist-{version}.gem
45
+ gem push cocoapods-allowlist-{version}.gem
46
46
  ```
@@ -1,15 +1,15 @@
1
1
  # coding: utf-8
2
2
  lib = File.expand_path('../lib', __FILE__)
3
3
  $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
- require 'cocoapods-whitelist/gem_version.rb'
4
+ require 'cocoapods-allowlist/gem_version.rb'
5
5
 
6
6
  Gem::Specification.new do |spec|
7
7
  spec.name = 'cocoapods-whitelist'
8
- spec.version = CocoapodsWhitelist::VERSION
8
+ spec.version = CocoapodsAllowlist::VERSION
9
9
  spec.authors = ['Mobile Team']
10
10
  spec.email = ['mobile@mercadolibre.com']
11
- spec.description = %q{A short description of cocoapods-whitelist.}
12
- spec.summary = %q{A longer description of cocoapods-whitelist.}
11
+ spec.description = %q{A short description of cocoapods-allowlist.}
12
+ spec.summary = %q{A longer description of cocoapods-allowlist.}
13
13
  spec.homepage = 'https://github.com/melisource/mobile-cocoapods_whitelist'
14
14
  spec.license = 'MIT'
15
15
 
@@ -0,0 +1,84 @@
1
+
2
+ require 'singleton'
3
+ require 'open-uri'
4
+ require 'json'
5
+ require 'fileutils'
6
+ require_relative '../helpers/git'
7
+ require_relative '../model/allowed_dependency'
8
+ require_relative '../helpers/config_url'
9
+
10
+ class AllowlistResolver
11
+ include Singleton
12
+ attr_accessor :allowlist
13
+ attr_accessor :allowlist_loaded
14
+ attr_accessor :allowlist_url
15
+ attr_accessor :allowlist_directory
16
+ attr_accessor :allowlist_branch
17
+
18
+ def config
19
+ @allowlist ||= []
20
+ end
21
+
22
+ def initialize()
23
+ @allowlist_url = ConfigURL::ALLOWLIST_SSH
24
+ @allowlist_directory = nil
25
+ @allowlist_branch = "master"
26
+ load_allowlist()
27
+ end
28
+
29
+ def get_allowlist(allowlist_url = ConfigURL::ALLOWLIST_SSH)
30
+ @allowlist_loaded = @allowlist_url == allowlist_url
31
+ @allowlist_url = allowlist_url
32
+
33
+ load_allowlist() unless @allowlist_loaded
34
+ return @allowlist
35
+ end
36
+
37
+ def load_allowlist
38
+ begin
39
+ create_temp_directory
40
+ GitHelper.clone_from_branch(@allowlist_url, @allowlist_directory, @allowlist_branch)
41
+ file_path = File.join(@allowlist_directory, "ios-allowlist.json")
42
+
43
+ if File.exist?(file_path)
44
+ file = File.read(file_path)
45
+ @allowlist = parse_allowlist(file)
46
+ @allowlist_loaded = true
47
+ else
48
+ raise "File not found: #{file_path}"
49
+ end
50
+ rescue OpenURI::HTTPError => e
51
+ status = e.io.status.join(' ')
52
+ raise "Failed to fetch allowlist from '#{@allowlist_url}'.\n Error: #{status}"
53
+ rescue => e
54
+ raise "Failed to load allowlist: #{e.message}"
55
+ ensure
56
+ cleanup
57
+ end
58
+ end
59
+
60
+ def parse_allowlist(raw_allowlist)
61
+ json = JSON.parse(raw_allowlist)
62
+ return json["allowlist"].map { |dependencyJson|
63
+ AllowedDependency.new(
64
+ dependencyJson["name"],
65
+ dependencyJson["version"],
66
+ dependencyJson["expires"],
67
+ dependencyJson["source"],
68
+ dependencyJson["target"],
69
+ dependencyJson["allows_granular_projects"]
70
+ )
71
+ }
72
+ end
73
+
74
+ private
75
+
76
+ def create_temp_directory
77
+ @allowlist_directory ||= File.join(Dir.tmpdir, "allowlist")
78
+ FileUtils.mkdir_p(@allowlist_directory) unless File.exist?(@allowlist_directory)
79
+ end
80
+
81
+ def cleanup
82
+ FileUtils.rm_rf(@allowlist_directory) if @allowlist_directory && Dir.exist?(@allowlist_directory)
83
+ end
84
+ end
@@ -1,16 +1,15 @@
1
1
  require 'open-uri'
2
2
  require 'json'
3
- require_relative '../client/whitelist_resolver'
3
+ require_relative '../client/allowlist_resolver'
4
4
  require_relative '../model/validation_excluded'
5
-
6
- DEFAULT_WHITELIST_URL = "https://raw.githubusercontent.com/mercadolibre/mobile-dependencies_whitelist/master/ios-whitelist.json"
5
+ require_relative '../helpers/config_url'
7
6
 
8
7
  module Pod
9
8
  class Command
10
- class Whitelist < Command
11
- self.summary = "Validate Podspec's dependencies against a whitelist of pods."
9
+ class Allowlist < Command
10
+ self.summary = "Validate Podspec's dependencies against a allowlist of pods."
12
11
  self.description = <<-DESC
13
- Validate Podspec's dependencies against a whitelist of pods.
12
+ Validate Podspec's dependencies against a allowlist of pods.
14
13
  DESC
15
14
 
16
15
  self.arguments = [ CLAide::Argument.new('config', false),
@@ -27,7 +26,7 @@ module Pod
27
26
  end
28
27
 
29
28
  def initialize(argv)
30
- @whitelist_url = argv ? argv.option('config', DEFAULT_WHITELIST_URL) : DEFAULT_WHITELIST_URL
29
+ @allowlist_url = argv ? argv.option('config', ConfigURL::ALLOWLIST_SSH) : ConfigURL::ALLOWLIST_SSH
31
30
  @pospec_path = argv ? argv.option('podspec') : nil
32
31
  @fail_on_error = argv ? argv.flag?('fail-on-error') : false
33
32
  @outfile = argv ? argv.option('outfile') : nil
@@ -36,12 +35,12 @@ module Pod
36
35
  end
37
36
 
38
37
  def validate!
39
- help! "A whitelist file or URL is needed." unless @whitelist_url
38
+ help! "A allowlist file or URL is needed." unless @allowlist_url
40
39
  end
41
40
 
42
41
  def run
43
42
  prepare_outfile
44
- whitelist = WhitelistResolver.instance.get_whitelist(@whitelist_url)
43
+ allowlist = AllowlistResolver.instance.get_allowlist(@allowlist_url)
45
44
  load_excluded()
46
45
  specifications = get_podspec_specifications
47
46
 
@@ -53,7 +52,7 @@ module Pod
53
52
  specifications.map do |specification|
54
53
  unless @excluded_list.one? {|excluded| excluded.name == specification.name }
55
54
  Pod::UI.notice "#{specification.name} validating"
56
- validate_dependencies(JSON.parse(specification.to_json), whitelist)
55
+ validate_dependencies(JSON.parse(specification.to_json), allowlist)
57
56
  end
58
57
  end
59
58
 
@@ -62,20 +61,21 @@ module Pod
62
61
 
63
62
  def show_result_message
64
63
  return unless @failure
65
- message = "Please check your dependencies.\nYou can see the allowed dependencies at #{@whitelist_url}"
64
+ message = "Please check your dependencies.\nYou can see the allowed dependencies at #{ConfigURL::ALLOWLIST_URL}"
66
65
  show_error_message(message)
67
66
  if @fail_on_error
68
67
  raise Informative.new()
69
68
  end
70
69
  end
71
70
 
72
- # Checks the dependencies the project contains are in the whitelist
73
- def validate_dependencies(podspec, whitelist, parentName = nil)
71
+ # Checks the dependencies the project contains are in the allowlist
72
+ def validate_dependencies(podspec, allowlist, parentName = nil)
74
73
  pod_name = parentName ? "#{parentName}/#{podspec['name']}" : podspec['name']
75
74
  UI.puts "Verifying dependencies in #{pod_name}".green
76
75
 
77
76
  dependencies = podspec["dependencies"] ? podspec["dependencies"] : []
78
77
  not_allowed = []
78
+ alert_allowed = []
79
79
 
80
80
  dependencies.each do |name, versions|
81
81
  # Skip subspec dependency
@@ -83,11 +83,11 @@ module Pod
83
83
 
84
84
  if versions.length != 1
85
85
  not_allowed.push("#{name} (#{versions.join(", ")}) Reason: A specific version must be defined for every dependency (just one). " +
86
- "Suggestion: find this dependency in your Podspec and add the version listed in the whitelist.")
86
+ "Suggestion: find this dependency in your Podspec and add the version listed in the allowlist.")
87
87
  next
88
88
  end
89
89
 
90
- allowedDependency = whitelist.select { |item|
90
+ allowedDependency = allowlist.select { |item|
91
91
  (/^#{item.name}/ =~ name) && (!item.version || versions.grep(/#{item.version}/).any?) && (item.target == 'production')
92
92
  }
93
93
 
@@ -106,14 +106,19 @@ module Pod
106
106
  end
107
107
 
108
108
  # Checks if any of the allowed dependencies are expired, if so, fail with error
109
- if dependency.expire?
110
- not_allowed.push("#{name} Reason: Expired version. Please check the whitelist.")
109
+ if dependency.expired?
110
+ not_allowed.push("#{name} Reason: Expired version. Please check the allowlist.")
111
+ end
112
+
113
+ # Check if any of the allowed dependencies are close to expiring, if so, fail with error
114
+ if dependency.expiring?
115
+ alert_allowed.push("#{name} Reason: Version will expire in #{dependency.expires}. Please check your dependencies.")
111
116
  end
112
117
 
113
118
  }
114
119
 
115
120
  if allowedDependency.empty?
116
- not_allowed.push("#{name} (#{versions.join(", ")}) Reason: Specified version hasn't match any whitelisted version or Pod name is not valid")
121
+ not_allowed.push("#{name} (#{versions.join(", ")}) Reason: Specified version hasn't match any allowlisted version or Pod name is not valid")
117
122
  next
118
123
  end
119
124
  end
@@ -127,10 +132,18 @@ module Pod
127
132
  UI.puts " OK".green
128
133
  end
129
134
 
135
+
136
+ if alert_allowed.any?
137
+ show_error_message(" Warning: Found dependencies allowed that contain warnings:")
138
+ alert_allowed.each {|dependency| show_error_message(" - #{dependency}")}
139
+ else
140
+ UI.puts " OK".green
141
+ end
142
+
130
143
  # Validate subspecs dependencies
131
144
  if podspec["subspecs"]
132
145
  podspec["subspecs"].each do |subspec|
133
- validate_dependencies(subspec, whitelist, pod_name)
146
+ validate_dependencies(subspec, allowlist, pod_name)
134
147
  end
135
148
  end
136
149
  end
@@ -0,0 +1 @@
1
+ require 'cocoapods-allowlist/command/allowlist'
@@ -0,0 +1,3 @@
1
+ module CocoapodsAllowlist
2
+ VERSION = "0.6.0"
3
+ end
@@ -0,0 +1,4 @@
1
+ module ConfigURL
2
+ ALLOWLIST_SSH = "git@github.com:melisource/fury_mobile-dependencies-allowlist.git"
3
+ ALLOWLIST_URL = "https://github.com/melisource/fury_mobile-dependencies-allowlist"
4
+ end
@@ -0,0 +1,16 @@
1
+ require_relative '../utils/command'
2
+
3
+ # For execute git commands
4
+ class GitHelper
5
+ # Download from a specific branch
6
+ def self.clone_from_branch(url, destination, branch)
7
+ Command.execute("git clone --quiet --depth 1 -b #{branch} --single-branch #{url} #{destination}")
8
+ end
9
+
10
+ # Get the latest commit hash
11
+ def self.get_latest_commit(directory)
12
+ Dir.chdir(directory) do
13
+ Command.execute("git rev-parse HEAD").strip
14
+ end
15
+ end
16
+ end
@@ -0,0 +1 @@
1
+ require 'cocoapods-allowlist/hook/resolver'
@@ -1,25 +1,29 @@
1
1
  class AllowedDependency
2
2
  attr_accessor :name
3
3
  attr_accessor :version
4
- attr_accessor :expire
4
+ attr_accessor :expires
5
5
  attr_accessor :source
6
6
  attr_accessor :target
7
7
  attr_accessor :allows_granular_projects
8
8
 
9
- def initialize(name, version, expire, source, target, allows_granular_projects)
9
+ def initialize(name, version, expires, source, target, allows_granular_projects)
10
10
  @name = name
11
11
  @version = version
12
- @expire = expire
12
+ @expires = expires
13
13
  @source = source
14
14
  @target = target
15
15
  @allows_granular_projects = allows_granular_projects
16
16
  end
17
17
 
18
- def expire?
19
- if @expire != nil
20
- expire = DateTime.parse(@expire,"%Y-%m-%d")
21
- return expire < DateTime.now
18
+ def expired?
19
+ if @expires != nil
20
+ expires = DateTime.parse(@expires,"%Y-%m-%d")
21
+ return expires < DateTime.now
22
22
  end
23
23
  return false
24
24
  end
25
+
26
+ def expiring?
27
+ return @expires != nil
28
+ end
25
29
  end
@@ -0,0 +1,10 @@
1
+ require 'open3'
2
+
3
+ class Command
4
+
5
+ # This method is for execute commands in terminal
6
+ def self.execute(command)
7
+ Open3.capture3(command)
8
+ end
9
+
10
+ end
@@ -0,0 +1 @@
1
+ require 'cocoapods-allowlist/gem_version'
@@ -1,9 +1,9 @@
1
- require 'cocoapods-whitelist/command'
2
- require 'cocoapods-whitelist/hook'
1
+ require 'cocoapods-allowlist/command'
2
+ require 'cocoapods-allowlist/hook'
3
3
 
4
- module Whitelist
4
+ module Allowlist
5
5
  Pod::HooksManager.register('cocoapods-whitelist', :pre_install) do |context, options|
6
6
  argv = CLAide::ARGV.new(options)
7
- Pod::Command::Whitelist.new(argv).run
7
+ Pod::Command::Allowlist.new(argv).run
8
8
  end
9
9
  end
@@ -0,0 +1,24 @@
1
+ require File.expand_path('../spec_helper', __FILE__)
2
+
3
+ ALLOWLIST_PATH = './spec/mocks/allowlist.json'
4
+
5
+ describe AllowlistResolver do
6
+ describe 'functionality' do
7
+ it 'allowlist should be loaded from an specific url' do
8
+ allowlist = AllowlistResolver.instance.get_allowlist(ALLOWLIST_PATH)
9
+ allowlist.size.should.equal 11
10
+ end
11
+
12
+ it 'if not URL is specified, allowlist comes from default URL' do
13
+ allowlist = AllowlistResolver.instance.get_allowlist
14
+ allowlist.should.not.empty?
15
+ end
16
+
17
+ it 'allowlist should not be loaded twice' do
18
+ AllowlistResolver.instance.get_allowlist(ALLOWLIST_PATH)
19
+ loaded = AllowlistResolver.instance.allowlist_loaded
20
+
21
+ loaded.should.be.true
22
+ end
23
+ end
24
+ end
@@ -1,209 +1,209 @@
1
1
  require File.expand_path('../spec_helper', __FILE__)
2
2
 
3
- WHITELIST_FILE = './spec/mocks/whitelist.json'
3
+ ALLOWLIST_FILE = './spec/mocks/allowlist.json'
4
4
 
5
5
  module Pod
6
- describe Command::Whitelist do
6
+ describe Command::Allowlist do
7
7
  describe 'general' do
8
8
  it 'registers itself' do
9
- Command.parse(%w{ whitelist }).should.be.instance_of Command::Whitelist
9
+ Command.parse(%w{ allowlist }).should.be.instance_of Command::Allowlist
10
10
  end
11
11
  end
12
12
 
13
13
  describe 'validations' do
14
14
  it 'dependency without version should not be valid' do
15
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK')
16
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
15
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK')
16
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
17
17
  specification = Pod::Specification.from_file('./spec/mocks/without_version.podspec')
18
18
  command.expects(:get_podspec_specifications).returns([specification])
19
19
  lambda { command.run }.should.raise Informative
20
20
  end
21
21
 
22
22
  it 'dependency with major version fixed should be valid' do
23
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK', '~>5.0')
24
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
23
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK', '~>5.0')
24
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
25
25
  specification = Pod::Specification.from_file('./spec/mocks/major_version_fixed.podspec')
26
26
  command.expects(:get_podspec_specifications).returns([specification])
27
27
  lambda { command.run }.should.not.raise
28
28
  end
29
29
 
30
30
  it 'dependency with incorrect name should not be valid' do
31
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('Meli', '~>5.0')
32
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
31
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('Meli', '~>5.0')
32
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
33
33
  specification = Pod::Specification.from_file('./spec/mocks/bad_name.podspec')
34
34
  command.expects(:get_podspec_specifications).returns([specification])
35
35
  lambda { command.run }.should.raise Informative
36
36
  end
37
37
 
38
38
  it 'not allowed dependency should not be valid' do
39
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
39
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
40
40
  specification = Pod::Specification.from_file('./spec/mocks/not_allowed.podspec')
41
41
  command.expects(:get_podspec_specifications).returns([specification])
42
42
  lambda { command.run }.should.raise Informative
43
43
  end
44
44
 
45
45
  it 'not allowed similar dependency should not be valid' do
46
- # Whitelist: ('MercadoPagoSDKV4', '~>5.*') | Podspec: ('MercadoPagoSDK')
47
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
46
+ # Allowlist: ('MercadoPagoSDKV4', '~>5.*') | Podspec: ('MercadoPagoSDK')
47
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
48
48
  specification = Pod::Specification.from_file('./spec/mocks/with_similar_name_not_allowed.podspec')
49
49
  command.expects(:get_podspec_specifications).returns([specification])
50
50
  lambda { command.run }.should.raise Informative
51
51
  end
52
52
 
53
53
  it 'dependency with not allowed version should be valid' do
54
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
54
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
55
55
  specification = Pod::Specification.from_file('./spec/mocks/with_fixed_version.podspec')
56
56
  command.expects(:get_podspec_specifications).returns([specification])
57
57
  lambda { command.run }.should.raise Informative
58
58
  end
59
59
 
60
60
  it 'expired dependency should not be valid' do
61
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
62
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
61
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
62
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
63
63
  specification = Pod::Specification.from_file('./spec/mocks/with_expired_dependencies.podspec')
64
64
  command.expects(:get_podspec_specifications).returns([specification])
65
65
  lambda { command.run }.should.raise Informative
66
66
  end
67
67
 
68
68
  it 'not yet expired dependency should be valid' do
69
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
70
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
69
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
70
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
71
71
  specification = Pod::Specification.from_file('./spec/mocks/with_not_yet_expired_dependencies.podspec')
72
72
  command.expects(:get_podspec_specifications).returns([specification])
73
73
  lambda { command.run }.should.not.raise Informative
74
74
  end
75
75
 
76
76
  it 'dependency with two versions requierement should not be valid' do
77
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
78
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
77
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
78
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
79
79
  specification = Pod::Specification.from_file('./spec/mocks/with_two_requirement.podspec')
80
80
  command.expects(:get_podspec_specifications).returns([specification])
81
81
  lambda { command.run }.should.raise Informative
82
82
  end
83
83
 
84
84
  it 'dependency with two versions requierement should not be valid' do
85
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
86
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
85
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
86
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
87
87
  specification = Pod::Specification.from_file('./spec/mocks/with_more_than_one_version_in_subspec.podspec')
88
88
  command.expects(:get_podspec_specifications).returns([specification])
89
89
  lambda { command.run }.should.raise Informative
90
90
  end
91
91
 
92
92
  it 'dependency not allowed in subspec should not be valid' do
93
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
94
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
93
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
94
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
95
95
  specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_in_subspec.podspec')
96
96
  command.expects(:get_podspec_specifications).returns([specification])
97
97
  lambda { command.run }.should.raise Informative
98
98
  end
99
99
 
100
- it 'subspec dependency allowed in the whitelist should be valid' do
101
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK/Error')
102
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
100
+ it 'subspec dependency allowed in the allowlist should be valid' do
101
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('MeliSDK/Error')
102
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
103
103
  specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec_v1.podspec')
104
104
  command.expects(:get_podspec_specifications).returns([specification])
105
105
  lambda { command.run }.should.not.raise
106
106
  end
107
107
 
108
- it 'dependency not allowed in the whitelist should not be valid' do
109
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MyMeliSDK/Error')
110
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
108
+ it 'dependency not allowed in the allowlist should not be valid' do
109
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('MyMeliSDK/Error')
110
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
111
111
  specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec_v1.podspec')
112
112
  command.expects(:get_podspec_specifications).returns([specification])
113
113
  lambda { command.run }.should.raise Informative
114
114
  end
115
115
 
116
116
  it 'podspec without dependencies should be valid' do
117
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
118
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
117
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
118
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
119
119
  specification = Pod::Specification.from_file('./spec/mocks/without_dependencies.podspec')
120
120
  command.expects(:get_podspec_specifications).returns([specification])
121
121
  lambda { command.run }.should.not.raise
122
122
  end
123
123
 
124
124
  it 'podspec with allowed dependencies in subspec should be valid' do
125
- # Whitelist: ('MeliSDK', '~>5.*') | Subspec: ('MeliSDK')
126
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
125
+ # Allowlist: ('MeliSDK', '~>5.*') | Subspec: ('MeliSDK')
126
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
127
127
  specification = Pod::Specification.from_file('./spec/mocks/with_allowed_in_subspec.podspec')
128
128
  command.expects(:get_podspec_specifications).returns([specification])
129
129
  lambda { command.run }.should.not.raise
130
130
  end
131
131
 
132
132
  it 'podspec with dependency not restricted by version should be valid' do
133
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('MLRecommendations', '~>1.0.0')
134
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
133
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('MLRecommendations', '~>1.0.0')
134
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
135
135
  specification = Pod::Specification.from_file('./spec/mocks/free_version.podspec')
136
136
  command.expects(:get_podspec_specifications).returns([specification])
137
137
  lambda { command.run }.should.not.raise
138
138
  end
139
139
 
140
- it 'fixed mayor dependency in whitelist and podspec should not fail on first option' do
141
- # Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '1.0.0')
142
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
143
- specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec')
140
+ it 'fixed mayor dependency in allowlist and podspec should not fail on first option' do
141
+ # Allowlist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '1.0.0')
142
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
143
+ specification = Pod::Specification.from_file('./spec/mocks/with_allowlisted_dependency_fixed_versions_v1.podspec')
144
144
  command.expects(:get_podspec_specifications).returns([specification])
145
145
  lambda { command.run }.should.not.raise
146
146
  end
147
147
 
148
- it 'fixed mayor dependency in whitelist and podspec should not fail on second option' do
149
- # Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '2.0.0')
150
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
151
- specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec')
148
+ it 'fixed mayor dependency in allowlist and podspec should not fail on second option' do
149
+ # Allowlist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '2.0.0')
150
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
151
+ specification = Pod::Specification.from_file('./spec/mocks/with_allowlisted_dependency_fixed_versions_v2.podspec')
152
152
  command.expects(:get_podspec_specifications).returns([specification])
153
153
  lambda { command.run }.should.not.raise
154
154
  end
155
155
 
156
- it 'fixed mayor dependency in whitelist but not in podspec should fail' do
157
- # Whitelist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '~> 1.0')
158
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
159
- specification = Pod::Specification.from_file('./spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec')
156
+ it 'fixed mayor dependency in allowlist but not in podspec should fail' do
157
+ # Allowlist: ('MLMyDependency', '1.0.0|2.0.0') | Podspec: ('MLMyDependency', '~> 1.0')
158
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
159
+ specification = Pod::Specification.from_file('./spec/mocks/with_allowlisted_dependency_fixed_versions_variable.podspec')
160
160
  command.expects(:get_podspec_specifications).returns([specification])
161
161
  lambda { command.run }.should.raise Informative
162
162
  end
163
163
 
164
164
  it 'not allowed dependency should not raise exception if --fail-on-error is not present' do
165
- # Whitelist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
166
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--podspec=./spec/mocks/not_allowed.podspec"])
165
+ # Allowlist: ('MeliSDK', '~>5.*') | Podspec: ('AFNetworking')
166
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--podspec=./spec/mocks/not_allowed.podspec"])
167
167
  lambda { command.run }.should.not.raise
168
168
  end
169
169
 
170
170
  it 'should not fail when no podspecs are found' do
171
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}"])
171
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}"])
172
172
  lambda { command.run }.should.not.raise
173
173
  end
174
174
 
175
175
  it 'allowed granular dependency should be valid' do
176
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
176
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
177
177
  specification = Pod::Specification.from_file('./spec/mocks/allowed_with_granular.podspec')
178
178
  command.expects(:get_podspec_specifications).returns([specification])
179
179
  lambda { command.run }.should.not.raise Informative
180
180
  end
181
181
 
182
182
  it 'not allowed granular dependency should not be valid' do
183
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
183
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
184
184
  specification = Pod::Specification.from_file('./spec/mocks/not_allowed_with_granular_v1.podspec')
185
185
  command.expects(:get_podspec_specifications).returns([specification])
186
186
  lambda { command.run }.should.raise Informative
187
187
  end
188
188
 
189
189
  it 'not allowed granular subspec dependency should not be valid' do
190
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
190
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
191
191
  specification = Pod::Specification.from_file('./spec/mocks/not_allowed_with_granular_v2.podspec')
192
192
  command.expects(:get_podspec_specifications).returns([specification])
193
193
  lambda { command.run }.should.raise Informative
194
194
  end
195
195
 
196
- it 'subspec dependency allowed in the whitelist should be valid' do
197
- # Whitelist: ('AndesUI/Core') | Podspec: ('AndesUI/Core')
198
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
196
+ it 'subspec dependency allowed in the allowlist should be valid' do
197
+ # Allowlist: ('AndesUI/Core') | Podspec: ('AndesUI/Core')
198
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
199
199
  specification = Pod::Specification.from_file('./spec/mocks/with_allowed_subspec_v2.podspec')
200
200
  command.expects(:get_podspec_specifications).returns([specification])
201
201
  lambda { command.run }.should.not.raise
202
202
  end
203
203
 
204
- it 'subspec dependency not allowed in the whitelist should not be valid' do
205
- # Whitelist: ('AndesUI/Core') | Podspec: ('AndesUI/Icons')
206
- command = Command.parse(['whitelist', "--config=#{WHITELIST_FILE}", "--fail-on-error"])
204
+ it 'subspec dependency not allowed in the allowlist should not be valid' do
205
+ # Allowlist: ('AndesUI/Core') | Podspec: ('AndesUI/Icons')
206
+ command = Command.parse(['allowlist', "--config=#{ALLOWLIST_FILE}", "--fail-on-error"])
207
207
  specification = Pod::Specification.from_file('./spec/mocks/with_not_allowed_subspec_v2.podspec')
208
208
  command.expects(:get_podspec_specifications).returns([specification])
209
209
  lambda { command.run }.should.raise Informative
@@ -1,5 +1,5 @@
1
1
  {
2
- "whitelist": [
2
+ "allowlist": [
3
3
  {
4
4
  "name": "MeliSDK",
5
5
  "version": "^~>5.[0-9]+$",
@@ -11,13 +11,13 @@
11
11
  "target": "production"
12
12
  },
13
13
  {
14
- "expire": "2100-11-15",
14
+ "expires": "2100-11-15",
15
15
  "name": "MLBilling",
16
16
  "version": null,
17
17
  "target": "production"
18
18
  },
19
19
  {
20
- "expire": "2016-11-15",
20
+ "expires": "2016-11-15",
21
21
  "name": "MLOnDemandResources",
22
22
  "version": "^~>5.[0-9]+$",
23
23
  "source": "public",
@@ -1,5 +1,5 @@
1
1
  {
2
- "whitelist": [{
2
+ "allowlist": [{
3
3
  "name": "MeliSDK",
4
4
  "version": "^~>5.[0-9]+$"
5
5
  }, {
@@ -8,17 +8,17 @@
8
8
  }, {
9
9
  "name": "CHTCollectionViewWaterfallLayout2",
10
10
  "version": "^~>\\s?0.[0-9]+$",
11
- "expire": "2017-11-01"
11
+ "expires": "2017-11-01"
12
12
  },
13
13
  {
14
14
  "name": "CHTCollectionViewWaterfallLayout3",
15
15
  "version": "^~>\\s?0.[0-9]+$",
16
- "expire" : "2017-12-01"
16
+ "expires" : "2017-12-01"
17
17
  },
18
18
  {
19
19
  "name": "CHTCollectionViewWaterfallLayout4",
20
20
  "version": "^~>\\s?0.[0-9]+$",
21
- "expire" : "2017-11-01"
21
+ "expires" : "2017-11-01"
22
22
  }
23
23
  ]
24
24
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cocoapods-whitelist
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.5
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mobile Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-04-23 00:00:00.000000000 Z
11
+ date: 2025-01-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -38,7 +38,7 @@ dependencies:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: '12.0'
41
- description: A short description of cocoapods-whitelist.
41
+ description: A short description of cocoapods-allowlist.
42
42
  email:
43
43
  - mobile@mercadolibre.com
44
44
  executables: []
@@ -56,33 +56,41 @@ files:
56
56
  - README.md
57
57
  - Rakefile
58
58
  - cocoapods-whitelist.gemspec
59
- - lib/cocoapods-whitelist.rb
60
- - lib/cocoapods-whitelist/client/whitelist_resolver.rb
61
- - lib/cocoapods-whitelist/command.rb
62
- - lib/cocoapods-whitelist/command/whitelist.rb
63
- - lib/cocoapods-whitelist/exclude/excluded.json
64
- - lib/cocoapods-whitelist/gem_version.rb
65
- - lib/cocoapods-whitelist/helpers/source_helper.rb
66
- - lib/cocoapods-whitelist/hook.rb
67
- - lib/cocoapods-whitelist/hook/resolver.rb
68
- - lib/cocoapods-whitelist/model/allowed_dependency.rb
69
- - lib/cocoapods-whitelist/model/sources.rb
70
- - lib/cocoapods-whitelist/model/validation_excluded.rb
71
- - lib/cocoapods-whitelist/validator/source_validator.rb
59
+ - lib/cocoapods-allowlist.rb
60
+ - lib/cocoapods-allowlist/client/allowlist_resolver.rb
61
+ - lib/cocoapods-allowlist/command.rb
62
+ - lib/cocoapods-allowlist/command/allowlist.rb
63
+ - lib/cocoapods-allowlist/exclude/excluded.json
64
+ - lib/cocoapods-allowlist/gem_version.rb
65
+ - lib/cocoapods-allowlist/helpers/config_url.rb
66
+ - lib/cocoapods-allowlist/helpers/git.rb
67
+ - lib/cocoapods-allowlist/helpers/source_helper.rb
68
+ - lib/cocoapods-allowlist/hook.rb
69
+ - lib/cocoapods-allowlist/hook/resolver.rb
70
+ - lib/cocoapods-allowlist/model/allowed_dependency.rb
71
+ - lib/cocoapods-allowlist/model/sources.rb
72
+ - lib/cocoapods-allowlist/model/validation_excluded.rb
73
+ - lib/cocoapods-allowlist/utils/command.rb
74
+ - lib/cocoapods-allowlist/validator/source_validator.rb
72
75
  - lib/cocoapods_plugin.rb
76
+ - spec/allowlist_resolver_spec.rb
77
+ - spec/allowlist_spec.rb
73
78
  - spec/mocks/allowed_with_granular.podspec
79
+ - spec/mocks/allowlist.json
80
+ - spec/mocks/allowlist_with_expired_dependencies.json
81
+ - spec/mocks/allowlisted_podname.podspec
74
82
  - spec/mocks/bad_name.podspec
75
83
  - spec/mocks/free_version.podspec
76
84
  - spec/mocks/major_version_fixed.podspec
77
85
  - spec/mocks/not_allowed.podspec
78
86
  - spec/mocks/not_allowed_with_granular_v1.podspec
79
87
  - spec/mocks/not_allowed_with_granular_v2.podspec
80
- - spec/mocks/whitelist.json
81
- - spec/mocks/whitelist_with_expired_dependencies.json
82
- - spec/mocks/whitelisted_podname.podspec
83
88
  - spec/mocks/with_allowed_in_subspec.podspec
84
89
  - spec/mocks/with_allowed_subspec_v1.podspec
85
90
  - spec/mocks/with_allowed_subspec_v2.podspec
91
+ - spec/mocks/with_allowlisted_dependency_fixed_versions_v1.podspec
92
+ - spec/mocks/with_allowlisted_dependency_fixed_versions_v2.podspec
93
+ - spec/mocks/with_allowlisted_dependency_fixed_versions_variable.podspec
86
94
  - spec/mocks/with_expired_dependencies.podspec
87
95
  - spec/mocks/with_fixed_version.podspec
88
96
  - spec/mocks/with_more_than_one_version_in_subspec.podspec
@@ -92,16 +100,11 @@ files:
92
100
  - spec/mocks/with_not_yet_expired_dependencies.podspec
93
101
  - spec/mocks/with_similar_name_not_allowed.podspec
94
102
  - spec/mocks/with_two_requirement.podspec
95
- - spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec
96
- - spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec
97
- - spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec
98
103
  - spec/mocks/without_dependencies.podspec
99
104
  - spec/mocks/without_version.podspec
100
105
  - spec/source_helper_spec.rb
101
106
  - spec/source_validator_spec.rb
102
107
  - spec/spec_helper.rb
103
- - spec/whitelist_resolver_spec.rb
104
- - spec/whitelist_spec.rb
105
108
  homepage: https://github.com/melisource/mobile-cocoapods_whitelist
106
109
  licenses:
107
110
  - MIT
@@ -124,21 +127,26 @@ requirements: []
124
127
  rubygems_version: 3.3.26
125
128
  signing_key:
126
129
  specification_version: 4
127
- summary: A longer description of cocoapods-whitelist.
130
+ summary: A longer description of cocoapods-allowlist.
128
131
  test_files:
132
+ - spec/allowlist_resolver_spec.rb
133
+ - spec/allowlist_spec.rb
129
134
  - spec/mocks/allowed_with_granular.podspec
135
+ - spec/mocks/allowlist.json
136
+ - spec/mocks/allowlist_with_expired_dependencies.json
137
+ - spec/mocks/allowlisted_podname.podspec
130
138
  - spec/mocks/bad_name.podspec
131
139
  - spec/mocks/free_version.podspec
132
140
  - spec/mocks/major_version_fixed.podspec
133
141
  - spec/mocks/not_allowed.podspec
134
142
  - spec/mocks/not_allowed_with_granular_v1.podspec
135
143
  - spec/mocks/not_allowed_with_granular_v2.podspec
136
- - spec/mocks/whitelist.json
137
- - spec/mocks/whitelist_with_expired_dependencies.json
138
- - spec/mocks/whitelisted_podname.podspec
139
144
  - spec/mocks/with_allowed_in_subspec.podspec
140
145
  - spec/mocks/with_allowed_subspec_v1.podspec
141
146
  - spec/mocks/with_allowed_subspec_v2.podspec
147
+ - spec/mocks/with_allowlisted_dependency_fixed_versions_v1.podspec
148
+ - spec/mocks/with_allowlisted_dependency_fixed_versions_v2.podspec
149
+ - spec/mocks/with_allowlisted_dependency_fixed_versions_variable.podspec
142
150
  - spec/mocks/with_expired_dependencies.podspec
143
151
  - spec/mocks/with_fixed_version.podspec
144
152
  - spec/mocks/with_more_than_one_version_in_subspec.podspec
@@ -148,13 +156,8 @@ test_files:
148
156
  - spec/mocks/with_not_yet_expired_dependencies.podspec
149
157
  - spec/mocks/with_similar_name_not_allowed.podspec
150
158
  - spec/mocks/with_two_requirement.podspec
151
- - spec/mocks/with_whitelisted_dependency_fixed_versions_v1.podspec
152
- - spec/mocks/with_whitelisted_dependency_fixed_versions_v2.podspec
153
- - spec/mocks/with_whitelisted_dependency_fixed_versions_variable.podspec
154
159
  - spec/mocks/without_dependencies.podspec
155
160
  - spec/mocks/without_version.podspec
156
161
  - spec/source_helper_spec.rb
157
162
  - spec/source_validator_spec.rb
158
163
  - spec/spec_helper.rb
159
- - spec/whitelist_resolver_spec.rb
160
- - spec/whitelist_spec.rb
@@ -1,54 +0,0 @@
1
- require 'singleton'
2
- require 'open-uri'
3
- require 'cocoapods-whitelist/model/allowed_dependency'
4
-
5
- class WhitelistResolver
6
- include Singleton
7
- attr_accessor :whitelist
8
- attr_accessor :whitelist_loaded
9
- attr_accessor :whitelist_url
10
-
11
- def config
12
- @whitelist ||= []
13
- end
14
-
15
- def initialize()
16
- @whitelist_url = DEFAULT_WHITELIST_URL
17
- load_whitelist()
18
- end
19
-
20
- def get_whitelist(whitelist_url = DEFAULT_WHITELIST_URL)
21
- @whitelist_loaded = @whitelist_url == whitelist_url
22
- @whitelist_url = whitelist_url
23
-
24
- load_whitelist() unless @whitelist_loaded
25
- return @whitelist
26
- end
27
-
28
- def load_whitelist
29
- begin
30
- URI.open(@whitelist_url) { |io|
31
- buffer = io.read
32
- @whitelist = parse_whitelist(buffer)
33
- @whitelist_loaded = true
34
- }
35
- rescue OpenURI::HTTPError => e
36
- status = e.io.status.join(' ')
37
- raise "Failed to fetch whitelist from '#{@whitelist_url}'.\n Error: #{status}"
38
- end
39
- end
40
-
41
- def parse_whitelist(raw_whitelist)
42
- json = JSON.parse(raw_whitelist)
43
- return json["whitelist"].map { |dependencyJson|
44
- AllowedDependency.new(
45
- dependencyJson["name"],
46
- dependencyJson["version"],
47
- dependencyJson["expire"],
48
- dependencyJson["source"],
49
- dependencyJson["target"],
50
- dependencyJson["allows_granular_projects"]
51
- )
52
- }
53
- end
54
- end
@@ -1 +0,0 @@
1
- require 'cocoapods-whitelist/command/whitelist'
@@ -1,3 +0,0 @@
1
- module CocoapodsWhitelist
2
- VERSION = "0.5.5"
3
- end
@@ -1 +0,0 @@
1
- require 'cocoapods-whitelist/hook/resolver'
@@ -1 +0,0 @@
1
- require 'cocoapods-whitelist/gem_version'
@@ -1,24 +0,0 @@
1
- require File.expand_path('../spec_helper', __FILE__)
2
-
3
- WHITELIST_PATH = './spec/mocks/whitelist.json'
4
-
5
- describe WhitelistResolver do
6
- describe 'functionality' do
7
- it 'whitelist should be loaded from an specific url' do
8
- whitelist = WhitelistResolver.instance.get_whitelist(WHITELIST_PATH)
9
- whitelist.size.should.equal 11
10
- end
11
-
12
- it 'if not URL is specified, whitelist comes from default URL' do
13
- whitelist = WhitelistResolver.instance.get_whitelist
14
- whitelist.should.not.empty?
15
- end
16
-
17
- it 'whitelist should not be loaded twice' do
18
- WhitelistResolver.instance.get_whitelist(WHITELIST_PATH)
19
- loaded = WhitelistResolver.instance.whitelist_loaded
20
-
21
- loaded.should.be.true
22
- end
23
- end
24
- end