RubyGems - ndr_support - Versions diffs - 3.1.1 → 3.2.0 - Mend

ndr_support 3.1.1 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    ZDJkMjRhNmU0MmVhN2RmZTllMjVhY2FhYmQxMjA3M2YxZjI0OTJmOA==
+    OTE0YTVkMGEwNDI5ZmZlMDA0NTNmMTBiM2VjNGM3M2UyYjk3YTMwOQ==
   data.tar.gz: !binary |-
-    YTc0ODliMTUwMjk2MzE0N2NlZTdjNjM4NjIzNjFmZjYyYzdmMmEyMQ==
+    MDFhOTI2YWNmZmE0YTVkZWMyNDIyYjFmOTZiMTVhMDMwMDgzOWMwZQ==
 SHA512:
   metadata.gz: !binary |-
-    MjIxYWZhZDNiNDU2NzQxZTI5N2NhODhkMGI1ZTA3ZjZiNDk1ODNmMmRjZDc0
-    NTkwODEzMDhmNzA3NmY0Mjk2ODIyNGEwNDk1NTdkODI4ZjU0NDZlMzE2ZTc0
-    Y2EyMmIwMzVhYTc0OWQyNjAxN2JjMzA4M2JjNmVhMzY3YmE4NDk=
+    ODM0NDFhZjMzOTE5NTlmMDgwYmMzMTYzYmY5OTEyYmUxNDhiZTMxMDg4ZDBl
+    NDU4MWIxMzhmMGQwOTg0ZDk1NWVmZmY0MDUwMTA5NzZjYmEyZDgxNWRlMjY5
+    YjQwODRjMGE1ZTY4YmQyMTE4Nzk0YmYxMTIyNmQyNTI3YzE0YTY=
   data.tar.gz: !binary |-
-    MDUyZDU3NTE0ZWEzMmViMDkxZjM2Zjk0MjdiMWM2ZTNhMDA2YmFkNWI0ZmFm
-    ZWQ1NmMxMWFjYzVjZjc4MTQyOTUxOGZiOTkyN2RlYzMzZjE0ZGJkZDkzYWMy
-    YTlhYjczZDg0YmEyOThlNDA4NDEyODFjZjMzNDgyNmJjYzA4ZDY=
+    OGYxOTg3NDc2NjY4MmE3OTIwNzU5Nzc5OWE5YzgyOTYwZjE4YmIzNjNmYWJi
+    Y2I0OGRiZjE0MGMzNTFiOTExZmFjMGE5OWYzNGM5ZTA2NmEzZDFmZWEwY2U4
+    MjUxMDMxZTBjNGRhYTU3ZmQyYWZmYTA4YzA5NDYxNGRhNWM4M2Q=

data/code_safety.yml CHANGED Viewed

@@ -118,8 +118,8 @@ file safety:
     safe_revision: f9341d1c7f797f9fe81af937c383d41c23872b2f
   lib/ndr_support/safe_file.rb:
     comments:
-    reviewed_by: pauleves
-    safe_revision: 506a317e59d0ccb5b32d813b74d822f35a55cea9
+    reviewed_by: josh.pencheon
+    safe_revision: 24ba08d3a8f4b284678244aaffa2aaa347256900
   lib/ndr_support/safe_path.rb:
     comments:
     reviewed_by: pauleves
@@ -158,16 +158,16 @@ file safety:
     safe_revision: f7adf44fc2772e1926df37abfd9041d41c303328
   lib/ndr_support/version.rb:
     comments:
-    reviewed_by: timgentry
-    safe_revision: 4bb6a2dc2e82d1e2188047c24f098c7811a98edb
+    reviewed_by: josh.pencheon
+    safe_revision: 312e59a33a7d50aa5be72f536951d96f5907456c
   lib/ndr_support/yaml/serialization_migration.rb:
     comments:
     reviewed_by: timgentry
     safe_revision: 29595e6431587ff9b7db6e3ad3abbb3577bff99c
   lib/tasks/audit_code.rake:
     comments:
-    reviewed_by: timgentry
-    safe_revision: 2665e780ba942e7f0d92f6fd8d0b979e327d1edb
+    reviewed_by: josh.pencheon
+    safe_revision: 7f0e16404f65ad531109e7bf8da3663351aabeb5
   ndr_support.gemspec:
     comments:
     reviewed_by: timgentry
@@ -218,8 +218,8 @@ file safety:
     safe_revision: 81061f85ccdf8933adc7f104d7eeaef1e2d71e26
   test/safe_file_test.rb:
     comments:
-    reviewed_by: timgentry
-    safe_revision: 506a317e59d0ccb5b32d813b74d822f35a55cea9
+    reviewed_by: josh.pencheon
+    safe_revision: 24ba08d3a8f4b284678244aaffa2aaa347256900
   test/safe_path_test.rb:
     comments:
     reviewed_by: timgentry

data/lib/ndr_support/safe_file.rb CHANGED Viewed

@@ -38,6 +38,12 @@ class SafeFile
     @file.write(data)
   end
+  def each(*args, &block)
+    verify @file_name, 'r'
+    @file.each(*args, &block)
+  end
+  alias_method :each_line, :each
   def path
     @file_name.clone
   end
@@ -155,7 +161,7 @@ class SafeFile
       prms = nil
     when 2
-      fail ArgimentError if args[1].class != Fixnum and args[1].class != String
+      fail ArgumentError if args[1].class != Fixnum and args[1].class != String
       if args[1].class == Fixnum
         verify_mode(args[0], 'r')
@@ -170,7 +176,7 @@ class SafeFile
       fname = args[0]
     when 3
-      fail ArgimentError if args[1].class != String or args[2].class != Fixnum
+      fail ArgumentError if args[1].class != String or args[2].class != Fixnum
       verify_mode(args[0], args[1])
       fname = args[0]

data/lib/ndr_support/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # This defines the NdrSupport version. If you change it, rebuild and commit the gem.
 # Use "rake build" to build the gem, see rake -T for all bundler rake tasks (and our own).
 module NdrSupport
-  VERSION = '3.1.1'
+  VERSION = '3.2.0'
 end

data/lib/tasks/audit_code.rake CHANGED Viewed

@@ -10,7 +10,6 @@ SAFETY_REPOS = [['/svn/era', '/svn/extra/era/external-access']]
 require 'yaml'
 # Parameter max_print is number of entries to print before truncating output
 # (negative value => print all)
 def audit_code_safety(max_print = 20, ignore_new = false, show_diffs = false, show_in_priority = false, user_name = 'usr')
@@ -19,12 +18,12 @@ def audit_code_safety(max_print = 20, ignore_new = false, show_diffs = false, sh
   max_print = 1_000_000 if max_print < 0
   safety_cfg = File.exist?(SAFETY_FILE) ? YAML.load_file(SAFETY_FILE) : {}
-  file_safety = safety_cfg["file safety"]
+  file_safety = safety_cfg['file safety']
   if file_safety.nil?
     puts "Creating new 'file safety' block in #{SAFETY_FILE}"
-    safety_cfg["file safety"] = file_safety = {}
+    safety_cfg['file safety'] = file_safety = {}
   end
-  file_safety.each do |k, v|
+  file_safety.each do |_k, v|
     rev = v['safe_revision']
     v['safe_revision'] = rev.to_s if rev.is_a?(Integer)
   end
@@ -35,13 +34,13 @@ def audit_code_safety(max_print = 20, ignore_new = false, show_diffs = false, sh
   # TODO: below is broken for git-svn
   # Is it needed?
-  SAFETY_REPOS.each{|suffix, alt|
+  SAFETY_REPOS.each do |suffix, alt|
     # Temporarily override to only audit a different file list
     if safety_repo.end_with?(suffix)
-      safety_repo = safety_repo[0...-suffix.length]+alt
+      safety_repo = safety_repo[0...-suffix.length] + alt
       break
     end
-  }
+  end
   if ignore_new
     puts "Not checking for new files in #{safety_repo}"
@@ -49,18 +48,17 @@ def audit_code_safety(max_print = 20, ignore_new = false, show_diffs = false, sh
     puts "Checking for new files in #{safety_repo}"
     new_files = get_new_files(safety_repo)
     # Ignore subdirectories, and exclude code_safety.yml by default.
-    new_files.delete_if{|f| f =~ /[\/\\]$/ || f == SAFETY_FILE}
-    new_files.each{|f|
-      unless file_safety.has_key?(f)
-        file_safety[f] = {
-          "comments" => nil,
-          "reviewed_by" => nil,
-          "safe_revision" => nil }
-      end
-    }
+    new_files.delete_if { |f| f =~ /[\/\\]$/ || f == SAFETY_FILE }
+    new_files.each do |f|
+      next if file_safety.key?(f)
+      file_safety[f] = {
+        'comments' => nil,
+        'reviewed_by' => nil,
+        'safe_revision' => nil }
+    end
     File.open(SAFETY_FILE, 'w') do |file|
       # Consistent file diffs, as ruby preserves Hash insertion order since v1.9
-      safety_cfg["file safety"] = Hash[file_safety.sort]
+      safety_cfg['file safety'] = Hash[file_safety.sort]
       YAML.dump(safety_cfg, file) # Save changes before checking latest revisions
     end
   end
@@ -71,36 +69,40 @@ def audit_code_safety(max_print = 20, ignore_new = false, show_diffs = false, sh
   puts "Number of new files added: #{file_safety.size - orig_count}"
   # Now generate statistics:
-  unknown = file_safety.values.select{|x| x["safe_revision"].nil?}
-  unsafe = file_safety.values.select{|x|
-    !x["safe_revision"].nil? && x["safe_revision"] != -1 &&
-    x["last_changed_rev"] != x['safe_revision'] &&
-    !(x["last_changed_rev"] =~ /^[0-9]+$/ && x['safe_revision'] =~ /^[0-9]+$/ &&
-      x["last_changed_rev"].to_i < x['safe_revision'].to_i)
-  }
+  unknown = file_safety.values.select { |x| x['safe_revision'].nil? }
+  unsafe = file_safety.values.select do |x|
+    !x['safe_revision'].nil? && x['safe_revision'] != -1 &&
+    x['last_changed_rev'] != x['safe_revision'] &&
+    !(x['last_changed_rev'] =~ /^[0-9]+$/ && x['safe_revision'] =~ /^[0-9]+$/ &&
+      x['last_changed_rev'].to_i < x['safe_revision'].to_i)
+  end
   puts "Number of files with no safe version: #{unknown.size}"
   puts "Number of files which are no longer safe: #{unsafe.size}"
   puts
   printed = []
   # We also print a third category: ones which are no longer in the repository
-  if show_in_priority
-    file_list = file_safety.sort_by {|k,v| v.nil? ? -100 : v["last_changed_rev"].to_i}.map(&:first)
-  else
-    file_list = file_safety.keys.sort
-  end
+  file_list =
+    if show_in_priority
+      file_safety.sort_by { |_k, v| v.nil? ? -100 : v['last_changed_rev'].to_i }.map(&:first)
+    else
+      file_safety.keys.sort
+    end
-  file_list.each{|f|
+  file_list.each do |f|
     if print_file_safety(file_safety, trunk_repo, f, false, printed.size >= max_print)
       printed << f
     end
-  }
+  end
   puts "... and #{printed.size - max_print} others" if printed.size > max_print
   if show_diffs
     puts
-    printed.each{|f|
+    printed.each do |f|
       print_file_diffs(file_safety, trunk_repo, f, user_name)
-    }
+    end
   end
+  # Returns `true` unless there are pending reviews:
+  unsafe.length.zero? && unknown.length.zero?
 end
 # Print summary details of a file's known safety
@@ -110,13 +112,13 @@ end
 def print_file_safety(file_safety, repo, fname, verbose = false, silent = false)
   msg = "#{fname}\n  "
   entry = file_safety[fname]
-  msg += "File not in audit list" if entry.nil?
+  msg += 'File not in audit list' if entry.nil?
-  if entry["safe_revision"].nil?
-    msg += "No safe revision known"
-    msg += ", last changed #{entry['last_changed_rev']}" unless entry["last_changed_rev"].nil?
+  if entry['safe_revision'].nil?
+    msg += 'No safe revision known'
+    msg += ", last changed #{entry['last_changed_rev']}" unless entry['last_changed_rev'].nil?
   else
-    repolatest = entry["last_changed_rev"] # May have been prepopulated en mass
+    repolatest = entry['last_changed_rev'] # May have been prepopulated en mass
     msg += 'Not in repository: ' if entry['last_changed_rev'] == -1
     if (repolatest != entry['safe_revision']) &&
        !(repolatest =~ /^[0-9]+$/ && entry['safe_revision'] =~ /^[0-9]+$/ &&
@@ -125,53 +127,53 @@ def print_file_safety(file_safety, repo, fname, verbose = false, silent = false)
       msg += "No longer safe since revision #{repolatest}: "
     else
       return false unless verbose
-      msg += "Safe: "
+      msg += 'Safe: '
     end
     msg += "revision #{entry['safe_revision']} reviewed by #{entry['reviewed_by']}"
   end
   msg += "\n  Comments: #{entry['comments']}" if entry['comments']
   puts msg unless silent
-  return true
+  true
 end
 def flag_file_as_safe(release, reviewed_by, comments, f)
   safety_cfg = YAML.load_file(SAFETY_FILE)
-  file_safety = safety_cfg["file safety"]
+  file_safety = safety_cfg['file safety']
   unless File.exist?(f)
     abort("Error: Unable to flag non-existent file as safe: #{f}")
   end
-  unless file_safety.has_key?(f)
+  unless file_safety.key?(f)
     file_safety[f] = {
-      "comments" => nil,
-      "reviewed_by" => :dummy, # dummy value, will be overwritten
-      "safe_revision" => nil }
+      'comments' => nil,
+      'reviewed_by' => :dummy, # dummy value, will be overwritten
+      'safe_revision' => nil }
   end
   entry = file_safety[f]
   entry_orig = entry.dup
-  if comments.to_s.length > 0 && entry["comments"] != comments
-    entry["comments"] = if entry["comments"].to_s.empty?
+  if comments.to_s.length > 0 && entry['comments'] != comments
+    entry['comments'] = if entry['comments'].to_s.empty?
                           comments
                         else
-                          "#{entry["comments"]}#{'.' unless entry["comments"].end_with?('.')} Revision #{release}: #{comments}"
+                          "#{entry['comments']}#{'.' unless entry['comments'].end_with?('.')} Revision #{release}: #{comments}"
                         end
   end
-  if entry["safe_revision"]
+  if entry['safe_revision']
     unless release
-      abort("Error: File already has safe revision #{entry["safe_revision"]}: #{f}")
+      abort("Error: File already has safe revision #{entry['safe_revision']}: #{f}")
     end
-    if release.is_a?(Integer) && release < entry["safe_revision"]
+    if release.is_a?(Integer) && release < entry['safe_revision']
       puts("Warning: Rolling back safe revision from #{entry['safe_revision']} to #{release} for #{f}")
     end
   end
-  entry["safe_revision"] = release
-  entry["reviewed_by"] = reviewed_by
+  entry['safe_revision'] = release
+  entry['reviewed_by'] = reviewed_by
   if entry == entry_orig
     puts "No changes when updating safe_revision to #{release || '[none]'} for #{f}"
   else
     File.open(SAFETY_FILE, 'w') do |file|
       # Consistent file diffs, as ruby preserves Hash insertion order since v1.9
-      safety_cfg["file safety"] = Hash[file_safety.sort]
+      safety_cfg['file safety'] = Hash[file_safety.sort]
       YAML.dump(safety_cfg, file) # Save changes before checking latest revisions
     end
     puts "Updated safe_revision to #{release || '[none]'} for #{f}"
@@ -180,10 +182,15 @@ end
 # Determine the type of repository
 def repository_type
-  return 'svn' if Dir.exists?('.svn')
-  return 'git-svn' if Dir.exists?('.git') && open('.git/config').grep(/svn/).any?
-  return 'git' if Dir.exists?('.git') && open('.git/config').grep(/git/).any?
-  return 'not known'
+  @repository_type ||= if Dir.exist?('.svn') || system("svn info . > /dev/null 2>&1")
+                         'svn'
+                       elsif Dir.exist?('.git') && open('.git/config').grep(/svn/).any?
+                         'git-svn'
+                       elsif Dir.exist?('.git') && open('.git/config').grep(/git/).any?
+                         'git'
+                       else
+                         'not known'
+                       end
 end
 def get_trunk_repo
@@ -191,14 +198,14 @@ def get_trunk_repo
   when 'svn'
     repo_info = %x[svn info]
     puts 'svn case'
-    return repo_info.split("\n").select{|x| x=~ /^URL: /}.collect{|x| x[5..-1]}.first
+    return repo_info.split("\n").select { |x| x =~ /^URL: / }.collect { |x| x[5..-1] }.first
   when 'git-svn'
     puts 'git-svn case'
     repo_info = %x[git svn info]
-    return repo_info.split("\n").select{|x| x =~ /^URL: /}.collect{|x| x[5..-1]}.first
+    return repo_info.split("\n").select { |x| x =~ /^URL: / }.collect { |x| x[5..-1] }.first
   when 'git'
     puts 'git case'
-    repo_info =  %x[git remote -v]
+    repo_info = %x[git remote -v]
     return repo_info.split("\n").first[7..-9]
   else
     return 'Information not available. Unknown repository type'
@@ -210,13 +217,13 @@ def get_new_files(safety_repo)
   when 'svn', 'git-svn'
     %x[svn ls -R "#{safety_repo}"].split("\n")
   when 'git'
-     #%x[git ls-files --modified].split("\n")
-     %x[git ls-files].split("\n")
+    #%x[git ls-files --modified].split("\n")
+    %x[git ls-files].split("\n")
     # TODO: Below is for remote repository - for testing use local files
     #new_files = %x[git ls-files --modified #{safety_repo}].split("\n")
     # TODO: Do we need the --modified option?
-     #new_files = %x[git ls-files --modified].split("\n")
+    #new_files = %x[git ls-files --modified].split("\n")
   else
     []
   end
@@ -234,9 +241,9 @@ def set_last_changed_revision(repo, file_safety, fnames)
     fnames.each_with_index do |f, i|
       info = %x[git log -n 1 #{f}].split("\n").first[7..-1]
       if info.nil? || info.empty?
-        file_safety[f]["last_changed_rev"] = -1
+        file_safety[f]['last_changed_rev'] = -1
       else
-        file_safety[f]["last_changed_rev"] = info
+        file_safety[f]['last_changed_rev'] = info
       end
       # Show progress
       print '.' if (i % dot_freq) == 0
@@ -279,12 +286,12 @@ def get_last_changed_revision(repo, fname)
     begin
       svn_info = %x[svn info -r head "#{repo}/#{fname}"]
     rescue
-      puts "we have an error in the svn info line"
+      puts 'we have an error in the svn info line'
     end
     begin
       svn_info.match('Last Changed Rev: ([0-9]*)').to_a[1]
     rescue
-      puts "We have an error in getting the revision"
+      puts 'We have an error in getting the revision'
     end
   end
 end
@@ -331,13 +338,18 @@ def set_safe_revision
 end
 def print_repo_file_diffs(repolatest, repo, fname, user_name, safe_revision)
+  require 'open3'
+  cmd = nil
   case repository_type
   when 'git'
-    puts %[git --no-pager diff -b #{safe_revision}..#{repolatest} #{fname}]
-    puts %x[git --no-pager diff -b #{safe_revision}..#{repolatest} #{fname}]
+    cmd = ['git', '--no-pager', 'diff', '-b', "#{safe_revision}..#{repolatest}", fname]
   when 'git-svn', 'svn'
-    puts %[svn diff -r #{safe_revision.to_i}:#{repolatest.to_i} -x -b #{repo}/#{fname}]
-    puts %x[svn diff -r #{safe_revision.to_i}:#{repolatest.to_i} -x -b #{repo}/#{fname}]
+    cmd = ['svn', 'diff', '-r', "#{safe_revision.to_i}:#{repolatest.to_i}", '-x', '-b', "#{repo}/#{fname}"]
+  end
+  if cmd
+    puts(cmd.join(' '))
+    stdout_and_err_str, status = Open3.capture2e(*cmd)
+    puts(stdout_and_err_str)
   else
     puts 'Unknown repo'
   end
@@ -369,11 +381,10 @@ def get_release
   else
     ''
   end
-  return release
+  release
 end
 namespace :audit do
   desc "Audit safety of source code.
 Usage: audit:code [max_print=n] [ignore_new=false|true] [show_diffs=false|true] [reviewed_by=usr]
@@ -381,19 +392,22 @@ File #{SAFETY_FILE} lists the safety and revision information
 of the era source code. This task updates the list, and [TODO] warns about
 files which have changed since they were last verified as safe."
   task(:code) do
-    puts "Usage: audit:code [max_print=n] [ignore_new=false|true] [show_diffs=false|true] [show_in_priority=false|true] [reviewed_by=usr]"
+    puts 'Usage: audit:code [max_print=n] [ignore_new=false|true] [show_diffs=false|true] [show_in_priority=false|true] [reviewed_by=usr]'
     puts "This is a #{repository_type} repository"
     ignore_new = (ENV['ignore_new'].to_s =~ /\Atrue\Z/i)
     show_diffs = (ENV['show_diffs'].to_s =~ /\Atrue\Z/i)
     show_in_priority = (ENV['show_in_priority'].to_s =~ /\Atrue\Z/i)
     max_print = ENV['max_print'] =~ /\A-?[0-9][0-9]*\Z/ ? ENV['max_print'].to_i : 20
+    reviewer  = ENV['reviewed_by']
-    audit_code_safety(max_print, ignore_new, show_diffs, show_in_priority, ENV['reviewed_by'])
+    all_safe = audit_code_safety(max_print, ignore_new, show_diffs, show_in_priority, reviewer)
     unless show_diffs
-      puts "To show file diffs, run:  rake audit:code max_print=-1 show_diffs=true"
+      puts 'To show file diffs, run:  rake audit:code max_print=-1 show_diffs=true'
     end
+    exit(1) unless all_safe
   end
   desc "Flag a source file as safe.
@@ -401,23 +415,47 @@ files which have changed since they were last verified as safe."
 Usage:
   Flag as safe:   rake audit:safe release=revision reviewed_by=usr [comments=...] file=f
   Needs review:   rake audit:safe release=0 [comments=...] file=f"
-  task (:safe) do
-    required_fields = ["release", "file"]
-    required_fields << "reviewed_by" unless ENV['release'] == '0'
-    missing = required_fields.collect{|f| (f if ENV[f].to_s.empty? || (f=='reviewed_by' && ENV[f] == 'usr'))}.compact # Avoid accidental missing username
-    if !missing.empty?
-      puts "Usage: rake audit:safe release=revision reviewed_by=usr [comments=...] file=f"
-      puts "or, to flag a file for review: rake audit:safe release=0 [comments=...] file=f"
+  task(:safe) do
+    required_fields = %w(release file)
+    required_fields << 'reviewed_by' unless ENV['release'] == '0'
+    missing = required_fields.collect { |f| (f if ENV[f].to_s.empty? || (f == 'reviewed_by' && ENV[f] == 'usr')) }.compact # Avoid accidental missing username
+    unless missing.empty?
+      puts 'Usage: rake audit:safe release=revision reviewed_by=usr [comments=...] file=f'
+      puts 'or, to flag a file for review: rake audit:safe release=0 [comments=...] file=f'
       abort("Error: Missing required argument(s): #{missing.join(', ')}")
     end
     unless release_valid?
-      puts "Usage: rake audit:safe release=revision reviewed_by=usr [comments=...] file=f"
-      puts "or, to flag a file for review: rake audit:safe release=0 [comments=...] file=f"
+      puts 'Usage: rake audit:safe release=revision reviewed_by=usr [comments=...] file=f'
+      puts 'or, to flag a file for review: rake audit:safe release=0 [comments=...] file=f'
       abort("Error: Invalid release: #{ENV['release']}")
     end
     release = get_release
     flag_file_as_safe(release, ENV['reviewed_by'], ENV['comments'], ENV['file'])
   end
+  desc 'Wraps audit:code, and stops if any review is pending/stale.'
+  task(:ensure_safe) do
+    begin
+      puts 'Checking code safety...'
+      begin
+        $stdout = $stderr = StringIO.new
+        Rake::Task['audit:code'].invoke
+      ensure
+        $stdout, $stderr = STDOUT, STDERR
+      end
+    rescue SystemExit => ex
+      puts '=============================================================='
+      puts 'Code safety review of some files are not up-to-date; aborting!'
+      puts '  - to review the files in question, run:  rake audit:code'
+      puts '=============================================================='
+      raise ex
+    end
+  end
 end
+# Prevent building of un-reviewed gems:
+task :build => :'audit:ensure_safe'

data/test/safe_file_test.rb CHANGED Viewed

@@ -25,9 +25,12 @@ class SafeFileTest < Minitest::Test
   # .new
   test 'constructor should accept safe_path only' do
-    assert_raises ArgumentError do
-      SafeFile.new('example_file', 'rw')
-    end
+    assert_raises(ArgumentError) { SafeFile.new }
+    assert_raises(ArgumentError) { SafeFile.new('example_file', 'rw') }
+  end
+  test 'constructor should only allow string or numeric second argument' do
+    assert_raises(ArgumentError) { SafeFile.new(@not_empty_fpath, {}) }
   end
   test 'should raise exception if try to write in read-only space' do
@@ -311,6 +314,76 @@ class SafeFileTest < Minitest::Test
     File.delete p
   end
+  ################################################################################
+  # .each / .each_line
+  test '#each should check pathspace permissions when called with a block' do
+    p = SafePath.new('test_space_w').join('test_file_rw_not_empty')
+    f = SafeFile.new(p, 'w')
+    assert_raises(SecurityError) { f.each { |line| line } }
+    assert_raises(SecurityError) { f.each_line { |line| line } }
+    f.close
+  end
+  test '#each should check pathspace permissions when called without a block' do
+    p = SafePath.new('test_space_w').join('test_file_rw_not_empty')
+    f = SafeFile.new(p, 'w')
+    assert_raises(SecurityError) { f.each }
+    assert_raises(SecurityError) { f.each_line }
+    f.close
+  end
+  test '#each should return an enumerator in read-only namespace' do
+    p = SafePath.new('test_space_r').join('test_file_rw_not_empty')
+    f = SafeFile.new(p, 'r')
+    assert f.each.is_a?(Enumerator)
+    assert f.each_line.is_a?(Enumerator)
+    f.close
+  end
+  test '#each should read lines from read-only namespace' do
+    p = SafePath.new('test_space_r').join('test_file_rw_not_empty')
+    f = SafeFile.new(p, 'r')
+    assert_equal ['I am not empty'], f.each.to_a
+    f.close
+  end
+  test '#each handles separator argument when in read-only namespace' do
+    p = SafePath.new('test_space_r').join('test_file_rw_not_empty')
+    f = SafeFile.new(p, 'r')
+    assert_equal ['I am', ' not em', 'pty'], f.each('m').to_a
+    f.close
+  end
+  test '#each handles limit argument when in read-only namespace' do
+    p = SafePath.new('test_space_r').join('test_file_rw_not_empty')
+    f = SafeFile.new(p, 'r')
+    assert_equal ['I a', 'm n', 'ot ', 'emp', 'ty'], f.each(3).to_a
+    f.close
+  end
+  test '#each handles separator and limit argument when in read-only namespace' do
+    p = SafePath.new('test_space_r').join('test_file_rw_not_empty')
+    f = SafeFile.new(p, 'r')
+    assert_equal ['I am', ' not ', 'em', 'pty'], f.each('m', 5).to_a
+    f.close
+  end
+  test '#each_line handles separator and limit argument when in read-only namespace' do
+    p = SafePath.new('test_space_r').join('test_file_rw_not_empty')
+    f = SafeFile.new(p, 'r')
+    assert_equal ['I am', ' not ', 'em', 'pty'], f.each_line('m', 5).to_a
+    f.close
+  end
   ################################################################################
   # .path

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ndr_support
 version: !ruby/object:Gem::Version
-  version: 3.1.1
+  version: 3.2.0
 platform: ruby
 authors:
 - NCRS Development Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-10-09 00:00:00.000000000 Z
+date: 2015-12-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord