codeclimate-fede 0.85.21

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 658b6d3c606c2840b4ab642676e0c61554ca4b1c
+  data.tar.gz: 0e899e65dbd81e04f2e2af0f31b931c4e04bdb28
+SHA512:
+  metadata.gz: 4eb9a2e3f6b8c635c2a08ed75156cff4c1c156dda855d340da24568ecb7757a9a9000ce2ce3eb32ec641e52d2c8993768bae1b0601f586ada89ac553b1236e46
+  data.tar.gz: 9c9e32e6385cd186a320efdca9cae410a5261e092cd239534af640b0649bb2401509dd969e53e98ef795e9700b655f2fa0645ff225bffa4e5b537cfb3af73a04

data/bin/check

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+command -v docker > /dev/null 2>&1 || {
+  echo "Unable to find \`docker' on your \$PATH, is it installed?" >&2
+  exit 1
+}
+
+docker version | grep -q "Server version\|Server:" || {
+  echo "Unable to run \`docker version', the docker daemon may not be running" >&2
+
+  if [ "$(id --user)" -eq 0 ]; then
+    echo "Please ensure \`sudo docker version' succeeds and try again" >&2
+  else
+    echo "Please ensure \`docker version' succeeds and try again" >&2
+  fi
+
+  exit 1
+}

data/bin/codeclimate

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+$LOAD_PATH.unshift(File.expand_path(File.join(File.dirname(__FILE__), "../lib")))
+
+require "cc/cli"
+
+if ENV["CODECLIMATE_PROFILE"]
+  require "stackprof"
+
+  StackProf.start mode: :wall, out: "profile.bin"
+end
+
+CC::CLI::Runner.run(ARGV)
+
+if ENV["CODECLIMATE_PROFILE"]
+  StackProf.stop
+  StackProf.results
+
+  system "stackprof profile.bin"
+  puts
+  system "stackprof --graphviz profile.bin"
+end

data/bin/prep-release

@@ -0,0 +1,45 @@
+#!/bin/bash
+#
+# Open a PR for releasing a new version of this repository.
+#
+# Usage: bin/prep-release VERSION
+#
+###
+set -e
+
+if [ -z "$1" ]; then
+  echo "usage: bin/prep-release VERSION" >&2
+  exit 64
+fi
+
+./bin/validate-release
+
+version="$1"
+old_version=$(< VERSION)
+branch="release-$version"
+
+
+printf "RELEASE %s => %s\n" "$old_version" "$version"
+git fetch origin master
+git reset --hard origin/master
+
+git checkout -b "$branch"
+
+printf "%s\n" "$version" > VERSION
+make image bundle
+git add VERSION Gemfile.lock
+git commit --message "Release v$version"
+git push origin "$branch"
+
+branch_head=$(git rev-parse --short "$branch")
+if command -v hub > /dev/null 2>&1; then
+  hub pull-request -F - <<EOF
+Release v$version
+
+https://github.com/codeclimate/codeclimate/compare/v$old_version...$branch_head
+EOF
+else
+  echo "hub not installed? Please open the PR manually" >&2
+fi
+
+echo "After merging the version-bump PR, run bin/release"

data/bin/publish

@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+# Publish new gem version and creates GH tag for it.
+#
+###
+
+set -e
+set -o nounset
+set -o errexit
+#set -o pipefail
+
+mkdir -p $HOME/.gem
+touch $HOME/.gem/credentials
+chmod 0600 $HOME/.gem/credentials
+printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+gem build *.gemspec
+gem push *.gem
+rake release
+
+
+#version=$(< VERSION)
+
+#docker build --rm --tag codeclimate/codeclimate .
+#docker push codeclimate/codeclimate:latest
+#docker tag codeclimate/codeclimate "codeclimate/codeclimate:$version"
+#docker push "codeclimate/codeclimate:$version"
+
+
+
+
+
+
+
+
+#PROJECT_RELATIVE_PATH=src/github.com/codeclimate/test-reporter
+#            
+## Install go
+#curl -O https://dl.google.com/go/go1.15.darwin-amd64.tar.gz
+#tar -xzf go1.15.darwin-amd64.tar.gz
+#echo 'export PATH=$PATH:$PWD/go/bin' >> "$BASH_ENV"
+#
+## Set go path
+#mkdir -p ~/gopath/${PROJECT_RELATIVE_PATH}
+#echo 'export GOPATH=$HOME/gopath' >> "$BASH_ENV"
+#. "$BASH_ENV"
+#cd $GOPATH/${PROJECT_RELATIVE_PATH}
+#cp -r ~/project/ $GOPATH/${PROJECT_RELATIVE_PATH}

data/bin/release

@@ -0,0 +1,41 @@
+#!/bin/bash
+#
+# Release a new version of this repository.
+#
+# Assumes bin/prep-release was run and the PR merged.
+#
+# Usage: bin/release
+#
+###
+set -e
+
+./bin/validate-release
+
+version=$(< VERSION)
+
+git fetch origin master
+git reset --hard origin/master
+
+printf "RELEASE %s\n" "$version"
+bundle check || bundle install
+
+printf "############################################################################"
+printf "#  The stdout will eventually hang with no message.                        #"
+printf "#  It is waiting for RubyGems TFA code input, type it in and hit enter!    #"
+printf "############################################################################"
+printf "\n\n"
+rake release
+
+docker build --rm --tag codeclimate/codeclimate .
+docker push codeclimate/codeclimate:latest
+docker tag codeclimate/codeclimate "codeclimate/codeclimate:$version"
+docker push "codeclimate/codeclimate:$version"
+
+(cd ../homebrew-formulae/ && bin/release "$version")
+
+cat <<EOM
+Be sure to update release notes:
+
+  https://github.com/codeclimate/codeclimate/releases/new?tag=v$version
+
+EOM

data/bin/validate-release

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+set -e
+
+if ! [ "$(git symbolic-ref --short HEAD)" = "master" ]; then
+  printf "must be on master branch to run\n" >&2
+  exit 1
+fi
+
+if ! git diff-index --quiet HEAD --; then
+  printf "commit or stash your workspace changes\n" >&2
+  exit 1
+fi
+
+if ! make test; then
+  printf "test suite failed. not releasing\n" >&2
+  exit 1
+fi

data/config/engines.yml

@@ -0,0 +1,322 @@
+# This file lists all the engines available to be run for analysis.
+#
+# Each engine must have `channels` (with a `stable` key) and `description`. The
+# values in `channels` will be passed to `docker run` and so may be any value
+# appropriate for that (repo/name:tag, image id, etc).
+apexmetrics:
+  channels:
+    stable: codeclimate/codeclimate-apexmetrics
+  description: ApexMetrics is a static code analysis tool for Salesforce.com Apex.
+bandit:
+  channels:
+    stable: codeclimate/codeclimate-bandit
+  description: A tool designed to find common security issues in Python code.
+brakeman:
+  channels:
+    stable: codeclimate/codeclimate-brakeman
+  description: A static analysis tool which checks Ruby on Rails applications for security vulnerabilities.
+bundler-audit:
+  channels:
+    stable: codeclimate/codeclimate-bundler-audit
+  description: Patch-level verification for Bundler.
+checkstyle:
+  channels:
+    stable: codeclimate/codeclimate-checkstyle
+  description: Helps programmers write Java that adheres to a coding standard.
+csslint:
+  channels:
+    stable: codeclimate/codeclimate-csslint
+  description: Automated linting of Cascading Stylesheets.
+coffeelint:
+  channels:
+    stable: codeclimate/codeclimate-coffeelint
+  description: A style checker for CoffeeScript.
+codenarc:
+  channels:
+    stable: codeclimate/codeclimate-codenarc
+  description: >
+    CodeNarc analyzes Groovy code for defects, bad practices, inconsistencies,
+    style issues, and more.
+cppcheck:
+  channels:
+    stable: codeclimate/codeclimate-cppcheck
+  description: >
+    Cppcheck is a static analysis tool for C/C++ code.
+credo:
+  channels:
+    stable: codeclimate/codeclimate-credo
+  description: >
+    A static code analysis tool for the Elixir language with a focus on code
+    consistency and teaching.
+dart:
+  channels:
+    stable: codeclimate/codeclimate-dart
+  description: >
+    A static analysis tool that helps improve code quality for the Dart language.
+duplication:
+  channels:
+    stable: codeclimate/codeclimate-duplication
+  description: Structural duplication detection for Ruby, Python, Java, JavaScript, and PHP.
+editorconfig:
+  channels:
+    stable: codeclimate/codeclimate-editorconfig
+  description: >
+    EditorConfig helps developers define and maintain consistent coding styles
+    between different editors and IDEs.
+ember-template-lint:
+  channels:
+    stable: codeclimate/codeclimate-ember-template-lint
+  description: Linter for Ember or Handlebars templates.
+eslint:
+  channels:
+    stable: codeclimate/codeclimate-eslint
+    eslint-1: codeclimate/codeclimate-eslint:eslint-1
+    eslint-2: codeclimate/codeclimate-eslint:eslint-2
+    eslint-3: codeclimate/codeclimate-eslint:eslint-3
+    eslint-4: codeclimate/codeclimate-eslint:eslint-4
+    eslint-5: codeclimate/codeclimate-eslint:eslint-5
+    eslint-6: codeclimate/codeclimate-eslint:eslint-6
+    eslint-7: codeclimate/codeclimate-eslint:eslint-7
+  description: A JavaScript/JSX linting utility.
+flog:
+  channels:
+    stable: codeclimate/codeclimate-flog
+  description: Easy to read reporting of complexity/pain for Ruby code.
+git-legal:
+  channels:
+    stable: codeclimate/codeclimate-git-legal
+  description: License compliance and compatibility analysis.
+gofmt:
+  channels:
+    stable: codeclimate/codeclimate-gofmt
+  description: Checks the formatting of Go programs.
+golint:
+  channels:
+    stable: codeclimate/codeclimate-golint
+  description: A linter for Go.
+govet:
+  channels:
+    stable: codeclimate/codeclimate-govet
+  description: Reports suspicious constructs in Go programs.
+grep:
+  channels:
+    stable: codeclimate/codeclimate-grep
+  description: Detects specified patterns in files.
+fixme:
+  channels:
+    stable: codeclimate/codeclimate-fixme
+  description: Finds FIXME, TODO, HACK, etc. comments.
+foodcritic:
+  channels:
+    stable: codeclimate/codeclimate-foodcritic
+  description: Lint tool for Chef cookbooks.
+git-legal:
+  channels:
+    stable: codeclimate/codeclimate-git-legal
+  description: License compliance and compatibility analysis.
+gnu-complexity:
+  channels:
+    stable: codeclimate/codeclimate-gnu-complexity
+  description: Checks complexity of C code.
+haxe-checkstyle:
+  channels:
+    stable: codeclimate/codeclimate-haxe-checkstyle
+  description: Checkstyle is a development library to help developers write Haxe code that adheres to a coding standard.
+haml-lint:
+  channels:
+    stable: codeclimate/codeclimate-haml-lint
+  description: A tool for writing clean and consistent HAML.
+hlint:
+  channels:
+    stable: codeclimate/codeclimate-hlint
+  description: A linter for Haskell programs.
+kibit:
+  channels:
+    stable: codeclimate/codeclimate-kibit
+  description: Static code analyzer for Clojure, ClojureScript, cljx and other Clojure variants.
+luacheck:
+  channels:
+    stable: codeclimate/codeclimate-luacheck
+  description: >
+    A tool for linting and static analysis of Lua code.
+markdownlint:
+  channels:
+    stable: codeclimate/codeclimate-markdownlint
+  description: Flags style issues within Markdown files.
+nodesecurity:
+  channels:
+    stable: codeclimate/codeclimate-nodesecurity
+  description: Security tool for Node.js dependencies.
+pep8:
+  channels:
+    stable: codeclimate/codeclimate-pep8
+  description: Static analysis tool to check Python code against the style conventions outlined in PEP-8.
+phan:
+  channels:
+    stable: codeclimate/codeclimate-phan
+    beta: codeclimate/codeclimate-phan:beta
+  description: Phan is a static analyzer for PHP.
+phpcodesniffer:
+  channels:
+    stable: codeclimate/codeclimate-phpcodesniffer
+    beta: codeclimate/codeclimate-phpcodesniffer:beta
+  description: Detects violations of a defined set of coding standards in PHP.
+phpmd:
+  channels:
+    stable: codeclimate/codeclimate-phpmd
+  description: A PHP static analysis tool.
+pmd:
+  channels:
+    stable: codeclimate/codeclimate-pmd
+    beta: codeclimate/codeclimate-pmd:beta
+  description: A source code analyzer for Java.
+pylint:
+  channels:
+   beta: codeclimate/codeclimate-pylint:beta
+   stable: codeclimate/codeclimate-pylint
+  description: A linter for Python.
+radon:
+  channels:
+    stable: codeclimate/codeclimate-radon
+  description: Python tool used to compute Cyclomatic Complexity.
+reek:
+  channels:
+    stable: codeclimate/codeclimate-reek
+    beta: codeclimate/codeclimate-reek:beta
+  description: >
+    Reek examines Ruby classes, modules, and methods and reports any code
+    smells it finds.
+requiresafe:
+  channels:
+    stable: codeclimate/codeclimate-nodesecurity
+  description: Security tool for Node.js dependencies.
+rubocop:
+  channels:
+    stable: codeclimate/codeclimate-rubocop
+    cache-support: codeclimate/codeclimate-rubocop:cache-support
+    rubocop-0-42: codeclimate/codeclimate-rubocop:rubocop-0-42
+    rubocop-0-46: codeclimate/codeclimate-rubocop:rubocop-0-46
+    rubocop-0-48: codeclimate/codeclimate-rubocop:rubocop-0-48
+    rubocop-0-49: codeclimate/codeclimate-rubocop:rubocop-0-49
+    rubocop-0-50: codeclimate/codeclimate-rubocop:rubocop-0-50
+    rubocop-0-51: codeclimate/codeclimate-rubocop:rubocop-0-51
+    rubocop-0-52: codeclimate/codeclimate-rubocop:rubocop-0-52
+    rubocop-0-54: codeclimate/codeclimate-rubocop:rubocop-0-54
+    rubocop-0-55: codeclimate/codeclimate-rubocop:rubocop-0-55
+    rubocop-0-56: codeclimate/codeclimate-rubocop:rubocop-0-56
+    rubocop-0-57: codeclimate/codeclimate-rubocop:rubocop-0-57
+    rubocop-0-58: codeclimate/codeclimate-rubocop:rubocop-0-58
+    rubocop-0-59: codeclimate/codeclimate-rubocop:rubocop-0-59
+    rubocop-0-60: codeclimate/codeclimate-rubocop:rubocop-0-60
+    rubocop-0-61: codeclimate/codeclimate-rubocop:rubocop-0-61
+    rubocop-0-62: codeclimate/codeclimate-rubocop:rubocop-0-62
+    rubocop-0-63: codeclimate/codeclimate-rubocop:rubocop-0-63
+    rubocop-0-64: codeclimate/codeclimate-rubocop:rubocop-0-64
+    rubocop-0-65: codeclimate/codeclimate-rubocop:rubocop-0-65
+    rubocop-0-66: codeclimate/codeclimate-rubocop:rubocop-0-66
+    rubocop-0-67: codeclimate/codeclimate-rubocop:rubocop-0-67
+    rubocop-0-68: codeclimate/codeclimate-rubocop:rubocop-0-68
+    rubocop-0-69: codeclimate/codeclimate-rubocop:rubocop-0-69
+    rubocop-0-70: codeclimate/codeclimate-rubocop:rubocop-0-70
+    rubocop-0-71: codeclimate/codeclimate-rubocop:rubocop-0-71
+    rubocop-0-72: codeclimate/codeclimate-rubocop:rubocop-0-72
+    rubocop-0-73: codeclimate/codeclimate-rubocop:rubocop-0-73
+    rubocop-0-74: codeclimate/codeclimate-rubocop:rubocop-0-74
+    rubocop-0-75: codeclimate/codeclimate-rubocop:rubocop-0-75
+    rubocop-0-76: codeclimate/codeclimate-rubocop:rubocop-0-76
+    rubocop-0-76-airbnb: codeclimate/codeclimate-rubocop:rubocop-0-76-airbnb
+    rubocop-0-77: codeclimate/codeclimate-rubocop:rubocop-0-77
+    rubocop-0-78: codeclimate/codeclimate-rubocop:rubocop-0-78
+    rubocop-0-79: codeclimate/codeclimate-rubocop:rubocop-0-79
+    rubocop-0-80: codeclimate/codeclimate-rubocop:rubocop-0-80
+    rubocop-0-81: codeclimate/codeclimate-rubocop:rubocop-0-81
+    rubocop-0-82: codeclimate/codeclimate-rubocop:rubocop-0-82
+    rubocop-0-83: codeclimate/codeclimate-rubocop:rubocop-0-83
+    rubocop-0-84: codeclimate/codeclimate-rubocop:rubocop-0-84
+    rubocop-0-85: codeclimate/codeclimate-rubocop:rubocop-0-85
+    rubocop-0-86: codeclimate/codeclimate-rubocop:rubocop-0-86
+    rubocop-0-87: codeclimate/codeclimate-rubocop:rubocop-0-87
+    rubocop-0-88: codeclimate/codeclimate-rubocop:rubocop-0-88
+    rubocop-0-89: codeclimate/codeclimate-rubocop:rubocop-0-89
+    rubocop-0-90: codeclimate/codeclimate-rubocop:rubocop-0-90
+    rubocop-0-92: codeclimate/codeclimate-rubocop:rubocop-0-92
+    rubocop-1-7-0: codeclimate/codeclimate-rubocop:rubocop-1-7-0
+    rubocop-1-8-1: codeclimate/codeclimate-rubocop:rubocop-1-8-1
+  description: A Ruby static code analyzer, based on the community Ruby style guide.
+rubymotion:
+  channels:
+    stable: codeclimate/codeclimate-rubymotion
+  description: Rubymotion-specific rubocop checks.
+sass-lint:
+  channels:
+    stable: codeclimate/codeclimate-sass-lint
+  description: >
+    A Node-only Sass linter for both sass and scss syntax!
+scalastyle:
+  channels:
+    stable: codeclimate/codeclimate-scalastyle
+  description: >
+    A tool which examines your Scala code and indicates potential problems.
+scss-lint:
+  channels:
+    stable: codeclimate/codeclimate-scss-lint
+  description: A configurable tool for writing clean and consistent SCSS.
+semgrep:
+  channels:
+    stable: codeclimate/codeclimate-semgrep
+  description: A configurable tool that allows for custom static analysis on multiple languages.
+shellcheck:
+  channels:
+    stable: codeclimate/codeclimate-shellcheck
+  description: A static analysis tool for shell scripts.
+sonar-java:
+  channels:
+    stable: codeclimate/codeclimate-sonar-java
+    beta: codeclimate/codeclimate-sonar-java:sonar-java-5-14
+    sonar-java-5-14: codeclimate/codeclimate-sonar-java:sonar-java-5-14
+  description: Over 400 checks for bugs, vulnerabilities, and code smells in Java code.
+  minimum_memory_limit: 2_048_000_000
+sonar-php:
+  channels:
+    stable: codeclimate/codeclimate-sonar-php
+  description: SonarLint for PHP.
+  minimum_memory_limit: 2_048_000_000
+sonar-python:
+  channels:
+    stable: codeclimate/codeclimate-sonar-python
+  description: SonarLint for Python.
+  minimum_memory_limit: 2_048_000_000
+standard:
+  channels:
+    stable: codeclimate/codeclimate-standard
+    beta: codeclimate/codeclimate-standard
+  description: Standard static analysis tool.
+structure:
+  channels:
+    stable: codeclimate/codeclimate-structure
+  description: Performs structural checks on code.
+stylelint:
+  channels:
+    beta: codeclimate/codeclimate-stylelint:beta
+    stable: codeclimate/codeclimate-stylelint
+  description: A mighty, modern CSS linter.
+swiftlint:
+  channels:
+    stable: codeclimate/codeclimate-swiftlint
+  description: A tool to enforce Swift style and conventions.
+tailor:
+  channels:
+    stable: codeclimate/codeclimate-tailor
+  description: Cross-platform static analyzer and linter for Swift.
+tslint:
+  channels:
+    stable: codeclimate/codeclimate-tslint
+  description: An extensible linter for the TypeScript language
+watson:
+  channels:
+    stable: codeclimate/codeclimate-watson
+  description: A young Ember Doctor to help you fix your code.
+vint:
+  channels:
+    stable: codeclimate/codeclimate-vint
+  description: Fast and Highly Extensible Vim script Language Lint implemented by Python.

data/lib/cc/analyzer/bridge.rb

@@ -0,0 +1,106 @@
+module CC
+  module Analyzer
+    # The shared interface, invoked by Builder or CLI::Analyze
+    #
+    # Input:
+    #   - config
+    #     - engines
+    #     - exclude_patterns
+    #     - development?
+    #     - analysis_paths
+    #   - formatter
+    #     - started
+    #     - engine_running
+    #     - finished
+    #     - close
+    #   - listener
+    #     - started(engine, details)
+    #     - finished(engine, details, result)
+    #   - registry
+    #
+    # Only raises if Listener raises
+    #
+    class Bridge
+      def initialize(config:, formatter:, listener:, registry:)
+        @config = config
+        @formatter = formatter
+        @listener = listener
+        @registry = registry
+      end
+
+      def run
+        formatter.started
+
+        config.engines.each do |engine|
+          next unless engine.enabled?
+
+          formatter.engine_running(engine) do
+            result = nil
+            engine_details = nil
+
+            begin
+              engine_details = registry.fetch_engine_details(
+                engine,
+                development: config.development?,
+              )
+              listener.started(engine, engine_details)
+              result = run_engine(engine, engine_details)
+            rescue CC::EngineRegistry::EngineDetailsNotFoundError => ex
+              result = Container::Result.skipped(ex)
+            end
+
+            listener.finished(engine, engine_details, result)
+            result
+          end
+        end
+
+        formatter.finished
+      ensure
+        formatter.close
+      end
+
+      private
+
+      attr_reader :config, :formatter, :listener, :registry
+
+      def run_engine(engine, engine_details)
+        # Analyzer::Engine doesn't have the best interface, but we're limiting
+        # our refactors for now.
+        Engine.new(
+          engine.name,
+          {
+            "image" => engine_details.image,
+            "command" => engine_details.command,
+            "memory" => engine_details.memory,
+          },
+          engine.config.merge(
+            "channel" => engine.channel,
+            "include_paths" => engine_workspace(engine).paths,
+          ),
+          engine.container_label,
+        ).run(formatter)
+      end
+
+      def engine_workspace(engine)
+        if engine.exclude_patterns.any?
+          workspace.clone.tap do |engine_workspace|
+            engine_workspace.remove(engine.exclude_patterns)
+          end
+        else
+          workspace
+        end
+      end
+
+      def workspace
+        @workspace ||= Workspace.new.tap do |workspace|
+          workspace.add(config.analysis_paths)
+
+          unless config.analysis_paths.any?
+            workspace.remove([".git"])
+            workspace.remove(config.exclude_patterns)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/cc/analyzer/composite_container_listener.rb

@@ -0,0 +1,21 @@
+module CC
+  module Analyzer
+    class CompositeContainerListener < ContainerListener
+      def initialize(*listeners)
+        @listeners = listeners
+      end
+
+      def started(*args)
+        listeners.each { |listener| listener.started(*args) }
+      end
+
+      def finished(*args)
+        listeners.each { |listener| listener.finished(*args) }
+      end
+
+      private
+
+      attr_reader :listeners
+    end
+  end
+end