diffend 0.2.18 → 0.2.26

data/lib/diffend/request.rb

@@ -0,0 +1,165 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'openssl'
+require 'json'
+
+module Diffend
+  # Module responsible for doing request to Diffend
+  module Request
+    # Message displayed when connection issue occured and we will retry
+    CONNECTION_MESSAGE = 'We experienced a connection issue, retrying...'
+    # List of connection exceptions
+    CONNECTION_EXCEPTIONS = [
+      Errno::ECONNRESET,
+      Errno::ENETUNREACH,
+      Errno::EHOSTUNREACH,
+      Errno::ECONNREFUSED
+    ].freeze
+    # Message displayed when timeout occured and we will retry
+    TIMEOUT_MESSAGE = 'We experienced a connection issue, retrying...'
+    # List of timeout exceptions
+    TIMEOUT_EXCEPTIONS = [
+      Net::OpenTimeout,
+      Net::ReadTimeout
+    ].freeze
+    # Message displayed when server issue occured and we will retry
+    SERVER_ERROR_MESSAGE = 'We experienced a server-side issue, retrying...'
+    # List of server issues
+    #
+    # 500 - Internal Server Error
+    # 502 - Bad Gateway
+    # 503 - Service Unavailable
+    # 504 - Gateway Timeout
+    SERVER_ERRORS = [500, 502, 503, 504].freeze
+    # Number of retries
+    RETRIES = 3
+    # Request headers
+    HEADERS = { 'Content-Type': 'application/json' }.freeze
+
+    private_constant :HEADERS
+
+    class << self
+      # Execute request
+      #
+      # @param config [OpenStruct] diffend config
+      # @param endpoint_url [String]
+      # @param payload [Hash]
+      #
+      # @return [Net::HTTPResponse] response from Diffend
+      def call(config, endpoint_url, payload)
+        retry_count ||= -1
+
+        build_http(endpoint_url) do |http, uri|
+          response = http.request(build_request(uri, config, payload))
+
+          if SERVER_ERRORS.include?(response.code.to_i)
+            raise Diffend::Errors::RequestServerError, response.code.to_i
+          end
+
+          response
+        end
+      rescue Diffend::Errors::RequestServerError => e
+        retry_count += 1
+
+        retry if handle_retry(SERVER_ERROR_MESSAGE, retry_count)
+
+        Diffend::HandleErrors::Report.call(
+          exception: e,
+          payload: payload,
+          config: config,
+          message: :request_error
+        )
+      rescue *CONNECTION_EXCEPTIONS => e
+        retry_count += 1
+
+        retry if handle_retry(CONNECTION_MESSAGE, retry_count)
+
+        Diffend::HandleErrors::Report.call(
+          exception: e,
+          payload: payload,
+          config: config,
+          message: :request_error
+        )
+      rescue *TIMEOUT_EXCEPTIONS => e
+        retry_count += 1
+
+        retry if handle_retry(TIMEOUT_MESSAGE, retry_count)
+
+        Diffend::HandleErrors::Report.call(
+          exception: e,
+          payload: payload,
+          config: config,
+          message: :request_error
+        )
+      end
+
+      # Handle retry
+      #
+      # @param message [String] message we want to display
+      # @param retry_count [Integer]
+      def handle_retry(message, retry_count)
+        return false if retry_count == RETRIES
+
+        Bundler.ui.error(message)
+        sleep(exponential_backoff(retry_count))
+
+        retry_count < RETRIES
+      end
+
+      # Builds http connection object
+      #
+      # @param url [String] command endpoint url
+      def build_http(url)
+        uri = URI(url)
+
+        Net::HTTP.start(
+          uri.host,
+          uri.port,
+          use_ssl: uri.scheme == 'https',
+          verify_mode: OpenSSL::SSL::VERIFY_NONE,
+          open_timeout: 5,
+          read_timeout: 5
+        ) { |http| yield(http, uri) }
+      end
+
+      # Build http post request and assigns headers and payload
+      #
+      # @param uri [URI::HTTPS]
+      # @param config [OpenStruct] Diffend config
+      # @param payload [Hash] with versions to check
+      #
+      # @return [Net::HTTP::Post]
+      def build_request(uri, config, payload)
+        Net::HTTP::Post
+          .new(uri.request_uri, HEADERS)
+          .tap { |request| assign_auth(request, config) }
+          .tap { |request| assign_payload(request, payload) }
+      end
+
+      # Assigns basic authorization if provided in the config
+      #
+      # @param request [Net::HTTP::Post] prepared http post
+      # @param config [OpenStruct] Diffend config
+      def assign_auth(request, config)
+        return unless config
+        return unless config.shareable_id
+        return unless config.shareable_key
+
+        request.basic_auth(config.shareable_id, config.shareable_key)
+      end
+
+      # Assigns payload as json
+      #
+      # @param request [Net::HTTP::Post] prepared http post
+      # @param payload [Hash] with versions to check
+      def assign_payload(request, payload)
+        request.body = JSON.dump(payload: payload)
+      end
+
+      def exponential_backoff(retry_count)
+        2**(retry_count + 1)
+      end
+    end
+  end
+end

data/lib/diffend/voting.rb

@@ -7,23 +7,33 @@ module Diffend
       # Build verdict
       #
       # @param command [String] either install or update
+      # @param config [OpenStruct] diffend config
       # @param definition [Bundler::Definition] definition for your source
-      def call(command, definition)
+      def call(command, config, definition)
         Versions::Remote
-          .call(command, definition)
-          .tap { |response| build_message(command, response) }
+          .call(command, config, definition)
+          .tap { |response| build_message(command, config, response) }
       end
 
-      def build_message(command, response)
+      # @param command [String] either install or update
+      # @param config [OpenStruct] diffend config
+      # @param response [Hash] response from diffend API
+      def build_message(command, config, response)
         if response.key?('error')
           build_error(response)
         elsif response.key?('action')
-          build_verdict(command, response)
+          build_verdict(command, config, response)
         else
-          raise UnsupportedResponse, response['action']
+          Diffend::HandleErrors::Report.call(
+            config: config,
+            message: :unsupported_response,
+            payload: response,
+            report: true
+          )
         end
       end
 
+      # @param response [Hash] response from diffend API
       def build_error(response)
         build_error_message(response)
           .tap(&Bundler.ui.method(:error))
@@ -31,21 +41,35 @@ module Diffend
         exit 1
       end
 
-      def build_verdict(command, response)
+      # @param command [String] either install or update
+      # @param config [OpenStruct] diffend config
+      # @param response [Hash] response from diffend API
+      def build_verdict(command, config, response)
         case response['action']
         when 'allow'
           build_allow_message(command, response)
             .tap(&Bundler.ui.method(:confirm))
+        when 'warn'
+          build_warn_message(command, response)
+            .tap(&Bundler.ui.method(:warn))
         when 'deny'
           build_deny_message(command, response)
             .tap(&Bundler.ui.method(:error))
 
           exit 1
         else
-          raise UnsupportedAction, response['action']
+          Diffend::HandleErrors::Report.call(
+            config: config,
+            message: :unsupported_verdict,
+            payload: response,
+            report: true
+          )
         end
       end
 
+      # @param response [Hash] response from diffend API
+      #
+      # @return [String]
       def build_error_message(response)
         <<~MSG
           \nDiffend returned an error for your request.\n
@@ -53,21 +77,56 @@ module Diffend
         MSG
       end
 
+      # @param command [String] either install or update
+      # @param response [Hash] response from diffend API
+      #
+      # @return [String]
       def build_allow_message(command, response)
         <<~MSG
-          \nDiffend reported an allow verdict for #{command} command for this project.\n
-          All of our #{response['allows_count'] + response['denies_count']} checks succeeded.\n
+          #{build_message_header('an allow', command)}
+          #{build_message_info(response)}\n
           #{response['review_url']}\n
         MSG
       end
 
+      # @param command [String] either install or update
+      # @param response [Hash] response from diffend API
+      #
+      # @return [String]
+      def build_warn_message(command, response)
+        <<~MSG
+          #{build_message_header('a warn', command)}
+          #{build_message_info(response)} Please go to the url below and review the issues.\n
+          #{response['review_url']}\n
+        MSG
+      end
+
+      # @param command [String] either install or update
+      # @param response [Hash] response from diffend API
+      #
+      # @return [String]
       def build_deny_message(command, response)
         <<~MSG
-          \nDiffend reported a deny verdict for #{command} command for this project.\n
-          #{response['denies_count']} out of our #{response['allows_count'] + response['denies_count']} checks failed. Please go to the url below and review the issues.\n
+          #{build_message_header('a deny', command)}
+          #{build_message_info(response)} Please go to the url below and review the issues.\n
           #{response['review_url']}\n
         MSG
       end
+
+      # @param type [String] verdict type
+      # @param command [String] either install or update
+      #
+      # @return [String]
+      def build_message_header(type, command)
+        "\nDiffend reported #{type} verdict for #{command} command for this project."
+      end
+
+      # @param response [Hash] response from diffend API
+      #
+      # @return [String]
+      def build_message_info(response)
+        "\nQuality score: #{response['quality_score']}, allows: #{response['allows_count']}, warnings: #{response['warns_count']}, denies: #{response['denies_count']}."
+      end
     end
   end
 end

data/lib/diffend/voting/versions/local.rb

@@ -13,17 +13,22 @@ module Diffend
           Bundler::Source::Gemspec,
           Bundler::Source::Path
         ].freeze
-        DEPENDENCIES = {
+        # List of dependency types
+        DEPENDENCIES_TYPES = {
           direct: 0,
-          dep: 1
+          dependency: 1
         }.freeze
-        SOURCES = {
+        # List of sources types
+        SOURCES_TYPES = {
           valid: 0,
           multiple_primary: 1
         }.freeze
-        GEM_SOURCES = {
+        # List of gem sources types
+        GEM_SOURCES_TYPES = {
           local: 0,
-          gemfile: 1
+          gemfile_source: 1,
+          gemfile_git: 2,
+          gemfile_path: 3
         }.freeze
 
         class << self
@@ -49,43 +54,45 @@ module Diffend
         def initialize(definition)
           @definition = definition
           @direct_dependencies = Hash[definition.dependencies.map { |val| [val.name, val] }]
-          @main_source = definition.send(:sources).rubygems_sources.last
           # Support case without Gemfile.lock
           @locked_specs = @definition.locked_gems ? @definition.locked_gems.specs : []
         end
 
+        # Build install specification
+        #
+        # @return [Hash]
         def build_install
           hash = build_main
 
-          @definition.requested_specs.each do |spec|
+          @definition.specs.each do |spec|
             next if skip?(spec.source)
 
             locked_spec = @locked_specs.find { |s| s.name == spec.name }
 
-            spec2 = locked_spec || spec
-
-            hash['dependencies'][spec2.name] = {
-              'platform' => build_spec_platform(spec2),
-              'source' => build_spec_source(spec2),
-              'type' => build_dependency_type(spec2.name),
-              'versions' => build_versions(spec2)
+            hash['dependencies'][spec.name] = {
+              'platform' => build_spec_platform(spec, locked_spec),
+              'source' => build_spec_source(spec),
+              'type' => build_dependency_type(spec.name),
+              'versions' => build_versions(spec, locked_spec)
             }
           end
 
           hash
         end
 
-        # @param definition [Bundler::Definition] definition for your source
+        # Build update specification
+        #
+        # @return [Hash]
         def build_update
           hash = build_main
 
-          @definition.requested_specs.each do |spec|
+          @definition.specs.each do |spec|
             next if skip?(spec.source)
 
             locked_spec = @locked_specs.find { |s| s.name == spec.name }
 
             hash['dependencies'][spec.name] = {
-              'platform' => build_spec_platform(spec),
+              'platform' => build_spec_platform(spec, locked_spec),
               'source' => build_spec_source(spec),
               'type' => build_dependency_type(spec.name),
               'versions' => build_versions(spec, locked_spec)
@@ -97,6 +104,9 @@ module Diffend
 
         private
 
+        # Build default specification
+        #
+        # @return [Hash]
         def build_main
           {
             'dependencies' => {},
@@ -106,8 +116,18 @@ module Diffend
           }
         end
 
+        # Build gem versions
+        #
+        # @param spec [Bundler::StubSpecification, Bundler::LazySpecification, Gem::Specification]
+        # @param locked_spec [Bundler::LazySpecification, Gem::Specification, NilClass]
+        #
+        # @return [Array<String>]
         def build_versions(spec, locked_spec = nil)
-          locked_spec ? [locked_spec.version.to_s, spec.version.to_s] : [spec.version.to_s]
+          if locked_spec && locked_spec.version.to_s != spec.version.to_s
+            [locked_spec.version.to_s, spec.version.to_s]
+          else
+            [spec.version.to_s]
+          end
         end
 
         # @param specs [Array] specs that are direct dependencies
@@ -115,78 +135,162 @@ module Diffend
         #
         # @return [Boolean] dependency type
         def build_dependency_type(name)
-          @direct_dependencies.key?(name) ? DEPENDENCIES[:direct] : DEPENDENCIES[:dep]
+          if @direct_dependencies.key?(name)
+            DEPENDENCIES_TYPES[:direct]
+          else
+            DEPENDENCIES_TYPES[:dependency]
+          end
+        end
+
+        # Build gem platform
+        #
+        # @param spec [Bundler::StubSpecification, Bundler::LazySpecification, Gem::Specification]
+        # @param locked_spec [Bundler::LazySpecification, Gem::Specification, NilClass]
+        #
+        # @return [String]
+        def build_spec_platform(spec, locked_spec)
+          parse_platform(
+            spec.platform || locked_spec&.platform || spec.send(:generic_local_platform)
+          )
+        end
+
+        # Parse gem platform
+        #
+        # @param platform [String, Gem::Platform]
+        #
+        # @return [String]
+        def parse_platform(platform)
+          case platform
+          when String then platform
+          when Gem::Platform then platform.os
+          end
         end
 
-        def build_spec_platform(spec)
-          spec.platform || spec.send(:generic_local_platform)
+        # Build gem source type
+        #
+        # @param source [Bundler::Source] gem source type
+        #
+        # @return [Integer] internal gem source type
+        def build_spec_gem_source_type(source)
+          case source
+          when Bundler::Source::Metadata
+            GEM_SOURCES_TYPES[:local]
+          when Bundler::Source::Rubygems, Bundler::Source::Rubygems::Remote
+            GEM_SOURCES_TYPES[:gemfile_source]
+          when Bundler::Source::Git
+            GEM_SOURCES_TYPES[:gemfile_git]
+          when Bundler::Source::Path
+            GEM_SOURCES_TYPES[:gemfile_path]
+          else
+            raise ArgumentError, "unknown source #{source.class}"
+          end
         end
 
+        # Build gem source
+        #
+        # @param spec [Bundler::StubSpecification, Bundler::LazySpecification, Gem::Specification]
+        #
+        # @return [Hash]
         def build_spec_source(spec)
-          if @direct_dependencies.key?(spec.name)
-            dep_spec = @direct_dependencies[spec.name]
+          source = source_for_spec(spec)
 
-            if dep_spec.source
-              { 'type' => GEM_SOURCES[:gemfile], 'url' => source_name_from_source(dep_spec.source) }
-            else
-              { 'type' => GEM_SOURCES[:gemfile], 'url' => source_name_from_source(@main_source) }
-            end
+          {
+            'type' => build_spec_gem_source_type(source),
+            'value' => source_name_from_source(source)
+          }
+        end
+
+        # Figure out source for gem
+        #
+        # @param spec [Bundler::StubSpecification, Bundler::LazySpecification, Gem::Specification]
+        #
+        # @return [Bundler::Source] gem source type
+        def source_for_spec(spec)
+          return spec.remote if spec.remote
+
+          case spec.source
+          when Bundler::Source::Rubygems
+            spec
+              .source
+              .send(:remote_specs)
+              .search(Bundler::Dependency.new(spec.name, spec.version))
+              .last
+              .remote
+          when Bundler::Source::Metadata, Bundler::Source::Git, Bundler::Source::Path
+            spec.source
           else
-            if spec.source.respond_to?(:remotes)
-              { 'type' => GEM_SOURCES[:gemfile], 'url' => source_name_from_source(spec.source) }
-            else
-              { 'type' => GEM_SOURCES[:local], 'url' => '' }
-            end
+            raise ArgumentError, "unknown source #{spec.source.class}"
           end
         end
 
+        # Build gem source name
+        #
+        # @param source [Bundler::Source] gem source type
+        #
+        # @return [String]
         def source_name_from_source(source)
-          source_name(source.remotes.first)
+          case source
+          when Bundler::Source::Metadata
+            ''
+          when Bundler::Source::Rubygems::Remote
+            source_name(source.anonymized_uri)
+          when Bundler::Source::Git
+            source.instance_variable_get(:@safe_uri)
+          when Bundler::Source::Path
+            source.path
+          else
+            raise ArgumentError, "unknown source #{source.class}"
+          end
         end
 
-        def source_name(name)
-          name.to_s[0...-1]
+        # @param uri [Bundler::URI]
+        #
+        # @return [String]
+        def source_name(uri)
+          uri.to_s[0...-1]
         end
 
+        # Build sources used in the Gemfile
+        #
+        # @return [Array<Hash>]
         def build_sources
           sources = @definition.send(:sources).rubygems_sources
-          hash = []
+          hash = {}
 
           sources.each do |source|
-            type = source.remotes.count > 1 ? SOURCES[:multiple_primary] : SOURCES[:valid]
+            type = build_source_type(source.remotes)
 
             source.remotes.each do |src|
-              hash << { 'name' => source_name(src), 'type' => type }
+              hash[source_name(src)] = type
             end
           end
 
-          hash
+          hash.map { |name, type| { 'name' => name, 'type' => type } }
+        end
+
+        # Build gem source type
+        #
+        # @param remotes [Array<Bundler::URI>]
+        #
+        # @return [Integer] internal source type
+        def build_source_type(remotes)
+          remotes.count > 1 ? SOURCES_TYPES[:multiple_primary] : SOURCES_TYPES[:valid]
         end
 
         # Checks if we should skip a source
         #
-        # @param source [Bundler::Source::Git, Bundler::Source::Rubygems]
+        # @param source [Bundler::Source] gem source type
         #
         # @return [Boolean] true if we should skip this source, false otherwise
         def skip?(source)
-          return true if git?(source)
           return true if me?(source)
 
           false
         end
 
-        # Checks if it's a git source
-        #
-        # @param source [Bundler::Source::Git, Bundler::Source::Rubygems]
-        #
-        # @return [Boolean] true if it's a git source, false otherwise
-        def git?(source)
-          source.instance_of?(Bundler::Source::Git)
-        end
-
         # Checks if it's a self source, this happens for repositories that are a gem
         #
-        # @param source [Bundler::Source::Path,Bundler::Source::Git,Bundler::Source::Rubygems]
+        # @param source [Bundler::Source] gem source type
         #
         # @return [Boolean] true if it's a self source, false otherwise
         def me?(source)