package_protections 1.4.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7b99c93d81087956b947c89fbede35844a2c973f20e2bee3c8f474383ff99a88
-  data.tar.gz: 64ad87cf10597e5fceeefa315dd3e665f7a684ac36db30c206012c15c2a0f3f2
+  metadata.gz: 2e7bd9febdd0619b714c112033b8bf61958e04368e8fb0c0e5f3498de54e988c
+  data.tar.gz: a0f7c5f79f3eb1279d084045c115345424dd2acfa22954eed321d2cf220bd40b
 SHA512:
-  metadata.gz: 9a5a70b90e8ecf6a00e8b22db867e6cec3a83ba34a8fa6f18b45449c96f3eb9fd248c80f9a047d9462e2976d233c8f6b29957837feef224a94d8ce93e008a55d
-  data.tar.gz: 500e49a77a3ee17aa2c4cb05edf2806e37010b5168ebb9cf1a13e1addbb5db5eb11c0caaa82f4a10451dbf96d304c7e010400b19ba7240b920b29a4c93780a90
+  metadata.gz: b8ff41de5e829270999baa91dc8df0fb3e810c6e8be39358cdbc6fd188a9d79ddf138f19b935a13360106c2a5e6c8300edffdf5fedf71e39c52826d2a6050a9e
+  data.tar.gz: f255780ea5ed693e66edcd028b4b8247419c612afddd1790f53078ecec3ca274e456c6ed16e62a0d83158c853f2be25282250c5b40b93b069da504469d25acf8

data/lib/package_protections/private/configuration.rb

@@ -8,9 +8,13 @@ module PackageProtections
       sig { params(protections: T::Array[ProtectionInterface]).void }
       attr_writer :protections
 
+      sig { params(globally_permitted_namespaces: T::Array[String]).void }
+      attr_writer :globally_permitted_namespaces
+
       sig { void }
       def initialize
         @protections = T.let(default_protections, T::Array[ProtectionInterface])
+        @globally_permitted_namespaces = T.let([], T::Array[String])
       end
 
       sig { returns(T::Array[ProtectionInterface]) }
@@ -18,9 +22,15 @@ module PackageProtections
         @protections
       end
 
+      sig { returns(T::Array[String]) }
+      def globally_permitted_namespaces
+        @globally_permitted_namespaces
+      end
+
       sig { void }
       def bust_cache!
         @protections = default_protections
+        @globally_permitted_namespaces = []
       end
 
       sig { returns(T::Array[ProtectionInterface]) }

data/lib/package_protections/private.rb

@@ -17,12 +17,6 @@ module PackageProtections
   module Private
     extend T::Sig
 
-    sig { returns(Private::Configuration) }
-    def self.config
-      @config = T.let(@config, T.nilable(Configuration))
-      @config ||= Private::Configuration.new
-    end
-
     sig do
       params(
         packages: T::Array[ParsePackwerk::Package],
@@ -122,7 +116,7 @@ module PackageProtections
     def self.bust_cache!
       @protected_packages_indexed_by_name = nil
       @private_cop_config = nil
-      config.bust_cache!
+      PackageProtections.config.bust_cache!
     end
 
     sig { params(identifier: Identifier).returns(T::Hash[T.untyped, T.untyped]) }

data/lib/package_protections.rb

@@ -44,13 +44,19 @@ module PackageProtections
 
     sig { params(blk: T.proc.params(arg0: Private::Configuration).void).void }
     def configure(&blk)
-      yield(Private.config)
+      yield(PackageProtections.config)
     end
   end
 
   sig { returns(T::Array[ProtectionInterface]) }
   def self.all
-    Private.config.protections
+    config.protections
+  end
+
+  sig { returns(Private::Configuration) }
+  def self.config
+    @config = T.let(@config, T.nilable(Private::Configuration))
+    @config ||= Private::Configuration.new
   end
 
   #

data/lib/rubocop/cop/package_protections/namespaced_under_package_name/desired_zeitwerk_api.rb

@@ -0,0 +1,110 @@
+# typed: strict
+
+module RuboCop
+  module Cop
+    module PackageProtections
+      class NamespacedUnderPackageName < Base
+        #
+        # This is a private class that represents API that we would prefer to be available somehow in Zeitwerk.
+        #
+        class DesiredZeitwerkApi
+          extend T::Sig
+
+          class NamespaceContext < T::Struct
+            const :current_namespace, String
+            const :expected_namespace, String
+            const :expected_filepath, String
+          end
+
+          #
+          # For now, this API includes `package_for_path`
+          # If this were truly zeitwerk API, it wouldn't include any mention of packs and it would likely not need the package at all
+          # Since it could get the actual namespace without knowing anything about packs.
+          # However, we would need to pass to it the desired namespace based on the pack name for it to be able to suggest
+          # a desired filepath.
+          # Likely this means that our own cop should determine the desired namespace and pass that in
+          # and this can determine actual namespace and how to get to expected.
+          #
+          sig { params(relative_filename: String, package_for_path: ParsePackwerk::Package).returns(T.nilable(NamespaceContext)) }
+          def for_file(relative_filename, package_for_path)
+            package_name = package_for_path.name
+
+            # Zeitwerk establishes a standard convention by which namespaces are defined.
+            # The package protections namespace checker is coupled to a specific assumption about how auto-loading works.
+            #
+            # Namely, we expect the following autoload paths: `packs/**/app/**/`
+            # Examples:
+            # 1) `packs/package_1/app/public/package_1/my_constant.rb` produces constant `Package1::MyConstant`
+            # 2) `packs/package_1/app/services/package_1/my_service.rb` produces constant `Package1::MyService`
+            # 3) `packs/package_1/app/services/package_1.rb` produces constant `Package1`
+            # 4) `packs/package_1/app/public/package_1.rb` produces constant `Package1`
+            #
+            # Described another way, we expect any part of the directory labeled NAMESPACE to establish a portion of the fully qualified runtime constant:
+            # `packs/**/app/**/NAMESPACE1/NAMESPACE2/[etc]`
+            #
+            # Therefore, for our implementation, we substitute out the non-namespace producing portions of the filename to count the number of namespaces.
+            # Note this will *not work* properly in applications that have different assumptions about autoloading.
+
+            path_without_package_base = relative_filename.gsub(%r{#{package_name}/app/}, '')
+            if path_without_package_base.include?('concerns')
+              autoload_folder_name = path_without_package_base.split('/').first(2).join('/')
+            else
+              autoload_folder_name = path_without_package_base.split('/').first
+            end
+
+            remaining_file_path = path_without_package_base.gsub(%r{\A#{autoload_folder_name}/}, '')
+            actual_namespace = get_actual_namespace(remaining_file_path, package_name)
+
+            if relative_filename.include?('app/')
+              app_or_lib = 'app'
+            elsif relative_filename.include?('lib/')
+              app_or_lib = 'lib'
+            end
+
+            absolute_desired_path = root_pathname.join(
+              package_name,
+              T.must(app_or_lib),
+              T.must(autoload_folder_name),
+              get_package_last_name(package_for_path),
+              remaining_file_path
+            )
+
+            relative_desired_path = absolute_desired_path.relative_path_from(root_pathname)
+
+            NamespaceContext.new(
+              current_namespace: actual_namespace,
+              expected_namespace: get_pack_based_namespace(package_for_path),
+              expected_filepath: relative_desired_path.to_s
+            )
+          end
+
+          sig { params(pack: ParsePackwerk::Package).returns(String) }
+          def get_pack_based_namespace(pack)
+            get_package_last_name(pack).camelize
+          end
+
+          private
+
+          sig { returns(Pathname) }
+          def root_pathname
+            Pathname.pwd
+          end
+
+          sig { params(pack: ParsePackwerk::Package).returns(String) }
+          def get_package_last_name(pack)
+            T.must(pack.name.split('/').last)
+          end
+
+          sig { params(remaining_file_path: String, package_name: String).returns(String) }
+          def get_actual_namespace(remaining_file_path, package_name)
+            # If the remaining file path is a ruby file (not a directory), then it establishes a global namespace
+            # Otherwise, per Zeitwerk's conventions as listed above, its a directory that establishes another global namespace
+            T.must(remaining_file_path.split('/').first).gsub('.rb', '').camelize
+          end
+        end
+
+        private_constant :DesiredZeitwerkApi
+      end
+    end
+  end
+end

data/lib/rubocop/cop/package_protections/namespaced_under_package_name.rb

@@ -1,92 +1,109 @@
-# typed: true
+# typed: strict
 
 # For String#camelize
 require 'active_support/core_ext/string/inflections'
+require 'rubocop/cop/package_protections/namespaced_under_package_name/desired_zeitwerk_api'
 
 module RuboCop
   module Cop
     module PackageProtections
+      #
+      # TODO:
+      # This class is in serious need of being split up into helpful abstractions.
+      # A really helpful abstraction would be one that takes a file path and can spit out information about
+      # namespacing, such as the exposed namespace, the file path for a different namespace, and more.
+      #
       class NamespacedUnderPackageName < Base
         extend T::Sig
 
         include RangeHelp
         include ::PackageProtections::RubocopProtectionInterface
 
+        sig { void }
         def on_new_investigation
           absolute_filepath = Pathname.new(processed_source.file_path)
           relative_filepath = absolute_filepath.relative_path_from(Pathname.pwd)
           relative_filename = relative_filepath.to_s
 
-          # This cop only works for files in `app`
-          return if !relative_filename.include?('app/')
-
-          package_name = ParsePackwerk.package_from_path(relative_filename)&.name
-          return if package_name.nil?
-
-          return if relative_filepath.extname != '.rb'
-
-          # Zeitwerk establishes a standard convention by which namespaces are defined.
-          # The package protections namespace checker is coupled to a specific assumption about how auto-loading works.
-          #
-          # Namely, we expect the following autoload paths: `packs/**/app/**/`
-          # Examples:
-          # 1) `packs/package_1/app/public/package_1/my_constant.rb` produces constant `Package1::MyConstant`
-          # 2) `packs/package_1/app/services/package_1/my_service.rb` produces constant `Package1::MyService`
-          # 3) `packs/package_1/app/services/package_1.rb` produces constant `Package1`
-          # 4) `packs/package_1/app/public/package_1.rb` produces constant `Package1`
-          #
-          # Described another way, we expect any part of the directory labeled NAMESPACE to establish a portion of the fully qualified runtime constant:
-          # `packs/**/app/**/NAMESPACE1/NAMESPACE2/[etc]`
-          #
-          # Therefore, for our implementation, we substitute out the non-namespace producing portions of the filename to count the number of namespaces.
-          # Note this will *not work* properly in applications that have different assumptions about autoloading.
-          package_last_name = T.must(package_name.split('/').last)
-          path_without_package_base = relative_filename.gsub(%r{#{package_name}/app/}, '')
-          if path_without_package_base.include?('concerns')
-            autoload_folder_name = path_without_package_base.split('/').first(2).join('/')
-          else
-            autoload_folder_name = path_without_package_base.split('/').first
-          end
+          # This cop only works for files ruby files in `app`
+          return if !relative_filename.include?('app/') || relative_filepath.extname != '.rb'
 
-          remaining_file_path = path_without_package_base.gsub(%r{\A#{autoload_folder_name}/}, '')
-          actual_namespace = get_actual_namespace(remaining_file_path, relative_filepath, package_name)
-          allowed_namespaces = get_allowed_namespaces(package_name)
-          if allowed_namespaces.include?(actual_namespace)
-            # No problem!
-          elsif allowed_namespaces.count == 1
-            single_allowed_namespace = allowed_namespaces.first
-            if relative_filepath.to_s.include?('app/')
-              app_or_lib = 'app'
-            elsif relative_filepath.to_s.include?('lib/')
-              app_or_lib = 'lib'
-            end
+          relative_filename = relative_filepath.to_s
+          package_for_path = ParsePackwerk.package_from_path(relative_filename)
+          return if package_for_path.nil?
 
-            absolute_desired_path = root_pathname.join(package_name, app_or_lib, T.must(autoload_folder_name), single_allowed_namespace.underscore, remaining_file_path)
+          namespace_context = self.class.desired_zeitwerk_api.for_file(relative_filename, package_for_path)
+          return if namespace_context.nil?
 
-            relative_desired_path = absolute_desired_path.relative_path_from(root_pathname)
+          allowed_global_namespaces = Set.new([
+                                                namespace_context.expected_namespace,
+                                                *::PackageProtections.config.globally_permitted_namespaces
+                                              ])
 
-            add_offense(
-              source_range(processed_source.buffer, 1, 0),
-              message: format(
-                '`%<package_name>s` prevents modules/classes that are not submodules of the package namespace. Should be namespaced under `%<expected_namespace>s` with path `%<expected_path>s`. See https://go/packwerk_cheatsheet_namespaces for more info.',
-                package_name: package_name,
-                expected_namespace: package_last_name.camelize,
-                expected_path: relative_desired_path
-              )
-            )
+          package_name = package_for_path.name
+          actual_namespace = namespace_context.current_namespace
+
+          if allowed_global_namespaces.include?(actual_namespace)
+            # No problem!
           else
-            add_offense(
-              source_range(processed_source.buffer, 1, 0),
-              message: format(
-                '`%<package_name>s` prevents modules/classes that are not submodules of one of the allowed namespaces in `%<package_yml>s`. See https://go/packwerk_cheatsheet_namespaces for more info.',
-                package_name: package_name,
-                package_yml: "#{package_name}/package.yml"
+            package_enforces_namespaces = !::PackageProtections::ProtectedPackage.from(package_for_path).violation_behavior_for(NamespacedUnderPackageName::IDENTIFIER).fail_never?
+            expected_namespace = namespace_context.expected_namespace
+            relative_desired_path = namespace_context.expected_filepath
+            pack_owning_this_namespace = self.class.namespaces_to_packs[actual_namespace]
+
+            if package_enforces_namespaces
+              add_offense(
+                source_range(processed_source.buffer, 1, 0),
+                message: format(
+                  '`%<package_name>s` prevents modules/classes that are not submodules of the package namespace. Should be namespaced under `%<expected_namespace>s` with path `%<expected_path>s`. See https://go/packwerk_cheatsheet_namespaces for more info.',
+                  package_name: package_name,
+                  expected_namespace: expected_namespace,
+                  expected_path: relative_desired_path
+                )
               )
-            )
+            elsif pack_owning_this_namespace
+              add_offense(
+                source_range(processed_source.buffer, 1, 0),
+                message: format(
+                  '`%<pack_owning_this_namespace>s` prevents other packs from sitting in the `%<actual_namespace>s` namespace. This should be namespaced under `%<expected_namespace>s` with path `%<expected_path>s`. See https://go/packwerk_cheatsheet_namespaces for more info.',
+                  package_name: package_name,
+                  pack_owning_this_namespace: pack_owning_this_namespace,
+                  expected_namespace: expected_namespace,
+                  actual_namespace: actual_namespace,
+                  expected_path: relative_desired_path
+                )
+              )
+            end
+          end
+        end
+
+        # We override `cop_configs` for this protection.
+        # The default behavior disables cops when a package has turned off a protection.
+        # However: namespace violations can occur even when one package has TURNED OFF their namespace protection
+        # but another package has it turned on. Therefore, all packages must always be opted in no matter what.
+        #
+        sig do
+          params(packages: T::Array[::PackageProtections::ProtectedPackage])
+          .returns(T::Array[::PackageProtections::RubocopProtectionInterface::CopConfig])
+        end
+        def cop_configs(packages)
+          include_paths = T.let([], T::Array[String])
+          packages.each do |p|
+            included_globs_for_pack.each do |glob|
+              include_paths << p.original_package.directory.join(glob).to_s
+            end
           end
+
+          [
+            ::PackageProtections::RubocopProtectionInterface::CopConfig.new(
+              name: cop_name,
+              enabled: include_paths.any?,
+              include_paths: include_paths
+            )
+          ]
         end
 
-        IDENTIFIER = 'prevent_this_package_from_creating_other_namespaces'.freeze
+        IDENTIFIER = T.let('prevent_this_package_from_creating_other_namespaces'.freeze, String)
 
         sig { override.returns(String) }
         def identifier
@@ -123,15 +140,6 @@ module RuboCop
           ]
         end
 
-        sig do
-          params(package: ::PackageProtections::ProtectedPackage).returns(T::Hash[T.untyped, T.untyped])
-        end
-        def custom_cop_config(package)
-          {
-            'GlobalNamespaces' => package.metadata['global_namespaces']
-          }
-        end
-
         sig do
           override.params(file: String).returns(String)
         end
@@ -161,22 +169,29 @@ module RuboCop
           MESSAGE
         end
 
-        private
-
-        def get_allowed_namespaces(package_name)
-          cop_config = ::PackageProtections.private_cop_config('prevent_this_package_from_creating_other_namespaces')
-          allowed_global_namespaces = cop_config[package_name]['GlobalNamespaces'] || [package_name.split('/').last.camelize]
-          Set.new(allowed_global_namespaces)
+        sig { returns(DesiredZeitwerkApi) }
+        def self.desired_zeitwerk_api
+          # This is cached at the class level so we will cache more expensive operations
+          # across rubocop requests.
+          @desired_zeitwerk_api ||= T.let(nil, T.nilable(DesiredZeitwerkApi))
+          @desired_zeitwerk_api ||= DesiredZeitwerkApi.new
         end
 
-        def get_actual_namespace(remaining_file_path, relative_filepath, package_name)
-          # If the remaining file path is a ruby file (not a directory), then it establishes a global namespace
-          # Otherwise, per Zeitwerk's conventions as listed above, its a directory that establishes another global namespace
-          remaining_file_path.split('/').first.gsub('.rb', '').camelize
-        end
+        sig { returns(T::Hash[String, String]) }
+        def self.namespaces_to_packs
+          @namespaces_to_packs = T.let(nil, T.nilable(T::Hash[String, String]))
+          @namespaces_to_packs ||= begin
+            all_packs_enforcing_namespaces = ParsePackwerk.all.reject do |p|
+              ::PackageProtections::ProtectedPackage.from(p).violation_behavior_for(NamespacedUnderPackageName::IDENTIFIER).fail_never?
+            end
+
+            namespaces_to_packs = {}
+            all_packs_enforcing_namespaces.each do |package|
+              namespaces_to_packs[desired_zeitwerk_api.get_pack_based_namespace(package)] = package.name
+            end
 
-        def root_pathname
-          Pathname.pwd
+            namespaces_to_packs
+          end
         end
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: package_protections
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Gusto Engineers
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-13 00:00:00.000000000 Z
+date: 2022-09-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -192,6 +192,7 @@ files:
 - lib/package_protections/rubocop_protection_interface.rb
 - lib/package_protections/violation_behavior.rb
 - lib/rubocop/cop/package_protections/namespaced_under_package_name.rb
+- lib/rubocop/cop/package_protections/namespaced_under_package_name/desired_zeitwerk_api.rb
 - lib/rubocop/cop/package_protections/typed_public_api.rb
 homepage: https://github.com/rubyatscale/package_protections
 licenses: