codeclimate 0.69.0 → 0.70.0

data/lib/cc/config/json_adapter.rb

@@ -0,0 +1,17 @@
+module CC
+  class Config
+    class JSONAdapter < Config
+      DEFAULT_PATH = ".codeclimate.json".freeze
+
+      attr_reader :config
+
+      def self.load(path = DEFAULT_PATH)
+        new(::JSON.parse(File.open(path).read))
+      end
+
+      def initialize(json = {})
+        @config = json
+      end
+    end
+  end
+end

data/lib/cc/config/prepare.rb

@@ -0,0 +1,92 @@
+module CC
+  class Config
+    class Prepare
+      attr_reader :fetch
+
+      def self.from_data(data)
+        if data.present?
+          fetch = Fetch.from_data(data.fetch("fetch", []))
+
+          new(fetch: fetch)
+        else
+          new
+        end
+      end
+
+      def initialize(fetch: Fetch.new)
+        @fetch = fetch
+      end
+
+      def merge(other)
+        Prepare.new(fetch: fetch.merge(other.fetch))
+      end
+
+      class Fetch
+        def self.from_data(data)
+          new(data.map { |d| Entry.from_data(d) })
+        end
+
+        def initialize(entries = [])
+          @entries = Set.new(entries)
+        end
+
+        def each(&block)
+          entries.each(&block)
+        end
+
+        def merge(other)
+          Fetch.new(each.to_a | other.each.to_a)
+        end
+
+        private
+
+        attr_reader :entries
+
+        class Entry
+          attr_reader :url, :path
+
+          def self.from_data(data)
+            case data
+            when String then new(data)
+            when Hash then new(data.fetch("url"), data["path"])
+            end
+          end
+
+          def initialize(url, path = nil)
+            @url = url
+            @path = path || url.split("/").last
+
+            validate_path!
+          end
+
+          # Useful in specs
+          def ==(other)
+            other.is_a?(self.class) &&
+              other.url == url &&
+              other.path == path
+          end
+
+          private
+
+          # Duplicate a validation which has security implication. This should
+          # always be caught upstream, so raising loudly is fine.
+          def validate_path!
+            if path.blank?
+              raise ArgumentError, "path cannot be be blank"
+            end
+
+            pathname = Pathname.new(path)
+
+            if pathname.absolute?
+              raise ArgumentError, "path cannot be absolute: #{path}"
+            end
+
+            if pathname.cleanpath.to_s != pathname.to_s || path.include?("..")
+              raise ArgumentError, "path cannot point outside the current directory: #{path}"
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/cc/config/validation/check_validator.rb

@@ -0,0 +1,34 @@
+module CC
+  class Config
+    module Validation
+      class CheckValidator
+        include HashValidations
+
+        attr_reader :errors, :warnings
+
+        def initialize(data)
+          @data = data
+
+          @errors = []
+          @warnings = []
+
+          validate
+        end
+
+        private
+
+        attr_reader :data
+
+        def validate
+          unless data.is_a?(Hash)
+            errors << "must be a hash"
+            return
+          end
+
+          validate_key_type("enabled", [TrueClass, FalseClass])
+          validate_key_type("config", Hash)
+        end
+      end
+    end
+  end
+end

data/lib/cc/config/validation/engine_validator.rb

@@ -0,0 +1,89 @@
+module CC
+  class Config
+    module Validation
+      class EngineValidator
+        include HashValidations
+
+        RECOGNIZED_KEYS = %w[
+          enabled
+          channel
+          checks
+          config
+          exclude_fingerprints
+          exclude_patterns
+        ].freeze
+
+        attr_reader :errors, :warnings
+
+        def initialize(data, legacy: false)
+          @data = data
+          @legacy = legacy
+
+          @errors = []
+          @warnings = []
+
+          validate
+        end
+
+        def valid?
+          errors.none?
+        end
+
+        private
+
+        attr_reader :data
+
+        def legacy?
+          @legacy
+        end
+
+        def validate
+          validate_root
+          return unless data.is_a?(Hash)
+
+          validate_key_type("enabled", [TrueClass, FalseClass])
+          validate_key_type("channel", String)
+          validate_key_type("config", [String, Hash])
+          validate_key_type("exclude_patterns", Array)
+          if legacy?
+            validate_key_type("exclude_paths", [Array, String])
+          end
+
+          validate_checks
+          validate_exclude_fingerprints
+
+          if legacy?
+            warn_unrecognized_keys(RECOGNIZED_KEYS + %w[exclude_paths])
+          else
+            warn_unrecognized_keys(RECOGNIZED_KEYS)
+          end
+        end
+
+        def validate_root
+          if !data.is_a?(Hash) && ![true, false].include?(data)
+            errors << "section must be a boolean or a hash"
+            return false
+          end
+          true
+        end
+
+        def validate_checks
+          return unless validate_key_type("checks", Hash)
+
+          data.fetch("checks", {}).each do |_check_name, check_data|
+            validator = CheckValidator.new(check_data)
+            errors.push(*validator.errors)
+            warnings.push(*validator.warnings)
+          end
+        end
+
+        def validate_exclude_fingerprints
+          validate_key_type("exclude_fingerprints", Array)
+          if data.key?("exclude_fingerprints")
+            warnings << "'exclude_fingerprints' is deprecated, and support may be removed in the future"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/cc/config/validation/fetch_validator.rb

@@ -0,0 +1,78 @@
+require "uri"
+require "pathname"
+
+module CC
+  class Config
+    module Validation
+      class FetchValidator
+        include HashValidations
+
+        attr_reader :errors, :warnings
+
+        def initialize(data)
+          @data = data
+
+          @errors = []
+          @warnings = []
+
+          validate
+        end
+
+        private
+
+        attr_reader :data
+
+        def validate
+          if data.is_a?(String)
+            validate_url(data)
+          elsif data.is_a?(Hash)
+            validate_fetch_hash
+          else
+            errors << "fetch section should be a string or a hash"
+          end
+        end
+
+        def validate_url(url)
+          unless valid_url?(url)
+            errors << "fetch section: invalid URL '#{url}'"
+          end
+        end
+
+        def valid_url?(url)
+          uri = URI.parse(url)
+          uri.is_a?(URI::HTTP) || uri.is_a?(URI::HTTPS)
+        rescue URI::InvalidURIError
+          false
+        end
+
+        def validate_fetch_hash
+          if !data.key?("path") || !data.key?("url")
+            errors << "fetch section must include 'url' & 'path'"
+          end
+
+          validate_key_type("path", String)
+          validate_key_type("url", String)
+
+          validate_path(data["path"])
+          validate_url(data["url"])
+
+          warn_unrecognized_keys(%w[path url])
+        end
+
+        def validate_path(path)
+          if path.nil? || path.length.zero?
+            errors << "fetch section's 'path' cannot be empty"
+          else
+            pathname = Pathname.new(path)
+            if pathname.absolute?
+              errors << "fetch section: absolute path '#{path}' is invalid"
+            end
+            if pathname.cleanpath.to_s != pathname.to_s || path.include?("..")
+              errors << "fetch section: relative path elements in '#{path}' are invalid"
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/cc/config/validation/file_validator.rb

@@ -0,0 +1,112 @@
+module CC
+  class Config
+    module Validation
+      class FileValidator
+        include HashValidations
+
+        attr_reader :errors, :path, :warnings
+
+        def initialize(path, registry)
+          @path = path
+          @registry = registry
+
+          @errors = []
+          @warnings = []
+
+          validate
+        end
+
+        def valid?
+          errors.none?
+        end
+
+        private
+
+        attr_reader :data, :registry
+
+        def validate
+          raise NotImplementedError, "use a subclass"
+        end
+
+        def denormalize_subvalidator(validator, prefix)
+          validator.errors.each do |msg|
+            errors << "#{prefix}: #{msg}"
+          end
+          validator.warnings.each do |msg|
+            warnings << "#{prefix}: #{msg}"
+          end
+        end
+
+        def validate_prepare
+          return unless validate_key_type("prepare", Hash)
+
+          validator = PrepareValidator.new(data.fetch("prepare", {}))
+          denormalize_subvalidator(validator, "prepare section")
+        end
+
+        def validate_engines(key, legacy: false)
+          return unless validate_key_type(key, Hash)
+
+          data.fetch(key, {}).each do |engine_name, engine_data|
+            engine_validator = EngineValidator.new(engine_data, legacy: legacy)
+            denormalize_subvalidator(engine_validator, "engine #{engine_name}")
+
+            if engine_validator.valid?
+              validate_engine_existence(engine_name, engine_data)
+            end
+          end
+        end
+
+        def validate_engine_existence(engine_name, engine_data)
+          if [true, false].include?(engine_data)
+            engine_data = {
+              "enabled" => true,
+              "channel" => Engine::DEFAULT_CHANNEL,
+            }
+          end
+
+          engine = Engine.new(
+            engine_name,
+            enabled: engine_data.fetch("enabled", true),
+            channel: engine_data["channel"],
+            config: engine_data["config"],
+          )
+          unless engine_exists?(engine)
+            warnings << "unknown engine or channel <#{engine.name}:#{engine.channel}>"
+          end
+        end
+
+        def engine_exists?(engine)
+          !registry.fetch_engine_details(engine).nil?
+        rescue CC::EngineRegistry::EngineDetailsNotFoundError
+          false
+        end
+
+        def validate_checks
+          return unless validate_key_type("checks", Hash)
+
+          data.fetch("checks", {}).each do |check_name, check_data|
+            validator = CheckValidator.new(check_data)
+            denormalize_subvalidator(validator, "check #{check_name}")
+          end
+        end
+
+        def validate_exclude_pattern(key, legacy: false)
+          types =
+            if legacy
+              [Array, String]
+            else
+              Array
+            end
+          return unless validate_key_type(key, types)
+
+          Array(data.fetch(key, [])).each do |pattern|
+            unless pattern.is_a?(String)
+              errors << "each exclude pattern should be a string, but '#{pattern.inspect}' is a #{pattern.class.to_s.downcase}"
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/cc/config/validation/hash_validations.rb

@@ -0,0 +1,52 @@
+module CC
+  class Config
+    module Validation
+      module HashValidations
+        def validate_hash_data
+          unless data.is_a?(Hash)
+            errors << "Config file should contain a hash, not a #{data.class.to_s.downcase}"
+            return false
+          end
+          true
+        end
+
+        def validate_key_type(key, types)
+          if types.is_a?(Class)
+            return validate_key_type(key, [types])
+          elsif data.key?(key)
+            unless types.include?(data[key].class)
+              errors << key_type_error_message(key, types)
+              return false
+            end
+          end
+          true
+        end
+
+        def key_type_error_message(key, types)
+          if types.one?
+            klass_name = types[0].to_s.downcase
+            article =
+              if klass_name[0] == "a"
+                "an"
+              else
+                "a"
+              end
+            "'#{key}' must be #{article} #{klass_name}"
+          elsif types == [TrueClass, FalseClass]
+            "'#{key}' must be a boolean"
+          else
+            type_names = types.map(&:to_s).map(&:downcase)
+            "'#{key}' must be one of #{type_names.join(", ")}"
+          end
+        end
+
+        def warn_unrecognized_keys(recognized_keys)
+          unknown_keys = data.keys.reject { |k| recognized_keys.include?(k) }
+          unknown_keys.each do |key|
+            warnings << "unrecognized key '#{key}'"
+          end
+        end
+      end
+    end
+  end
+end