danger-logging_lint 0.0.1

data/spec/logging_lint_spec.rb

@@ -0,0 +1,132 @@
+# frozen_string_literal: true
+
+require File.expand_path("spec_helper", __dir__)
+
+module Danger
+  describe Danger::DangerLoggingLint do
+    it "should be a plugin" do
+      expect(Danger::DangerLoggingLint.new(nil)).to be_a Danger::Plugin
+    end
+
+    dir_name = File.dirname(__FILE__)
+    modified_files = %W(#{dir_name}/fixtures/ModifiedFile.kt #{dir_name}/fixtures/IgnoredModifiedFile.txt)
+    added_files = %W(#{dir_name}/fixtures/NewFile.kt)
+    warning_text = "Does this log comply with security rules?"
+
+    #
+    # Defines linter, danger file and other variables used by the linter.
+    #
+    describe "with Dangerfile" do
+      before do
+        @dangerfile = testing_dangerfile
+        @logging_lint = @dangerfile.logging_lint
+
+        allow(@logging_lint.git).to receive(:deleted_files).and_return([])
+        allow(@logging_lint.git).to receive(:added_files).and_return([])
+        allow(@logging_lint.git).to receive(:modified_files).and_return([])
+        allow(@logging_lint).to receive(:file_extensions).and_return(%w(kt))
+      end
+
+      #
+      # Test for logging lines in cases when linter does not run (either by config or file settings).
+      #
+
+      it "Error is printed when log functions are not configured" do
+        allow(@logging_lint).to receive(:log_functions).and_return([])
+        @logging_lint.log_lint
+        expect(@dangerfile.status_report[:errors]).to eq(["No log functions are defined. Please check your Danger file."])
+      end
+
+      it "Error is printed when log variable regex is not configured" do
+        allow(@logging_lint).to receive(:line_variable_regex).and_return([])
+        @logging_lint.log_lint
+        expect(@dangerfile.status_report[:messages][0]).to eq("At least one variable index must be defined (using default). Please check your Danger file.")
+      end
+
+      it "Nothing is printed when there are no files to check" do
+        @logging_lint.log_lint
+        expect(@dangerfile.status_report[:errors]).to eq([])
+      end
+
+      it "Nothing is printed when there are no files to check (filtered by extensions)" do
+        allow(@logging_lint.git).to receive(:modified_files).and_return(modified_files)
+        allow(@logging_lint).to receive(:file_extensions).and_return(%w(unknownExtension))
+        @logging_lint.log_lint
+        expect(@dangerfile.status_report[:errors]).to eq([])
+      end
+
+      it "Nothing is printed when log levels are not present" do
+        allow(@logging_lint).to receive(:log_functions).and_return(%w(missingLogLevel))
+        @logging_lint.log_lint
+        expect(@dangerfile.status_report[:warnings]).to eq([])
+      end
+
+      #
+      # Test for logging lines in cases when linter does run.
+      #
+
+      it "Log with variables is warned for modified files (end line index)" do
+        allow(@logging_lint.git).to receive(:modified_files).and_return(modified_files)
+        allow(@logging_lint).to receive(:line_index_position).and_return("end")
+        @logging_lint.log_lint
+        violation_lines = [63, 64, 73, 76, 88, 92, 97, 98, 101, 106, 107, 110]
+        compare_warning_with_lines(violation_lines)
+      end
+
+      it "Log with variables is warned for modified files (start line index)" do
+        allow(@logging_lint.git).to receive(:modified_files).and_return(modified_files)
+        allow(@logging_lint).to receive(:line_index_position).and_return("start")
+        @logging_lint.log_lint
+        violation_lines = [63, 64, 71, 74, 85, 89, 93, 98, 99, 102, 107, 108]
+        compare_warning_with_lines(violation_lines)
+      end
+
+      it "Log with variables is warned for modified files (middle line index)" do
+        allow(@logging_lint.git).to receive(:modified_files).and_return(modified_files)
+        allow(@logging_lint).to receive(:line_index_position).and_return("middle")
+        @logging_lint.log_lint
+        violation_lines = [63, 64, 73, 76, 88, 92, 97, 98, 101, 106, 107, 110]
+        compare_warning_with_lines(violation_lines)
+      end
+
+      it "Log with variables is warned for new files" do
+        allow(@logging_lint.git).to receive(:added_files).and_return(added_files)
+        @logging_lint.log_lint
+        violation_lines = [47, 48, 57, 60, 72, 76]
+        compare_warning_with_lines(violation_lines)
+      end
+
+      #
+      # Test for waning texts and links.
+      #
+
+      it "Log with variables is warned with link address" do
+        warning_link = "http://error.io"
+        allow(@logging_lint.git).to receive(:added_files).and_return(added_files)
+        allow(@logging_lint).to receive(:warning_description).and_return(warning_link)
+        @logging_lint.log_lint
+        expect(@dangerfile.status_report[:warnings][0]).to eq("#{warning_text} Check: #{warning_link}")
+      end
+
+      it "Log with variables is warned without link address" do
+        allow(@logging_lint.git).to receive(:added_files).and_return(added_files)
+        @logging_lint.log_lint
+        expect(@dangerfile.status_report[:warnings][0]).to eq(warning_text)
+      end
+
+      #
+      # Compares violation lines against danger warning lines. It expects them to be equal.
+      #
+      def compare_warning_with_lines(violation_lines)
+        warnings = @dangerfile.status_report[:warnings]
+        warning_lines = []
+        warnings.each_with_index do |value, index|
+          if index > 0 && (index + 1) % 4 == 0
+            warning_lines << value
+          end
+        end
+        expect(warning_lines).to eq(violation_lines)
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+require "pathname"
+ROOT = Pathname.new(File.expand_path("..", __dir__))
+$:.unshift("#{ROOT}lib".to_s)
+$:.unshift("#{ROOT}spec".to_s)
+
+require "bundler/setup"
+require "pry"
+
+require "rspec"
+require "danger"
+
+if `git remote -v` == ""
+  puts "You cannot run tests without setting a local git remote on this repo"
+  puts "It's a weird side-effect of Danger's internals."
+  exit(0)
+end
+
+# Use coloured output, it's the best.
+RSpec.configure do |config|
+  config.filter_gems_from_backtrace "bundler"
+  config.color = true
+  config.tty = true
+end
+
+require "danger_plugin"
+
+# These functions are a subset of https://github.com/danger/danger/blob/master/spec/spec_helper.rb
+# If you are expanding these files, see if it's already been done ^.
+
+# A silent version of the user interface,
+# it comes with an extra function `.string` which will
+# strip all ANSI colours from the string.
+
+# rubocop:disable Lint/NestedMethodDefinition
+def testing_ui
+  @output = StringIO.new
+  def @output.winsize
+    [20, 9999]
+  end
+
+  cork = Cork::Board.new(out: @output)
+  def cork.string
+    out.string.gsub(/\e\[([;\d]+)?m/, "")
+  end
+  cork
+end
+# rubocop:enable Lint/NestedMethodDefinition
+
+# Example environment (ENV) that would come from
+# running a PR on TravisCI
+def testing_env
+  {
+    "HAS_JOSH_K_SEAL_OF_APPROVAL" => "true",
+    "TRAVIS_PULL_REQUEST" => "800",
+    "TRAVIS_REPO_SLUG" => "artsy/eigen",
+    "TRAVIS_COMMIT_RANGE" => "759adcbd0d8f...13c4dc8bb61d",
+    "DANGER_GITHUB_API_TOKEN" => "123sbdq54erfsd3422gdfio"
+  }
+end
+
+# A stubbed out Dangerfile for use in tests
+def testing_dangerfile
+  env = Danger::EnvironmentManager.new(testing_env)
+  Danger::Dangerfile.new(env, testing_ui)
+end

metadata

@@ -0,0 +1,209 @@
+--- !ruby/object:Gem::Specification
+name: danger-logging_lint
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- David Sucharda
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2022-04-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: danger-plugin-api
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.4'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.14'
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.7'
+- !ruby/object:Gem::Dependency
+  name: listen
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.0.7
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.0.7
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Checks logging commands in code.
+email:
+- david.sucharda@eman.cz
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rubocop.yml"
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- Guardfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- danger-logging_lint.gemspec
+- lib/danger_logging_lint.rb
+- lib/danger_plugin.rb
+- lib/logging_lint/gem_version.rb
+- lib/logging_lint/plugin.rb
+- spec/fixtures/IgnoredModifiedFile.txt
+- spec/fixtures/ModifiedFile.kt
+- spec/fixtures/NewFile.kt
+- spec/logging_lint_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/eManPrague/danger-logging_lint
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.2
+signing_key: 
+specification_version: 4
+summary: Logging might be a security issue that is why this plugin checks files for
+  new/changed logs with variables that might be a security issue and warns them using
+  Danger.
+test_files:
+- spec/fixtures/IgnoredModifiedFile.txt
+- spec/fixtures/ModifiedFile.kt
+- spec/fixtures/NewFile.kt
+- spec/logging_lint_spec.rb
+- spec/spec_helper.rb