diffend-monitor 0.2.27

data/bin/byebug

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'byebug' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("byebug", "byebug")

data/bin/htmldiff

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'htmldiff' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("diff-lcs", "htmldiff")

data/bin/ldiff

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'ldiff' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("diff-lcs", "ldiff")

data/bin/rake

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rake", "rake")

data/bin/rspec

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rspec-core", "rspec")

data/certs/mensfeld.pem

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEODCCAqCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAjMSEwHwYDVQQDDBhtYWNp
+ZWovREM9bWVuc2ZlbGQvREM9cGwwHhcNMjAwODExMDkxNTM3WhcNMjEwODExMDkx
+NTM3WjAjMSEwHwYDVQQDDBhtYWNpZWovREM9bWVuc2ZlbGQvREM9cGwwggGiMA0G
+CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDCpXsCgmINb6lHBXXBdyrgsBPSxC4/
+2H+weJ6L9CruTiv2+2/ZkQGtnLcDgrD14rdLIHK7t0o3EKYlDT5GhD/XUVhI15JE
+N7IqnPUgexe1fbZArwQ51afxz2AmPQN2BkB2oeQHXxnSWUGMhvcEZpfbxCCJH26w
+hS0Ccsma8yxA6hSlGVhFVDuCr7c2L1di6cK2CtIDpfDaWqnVNJEwBYHIxrCoWK5g
+sIGekVt/admS9gRhIMaIBg+Mshth5/DEyWO2QjteTodItlxfTctrfmiAl8X8T5JP
+VXeLp5SSOJ5JXE80nShMJp3RFnGw5fqjX/ffjtISYh78/By4xF3a25HdWH9+qO2Z
+tx0wSGc9/4gqNM0APQnjN/4YXrGZ4IeSjtE+OrrX07l0TiyikzSLFOkZCAp8oBJi
+Fhlosz8xQDJf7mhNxOaZziqASzp/hJTU/tuDKl5+ql2icnMv5iV/i6SlmvU29QNg
+LCV71pUv0pWzN+OZbHZKWepGhEQ3cG9MwvkCAwEAAaN3MHUwCQYDVR0TBAIwADAL
+BgNVHQ8EBAMCBLAwHQYDVR0OBBYEFImGed2AXS070ohfRidiCEhXEUN+MB0GA1Ud
+EQQWMBSBEm1hY2llakBtZW5zZmVsZC5wbDAdBgNVHRIEFjAUgRJtYWNpZWpAbWVu
+c2ZlbGQucGwwDQYJKoZIhvcNAQELBQADggGBAKiHpwoENVrMi94V1zD4o8/6G3AU
+gWz4udkPYHTZLUy3dLznc/sNjdkJFWT3E6NKYq7c60EpJ0m0vAEg5+F5pmNOsvD3
+2pXLj9kisEeYhR516HwXAvtngboUcb75skqvBCU++4Pu7BRAPjO1/ihLSBexbwSS
+fF+J5OWNuyHHCQp+kGPLtXJe2yUYyvSWDj3I2//Vk0VhNOIlaCS1+5/P3ZJThOtm
+zJUBI7h3HgovwRpcnmk2mXTmU4Zx/bCzX8EA6VY0khEvnmiq7S6eBF0H9qH8KyQ6
+EkVLpvmUDFcf/uNaBQdazEMB5jYtwoA8gQlANETNGPi51KlkukhKgaIEDMkBDJOx
+65N7DzmkcyY0/GwjIVIxmRhcrCt1YeCUElmfFx0iida1/YRm6sB2AXqScc1+ECRi
+2DND//YJUikn1zwbz1kT70XmHd97B4Eytpln7K+M1u2g1pHVEPW4owD/ammXNpUy
+nt70FcDD4yxJQ+0YNiHd0N8IcVBM1TMIVctMNQ==
+-----END CERTIFICATE-----

data/certs/tomaszpajor.pem

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIERDCCAqygAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDDBt0b21l
+ay9EQz1wb2xpc2hnZWVrcy9EQz1jb20wHhcNMjAwNzA3MTY0NjU0WhcNMjEwNzA3
+MTY0NjU0WjAmMSQwIgYDVQQDDBt0b21lay9EQz1wb2xpc2hnZWVrcy9EQz1jb20w
+ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDPRTvPuofdtL/wFEPOwPUr
+vR0XHzM/ADb2GBuzu6fzgmoxaYXBe8A++0BbgFvK47T04i8bsbXnfkxrkz/nupQ5
+SK2DPgS4HWnADuyBuyBY7LT4O1wwlytdlHtJgQV6NIcbprcOs/ZQKnimZpW9uByu
+FoN3i94pAEQhuzK0S+wWPvSm22+6XGtCuOzyFGdnCJjGUOkCRno5Nx34MWz0NpJ3
+9Ekkyy8g2cLvBcUdfeSrY7WsJ5cPCNrBs5cMuV426s1dDrhuvsW+sacwwY/4/LBw
+JzEX4/zS+lsVIX+iOoIFGJdeGnpEWqKgWoaskxqseFi661td1n9UaMXxgoaYh/oX
+3fJOy2jsZFboZ/eJ5rfciXLiCqSERGkEA+QcA2/jC/d77YJ1FfJW9uwJs3kptf4D
+p6h8wuA3T6rN4QrxkGBYzOfUJ2zSQy1cFu0rTZiYdKo9X6BunnxhmUExNng7advu
+qo8IDinyRlqA5+sOLXd4W3AS/RfF2nrayZNa3khTmmUCAwEAAaN9MHswCQYDVR0T
+BAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFHRFOZPwpgOd2m8FIOodOii+OiID
+MCAGA1UdEQQZMBeBFXRvbWVrQHBvbGlzaGdlZWtzLmNvbTAgBgNVHRIEGTAXgRV0
+b21la0Bwb2xpc2hnZWVrcy5jb20wDQYJKoZIhvcNAQELBQADggGBAKWFwYTGZVoy
+Bj3L9lvGOXpz8VWNoptFNHdncpaw1MMhS8UHcPQOUEiExX5ZH7MARy1fBjMXzIh9
+41ZpCjR+S6uCEpzUcg5Z/kEWa/wOW6tqrX+zfyxFATDI20pYaQWOLepjbDxePFMZ
+GAlIX5UNsze04A+wArXAttZB4oPt6loS1ao0GNdMb+syYMLzZUTW/sY2rm8zP4Mz
+Kt+zjoqMxQ1Jf+EwH+0uq8Tj5BJcmG6mWYM+ljvRbxBwfimoUBUCQe6KIDouF0Og
+uwLMY7X3jSERta4SxyY+iY7qNLsmG370GIGYbHuIiCwubFXt8jiPJZEdPE1xuzVF
+CLsYItzC28UQEWrVe6sJ0Fuqv5VHM6t8jNClkXDwzf95efFlGSCFN4t+/dywVIK8
+9MmF6uCQa1EjK2p8tYT0MnbHrFkoehxdX4VO9y99GAkhZyJNKPYPtyAUFV27sT2V
+LfCJRk4ifKIN/FUCwDSn8Cz0m6oH265q0p6wdzI6qrWOjP8tGOMBTA==
+-----END CERTIFICATE-----

data/diffend.gemspec

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'diffend'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'diffend'
+  spec.version       = Diffend::VERSION
+  spec.authors       = ['Tomasz Pajor']
+  spec.email         = ['contact@diffend.io']
+
+  spec.summary       = 'OSS supply chain security and management platform'
+  spec.summary       = 'OSS supply chain security and management platform.'
+  spec.homepage      = Diffend::HOMEPAGE
+  spec.license       = 'Prosperity Public License'
+
+  if $PROGRAM_NAME.end_with?('gem')
+    spec.signing_key = File.expand_path('~/.ssh/gem-private_key.pem')
+  end
+
+  spec.cert_chain    = %w[certs/tomaszpajor.pem]
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(spec)/}) }
+  spec.require_paths = %w[lib]
+
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake'
+end

data/lib/diffend.rb

@@ -0,0 +1,142 @@
+# frozen_string_literal: true
+
+%w[
+  bundler
+].each(&method(:require))
+
+%w[
+  build_bundler_definition
+  errors
+  config/fetcher
+  config/file_finder
+  config/validator
+  commands
+  handle_errors/messages
+  handle_errors/build_exception_payload
+  handle_errors/display_to_stdout
+  handle_errors/report
+  request_object
+  request
+  voting
+  track
+].each { |file| require "diffend/#{file}" }
+
+%w[
+  versions/local
+  versions/remote
+].each { |file| require "diffend/voting/#{file}" }
+
+# Diffend main namespace
+module Diffend
+  # Current plugin version
+  VERSION = '0.2.27'
+  # Diffend homepage
+  HOMEPAGE = 'https://diffend.io'
+
+  class << self
+    # Registers the plugin and add before install all hook
+    def register
+      Bundler::Plugin.add_hook('before-install-all') do |_|
+        execute
+      end
+    end
+
+    # Execute diffend plugin
+    def execute
+      return unless enabled?
+
+      verify_version
+
+      config = fetch_config
+
+      Diffend::Voting.call(
+        command,
+        config,
+        Diffend::BuildBundlerDefinition.call(
+          command,
+          Bundler.default_gemfile,
+          Bundler.default_lockfile
+        )
+      )
+    rescue Diffend::Errors::HandledException
+      return if ENV['DIFFEND_IGNORE_ERRORS'] == 'true'
+
+      exit 255
+    rescue StandardError => e
+      Diffend::HandleErrors::Report.call(
+        exception: e,
+        config: config,
+        message: :unhandled_exception,
+        report: true,
+        raise_exception: false
+      )
+
+      return if ENV['DIFFEND_IGNORE_ERRORS'] == 'true'
+
+      exit 255
+    end
+
+    def verify_version
+      return if ENV['DIFFEND_DEVELOPMENT'] == 'true'
+      return if installed_version == VERSION
+
+      build_outdated_version_message(installed_version)
+        .tap(&Bundler.ui.method(:error))
+
+      exit 2
+    end
+
+    # @return [String] installed plugin version
+    def installed_version
+      Bundler::Plugin
+        .index
+        .plugin_path('diffend')
+        .basename
+        .to_s
+        .split('-')
+        .last
+    end
+
+    # Checks if plugin is enabled
+    #
+    # @return [Boolean] true if enabled, false otherwise
+    def enabled?
+      Bundler
+        .default_gemfile
+        .read
+        .split("\n")
+        .reject(&:empty?)
+        .map(&:strip)
+        .select { |line| line.start_with?('plugin') }
+        .any? { |line| line.include?('diffend') }
+    end
+
+    # @param version [Hash] installed version
+    #
+    # @return [String]
+    def build_outdated_version_message(version)
+      <<~MSG
+        \nYou are running an outdated version (#{version}) of the plugin, which will lead to issues.
+        \nPlease upgrade to the latest one (#{VERSION}) by executing "rm -rf .bundle/plugin".\n
+      MSG
+    end
+
+    # Command that was run with bundle
+    #
+    # @return [String]
+    def command
+      ARGV.first || Bundler.feature_flag.default_cli_command.to_s
+    end
+
+    # Fetch diffend config file
+    #
+    # @return [OpenStruct, nil] configuration object
+    #
+    # @raise [Errors::MissingConfigurationFile] when no config file
+    def fetch_config
+      Config::Fetcher.call(
+        File.expand_path('..', Bundler.bin_path)
+      )
+    end
+  end
+end

data/lib/diffend/build_bundler_definition.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Diffend
+  # Builds bundler definition used within the plugin
+  module BuildBundlerDefinition
+    class << self
+      # Build clean instance of bundler definition, as we don't want to pollute the main one
+      #
+      # @param command [String] bundler command that we are executing
+      # @param gemfile [String] path to Gemfile
+      # @param lockfile [String] path to Gemfile.lock
+      #
+      # @return [Bundler::Definition]
+      def call(command, gemfile, lockfile)
+        unlock = command == 'update' ? true : nil
+
+        Bundler.configure
+        Bundler::Fetcher.disable_endpoint = nil
+
+        Bundler::Definition
+          .build(gemfile, lockfile, unlock)
+          .tap(&:validate_runtime!)
+      end
+    end
+  end
+end

data/lib/diffend/commands.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Diffend
+  # Modules grouping supported bundler commands
+  module Commands
+    # Bundler install command
+    INSTALL = 'install'
+    # Bundler update command
+    UPDATE = 'update'
+    # Bundler exec command
+    EXEC = 'exec'
+  end
+end

data/lib/diffend/config/fetcher.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+module Diffend
+  # Module for all the components related to setting up the config
+  module Config
+    # Class responsible for fetching the config from .diffend.yml
+    module Fetcher
+      # All the errors for missing keys in the configuration file
+      MISSING_KEY_ERRORS = [
+        Errors::ProjectIdMissingInConfigurationFile,
+        Errors::ShareableIdMissingInConfigurationFile,
+        Errors::ShareableKeyMissingInConfigurationFile,
+        Errors::BuildPathMissingInConfigurationFile
+      ].freeze
+
+      class << self
+        # @param build_path [String] path of the current build
+        #
+        # @return [OpenStruct] open struct with config details
+        #
+        # @example
+        #   details = Fetcher.new.call('./')
+        #   details.build_path #=> './'
+        def call(build_path)
+          build(build_path)
+        rescue Errors::MissingConfigurationFile
+          Bundler.ui.error(build_missing_error_message(build_path))
+
+          raise Diffend::Errors::HandledException
+        rescue Errors::EmptyConfigurationFile
+          Bundler.ui.error(build_empty_error_message(build_path))
+
+          raise Diffend::Errors::HandledException
+        rescue Errors::MalformedConfigurationFile
+          Bundler.ui.error(build_malformed_error_message(build_path))
+
+          raise Diffend::Errors::HandledException
+        rescue *MISSING_KEY_ERRORS => e
+          Bundler.ui.error(build_missing_key_error_message(e))
+
+          raise Diffend::Errors::HandledException
+        end
+
+        private
+
+        # @param build_path [String] path of the current build
+        #
+        # @return [OpenStruct] open struct with config details
+        def build(build_path)
+          content = ERB.new(
+            File.read(
+              FileFinder.call(build_path)
+            )
+          ).result
+
+          raise Errors::EmptyConfigurationFile if content.empty?
+
+          OpenStruct.new(parse_file(content).merge(build_path: build_path))
+            .tap(&Validator.method(:call))
+        end
+
+        def parse_file(content)
+          YAML.safe_load(content)
+        rescue Psych::SyntaxError
+          raise Errors::MalformedConfigurationFile
+        end
+
+        # @param build_path [String] path of the current build
+        #
+        # @return [String] missing configuration file message
+        def build_missing_error_message(build_path)
+          <<~MSG
+            \nWe were unable to locate Diffend configuration file.\n
+            Please make sure that .diffend.yml is present in #{build_path} folder.\n
+          MSG
+        end
+
+        # @return [String] empty configuration file message
+        def build_empty_error_message
+          <<~MSG
+            \nYour Diffend configuration file is empty.\n
+            Please re-setup.\n
+          MSG
+        end
+
+        # @return [String] malformed configuration file message
+        def build_malformed_error_message
+          <<~MSG
+            \nYour Diffend configuration file is malformed.\n
+            Please re-setup.\n
+          MSG
+        end
+
+        # @return [String] malformed configuration file message
+        def build_missing_key_error_message(exception)
+          missing_key = missing_key_from_exception(exception)
+
+          <<~MSG
+            \nYour Diffend configuration file is missing #{missing_key} key.\n
+            Please re-setup.\n
+          MSG
+        end
+
+        def missing_key_from_exception(exception)
+          case exception
+          when Errors::ProjectIdMissingInConfigurationFile then 'project_id'
+          when Errors::ShareableIdMissingInConfigurationFile then 'shareable_id'
+          when Errors::ShareableKeyMissingInConfigurationFile then 'shareable_key'
+          when Errors::BuildPathMissingInConfigurationFile then 'build_path'
+          end
+        end
+      end
+    end
+  end
+end