package_protections 2.3.1 → 2.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 918d945d5ceb1f2df5f544a50c74ebc8977d36819c4d5204866e90e8518115fc
-  data.tar.gz: e80077db49323a725e67d41c861e78da371f7e5de986c9240e9de1a4308f6686
+  metadata.gz: 58f01e3852a51048fe302838f5c9cfae1d116789a0cf590484f1f5a38f018215
+  data.tar.gz: 9676ca99110ee87a03963b2391a7c449396bb2b8dfbaa4b0bc585c74632bbe8c
 SHA512:
-  metadata.gz: 81569a675bd20e6993b018d71f29cffb45d90621b9e6f036a746d89c8674b1d43e9a6d7bed6df7e4689ce3e008dc0a89b8506da9f959daa0611cf43d9adb2dc2
-  data.tar.gz: 3c290042abe91b8bbd285dae9091db68729fb99dd8f0b861c99cbac131f9705caf581d6c117e582e34b73ec38ae3b9f5ac70b885cab41974cd89f6295f03662c
+  metadata.gz: d90ddaf7d29c7bef8e50fd1c9e18e9921c24799b820dc6db5da2bfaf16ab3380612e2e320fb5198aa9085c448e58e826d437e5966fe25a2721db241cfdca1789
+  data.tar.gz: bbc96e01cac4e6232500c9466f37db3a522a4c50767f3e7f9c9bed60595055cd467cfa0ecfe98afd3ee3bf6de3be06e0b06a1f8d205314d4bcb760a071333ec2

data/README.md

@@ -54,21 +54,14 @@ This protection ensures that all files within `app/public` are typed at level `s
 This helps ensure that your package is only creating one namespace (based on folder hierarchy). This helps organize the public API of your pack into one place.
 This protection only looks at files in `packs/your_pack/app` (it ignores spec files).
 This protection is implemented via Rubocop -- expect to see results for this when running `rubocop` however you normally do. To add to the TODO list, add to `.rubocop_todo.yml`
-Lastly – this protection can be configured by setting `global_namespaces` within the `package.yml`, e.g.:
-```
-enforce_privacy: true
-enforce_dependencies: true
-metadata:
-  protections:
-    # ... nothing changes here
-  global_namespaces:
-    - MyNamespace
-    - MyOtherNamespace
-    - MyThirdNamespace
-    # ... etc.
+Lastly – this protection can be configured by setting `globally_permitted_namespaces`, e.g.:
+```ruby
+PackageProtections.configure do |config|
+  config.globally_permitted_namespaces = ['SomeGlobalNamespace']
+end
 ```
 
-It's encouraged to limit the number of global namespaces your package exposes, and to make sure your global namespaces are as specific to your domain as possible.
+If you've worked through all of the TODOs for this cop and are able to set the value to `fail_on_any`, you can also set `automatic_pack_namespace` which will support your pack having one global namespace without extra subdirectories. That is, instead of `packs/foo/app/services/foo/bar.rb`, you can use `packs/foo/app/services/bar.rb` and still have it define `Foo::Bar`. [See the `stimpack` README.md](https://github.com/rubyatscale/stimpack#readme) for more information.
 
 ### `prevent_other_packages_from_using_this_package_without_explicit_visibility`
 *This is only available if your package has `enforce_privacy` set to `true`!*

data/lib/package_protections/private/configuration.rb

@@ -5,32 +5,26 @@ module PackageProtections
     class Configuration
       extend T::Sig
 
-      sig { params(protections: T::Array[ProtectionInterface]).void }
-      attr_writer :protections
+      sig { returns(T::Array[ProtectionInterface]) }
+      attr_accessor :protections
+
+      sig { returns(T::Array[String]) }
+      attr_accessor :globally_permitted_namespaces
 
-      sig { params(globally_permitted_namespaces: T::Array[String]).void }
-      attr_writer :globally_permitted_namespaces
+      sig { returns(T::Array[String]) }
+      attr_accessor :acceptable_parent_classes
 
       sig { void }
       def initialize
         @protections = T.let(default_protections, T::Array[ProtectionInterface])
         @globally_permitted_namespaces = T.let([], T::Array[String])
+        @acceptable_parent_classes = T.let([], T::Array[String])
       end
-
-      sig { returns(T::Array[ProtectionInterface]) }
-      def protections
-        @protections
-      end
-
-      sig { returns(T::Array[String]) }
-      def globally_permitted_namespaces
-        @globally_permitted_namespaces
-      end
-
       sig { void }
       def bust_cache!
         @protections = default_protections
         @globally_permitted_namespaces = []
+        @acceptable_parent_classes = []
       end
 
       sig { returns(T::Array[ProtectionInterface]) }
@@ -40,7 +34,9 @@ module PackageProtections
           Private::IncomingPrivacyProtection.new,
           RuboCop::Cop::PackageProtections::TypedPublicApi.new,
           RuboCop::Cop::PackageProtections::NamespacedUnderPackageName.new,
-          Private::VisibilityProtection.new
+          Private::VisibilityProtection.new,
+          RuboCop::Cop::PackageProtections::OnlyClassMethods.new,
+          RuboCop::Cop::PackageProtections::RequireDocumentedPublicApis.new
         ]
       end
     end

data/lib/package_protections/private.rb

@@ -115,23 +115,12 @@ module PackageProtections
     sig { void }
     def self.bust_cache!
       @protected_packages_indexed_by_name = nil
-      @private_cop_config = nil
       PackageProtections.config.bust_cache!
       # This comes explicitly after `PackageProtections.config.bust_cache!` because
       # otherwise `PackageProtections.config` will attempt to reload the client configuratoin.
       @loaded_client_configuration = false
     end
 
-    sig { params(identifier: Identifier).returns(T::Hash[T.untyped, T.untyped]) }
-    def self.private_cop_config(identifier)
-      @private_cop_config ||= T.let(@private_cop_config, T.nilable(T::Hash[T.untyped, T.untyped]))
-      @private_cop_config ||= begin
-        protected_packages = all_protected_packages
-        protection = T.cast(PackageProtections.with_identifier(identifier), PackageProtections::RubocopProtectionInterface)
-        protected_packages.to_h { |p| [p.name, protection.custom_cop_config(p)] }
-      end
-    end
-
     sig { returns(T::Array[T::Hash[T.untyped, T.untyped]]) }
     def self.rubocop_todo_ymls
       @rubocop_todo_ymls = T.let(@rubocop_todo_ymls, T.nilable(T::Array[T::Hash[T.untyped, T.untyped]]))

data/lib/package_protections/rspec/application_fixture_helper.rb

@@ -24,7 +24,8 @@ module ApplicationFixtureHelper
       'prevent_other_packages_from_using_this_packages_internals' => 'fail_on_new',
       'prevent_this_package_from_exposing_an_untyped_api' => 'fail_on_new',
       'prevent_this_package_from_creating_other_namespaces' => 'fail_on_new',
-      'prevent_other_packages_from_using_this_package_without_explicit_visibility' => 'fail_never'
+      'prevent_other_packages_from_using_this_package_without_explicit_visibility' => 'fail_never',
+      'prevent_this_package_from_exposing_instance_method_public_apis' => 'fail_never'
     }
     protections_with_defaults = defaults.merge(protections)
     metadata = { 'protections' => protections_with_defaults }

data/lib/package_protections/rubocop_protection_interface.rb

@@ -57,9 +57,9 @@ module PackageProtections
     # but a default is provided.
     ############################################################################
     sig do
-      params(package: ProtectedPackage).returns(T::Hash[T.untyped, T.untyped])
+      returns(T::Hash[T.untyped, T.untyped])
     end
-    def custom_cop_config(package)
+    def custom_cop_config
       {}
     end
 
@@ -135,7 +135,8 @@ module PackageProtections
         CopConfig.new(
           name: cop_name,
           enabled: include_paths.any?,
-          include_paths: include_paths
+          include_paths: include_paths,
+          metadata: custom_cop_config
         )
       ]
     end

data/lib/package_protections.rb

@@ -8,7 +8,7 @@ require 'set'
 require 'parse_packwerk'
 require 'rubocop'
 require 'rubocop-sorbet'
-require 'rubocop-modularization'
+require 'rubocop-packs'
 
 #
 # Welcome to PackageProtections!
@@ -40,6 +40,8 @@ module PackageProtections
   # Implementation of rubocop-based protections
   require 'rubocop/cop/package_protections/namespaced_under_package_name'
   require 'rubocop/cop/package_protections/typed_public_api'
+  require 'rubocop/cop/package_protections/only_class_methods'
+  require 'rubocop/cop/package_protections/require_documented_public_apis'
 
   class << self
     extend T::Sig
@@ -116,15 +118,6 @@ module PackageProtections
     Private.rubocop_yml(root_pathname: root_pathname)
   end
 
-  #
-  # Do not use this method -- it's meant to be used by Rubocop cops to get directory-specific
-  # parameters without needing to have directory-specific .rubocop.yml files.
-  #
-  sig { params(identifier: Identifier).returns(T::Hash[T.untyped, T.untyped]) }
-  def self.private_cop_config(identifier)
-    Private.private_cop_config(identifier)
-  end
-
   sig { void }
   def self.bust_cache!
     Private.bust_cache!

data/lib/rubocop/cop/package_protections/namespaced_under_package_name.rb

@@ -6,7 +6,7 @@ require 'active_support/core_ext/string/inflections'
 module RuboCop
   module Cop
     module PackageProtections
-      class NamespacedUnderPackageName < Modularization::NamespacedUnderPackageName
+      class NamespacedUnderPackageName < Packs::NamespaceConvention
         extend T::Sig
         include ::PackageProtections::RubocopProtectionInterface
 

data/lib/rubocop/cop/package_protections/only_class_methods.rb

@@ -0,0 +1,67 @@
+# typed: true
+
+module RuboCop
+  module Cop
+    module PackageProtections
+      class OnlyClassMethods < Packs::ClassMethodsAsPublicApis
+        extend T::Sig
+        include ::PackageProtections::RubocopProtectionInterface
+
+        IDENTIFIER = 'prevent_this_package_from_exposing_instance_method_public_apis'.freeze
+
+        sig { override.returns(String) }
+        def humanized_protection_description
+          <<~MESSAGE
+            Public API methods can only be static methods.
+            This is failing because these files are in `.rubocop_todo.yml` under `#{cop_name}`.
+            If you want to be able to ignore these files, you'll need to open the file's package's `package.yml` file and
+            change `#{IDENTIFIER}` to `#{::PackageProtections::ViolationBehavior::FailOnNew.serialize}`
+          MESSAGE
+        end
+
+        sig do
+          override.params(file: String).returns(String)
+        end
+        def message_for_fail_on_any(file)
+          "`#{file}` must only contain static (class or module level) methods"
+        end
+
+        sig { override.returns(T::Array[String]) }
+        def included_globs_for_pack
+          [
+            'app/public/**/*'
+          ]
+        end
+
+        sig do
+          override.returns(T::Hash[T.untyped, T.untyped])
+        end
+        def custom_cop_config
+          {
+            'AcceptableParentClasses' => ::PackageProtections.config.acceptable_parent_classes
+          }
+        end
+
+        sig { override.returns(String) }
+        def identifier
+          IDENTIFIER
+        end
+
+        sig { override.returns(String) }
+        def humanized_protection_name
+          'Class Method Public APIs'
+        end
+
+        sig { override.returns(String) }
+        def cop_name
+          'PackageProtections/OnlyClassMethods'
+        end
+
+        sig { override.returns(::PackageProtections::ViolationBehavior) }
+        def default_behavior
+          ::PackageProtections::ViolationBehavior::FailNever
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/package_protections/require_documented_public_apis.rb

@@ -0,0 +1,70 @@
+# typed: true
+
+module RuboCop
+  module Cop
+    module PackageProtections
+      class RequireDocumentedPublicApis < Packs::RequireDocumentedPublicApis
+        extend T::Sig
+        include ::PackageProtections::RubocopProtectionInterface
+
+        IDENTIFIER = 'prevent_this_package_from_exposing_undocumented_public_apis'.freeze
+
+        include ::PackageProtections::RubocopProtectionInterface
+
+        sig { override.returns(String) }
+        def identifier
+          IDENTIFIER
+        end
+
+        sig { override.returns(T::Array[String]) }
+        def included_globs_for_pack
+          [
+            'app/public/**/*'
+          ]
+        end
+
+        sig { override.params(behavior: ::PackageProtections::ViolationBehavior, package: ParsePackwerk::Package).returns(T.nilable(String)) }
+        def unmet_preconditions_for_behavior(behavior, package)
+          if !behavior.fail_never?
+            readme_path = package.directory.join('README.md')
+            if !readme_path.exist?
+              "This package must have a readme at #{readme_path} to use this protection"
+            end
+          end
+        end
+
+        sig do
+          override.params(file: String).returns(String)
+        end
+        def message_for_fail_on_any(file)
+          "`#{file}` must contain documentation on every method (between signature and method)"
+        end
+
+        sig { override.returns(String) }
+        def cop_name
+          'PackageProtections/RequireDocumentedPublicApis'
+        end
+
+        sig { override.returns(String) }
+        def humanized_protection_name
+          'Documented Public APIs'
+        end
+
+        sig { override.returns(::PackageProtections::ViolationBehavior) }
+        def default_behavior
+          ::PackageProtections::ViolationBehavior::FailNever
+        end
+
+        sig { override.returns(String) }
+        def humanized_protection_description
+          <<~MESSAGE
+            All public API must have a documentation comment (between the signature and method).
+            This is failing because these files are in `.rubocop_todo.yml` under `#{cop_name}`.
+            If you want to be able to ignore these files, you'll need to open the file's package's `package.yml` file and
+            change `#{IDENTIFIER}` to `#{::PackageProtections::ViolationBehavior::FailOnNew.serialize}`
+          MESSAGE
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/package_protections/typed_public_api.rb

@@ -15,7 +15,7 @@ module RuboCop
       #
       # We can apply this same pattern if we want to use other cops in the context of package protections and prevent clashing.
       #
-      class TypedPublicApi < Modularization::TypedPublicApi
+      class TypedPublicApi < Packs::TypedPublicApi
         extend T::Sig
 
         include ::PackageProtections::ProtectionInterface

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: package_protections
 version: !ruby/object:Gem::Version
-  version: 2.3.1
+  version: 2.5.1
 platform: ruby
 authors:
 - Gusto Engineers
@@ -53,7 +53,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-modularization
+  name: rubocop-packs
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -206,6 +206,8 @@ files:
 - lib/package_protections/rubocop_protection_interface.rb
 - lib/package_protections/violation_behavior.rb
 - lib/rubocop/cop/package_protections/namespaced_under_package_name.rb
+- lib/rubocop/cop/package_protections/only_class_methods.rb
+- lib/rubocop/cop/package_protections/require_documented_public_apis.rb
 - lib/rubocop/cop/package_protections/typed_public_api.rb
 homepage: https://github.com/rubyatscale/package_protections
 licenses: