danger-android_lint 0.0.7 → 0.0.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a23cf2639550cda7bae6d9c49eec3f24564da9ef
-  data.tar.gz: 8aae8686cd7d2ab3c1bc344716cdbe67c9bcf2bb
+  metadata.gz: 6fb3bbc5b97d33a9495f3c3811b6a3dbe6932dcc
+  data.tar.gz: 2c2d08a45644d86fbd60364fc80ec2bbfbe8eac9
 SHA512:
-  metadata.gz: bff880a4f7ec5dcc46337d794bbf4439878984d51d477c0d55253a8fa61c63538e6a84d43fcfcbc4e976cbec79e71a232615131d2476dbe04b7f4500289cd127
-  data.tar.gz: 83aadd5d46813762ad94ca152757c1a4156989c780d48622f6f23fc163671ff0abd6c477d43fe72e1fe723042d865c0bec8bf5b26d50d1e6cb8222194fc09fdf
+  metadata.gz: 6fb633fd0c8c48391c4097103e0779ca0d8eff4d6bfcb6824c9400f1a0911c00c5b06d4c122fefcb6eb59745e7155411d5f77f5844ef17103835a61a9465f94c
+  data.tar.gz: 4a10c53f60ebb6db842c88e08c3121bd42c95811f0c639578c73dbc12e7e32cab1763ba24e3b007ffc23d6651038c206af76ddeb9d07c140dbd2bf8faf23faea

data/.ruby-version

@@ -0,0 +1 @@
+2.3.5

data/CHANGELOG.md

@@ -1,5 +1,10 @@
+# 0.0.8
+- Fix security issues ([@barbosa](https://github.com/barbosa))
+- Expose report message ([@adamstrange])(https://github.com/adamstrange))
+- Skip gradle task ([@mathroule])(https://github.com/mathroule))
+
 # 0.0.7
-- Bump ffi version due to security reasons ([@barbosa](https://github.com/barbosa))
+- Fix security issues ([@barbosa](https://github.com/barbosa))
 
 # 0.0.6
 - Bump yarn and rubocop versions due to security issues ([@barbosa](https://github.com/barbosa))

data/Gemfile

@@ -2,4 +2,3 @@ source 'https://rubygems.org'
 
 # Specify your gem's dependencies in danger-android_lint.gemspec
 gemspec
-gem "ffi", ">= 1.9.24"

data/Gemfile.lock

@@ -8,11 +8,11 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.5.2)
-      public_suffix (>= 2.0.2, < 4.0)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
     ansi (1.5.0)
     ast (2.4.0)
-    claide (1.0.2)
+    claide (1.0.3)
     claide-plugins (0.9.2)
       cork
       nap
@@ -21,13 +21,13 @@ GEM
     colored2 (3.1.2)
     cork (0.3.0)
       colored2 (~> 3.1)
-    danger (6.0.3)
+    danger (6.1.0)
       claide (~> 1.0)
       claide-plugins (>= 0.9.2)
       colored2 (~> 3.1)
       cork (~> 0.1)
       faraday (~> 0.9)
-      faraday-http-cache (~> 1.0)
+      faraday-http-cache (~> 2.0)
       git (~> 1.5)
       kramdown (~> 2.0)
       kramdown-parser-gfm (~> 1.0)
@@ -37,14 +37,14 @@ GEM
     danger-plugin-api (1.0.0)
       danger (> 2.0)
     diff-lcs (1.3)
-    faraday (0.15.4)
+    faraday (0.17.1)
       multipart-post (>= 1.2, < 3)
-    faraday-http-cache (1.3.1)
+    faraday-http-cache (2.0.0)
       faraday (~> 0.8)
-    ffi (1.10.0)
+    ffi (1.11.3)
     formatador (0.2.5)
     git (1.5.0)
-    guard (2.15.0)
+    guard (2.16.1)
       formatador (>= 0.2.4)
       listen (>= 2.7, < 4.0)
       lumberjack (>= 1.0.12, < 2.0)
@@ -59,53 +59,53 @@ GEM
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
     kramdown (2.1.0)
-    kramdown-parser-gfm (1.0.1)
+    kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
     listen (3.0.7)
       rb-fsevent (>= 0.9.3)
       rb-inotify (>= 0.9.7)
     lumberjack (1.0.13)
     method_source (0.9.2)
-    multipart-post (2.0.0)
+    multipart-post (2.1.1)
     nap (1.1.0)
     nenv (0.3.0)
     no_proxy_fix (0.1.2)
-    notiffany (0.1.1)
+    notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
     octokit (4.14.0)
       sawyer (~> 0.8.0, >= 0.5.3)
-    oga (2.15)
+    oga (3.0)
       ast
       ruby-ll (~> 2.1)
     open4 (1.3.4)
-    parallel (1.17.0)
-    parser (2.6.2.1)
+    parallel (1.19.1)
+    parser (2.6.5.0)
       ast (~> 2.4.0)
     powerpack (0.1.2)
     pry (0.12.2)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
-    public_suffix (3.0.3)
+    public_suffix (4.0.1)
     rainbow (2.2.2)
       rake
     rake (10.5.0)
     rb-fsevent (0.10.3)
-    rb-inotify (0.10.0)
+    rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rspec (3.8.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-    rspec-core (3.8.0)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.2)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.0)
+      rspec-support (~> 3.9.0)
+    rspec-expectations (3.9.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.0)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.0)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.0)
     rubocop (0.49.1)
       parallel (~> 1.10)
       parser (>= 2.3.3.1, < 3.0)
@@ -116,24 +116,23 @@ GEM
     ruby-ll (2.1.2)
       ansi
       ast
-    ruby-progressbar (1.10.0)
-    sawyer (0.8.1)
-      addressable (>= 2.3.5, < 2.6)
-      faraday (~> 0.8, < 1.0)
+    ruby-progressbar (1.10.1)
+    sawyer (0.8.2)
+      addressable (>= 2.3.5)
+      faraday (> 0.8, < 2.0)
     shellany (0.0.1)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
-    thor (0.20.3)
-    unicode-display_width (1.5.0)
-    yard (0.9.19)
+    thor (1.0.1)
+    unicode-display_width (1.6.0)
+    yard (0.9.20)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  bundler (~> 2.0)
+  bundler (~> 1.3)
   danger-android_lint!
-  ffi (>= 1.9.24)
   guard (~> 2.14)
   guard-rspec (~> 4.7)
   listen (= 3.0.7)
@@ -144,4 +143,4 @@ DEPENDENCIES
   yard (~> 0.9.11)
 
 BUNDLED WITH
-   2.0.1
+   1.17.3

data/README.md

@@ -49,7 +49,9 @@ android_lint.gradle_task = "lintMyFlavorDebug"
 android_lint.lint
 ```
 
-If you want to skip gradle task, setting the `skip_gradle_task` parameter to `true`.
+#### Skip gradle task execution
+
+If you want to skip the gradle task execution. You can achieve that by simply changing the value of `skip_gradle_task`. Default is `false`.
 
 ```rb
 android_lint.skip_gradle_task = true

data/danger-android_lint.gemspec

@@ -23,7 +23,7 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'danger-plugin-api', '~> 1.0'
 
   # General ruby development
-  spec.add_development_dependency 'bundler', '~> 2.0'
+  spec.add_development_dependency 'bundler', '~> 1.3'
   spec.add_development_dependency 'rake', '~> 10.0'
 
   # Testing support

data/lib/android_lint/gem_version.rb

@@ -1,3 +1,3 @@
 module AndroidLint
-  VERSION = "0.0.7".freeze
+  VERSION = "0.0.8".freeze
 end

data/lib/android_lint/plugin.rb

@@ -13,6 +13,11 @@ module Danger
   #          android_lint.gradle_task = "lintMyFlavorDebug"
   #          android_lint.lint
   #
+  # @example Running AndroidLint without running a Gradle task
+  #
+  #          android_lint.skip_gradle_task = true
+  #          android_lint.lint
+  #
   # @example Running AndroidLint for a specific severity level and up
   #
   #          # options are ["Warning", "Error", "Fatal"]
@@ -31,6 +36,7 @@ module Danger
     # Defaults to "app/build/reports/lint/lint-result.xml".
     # @return [String]
     attr_accessor :report_file
+
     # A getter for `report_file`.
     # @return [String]
     def report_file
@@ -43,6 +49,24 @@ module Danger
     # @return [String]
     attr_accessor :gradle_task
 
+    # A getter for `gradle_task`, returning "lint" if value is nil.
+    # @return [String]
+    def gradle_task
+      @gradle_task ||= "lint"
+    end
+
+    # Skip Gradle task.
+    # This is useful when Gradle task has been already executed.
+    # Defaults to `false`.
+    # @return [Bool]
+    attr_writer :skip_gradle_task
+
+    # A getter for `skip_gradle_task`, returning `false` if value is nil.
+    # @return [Boolean]
+    def skip_gradle_task
+      @skip_gradle_task ||= false
+    end
+
     # Defines the severity level of the execution.
     # Selected levels are the chosen one and up.
     # Possible values are "Warning", "Error" or "Fatal".
@@ -50,13 +74,16 @@ module Danger
     # @return [String]
     attr_writer :severity
 
+    # A getter for `severity`, returning "Warning" if value is nil.
+    # @return [String]
+    def severity
+      @severity || SEVERITY_LEVELS.first
+    end
+
     # Enable filtering
     # Only show messages within changed files.
     attr_accessor :filtering
 
-    # Skip gradle task
-    attr_accessor :skip_gradle_task
-
     # Calls lint task of your gradle project.
     # It fails if `gradlew` cannot be found inside current directory.
     # It fails if `severity` level is not a valid option.
@@ -64,9 +91,8 @@ module Danger
     # @return [void]
     #
     def lint(inline_mode: false)
-      if !skip_gradle_task && !gradlew_exists?
-        fail("Could not find `gradlew` inside current directory")
-        return
+      unless skip_gradle_task
+        return fail("Could not find `gradlew` inside current directory") unless gradlew_exists?
       end
 
       unless SEVERITY_LEVELS.include?(severity)
@@ -74,7 +100,9 @@ module Danger
         return
       end
 
-      system "./gradlew #{gradle_task || 'lint'}" unless skip_gradle_task
+      unless skip_gradle_task
+        system "./gradlew #{gradle_task}"
+      end
 
       unless File.exists?(report_file)
         fail("Lint report not found at `#{report_file}`. "\
@@ -84,6 +112,8 @@ module Danger
       issues = read_issues_from_report
       filtered_issues = filter_issues_by_severity(issues)
 
+      message = ""
+      
       if inline_mode
         # Report with inline comment
         send_inline_comment(filtered_issues)
@@ -91,12 +121,8 @@ module Danger
         message = message_for_issues(filtered_issues)
         markdown("### AndroidLint found issues\n\n" + message) unless message.to_s.empty?
       end
-    end
-
-    # A getter for `severity`, returning "Warning" if value is nil.
-    # @return [String]
-    def severity
-      @severity || SEVERITY_LEVELS.first
+      
+      message
     end
 
     private

data/spec/android_lint_spec.rb

@@ -25,6 +25,26 @@ module Danger
         expect(@android_lint.status_report[:errors]).to eq(["Could not find `gradlew` inside current directory"])
       end
 
+      it "Set custom Gradle task" do
+        custom_task = "lintRelease"
+        @android_lint.gradle_task = custom_task
+        expect(@android_lint.gradle_task).to eq(custom_task)
+      end
+
+      it "Check default Gradle task" do
+        expect(@android_lint.gradle_task).to eq("lint")
+      end
+
+      it "Skip Gradle task" do
+        skip_gradle_task = true
+        @android_lint.skip_gradle_task = skip_gradle_task
+        expect(@android_lint.skip_gradle_task).to eq(skip_gradle_task)
+      end
+
+      it "Check default skip Gradle task" do
+        expect(@android_lint.skip_gradle_task).to eq(false)
+      end
+
       it "Fails if severity is an unknown value" do
         allow(@android_lint).to receive(:`).with("ls gradlew").and_return("gradlew")
         allow(File).to receive(:exists?).with(@android_lint.report_file()).and_return(true)
@@ -49,7 +69,7 @@ module Danger
       it "Sets the report file to a default location if no param is provided" do
         allow(@android_lint).to receive(:`).with("ls gradlew").and_return("gradlew")
         allow(File).to receive(:exists?).with(@android_lint.report_file).and_return(true)
-        
+
         fake_result = File.open("spec/fixtures/lint-result-with-everything.xml")
         allow(File).to receive(:open).with(@android_lint.report_file).and_return(fake_result)
 
@@ -65,7 +85,7 @@ module Danger
         fake_result = File.open("spec/fixtures/lint-result-with-everything.xml")
         allow(File).to receive(:open).with(@android_lint.report_file).and_return(fake_result)
         allow(File).to receive(:exists?).with(@android_lint.report_file).and_return(true)
-        
+
         @android_lint.lint
 
         expect(@android_lint.report_file).to eq('some/other/location/lint-result.xml')
@@ -91,6 +111,19 @@ module Danger
         end
 
         it 'Prints markdown if issues were found' do
+          fake_result = File.open("spec/fixtures/lint-result-with-special-chars.xml")
+          allow(File).to receive(:open).with(@android_lint.report_file).and_return(fake_result)
+
+          @android_lint.lint
+
+          markdown = @android_lint.status_report[:markdowns].first.message
+          expect(markdown).to include("AndroidLint found issues")
+
+          expect(markdown).to include("Warning (1)")
+          expect(markdown).to include("`app/src/main/res/values/strings.xml` | 105 | The resource `R.string.authentication_invalid_auth_token_type` appears to be unused")
+        end
+
+        it 'Prints markdown if issues were found even if there is a special char' do
           fake_result = File.open("spec/fixtures/lint-result-with-everything.xml")
           allow(File).to receive(:open).with(@android_lint.report_file).and_return(fake_result)
 
@@ -101,12 +134,6 @@ module Danger
 
           expect(markdown).to include("Fatal (1)")
           expect(markdown).to include("`/Users/gustavo/Developer/app-android/app/src/main/java/com/loadsmart/common/views/AvatarView.java` | 60 | Implicitly using the default locale is a common source of bugs: Use `toUpperCase(Locale)` instead")
-
-          expect(markdown).to include("Error (1)")
-          expect(markdown).to include("`/Users/gustavo/Developer/app-android/app/src/main/java/com/loadsmart/analytics/Events.java` | 21 | Implicitly using the default locale is a common source of bugs: Use `String.format(Locale, ...)` instead")
-
-          expect(markdown).to include("Warning (1)")
-          expect(markdown).to include("`/Users/gustavo/Developer/app-android/app/src/main/java/com/loadsmart/analytics/Events.java` | 24 | Implicitly using the default locale is a common source of bugs: Use `String.format(Locale, ...)` instead")
         end
 
         it 'Doesn`t print anything if no errors were found' do

data/spec/fixtures/lint-result-with-special-chars.xml

@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<issues format="4" by="lint 25.2.2">
+  <issue
+      id="UnusedResources"
+      severity="Warning"
+      message="The resource `R.string.authentication_invalid_auth_token_type` appears to be unused"
+      category="Performance"
+      priority="3"
+      summary="Unused resources"
+      explanation="Unused resources make applications larger and slow down builds."
+      errorLine1="    &lt;string name=&quot;authentication_invalid_auth_token_type&quot;>Autenticação inválida.&lt;/string>"
+      errorLine2="            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+      quickfix="studio">
+      <location
+          file="app/src/main/res/values/strings.xml"
+          line="105"
+          column="13"/>
+  </issue>
+</issues>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: danger-android_lint
 version: !ruby/object:Gem::Version
-  version: 0.0.7
+  version: 0.0.8
 platform: ruby
 authors:
 - Gustavo Barbosa
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-09 00:00:00.000000000 Z
+date: 2019-12-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: oga
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '1.3'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -173,6 +173,7 @@ extra_rdoc_files: []
 files:
 - ".github/CODEOWNERS"
 - ".gitignore"
+- ".ruby-version"
 - CHANGELOG.md
 - Gemfile
 - Gemfile.lock
@@ -188,6 +189,7 @@ files:
 - spec/android_lint_spec.rb
 - spec/fixtures/lint-result-empty.xml
 - spec/fixtures/lint-result-with-everything.xml
+- spec/fixtures/lint-result-with-special-chars.xml
 - spec/fixtures/lint-result-without-fatal.xml
 - spec/spec_helper.rb
 homepage: https://github.com/loadsmart/danger-android_lint
@@ -210,7 +212,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2.3
+rubygems_version: 2.5.2.1
 signing_key: 
 specification_version: 4
 summary: Lint files of a gradle based Android project. This is done using the Android's
@@ -219,5 +221,6 @@ test_files:
 - spec/android_lint_spec.rb
 - spec/fixtures/lint-result-empty.xml
 - spec/fixtures/lint-result-with-everything.xml
+- spec/fixtures/lint-result-with-special-chars.xml
 - spec/fixtures/lint-result-without-fatal.xml
 - spec/spec_helper.rb