package_protections 1.0.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a1189b0779bbda54403506984a5719d37ac3444776e34150defe591ecb96fc81
-  data.tar.gz: 1006d4722077a1581cf3509358eb4f5b58d5e443bd6c9d203309472bb26f980d
+  metadata.gz: 41803352508cd5d4ede0fe0caf1121516474fe3e95a030e4db7e0f05badfa9a2
+  data.tar.gz: bc594511c3b3da35dcd9efcfba0f989928e074e0da429a8f0f538e0537eff5be
 SHA512:
-  metadata.gz: 383d9bac29ac9e7be26d41de6d7af08eeb85d635e471f91a1a1ad08fd565aaaa25f42763d9e0bfc75cded4beb6d911bff267744d2a6408651132b93c4a30d70b
-  data.tar.gz: 1fd35343e9db0689656378111537df0369910874f0a59f38dcb2fa1bc712c6233e45e945cccec591c3f6a71da89e64b62aeffaa2cd565146a217aa43d09900a1
+  metadata.gz: 352aa3ea22bf0d7cf765023c35ed88c6026fda2b52036aa73fbcf35e4aca1df52df24486ce028a238dcf50db89f2864f4080e77d6da52d9f7be7fa984cd70dc7
+  data.tar.gz: 6bb8ab188d27a3656cd6979d00fcaf725165176b17a42704be114ef0bbfbe7150facf21ae44ebc3c1633ce5b21876fd9b8088179c6e702f8addd49f890d7e1e3

data/README.md

@@ -141,7 +141,7 @@ end
 In this example, `MyCustomProtection` needs to implement the `PackageProtections::ProtectionInterface` (for protections powered by `packwerk` that look at new and existing violations) OR `PackageProtections::RubocopProtectionInterface` (for protections powered by `rubocop` that look at the AST). It's recommended to take a look at the existing protections as examples. If you're having any trouble with this, please file an issue and we'll be glad to help.
 
 ## Incorporating into your CI Pipeline
-Your CI pipeline can execute the public API ta and fail if there are any offenses.
+Your CI pipeline can execute the public API and fail if there are any offenses.
 
 ## Discussions, Issues, Questions, and More
 To keep things organized, here are some recommended homes:

data/lib/package_protections/private/configuration.rb

@@ -28,8 +28,8 @@ module PackageProtections
         [
           Private::OutgoingDependencyProtection.new,
           Private::IncomingPrivacyProtection.new,
-          Private::TypedApiProtection.new,
-          Private::MultipleNamespacesProtection.new,
+          RuboCop::Cop::PackageProtections::TypedPublicApi.new,
+          RuboCop::Cop::PackageProtections::NamespacedUnderPackageName.new,
           Private::VisibilityProtection.new
         ]
       end

data/lib/package_protections/private.rb

@@ -3,11 +3,9 @@
 
 require 'package_protections/private/colorized_string'
 require 'package_protections/private/output'
-require 'package_protections/private/typed_api_protection'
 require 'package_protections/private/incoming_privacy_protection'
 require 'package_protections/private/outgoing_dependency_protection'
 require 'package_protections/private/metadata_modifiers'
-require 'package_protections/private/multiple_namespaces_protection'
 require 'package_protections/private/visibility_protection'
 require 'package_protections/private/configuration'
 

data/lib/package_protections/rspec/application_fixture_helper.rb

@@ -0,0 +1,54 @@
+# typed: true
+# frozen_string_literal: true
+
+require 'fileutils'
+
+module ApplicationFixtureHelper
+  def write_file(path, content = '')
+    pathname = Pathname.new(path)
+    FileUtils.mkdir_p(pathname.dirname)
+    pathname.write(content)
+    path
+  end
+
+  def write_package_yml(
+    pack_name,
+    dependencies: [],
+    enforce_dependencies: true,
+    enforce_privacy: true,
+    protections: {},
+    global_namespaces: [],
+    visible_to: []
+  )
+    defaults = {
+      'prevent_this_package_from_violating_its_stated_dependencies' => 'fail_on_new',
+      'prevent_other_packages_from_using_this_packages_internals' => 'fail_on_new',
+      'prevent_this_package_from_exposing_an_untyped_api' => 'fail_on_new',
+      'prevent_this_package_from_creating_other_namespaces' => 'fail_on_new',
+      'prevent_other_packages_from_using_this_package_without_explicit_visibility' => 'fail_never'
+    }
+    protections_with_defaults = defaults.merge(protections)
+    metadata = { 'protections' => protections_with_defaults }
+    if visible_to.any?
+      metadata.merge!('visible_to' => visible_to)
+    end
+
+    if global_namespaces.any?
+      metadata.merge!('global_namespaces' => global_namespaces)
+    end
+
+    package = ParsePackwerk::Package.new(
+      name: pack_name,
+      dependencies: dependencies,
+      enforce_dependencies: enforce_dependencies,
+      enforce_privacy: enforce_privacy,
+      metadata: metadata
+    )
+
+    ParsePackwerk.write_package_yml!(package)
+  end
+
+  def delete_app_file(path)
+    File.delete(path)
+  end
+end

data/lib/package_protections/rspec/matchers.rb

@@ -0,0 +1,99 @@
+def offense(
+  package_name, message, file, violation_type
+)
+
+  package = ParsePackwerk.all.find { |p| p.name == package_name }
+  PackageProtections::Offense.new(
+    package: package,
+    message: message,
+    file: file,
+    violation_type: violation_type
+  )
+end
+
+def serialize_offenses_diff(actual_offenses, expected_offense)
+  color_by_match = ->(actual, expected) { actual == expected ? Rainbow(actual).green : "#{Rainbow(actual).red} (expected: #{expected})" }
+
+  actual_offenses.map do |offense|
+    # We color each field red or green depending on if the attributes match our expected
+    <<~SERIALIZED_OFFENSE
+      File: #{color_by_match.call(offense.file, expected_offense.file)}
+      Message: #{color_by_match.call(offense.message, expected_offense.message)}
+      Violation Type: #{color_by_match.call(offense.violation_type, expected_offense.violation_type)}
+      Package: #{color_by_match.call(offense.package.name, expected_offense.package.name)}
+    SERIALIZED_OFFENSE
+  end
+end
+
+def serialize_offenses(actual_offenses)
+  actual_offenses.map do |offense|
+    <<~SERIALIZED_OFFENSE
+      File: #{offense.file}
+      Message: #{offense.message}
+      Violation Type: #{offense.violation_type}
+      Package: #{offense.package.name}
+    SERIALIZED_OFFENSE
+  end
+end
+
+RSpec::Matchers.define(:include_offense) do |expected_offense|
+  match do |actual_offenses|
+    @actual_offenses = actual_offenses
+    @expected_offense = expected_offense
+    if ENV['DEBUG']
+      PackageProtections.print_offenses(actual_offenses)
+    end
+    @matching_offense = actual_offenses.find do |actual_offense|
+      actual_offense.file == expected_offense.file &&
+        actual_offense.message == expected_offense.message &&
+        actual_offense.violation_type == expected_offense.violation_type &&
+        actual_offense.package.name == expected_offense.package.name
+    end
+    !@matching_offense.nil?
+  end
+
+  description do
+    "to have an offense with type `#{expected_offense.type}` tied to package `#{expected_offense.package_name}` with message `#{expected_offense.message}` and instances `#{expected_offense.submessages.join(', ')}`"
+  end
+
+  failure_message do
+    <<~MSG
+      Could not find offense! Here are the found offenses:
+      #{serialize_offenses_diff(@actual_offenses, expected_offense).join("\n\n")}
+    MSG
+  end
+end
+
+RSpec::Matchers.define(:contain_exactly) do |number_of_offenses|
+  match do |actual_offenses|
+    @actual_offenses = actual_offenses || []
+    @offenses = []
+    @actual_offenses.each do |offense|
+      @offenses << offense
+    end
+    @offenses.size == number_of_offenses
+  end
+
+  chain :offense, :number_of_offenses
+  chain :offenses, :number_of_offenses
+
+  description do
+    'to contain offenses'
+  end
+
+  failure_message_when_negated do
+    "Found the following offenses:\n#{@offenses.map { |r| "#{r.package_name}: #{r.message}" }}"
+  end
+
+  failure_message do
+    if @offenses.empty?
+      "Found #{@offenses.size} instead."
+    else
+      <<~MSG
+        Found #{@offenses.size} instead.
+
+        #{serialize_offenses(@offenses).join("\n")}
+      MSG
+    end
+  end
+end

data/lib/package_protections/rspec/support.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+# Require this file to load code that supports testing using RSpec.
+
+require_relative 'application_fixture_helper'
+require_relative 'matchers'
+
+def get_resulting_rubocop
+  write_file('config/default.yml', <<~YML.strip)
+    <%= PackageProtections.rubocop_yml %>
+  YML
+  YAML.safe_load(ERB.new(File.read('config/default.yml')).result(binding))
+end
+
+RSpec.configure do |config|
+  config.include ApplicationFixtureHelper
+end

data/lib/package_protections/rubocop_protection_interface.rb

@@ -3,26 +3,6 @@
 # typed: strict
 module PackageProtections
   module RubocopProtectionInterface
-    include ProtectionInterface
-    extend T::Sig
-    extend T::Helpers
-
-    abstract!
-
-    sig do
-      abstract
-        .params(packages: T::Array[ProtectedPackage])
-        .returns(T::Array[CopConfig])
-    end
-    def cop_configs(packages); end
-
-    sig do
-      params(package: ProtectedPackage).returns(T::Hash[T.untyped, T.untyped])
-    end
-    def custom_cop_config(package)
-      {}
-    end
-
     class CopConfig < T::Struct
       extend T::Sig
       const :name, String
@@ -46,6 +26,40 @@ module PackageProtections
       end
     end
 
+    include ProtectionInterface
+    extend T::Sig
+    extend T::Helpers
+
+    abstract!
+
+    ###########################################################################
+    # Abstract Methods: These are methods that the client needs to implement
+    ############################################################################
+    sig { abstract.returns(String) }
+    def cop_name; end
+
+    sig do
+      abstract.params(file: String).returns(String)
+    end
+    def message_for_fail_on_any(file); end
+
+    sig { abstract.returns(T::Array[String]) }
+    def included_globs_for_pack; end
+
+    ###########################################################################
+    # Overriddable Methods: These are methods that the client can override,
+    # but a default is provided.
+    ############################################################################
+    sig do
+      params(package: ProtectedPackage).returns(T::Hash[T.untyped, T.untyped])
+    end
+    def custom_cop_config(package)
+      {}
+    end
+
+    sig { override.params(behavior: ViolationBehavior, package: ParsePackwerk::Package).returns(T.nilable(String)) }
+    def unmet_preconditions_for_behavior(behavior, package); end
+
     sig do
       override.params(
         new_violations: T::Array[PerFileViolation]
@@ -73,6 +87,66 @@ module PackageProtections
       end
     end
 
+    sig do
+      override.params(
+        protected_packages: T::Array[ProtectedPackage]
+      ).returns(T::Array[Offense])
+    end
+    def get_offenses_for_existing_violations(protected_packages)
+      exclude_list = exclude_for_rule(cop_name)
+      offenses = []
+
+      protected_packages.each do |package|
+        violation_behavior = package.violation_behavior_for(identifier)
+
+        case violation_behavior
+        when ViolationBehavior::FailNever, ViolationBehavior::FailOnNew
+          next
+        when ViolationBehavior::FailOnAny
+          # Continue
+        else
+          T.absurd(violation_behavior)
+        end
+
+        package.original_package.directory.glob(included_globs_for_pack).each do |relative_path_to_file|
+          next unless exclude_list.include?(relative_path_to_file.to_s)
+
+          file = relative_path_to_file.to_s
+          offenses << Offense.new(
+            file: file,
+            message: message_for_fail_on_any(file),
+            violation_type: identifier,
+            package: package.original_package
+          )
+        end
+      end
+
+      offenses
+    end
+
+    sig do
+      params(packages: T::Array[ProtectedPackage])
+      .returns(T::Array[CopConfig])
+    end
+    def cop_configs(packages)
+      include_paths = T.let([], T::Array[String])
+      packages.each do |p|
+        next unless p.violation_behavior_for(identifier).enabled?
+
+        included_globs_for_pack.each do |glob|
+          include_paths << p.original_package.directory.join(glob).to_s
+        end
+      end
+
+      [
+        CopConfig.new(
+          name: cop_name,
+          enabled: include_paths.any?,
+          include_paths: include_paths
+        )
+      ]
+    end
+
     private
 
     sig { params(rule: String).returns(T::Set[String]) }

data/lib/rubocop/cop/package_protections/namespaced_under_package_name.rb

@@ -1,4 +1,4 @@
-# typed: ignore
+# typed: true
 
 # For String#camelize
 require 'active_support/core_ext/string/inflections'
@@ -7,7 +7,10 @@ module RuboCop
   module Cop
     module PackageProtections
       class NamespacedUnderPackageName < Base
+        extend T::Sig
+
         include RangeHelp
+        include ::PackageProtections::RubocopProtectionInterface
 
         def on_new_investigation
           absolute_filepath = Pathname.new(processed_source.file_path)
@@ -39,7 +42,7 @@ module RuboCop
           #
           # Therefore, for our implementation, we substitute out the non-namespace producing portions of the filename to count the number of namespaces.
           # Note this will *not work* properly in applications that have different assumptions about autoloading.
-          package_last_name = package_name.split('/').last
+          package_last_name = T.must(package_name.split('/').last)
           path_without_package_base = relative_filename.gsub(%r{#{package_name}/app/}, '')
           if path_without_package_base.include?('concerns')
             autoload_folder_name = path_without_package_base.split('/').first(2).join('/')
@@ -85,6 +88,77 @@ module RuboCop
           end
         end
 
+        IDENTIFIER = 'prevent_this_package_from_creating_other_namespaces'.freeze
+
+        sig { override.returns(String) }
+        def identifier
+          IDENTIFIER
+        end
+
+        sig { override.params(behavior: ::PackageProtections::ViolationBehavior, package: ParsePackwerk::Package).returns(T.nilable(String)) }
+        def unmet_preconditions_for_behavior(behavior, package)
+          if !behavior.enabled? && !package.metadata['global_namespaces'].nil?
+            "Invalid configuration for package `#{package.name}`. `#{identifier}` must be turned on to use `global_namespaces` configuration."
+          else
+            # We don't need to validate if the behavior is currentely fail_never
+            return if behavior.fail_never?
+
+            # The reason for this is precondition is the `MultipleNamespacesProtection` assumes this to work properly.
+            # To remove this precondition, we need to modify `MultipleNamespacesProtection` to be more generalized!
+            if ::PackageProtections::EXPECTED_PACK_DIRECTORIES.include?(Pathname.new(package.name).dirname.to_s) || package.name == ParsePackwerk::ROOT_PACKAGE_NAME
+              nil
+            else
+              "Package #{package.name} must be located in one of #{::PackageProtections::EXPECTED_PACK_DIRECTORIES.join(', ')} (or be the root) to use this protection"
+            end
+          end
+        end
+
+        sig { override.returns(T::Array[String]) }
+        def included_globs_for_pack
+          [
+            'app/**/*',
+            'lib/**/*'
+          ]
+        end
+
+        sig do
+          params(package: ::PackageProtections::ProtectedPackage).returns(T::Hash[T.untyped, T.untyped])
+        end
+        def custom_cop_config(package)
+          {
+            'GlobalNamespaces' => package.metadata['global_namespaces']
+          }
+        end
+
+        sig do
+          override.params(file: String).returns(String)
+        end
+        def message_for_fail_on_any(file)
+          "`#{file}` should be namespaced under the package namespace"
+        end
+
+        sig { override.returns(String) }
+        def cop_name
+          'PackageProtections/NamespacedUnderPackageName'
+        end
+
+        sig { override.returns(String) }
+        def humanized_protection_name
+          'Multiple Namespaces Violations'
+        end
+
+        sig { override.returns(String) }
+        def humanized_protection_description
+          <<~MESSAGE
+            These files cannot have ANY modules/classes that are not submodules of the package's allowed namespaces.
+            This is failing because these files are in `.rubocop_todo.yml` under `#{cop_name}`.
+            If you want to be able to ignore these files, you'll need to open the file's package's `package.yml` file and
+            change `#{IDENTIFIER}` to `#{::PackageProtections::ViolationBehavior::FailOnNew.serialize}`
+
+            See https://go/packwerk_cheatsheet_namespaces for more info.
+          MESSAGE
+        end
+
         private
 
         def get_allowed_namespaces(package_name)

data/lib/rubocop/cop/package_protections/typed_public_api.rb

@@ -1,4 +1,4 @@
-# typed: ignore
+# typed: strict
 
 module RuboCop
   module Cop
@@ -16,6 +16,61 @@ module RuboCop
       # We can apply this same pattern if we want to use other cops in the context of package protections and prevent clashing.
       #
       class TypedPublicApi < Sorbet::StrictSigil
+        extend T::Sig
+
+        include ::PackageProtections::ProtectionInterface
+        include ::PackageProtections::RubocopProtectionInterface
+
+        IDENTIFIER = T.let('prevent_this_package_from_exposing_an_untyped_api'.freeze, String)
+
+        sig { override.returns(String) }
+        def identifier
+          IDENTIFIER
+        end
+
+        sig { override.params(behavior: ::PackageProtections::ViolationBehavior, package: ParsePackwerk::Package).returns(T.nilable(String)) }
+        def unmet_preconditions_for_behavior(behavior, package)
+          # We might decide that we should check that `package.enforces_privacy?` is true here too, since that signifies the app has decided they want
+          # a public api in `app/public`. For now, we say there are no preconditions, because the user can still make `app/public` even if they are not yet
+          # ready to enforce privacy, and they might want to enforce a typed API.
+          nil
+        end
+
+        sig { override.returns(String) }
+        def cop_name
+          'PackageProtections/TypedPublicApi'
+        end
+
+        sig { override.returns(T::Array[String]) }
+        def included_globs_for_pack
+          [
+            'app/public/**/*'
+          ]
+        end
+
+        sig do
+          override.params(file: String).returns(String)
+        end
+        def message_for_fail_on_any(file)
+          "#{file} should be `typed: strict`"
+        end
+
+        sig { override.returns(String) }
+        def humanized_protection_name
+          'Typed API Violations'
+        end
+
+        sig { override.returns(String) }
+        def humanized_protection_description
+          <<~MESSAGE
+            These files cannot have ANY Ruby files in the public API that are not typed strict or higher.
+            This is failing because these files are in `.rubocop_todo.yml` under `#{cop_name}`.
+            If you want to be able to ignore these files, you'll need to open the file's package's `package.yml` file and
+            change `#{IDENTIFIER}` to `#{::PackageProtections::ViolationBehavior::FailOnNew.serialize}`
+
+            See https://go/packwerk_cheatsheet_typed_api for more info.
+          MESSAGE
+        end
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: package_protections
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Gusto Engineers
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-06-14 00:00:00.000000000 Z
+date: 2022-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -181,13 +181,14 @@ files:
 - lib/package_protections/private/configuration.rb
 - lib/package_protections/private/incoming_privacy_protection.rb
 - lib/package_protections/private/metadata_modifiers.rb
-- lib/package_protections/private/multiple_namespaces_protection.rb
 - lib/package_protections/private/outgoing_dependency_protection.rb
 - lib/package_protections/private/output.rb
-- lib/package_protections/private/typed_api_protection.rb
 - lib/package_protections/private/visibility_protection.rb
 - lib/package_protections/protected_package.rb
 - lib/package_protections/protection_interface.rb
+- lib/package_protections/rspec/application_fixture_helper.rb
+- lib/package_protections/rspec/matchers.rb
+- lib/package_protections/rspec/support.rb
 - lib/package_protections/rubocop_protection_interface.rb
 - lib/package_protections/violation_behavior.rb
 - lib/rubocop/cop/package_protections/namespaced_under_package_name.rb

data/lib/package_protections/private/multiple_namespaces_protection.rb

@@ -1,128 +0,0 @@
-# frozen_string_literal: true
-
-# typed: strict
-
-module PackageProtections
-  module Private
-    class MultipleNamespacesProtection
-      extend T::Sig
-
-      include ProtectionInterface
-      include RubocopProtectionInterface
-
-      IDENTIFIER = 'prevent_this_package_from_creating_other_namespaces'
-      COP_NAME = 'PackageProtections/NamespacedUnderPackageName'
-
-      sig { override.returns(String) }
-      def identifier
-        IDENTIFIER
-      end
-
-      sig { override.params(behavior: ViolationBehavior, package: ParsePackwerk::Package).returns(T.nilable(String)) }
-      def unmet_preconditions_for_behavior(behavior, package)
-        if !behavior.enabled? && !package.metadata['global_namespaces'].nil?
-          "Invalid configuration for package `#{package.name}`. `#{identifier}` must be turned on to use `global_namespaces` configuration."
-        else
-          # We don't need to validate if the behavior is currentely fail_never
-          return if behavior.fail_never?
-
-          # The reason for this is precondition is the `MultipleNamespacesProtection` assumes this to work properly.
-          # To remove this precondition, we need to modify `MultipleNamespacesProtection` to be more generalized!
-          if EXPECTED_PACK_DIRECTORIES.include?(Pathname.new(package.name).dirname.to_s) || package.name == ParsePackwerk::ROOT_PACKAGE_NAME
-            nil
-          else
-            "Package #{package.name} must be located in one of #{EXPECTED_PACK_DIRECTORIES.join(', ')} (or be the root) to use this protection"
-          end
-        end
-      end
-
-      sig do
-        override
-          .params(packages: T::Array[ProtectedPackage])
-          .returns(T::Array[CopConfig])
-      end
-      def cop_configs(packages)
-        include_paths = T.let([], T::Array[String])
-        packages.each do |p|
-          next if p.name == ParsePackwerk::ROOT_PACKAGE_NAME
-
-          if p.violation_behavior_for(identifier).enabled?
-            include_paths << p.original_package.directory.join('app', '**', '*').to_s
-            include_paths << p.original_package.directory.join('lib', '**', '*').to_s
-          end
-        end
-
-        [
-          CopConfig.new(
-            name: COP_NAME,
-            enabled: include_paths.any?,
-            include_paths: include_paths
-          )
-        ]
-      end
-
-      sig do
-        params(package: ProtectedPackage).returns(T::Hash[T.untyped, T.untyped])
-      end
-      def custom_cop_config(package)
-        {
-          'GlobalNamespaces' => package.metadata['global_namespaces']
-        }
-      end
-
-      sig do
-        override.params(
-          protected_packages: T::Array[ProtectedPackage]
-        ).returns(T::Array[Offense])
-      end
-      def get_offenses_for_existing_violations(protected_packages)
-        exclude_list = exclude_for_rule(COP_NAME)
-        offenses = []
-
-        protected_packages.each do |package|
-          violation_behavior = package.violation_behavior_for(identifier)
-
-          case violation_behavior
-          when ViolationBehavior::FailNever, ViolationBehavior::FailOnNew
-            next
-          when ViolationBehavior::FailOnAny
-            # Continue
-          else
-            T.absurd(violation_behavior)
-          end
-
-          package.original_package.directory.glob('**/**/*.*').each do |relative_path_to_file|
-            next unless exclude_list.include?(relative_path_to_file.to_s)
-
-            file = relative_path_to_file.to_s
-            offenses << Offense.new(
-              file: file,
-              message: "`#{file}` should be namespaced under the package namespace",
-              violation_type: identifier,
-              package: package.original_package
-            )
-          end
-        end
-
-        offenses
-      end
-
-      sig { override.returns(String) }
-      def humanized_protection_name
-        'Multiple Namespaces Violations'
-      end
-
-      sig { override.returns(String) }
-      def humanized_protection_description
-        <<~MESSAGE
-          These files cannot have ANY modules/classes that are not submodules of the package's allowed namespaces.
-          This is failing because these files are in `.rubocop_todo.yml` under `#{COP_NAME}`.
-          If you want to be able to ignore these files, you'll need to open the file's package's `package.yml` file and
-          change `#{IDENTIFIER}` to `#{ViolationBehavior::FailOnNew.serialize}`
-
-          See https://go/packwerk_cheatsheet_namespaces for more info.
-        MESSAGE
-      end
-    end
-  end
-end

data/lib/package_protections/private/typed_api_protection.rb

@@ -1,106 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-module PackageProtections
-  module Private
-    class TypedApiProtection
-      extend T::Sig
-
-      include ProtectionInterface
-      include RubocopProtectionInterface
-
-      IDENTIFIER = 'prevent_this_package_from_exposing_an_untyped_api'
-      COP_NAME = 'PackageProtections/TypedPublicApi'
-
-      sig { override.returns(String) }
-      def identifier
-        IDENTIFIER
-      end
-
-      sig { override.params(behavior: ViolationBehavior, package: ParsePackwerk::Package).returns(T.nilable(String)) }
-      def unmet_preconditions_for_behavior(behavior, package)
-        # We might decide that we should check that `package.enforces_privacy?` is true here too, since that signifies the app has decided they want
-        # a public api in `app/public`. For now, we say there are no preconditions, because the user can still make `app/public` even if they are not yet
-        # ready to enforce privacy, and they might want to enforce a typed API.
-        nil
-      end
-
-      sig do
-        override
-          .params(packages: T::Array[ProtectedPackage])
-          .returns(T::Array[CopConfig])
-      end
-      def cop_configs(packages)
-        include_paths = T.let([], T::Array[String])
-        packages.each do |p|
-          if p.violation_behavior_for(identifier).enabled?
-            directory = p.original_package.directory
-            include_paths << directory.join('app', 'public', '**', '*').to_s
-          end
-        end
-
-        [
-          CopConfig.new(
-            name: COP_NAME,
-            enabled: include_paths.any?,
-            include_paths: include_paths
-          )
-        ]
-      end
-
-      sig do
-        override.params(
-          protected_packages: T::Array[ProtectedPackage]
-        ).returns(T::Array[Offense])
-      end
-      def get_offenses_for_existing_violations(protected_packages)
-        exclude_list = exclude_for_rule(COP_NAME)
-
-        offenses = T.let([], T::Array[Offense])
-        protected_packages.flat_map do |protected_package|
-          violation_behavior = protected_package.violation_behavior_for(identifier)
-
-          case violation_behavior
-          when ViolationBehavior::FailNever, ViolationBehavior::FailOnNew
-            next
-          when ViolationBehavior::FailOnAny
-            # Continue
-          else
-            T.absurd(violation_behavior)
-          end
-
-          protected_package.original_package.directory.glob('app/public/**/**/*.*').each do |relative_path_to_file|
-            next unless exclude_list.include?(relative_path_to_file.to_s)
-
-            file = relative_path_to_file.to_s
-            offenses << Offense.new(
-              file: file,
-              message: "#{file} should be `typed: strict`",
-              violation_type: identifier,
-              package: protected_package.original_package
-            )
-          end
-        end
-
-        offenses
-      end
-
-      sig { override.returns(String) }
-      def humanized_protection_name
-        'Typed API Violations'
-      end
-
-      sig { override.returns(String) }
-      def humanized_protection_description
-        <<~MESSAGE
-          These files cannot have ANY Ruby files in the public API that are not typed strict or higher.
-          This is failing because these files are in `.rubocop_todo.yml` under `#{COP_NAME}`.
-          If you want to be able to ignore these files, you'll need to open the file's package's `package.yml` file and
-          change `#{IDENTIFIER}` to `#{ViolationBehavior::FailOnNew.serialize}`
-
-          See https://go/packwerk_cheatsheet_typed_api for more info.
-        MESSAGE
-      end
-    end
-  end
-end