ndr_dev_support 1.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 65678f389d477156798555985f5dadffa993f72e
+  data.tar.gz: 488e28b29645423774120f1dd44a8a7b0577c5c4
+SHA512:
+  metadata.gz: 8d1d94e0acdea556a5bf333a2980da539da83f617749aa41c437fd2115a449dcc00288da87e7b4958159420eb2bd94fae4546458def9743fbbc9e6915e6c2966
+  data.tar.gz: b769d5ff8efce153fb33ba56882fff41db37dba8a61c02423d42067b258a3b45a895e9ef006b770bc3257b924e029f49de8822e752242dc067ba9d9960e46bae

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rubocop.yml

@@ -0,0 +1,19 @@
+# By default, would enforce { key: value } rather than { :key => value }.
+# AllCops:
+#   RunRailsCops: true
+
+# Multi-line method chaining should be done with trailing dots.
+Style/DotPosition:
+  EnforcedStyle: trailing
+
+# ...
+LineLength:
+  Max: 99
+
+# Relax some of the cops for tests
+Metrics/ClassLength:
+  Exclude:
+    - test/**/*.rb
+Metrics/MethodLength:
+  Exclude:
+    - test/**/*.rb

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.3.0
+before_install: gem install bundler -v 1.11.2

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,49 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all people who
+contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+* Other unethical or unprofessional conduct
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+By adopting this Code of Conduct, project maintainers commit themselves to
+fairly and consistently applying these principles to every aspect of managing
+this project. Project maintainers who do not follow or enforce the Code of
+Conduct may be permanently removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting one or more of the project maintainers. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. Maintainers are
+obligated to maintain confidentiality with regard to the reporter of an
+incident.
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 1.3.0, available at
+[http://contributor-covenant.org/version/1/3/0/][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/3/0/

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in ndr_dev_support.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2011-2016 Public Health England
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,86 @@
+## NdrDevSupport [![Build Status](https://travis-ci.org/PublicHealthEngland/ndr_dev_support.svg?branch=master)](https://travis-ci.org/PublicHealthEngland/ndr_dev_support)
+
+This is the Public Health England (PHE) National Disease Registers (NDR) Developer Support ruby gem,
+providing:
+
+1. rake tasks to manage code auditing of ruby based projects; and
+2. a rake task to limit Rubocop's output to changed (and related) code.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'ndr_dev_support', group: :development
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install ndr_dev_support
+
+## Usage
+
+### Code Auditing Rake Tasks
+
+ndr_dev_support provides a mechanism to manage the state of routine code quality and security peer reviews. It should be used as part of wider quality and security policies.
+
+It provides rake tasks to help manage the process of persisting the state of security reviews.
+
+Once files have been reviewed as secure, the revision number for that file is stored in code_safety.yml. If used within a Rails app, this file is stored in the config/ folder, otherwise it is kept in the project's root folder.
+
+Note: This feature works with svn and git repositories and svn, git-svn and git working copies.
+
+For more details of the audit tasks available, execute:
+
+    $ rake -T audit
+
+### RuboCop filtering
+
+ndr_dev_support provides rake tasks to enable more targeted use of RuboCop, to analyse only relevant code changes:
+```
+$ rake rubocop:diff HEAD
+$ rake rubocop:diff HEAD~3..HEAD~2
+$ rake rubocop:diff HEAD~3..HEAD~2
+$ rake rubocop:diff aef12fd4
+$ rake rubocop:diff master
+$ rake rubocop:diff path/to/file
+$ rake rubocop:diff dir/
+```
+As well as the primary `rubocop:diff` task, there are a number of convenience tasks provided:
+```
+$ rake rubocop:diff:head
+$ rake rubocop:diff:staged
+$ rake rubocop:diff:unstaged
+$ find . -iregex .*\.rake$ | xargs rake rubocop:diff:file
+```
+
+To add development support tasks to your project, add this line to your application's Rakefile:
+
+```ruby
+require 'ndr_dev_support/tasks'
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/PublicHealthEngland/ndr_dev_support. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+
+1. Fork it ( https://github.com/PublicHealthEngland/ndr_dev_support/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,12 @@
+require 'bundler/gem_tasks'
+require 'rake/testtask'
+require 'ndr_dev_support/tasks'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.libs << 'lib'
+  t.test_files = FileList['test/**/*_test.rb']
+end
+
+desc 'Run tests'
+task default: :test

data/bin/console

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+
+require 'bundler/setup'
+require 'tnql'
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+require 'pry'
+Pry.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/code_safety.yml

@@ -0,0 +1,91 @@
+---
+file safety:
+  ".gitignore":
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  ".rubocop.yml":
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: e1ead45a8d1fd525f3a39cc4a87e6c0338c6b879
+  ".travis.yml":
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: 303ce774decdc5e19ce99051e4c94246313564d7
+  CODE_OF_CONDUCT.md:
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  Gemfile:
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  LICENSE.txt:
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  README.md:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: 13cdf4eec8ea311ea480a90a3ba325a386db94e0
+  Rakefile:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  bin/console:
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  bin/setup:
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  lib/ndr_dev_support.rb:
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  lib/ndr_dev_support/rubocop/executor.rb:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: 301a0785d32fbc91b5fa175a0b4a4aed5bc5b8c1
+  lib/ndr_dev_support/rubocop/range_augmenter.rb:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: fe5f0a693b77eeecaa39ff6fcf87ad59c4fb46e1
+  lib/ndr_dev_support/rubocop/range_finder.rb:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: a8ecc0519a4abf9d464c49183863d65121dc8d0b
+  lib/ndr_dev_support/rubocop/reporter.rb:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: fe5f0a693b77eeecaa39ff6fcf87ad59c4fb46e1
+  lib/ndr_dev_support/tasks.rb:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: a55c971cb770a8e5dc4be7ed66663dd5d695fcd1
+  lib/ndr_dev_support/version.rb:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: 9611e403f47171962308a7c82cd11b116c6534ee
+  lib/tasks/audit_code.rake:
+    comments: Identical to the version reviewed by josh.pencheon when contained within
+      ndr_support
+    reviewed_by: timgentry
+    safe_revision: 0d56ba443b2cddca5ba2d96ea61ec6f2b898436d
+  lib/tasks/rubocop.rake:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: 13cdf4eec8ea311ea480a90a3ba325a386db94e0
+  ndr_dev_support.gemspec:
+    comments: 
+    reviewed_by: joshpencheon
+    safe_revision: d61f29be0444859c092f4c0599cc48f5bea8f0ac
+  test/ndr_dev_support_test.rb:
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17
+  test/test_helper.rb:
+    comments: 
+    reviewed_by: timgentry
+    safe_revision: c59a45986f8b6d087c8c21b1e889f31f7346da17

data/lib/ndr_dev_support.rb

@@ -0,0 +1,5 @@
+require 'ndr_dev_support/version'
+
+module NdrDevSupport
+  # Your code goes here...
+end

data/lib/ndr_dev_support/rubocop/executor.rb

@@ -0,0 +1,28 @@
+require 'json'
+require 'shellwords'
+
+module NdrDevSupport
+  module Rubocop
+    # This class filters the Rubocop report of a file
+    # to only the given lines.
+    class Executor
+      def initialize(filename, lines)
+        @filename = filename
+        @lines    = lines
+      end
+
+      def output
+        offenses.select do |offense|
+          @lines.include? offense['location']['line']
+        end
+      end
+
+      private
+
+      def offenses
+        hash = JSON.parse(`rubocop --format json #{Shellwords.escape(@filename)}`)
+        hash['files'].first['offenses']
+      end
+    end
+  end
+end

data/lib/ndr_dev_support/rubocop/range_augmenter.rb

@@ -0,0 +1,82 @@
+module NdrDevSupport
+  module Rubocop
+    # For a given file, and set of line ranges, computes a list of
+    # all lines covered, expanding the ranges to include full method
+    # defintions, and class/module headers.
+    class RangeAugmenter
+      require 'parser/current'
+
+      MODULE_TYPES = [:module, :class].freeze
+      METHOD_TYPES = [:def, :defs].freeze
+
+      attr_reader :filename
+
+      class << self
+        def augmented_lines_for(file_ranges)
+          output = {}
+          file_ranges.each do |file, ranges|
+            output[file] = new(file, ranges).lines
+          end
+          output
+        end
+      end
+
+      def initialize(filename, ranges)
+        @filename = filename
+        @lines    = ranges.map(&:to_a).flatten
+      end
+
+      def augmented_lines
+        root  = Parser::CurrentRuby.parse IO.read(filename)
+        nodes = extract_augmenting_nodes(root)
+
+        lines_covering(@lines, nodes)
+      end
+
+      private
+
+      def range_for(node)
+        expression = node.location.expression
+        start_line = expression.line
+        end_line, _column = expression.source_buffer.decompose_position(expression.end_pos)
+
+        start_line..end_line
+      end
+
+      def lines_covering(lines, nodes)
+        nodes.each do |node|
+          range = range_for(node)
+          next unless lines.detect { |line| range.cover?(line) }
+
+          if method?(node)
+            lines.concat(range.to_a)
+          elsif module?(node)
+            lines.push(range.begin)
+          end
+        end
+        lines.uniq.sort
+      end
+
+      def extract_augmenting_nodes(parent, result = [])
+        return result if dead_end?(parent)
+        result.push(parent) if method?(parent) || module?(parent)
+        parent.children.each { |node| extract_augmenting_nodes(node, result) }
+        result
+      end
+
+      def module?(node)
+        MODULE_TYPES.include? node.type
+      end
+
+      def method?(node)
+        METHOD_TYPES.include? node.type
+      end
+
+      def dead_end?(node)
+        return true unless node.is_a?(Parser::AST::Node)
+        location = node.location
+        !(location && location.expression)
+      end
+    end
+  end
+end