diffend 0.2.26 → 0.2.31

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f22ef308037176744a8795a6371eb3340f01d597b706c66e45b8355dbf2d41a9
-  data.tar.gz: 1e5734925c51663f20e804ecef8d329f7b24a05dfce891b33366f1e867edbf78
+  metadata.gz: 7b14e2973870903bee26272a50713c543934f7dbe5c0f2aab495dba99d6ee177
+  data.tar.gz: 900edb2cd152dce431f81029becec9e76662ef2bd5f19a7b082f9276bf9050cc
 SHA512:
-  metadata.gz: 8930d5dfc0e3c8438515069ab5c472ae93aaf934c6d16c595c70b9167384347d7c0358c4c50fc49d18b1a4024ed959be4fff00485731c9e622b8c8e89f7c1a98
-  data.tar.gz: e9741f2fe2db83a7650dd2272b9f79cfa7e5bc4b3c2989cae0d8390215459a386a545f23eb0163e350e6e32a7dca7963c9a9bfcdb65496dfa062051a2c023aad
+  metadata.gz: 33eb4745a8a8e909c266efdbd6a06647c7377e480886eb5d03aa6dbc78a65ce567ad3533df24c85e93cef714094c528f6f15c2738cd512874af4d09bbbe74173
+  data.tar.gz: ee68d0977516bce252304aa150ff2b6bde0788b06a135e9485ad5b22a351637f293fe533ea771e09f81446bac1a39b06427b0bf305ab575ce3f41ecbd0b97608

data/CHANGELOG.md

@@ -2,8 +2,29 @@
 
 ## [Unreleased][master]
 
+## [0.2.31] (2020-09-24)
+- change request timeout to 15 seconds ([#53](https://github.com/diffend-io/diffend-ruby/pull/53))
+- report request issues as warnings ([#54](https://github.com/diffend-io/diffend-ruby/pull/54))
+
+## [0.2.30] (2020-09-21)
+- handle dependencies resolve issues ([#51](https://github.com/diffend-io/diffend-ruby/pull/51))
+- better detection when to start `Diffend::Monitor` ([#50](https://github.com/diffend-io/diffend-ruby/pull/50))
+- cleanup structure ([#47](https://github.com/diffend-io/diffend-ruby/pull/47))
+
+## [0.2.29] (2020-09-21)
+- fix command reporting on jruby ([#48](https://github.com/diffend-io/diffend-ruby/pull/48))
+
+## [0.2.28] (2020-09-19)
+- start `Diffend::Monitor` only if not in development or test ([#44](https://github.com/diffend-io/diffend-ruby/pull/44))
+- better host command expose ([#45](https://github.com/diffend-io/diffend-ruby/pull/45))
+
+## [0.2.27] (2020-09-16)
+- introduce `Diffend::RequestObject` ([#40](https://github.com/diffend-io/diffend-ruby/pull/40))
+- clean up error codes and introduce `DIFFEND_INGORE_EXCEPTIONS` ([#41](https://github.com/diffend-io/diffend-ruby/pull/41))
+- introduce `Diffend::Monitor` and `Diffend::Track` ([#15](https://github.com/diffend-io/diffend-ruby/pull/15))
+
 ## [0.2.26] (2020-09-10)
-- introduce DIFFEND_DEVELOPMENT environment variable ([#36](https://github.com/diffend-io/diffend-ruby/pull/36))
+- introduce `DIFFEND_DEVELOPMENT` environment variable ([#36](https://github.com/diffend-io/diffend-ruby/pull/36))
 - adjust message for allow verdict ([#37](https://github.com/diffend-io/diffend-ruby/pull/37))
 - do not run the plugin when it is not enabled ([#38](https://github.com/diffend-io/diffend-ruby/pull/38))
 
@@ -55,7 +76,11 @@
 
 - initial release
 
-[master]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.26...HEAD
+[master]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.30...HEAD
+[0.2.30]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.29...v0.2.30
+[0.2.29]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.28...v0.2.29
+[0.2.28]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.27...v0.2.28
+[0.2.27]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.26...v0.2.27
 [0.2.26]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.25...v0.2.26
 [0.2.25]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.24...v0.2.25
 [0.2.24]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.23...v0.2.24

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    diffend (0.2.26)
+    diffend (0.2.31)
 
 GEM
   remote: https://rubygems.org/

data/diffend.gemspec

@@ -2,7 +2,7 @@
 
 lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'diffend'
+require 'diffend/version'
 
 Gem::Specification.new do |spec|
   spec.name          = 'diffend'
@@ -11,8 +11,7 @@ Gem::Specification.new do |spec|
   spec.email         = ['contact@diffend.io']
 
   spec.summary       = 'OSS supply chain security and management platform'
-  spec.summary       = 'OSS supply chain security and management platform.'
-  spec.homepage      = Diffend::HOMEPAGE
+  spec.homepage      = 'https://diffend.io'
   spec.license       = 'Prosperity Public License'
 
   if $PROGRAM_NAME.end_with?('gem')

data/lib/diffend.rb

@@ -1,131 +1,4 @@
 # frozen_string_literal: true
 
-%w[
-  bundler
-].each(&method(:require))
-
-%w[
-  build_bundler_definition
-  errors
-  config/fetcher
-  config/file_finder
-  config/validator
-  commands
-  handle_errors/messages
-  handle_errors/build_exception_payload
-  handle_errors/display_to_stdout
-  handle_errors/report
-  request
-  voting
-].each { |file| require "diffend/#{file}" }
-
-%w[
-  versions/local
-  versions/remote
-].each { |file| require "diffend/voting/#{file}" }
-
-# Diffend main namespace
 module Diffend
-  # Current plugin version
-  VERSION = '0.2.26'
-  # Diffend homepage
-  HOMEPAGE = 'https://diffend.io'
-
-  class << self
-    # Registers the plugin and add before install all hook
-    def register
-      Bundler::Plugin.add_hook('before-install-all') do |_|
-        execute
-      end
-    end
-
-    # Execute diffend plugin
-    def execute
-      return unless enabled?
-
-      verify_version
-
-      config = fetch_config
-
-      Diffend::Voting.call(
-        command,
-        config,
-        Diffend::BuildBundlerDefinition.call(
-          command,
-          Bundler.default_gemfile,
-          Bundler.default_lockfile
-        )
-      )
-    rescue StandardError => e
-      Diffend::HandleErrors::Report.call(
-        exception: e,
-        config: config,
-        message: :unhandled_exception,
-        report: true
-      )
-    end
-
-    def verify_version
-      return if ENV['DIFFEND_DEVELOPMENT'] == 'true'
-      return if installed_version == VERSION
-
-      build_outdated_version_message(installed_version)
-        .tap(&Bundler.ui.method(:error))
-
-      exit 1
-    end
-
-    # @return [String] installed plugin version
-    def installed_version
-      Bundler::Plugin
-        .index
-        .plugin_path('diffend')
-        .basename
-        .to_s
-        .split('-')
-        .last
-    end
-
-    # Checks if plugin is enabled
-    #
-    # @return [Boolean] true if enabled, false otherwise
-    def enabled?
-      Bundler
-        .default_gemfile
-        .read
-        .split("\n")
-        .reject(&:empty?)
-        .map(&:strip)
-        .select { |line| line.start_with?('plugin') }
-        .any? { |line| line.include?('diffend') }
-    end
-
-    # @param version [Hash] installed version
-    #
-    # @return [String]
-    def build_outdated_version_message(version)
-      <<~MSG
-        \nYou are running an outdated version (#{version}) of the plugin, which will lead to issues.
-        \nPlease upgrade to the latest one (#{VERSION}) by executing "rm -rf .bundle/plugin".\n
-      MSG
-    end
-
-    # Command that was run with bundle
-    #
-    # @return [String]
-    def command
-      ARGV.first || Bundler.feature_flag.default_cli_command.to_s
-    end
-
-    # Fetch diffend config file
-    #
-    # @return [OpenStruct, nil] configuration object
-    #
-    # @raise [Errors::MissingConfigurationFile] when no config file
-    def fetch_config
-      Config::Fetcher.call(
-        File.expand_path('..', Bundler.bin_path)
-      )
-    end
-  end
 end

data/lib/diffend/commands.rb

@@ -3,9 +3,11 @@
 module Diffend
   # Modules grouping supported bundler commands
   module Commands
-    # Install bundler command
+    # Bundler install command
     INSTALL = 'install'
-    # Update bundler command
+    # Bundler update command
     UPDATE = 'update'
+    # Bundler exec command
+    EXEC = 'exec'
   end
 end

data/lib/diffend/config.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Diffend
+  # Diffend config object
+  module Config
+    class << self
+      # Build diffend config object
+      #
+      # @return [OpenStruct, nil]
+      #
+      # @raise [Errors::MissingConfigurationFile] when no config file
+      def call
+        Diffend::Config::Fetcher.call(
+          File.expand_path('..', ::Bundler.bin_path)
+        )
+      end
+    end
+  end
+end

data/lib/diffend/config/fetcher.rb

@@ -27,16 +27,20 @@ module Diffend
           build(build_path)
         rescue Errors::MissingConfigurationFile
           Bundler.ui.error(build_missing_error_message(build_path))
-          exit 1
+
+          raise Diffend::Errors::HandledException
         rescue Errors::EmptyConfigurationFile
           Bundler.ui.error(build_empty_error_message(build_path))
-          exit 1
+
+          raise Diffend::Errors::HandledException
         rescue Errors::MalformedConfigurationFile
           Bundler.ui.error(build_malformed_error_message(build_path))
-          exit 1
+
+          raise Diffend::Errors::HandledException
         rescue *MISSING_KEY_ERRORS => e
           Bundler.ui.error(build_missing_key_error_message(e))
-          exit 1
+
+          raise Diffend::Errors::HandledException
         end
 
         private

data/lib/diffend/errors.rb

@@ -21,5 +21,9 @@ module Diffend
     BuildPathMissingInConfigurationFile = Class.new(BaseError)
     # Raised when server-side error occurs
     RequestServerError = Class.new(BaseError)
+    # Raised when we had an exception that we know how to handle
+    HandledException = Class.new(BaseError)
+    # Raised when we are unable to resolve dependencies
+    DependenciesResolveException = Class.new(BaseError)
   end
 end

data/lib/diffend/{voting.rb → execute.rb}

@@ -1,18 +1,30 @@
 # frozen_string_literal: true
 
 module Diffend
-  # Verifies voting verdicts for gems
-  module Voting
+  # Executes a check for a given command
+  module Execute
     class << self
       # Build verdict
       #
       # @param command [String] either install or update
       # @param config [OpenStruct] diffend config
-      # @param definition [Bundler::Definition] definition for your source
-      def call(command, config, definition)
-        Versions::Remote
-          .call(command, config, definition)
+      def call(command, config)
+        Diffend::RequestVerdict
+          .call(command, config, build_definition(command))
           .tap { |response| build_message(command, config, response) }
+      rescue Diffend::Errors::DependenciesResolveException
+        # We are unable to resolve dependencies, no message will be printed
+      end
+
+      # Build bundler definition
+      #
+      # @return [Bundler::Definition]
+      def build_definition(command)
+        Diffend::BuildBundlerDefinition.call(
+          command,
+          Bundler.default_gemfile,
+          Bundler.default_lockfile
+        )
       end
 
       # @param command [String] either install or update
@@ -38,7 +50,7 @@ module Diffend
         build_error_message(response)
           .tap(&Bundler.ui.method(:error))
 
-        exit 1
+        raise Diffend::Errors::HandledException
       end
 
       # @param command [String] either install or update

data/lib/diffend/handle_errors/report.rb

@@ -12,9 +12,10 @@ module Diffend
         # @param config [OpenStruct] Diffend config
         # @param message [Symbol] message that we want to display
         # @param report [Boolean] if true we will report the issue to diffend
+        # @param raise_exception [Boolean] if true we will raise an exception
         #
         # @return [Net::HTTPResponse] response from Diffend
-        def call(config:, message:, exception: nil, payload: {}, report: false)
+        def call(config:, message:, exception: nil, payload: {}, report: false, raise_exception: true)
           exception_payload = prepare_exception_payload(exception, payload)
 
           Bundler.ui.error(Diffend::HandleErrors::Messages::PAYLOAD_DUMP)
@@ -22,13 +23,24 @@ module Diffend
 
           if report
             Diffend::Request.call(
-              config,
-              errors_url(config.project_id),
-              exception_payload
+              build_request_object(config, exception_payload)
             )
           end
 
-          exit 1
+          raise Diffend::Errors::HandledException if raise_exception
+        end
+
+        # @param config [OpenStruct] diffend config
+        # @param payload [Hash]
+        #
+        # @return [Diffend::RequestObject]
+        def build_request_object(config, payload)
+          Diffend::RequestObject.new(
+            config: config,
+            url: errors_url(config.project_id),
+            payload: payload,
+            request_method: :post
+          )
         end
 
         # Prepare exception payload and display it to stdout

data/lib/diffend/local_context.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Diffend
+  # Module responsible for building local context
+  module LocalContext
+    class << self
+      # Build diffend, host, packages, and platform specific information
+      #
+      # @param command [String] either install or update
+      # @param project_id [String] diffend project_id
+      # @param definition [Bundler::Definition] definition for your source
+      #
+      # @return [Hash] payload for diffend endpoint
+      def call(command, project_id, definition)
+        {
+          'diffend' => Diffend.call(project_id),
+          'host' => Host.call,
+          'packages' => Packages.call(command, definition),
+          'platform' => Platform.call
+        }.freeze
+      end
+    end
+  end
+end

data/lib/diffend/local_context/diffend.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Diffend
+  # Module responsible for building local context
+  module LocalContext
+    # Module responsible for building diffend information from local context
+    module Diffend
+      # API version
+      API_VERSION = '0.1'
+      # Platform type ruby
+      PLATFORM_TYPE = 0
+
+      private_constant :API_VERSION, :PLATFORM_TYPE
+
+      class << self
+        # Build diffend information
+        #
+        # @param project_id [String, nil] diffend project_id
+        #
+        # @return [Hash]
+        def call(project_id)
+          {
+            'api_version' => API_VERSION,
+            'environment' => ENV['DIFFEND_ENV'],
+            'project_id' => project_id,
+            'type' => PLATFORM_TYPE,
+            'version' => ::Diffend::VERSION
+          }.freeze
+        end
+      end
+    end
+  end
+end

data/lib/diffend/local_context/host.rb

@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+
+require 'etc'
+
+module Diffend
+  # Module responsible for building local context
+  module LocalContext
+    # Module responsible for building host information from local context
+    module Host
+      class << self
+        # Build host information
+        #
+        # @return [Hash]
+        def call
+          uname = Etc.uname
+
+          {
+            'command' => command,
+            'ips' => ips,
+            'name' => uname[:nodename],
+            'system' => {
+              'machine' => uname[:machine],
+              'name' => uname[:sysname],
+              'release' => uname[:release],
+              'version' => uname[:version]
+            },
+            'tags' => tags,
+            'user' => Etc.getpwuid(Process.uid).name,
+            'pid' => Process.pid
+          }.freeze
+        end
+
+        private
+
+        # Build host command information
+        #
+        # @return [Hash]
+        def command
+          if File.exist?($PROGRAM_NAME)
+            if defined?(JRUBY_VERSION)
+              name = $PROGRAM_NAME.split('/').last.strip
+              command = "#{name} #{ARGV.join(' ')}"
+            else
+              array = `ps -p #{Process.pid} -o command=`.strip.split(' ')
+              array.shift if array.first.end_with?('bin/ruby')
+              name = array.shift.split('/').last.strip
+              command = "#{name} #{array.join(' ')}"
+            end
+
+            { 'name' => command, 'title' => '' }
+          else
+            { 'name' => ARGV.join(' '), 'title' => $PROGRAM_NAME }
+          end
+        end
+
+        # Build host ips, except localhost and loopback
+        #
+        # @return [Array<String>]
+        def ips
+          Socket.ip_address_list.map do |ip|
+            next if ip.ipv4_loopback? || ip.ipv6_loopback? || ip.ipv6_linklocal?
+
+            ip.ip_address
+          end.compact
+        end
+
+        # Build host tags
+        #
+        # @return [Array]
+        def tags
+          tags = []
+
+          if ENV.key?('GITHUB_ACTIONS')
+            tags << 'ci'
+            tags << 'ci-github'
+          end
+
+          if ENV.key?('CIRCLECI')
+            tags << 'ci'
+            tags << 'ci-circle'
+          end
+
+          tags
+        end
+      end
+    end
+  end
+end