spektr 0.1.0

data/lib/spektr/exp/send.rb

@@ -0,0 +1,135 @@
+module Spektr
+  module Exp
+    class Send < Base
+      attr_accessor :receiver
+
+      def initialize(ast)
+        super
+        @receiver = Receiver.new(ast.children[0]) if ast.children[0]
+        @name = if ast.children.first.is_a?(Parser::AST::Node)
+                  ast.children.first.children.last
+                else
+                  ast.children[1]
+                end
+        children = ast.children[2..]
+        children.each do |child|
+          next unless child.is_a?(Parser::AST::Node)
+
+          case child.type
+          when :hash
+            if children.size == 1 || children.last == child
+              child.children.each do |pair|
+                @options[pair.children[0].children[0]] = Option.new(pair)
+              end
+            else
+              @arguments << Argument.new(child)
+            end
+          else
+            @arguments << Argument.new(child)
+          end
+        end
+      end
+    end
+
+    class Argument < Base
+      attr_accessor :name, :type, :ast, :children
+
+      def initialize(ast)
+        @name = nil
+        process_ast(ast)
+        ast = ast.children.first if ast.type == :begin
+        @ast = ast
+        argument = if %i[xstr hash].include? ast.type
+                     ast
+                   elsif ast.type != :dstr && ast.children.first.is_a?(Parser::AST::Node) && ast.children.first.children.first.is_a?(Parser::AST::Node)
+                     ast.children.first.children.first
+                   elsif ast.type != :dstr && ast.children.first.is_a?(Parser::AST::Node)
+                     ast.children.first
+                   else
+                     ast
+                   end
+        @type = argument.type
+        @children = argument.children
+      end
+
+      def process_ast(ast)
+        process(ast)
+      end
+
+      def on_begin(node)
+        process_all(node)
+      end
+
+      def on_send(node)
+        if node.children.first.nil?
+          @name ||= node.children[1]
+        elsif node.is_a?(Parser::AST::Node)
+          process_all(node)
+        end
+      end
+
+      def on_const(node)
+        @name ||= node.children[1] if node.children.first.nil?
+      end
+
+      def on_str(node)
+        @name ||= node.children.first
+      end
+
+      alias on_sym on_str
+      alias on_ivar on_str
+    end
+
+    class Option
+      attr_accessor :name, :key, :value, :type, :value_name, :value_type
+
+      def initialize(ast)
+        @key = ast.children.first
+        @name = ast.children.first.children.last
+        @type = ast.type
+
+        @value = ast.children.last
+        @value_name = ast.children.last.children.last
+        @value_type = ast.children.last.type
+      end
+    end
+
+    class Receiver
+      attr_accessor :name, :type, :ast, :expanded, :children
+
+      def initialize(ast)
+        @children = []
+        set_attributes(ast)
+      end
+
+      def set_attributes(ast)
+        if [:begin].include?(ast.type) && ast.children[0].is_a?(Parser::AST::Node)
+          return set_attributes(ast.children[0])
+        end
+
+        @ast = ast
+        if ast.type == :dstr
+          @type = :dstr
+          @name = ast.children[0].children.first
+          ast.children[1..].each do |ch|
+            @children << Receiver.new(ch)
+          end
+        else
+          @expanded = expand!(ast)
+          @ast = ast.type == :send && ast.children[0].is_a?(Parser::AST::Node) ? ast.children[0] : ast
+          @type = @ast.type
+          @name = @ast.children.last
+        end
+      end
+
+      def expand!(ast, tree = [])
+        if ast.is_a?(Parser::AST::Node) && ast.children.any?
+          tree << ast.children.last
+          expand!(ast.children.first, tree)
+        else
+          tree.reverse.join('.')
+        end
+      end
+    end
+  end
+end

data/lib/spektr/exp/xstr.rb

@@ -0,0 +1,12 @@
+module Spektr
+  module Exp
+    class Xstr < Base
+      def initialize(ast)
+        super
+        ast.children[1..].each do |child|
+          @arguments << Argument.new(child)
+        end
+      end
+    end
+  end
+end

data/lib/spektr/processors/base.rb

@@ -0,0 +1,80 @@
+require 'ast'
+module Spektr::Processors
+  class Base
+    include AST::Processor::Mixin
+    attr_accessor :name, :name_parts, :parent_parts, :parent_modules, :parent_name, :parent_name_with_modules
+
+    def initialize
+      @modules = []
+      @name_parts = []
+      @parent_parts = []
+      @parent_modules = []
+    end
+
+    def name
+      @name_parts.join('::')
+    end
+
+    def parent_name
+      @parent_parts.shift if @parent_parts.first.to_s == name
+      @parent_parts.join('::')
+    end
+
+    def parent_name_with_modules
+      parts = @parent_modules | @parent_parts
+      parts.shift if parts.first.to_s == name
+      parts.join('::')
+    end
+
+    def on_begin(node)
+      process_all(node)
+    end
+
+    def on_module(node)
+      parts = extract_name_part(node)
+      @modules.concat(parts)
+      @name_parts.concat(parts)
+      @parent_modules << node.children.first.children.last
+      process_all(node)
+    end
+
+    def extract_parent_parts(node)
+      if node.children[1] && node.children[1].is_a?(Parser::AST::Node)
+        node.children[1].children.each do |child|
+          if child.is_a?(Parser::AST::Node)
+            extract_parent_parts(child)
+            @parent_parts << child.children.last
+          elsif child.is_a? Symbol
+            @parent_parts << child.to_s
+          end
+        end
+      elsif node&.children&.first&.children&.last
+        @parent_parts << node.children.first.children.last
+      end
+    end
+
+    def on_class(node)
+      extract_parent_parts(node)
+      @name_parts.concat(extract_name_part(node))
+      process_all(node)
+    end
+
+    def extract_name_part(node)
+      parts = []
+      node.children.first.children.each do |child|
+        if child.is_a?(Parser::AST::Node)
+          parts << child.children.last
+        elsif child.is_a? Symbol
+          parts << child.to_s
+        end
+      end
+      parts
+    end
+
+    def on_const(node); end
+
+    def handler_missing(node)
+      # puts "handler missing for #{node.type}"
+    end
+  end
+end

data/lib/spektr/processors/class_processor.rb

@@ -0,0 +1,25 @@
+module Spektr
+  module Processors
+    class ClassProcessor < Base
+      include AST::Processor::Mixin
+
+      attr_accessor :data
+
+      def on_begin(node)
+      end
+
+      def on_def(node)
+        puts "on def: #{node.inspect}"
+      end
+
+      def on_require(node)
+        puts "on require: #{node.inspect}"
+      end
+
+      def on_class(node)
+        debugger
+        puts "on class2: #{node.inspect}"
+      end
+    end
+  end
+end

data/lib/spektr/targets/base.rb

@@ -0,0 +1,119 @@
+module Spektr
+  module Targets
+    class Base
+      attr_accessor :path, :name, :options, :ast, :parent, :processor
+
+      def initialize(path, content)
+        Spektr.logger.debug "loading #{path}"
+        @ast = Spektr::App.parser.parse(content)
+        @path = path
+        return unless @ast
+
+        @processor = Spektr::Processors::Base.new
+        @processor.process(@ast)
+        @name = @processor.name
+        @name = @path.split('/').last if @name.blank?
+
+        @current_method_type = :public
+        @parent = @processor.parent_name
+      end
+
+      def find_calls(name, receiver = nil)
+        calls = find(:send, name, @ast).map { |ast| Exp::Send.new(ast) }
+        if receiver
+          calls.select! { |call| call.receiver&.expanded == receiver }
+        elsif receiver == false
+          calls.select! { |call| call.receiver.nil? }
+        end
+        calls
+      end
+
+      def find_calls_with_block(name, _receiver = nil)
+        blocks = find(:block, nil, @ast)
+        blocks.each_with_object([]) do |block, memo|
+          if block.children.first.children[1] == name
+            result = find(:send, name, block).map { |ast| Exp::Send.new(ast) }
+            memo << result.first
+          end
+        end
+      end
+
+      def find_method(name)
+        find(:def, name, @ast).last
+      end
+
+      def find_xstr
+        find(:xstr, nil, @ast).map { |ast| Exp::Xstr.new(ast) }
+      end
+
+      def find(type, name, ast, result = [])
+        return result unless ast.is_a? Parser::AST::Node
+
+        name_index = case type
+                     when :def
+                       0
+                     else
+                       1
+                     end
+        if node_matches?(ast.type, ast.children[name_index], type, name)
+          result << ast
+        elsif ast.children.any?
+          ast.children.each do |child|
+            result = find(type, name, child, result)
+          end
+        end
+        result
+      end
+
+      def node_matches?(node_type, node_name, type, name)
+        if node_type == type
+          if name.is_a? Regexp
+            return node_name =~ name
+          elsif name.nil?
+            return true
+          else
+            return node_name == name
+          end
+        end
+        false
+      end
+
+      def find_methods(ast:, result: [], type: :all)
+        return result unless ast.is_a?(Parser::AST::Node)
+
+        if ast.type == :send && %i[private public protected].include?(ast.children.last)
+          @current_method_type = ast.children.last
+        end
+        if ast.type == :def && [:all, @current_method_type].include?(type)
+          result << ast
+        elsif ast.children.any?
+          ast.children.map do |child|
+            result = find_methods(ast: child, result: result, type: type)
+          end
+        end
+        result
+      end
+
+      def ast_to_exp(ast)
+        case ast.type
+        when :send
+          Exp::Send.new(ast)
+        when :def
+          Exp::Definition.new(ast)
+        when :ivasgn
+          Exp::Ivasgin.new(ast)
+        when :lvasign
+          Exp::Lvasign.new(ast)
+        when :const
+          Exp::Const.new(ast)
+        when :xstr
+          Exp::Xstr.new(ast)
+        when :sym, :int, :str
+          Exp::Base.new(ast)
+        else
+          raise "Unknown type #{ast.type} #{ast.inspect}"
+        end
+      end
+    end
+  end
+end

data/lib/spektr/targets/config.rb

@@ -0,0 +1,6 @@
+module Spektr
+  module Targets
+    class Config < Base
+    end
+  end
+end

data/lib/spektr/targets/controller.rb

@@ -0,0 +1,74 @@
+module Spektr
+  module Targets
+    class Controller < Base
+      attr_accessor :actions
+
+      def initialize(path, content)
+        super
+        find_actions
+      end
+
+      def concern?
+        !name.match('Controller')
+      end
+
+      def find_actions
+        @actions = find_methods(ast: @ast, type: :public).map do |ast|
+          Action.new(ast, self)
+        end
+      end
+
+      def find_parent(controllers)
+        parent_name = @processor.parent_name
+        result = find_in_set(parent_name, controllers)
+        result ||= find_in_set(processor.parent_name_with_modules, controllers)
+        return nil if result&.name == name
+
+        result
+      end
+
+      def find_in_set(name, set)
+        while true
+          result = set.find { |c| c.name == name }
+          break if result
+
+          split = name.split('::')
+          split.shift
+          name = split.join('::')
+          break if name.blank?
+        end
+        result
+      end
+
+      class Action < Spektr::Exp::Definition
+        attr_accessor :controller, :template
+
+        def initialize(ast, controller)
+          super(ast)
+          @template = nil
+          split = []
+          if controller.parent
+            split = controller.parent.split('::').map { |e| e.delete_suffix('Controller') }.map(&:downcase)
+            if split.size > 1
+              split.pop
+              @template = "#{split.join('/')}/#{@template}"
+            end
+          end
+          split = split.concat(controller.name.delete_suffix('Controller').split('::').map(&:downcase)).uniq
+          split.delete('application')
+          @template = File.join(*split, name.to_s)
+          @body.each do |exp|
+            if exp.send? && (exp.name == :render && exp.arguments.any?)
+              if exp.arguments.first.type == :sym
+                @template = File.join(controller.name.delete_suffix('Controller').underscore,
+                                      exp.arguments.first.name.to_s)
+              elsif exp.arguments.first.type == :str
+                @template = exp.arguments.first.name
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/spektr/targets/model.rb

@@ -0,0 +1,6 @@
+module Spektr
+  module Targets
+    class Model < Base
+    end
+  end
+end

data/lib/spektr/targets/routes.rb

@@ -0,0 +1,38 @@
+module Spektr
+  module Targets
+    class Routes < Base
+      attr_accessor :routes
+
+      def initialize(path, content)
+        super
+      end
+
+      def find_actions
+        @actions = find_methods(ast: @ast, type: :public ).map do |ast|
+          Action.new(ast, self)
+        end
+      end
+
+      class Action < Spektr::Exp::Definition
+        attr_accessor :controller, :template
+        def initialize(ast, controller)
+          super(ast)
+          @template = File.join(controller.name.delete_suffix("Controller").underscore, name.to_s)
+          @body.each do |exp|
+            if exp.send?
+              if exp.name == :render
+                if exp.arguments.first.type == :sym
+                  @template = File.join(controller.name.delete_suffix("Controller").underscore, exp.arguments.first.name.to_s)
+                elsif
+                  if exp.arguments.first.type == :str
+                    @template = exp.arguments.first.name
+                  end
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/spektr/targets/view.rb

@@ -0,0 +1,34 @@
+module Spektr
+  module Targets
+    class View < Base
+      TEMPLATE_EXTENSIONS = /.*\.(erb|rhtml|haml)$/
+      attr_accessor :view_path
+
+      def initialize(path, content)
+        Spektr.logger.debug "loading #{path}"
+        @view_path = nil
+        @path = path
+        if match_data = path.match(%r{views/(.+?)\.})
+          @view_path = match_data[1]
+        end
+        begin
+          @ast = Spektr::App.parser.parse(source(content))
+        rescue Parser::SyntaxError => e
+          @ast = Spektr::App.parser.parse('')
+          ::Spektr.logger.error "Parser::SyntaxError when parsing #{@view_path}: #{e.message}"
+        end
+        @name = @view_path # @ast.children.first.children.last.to_s
+      end
+
+      def source(content)
+        type = @path.match(TEMPLATE_EXTENSIONS)[1].to_sym
+        case type
+        when :erb, :rhtml
+          Erubi.new(content, trim_mode: '-').src
+        when :haml
+          Haml::Engine.new(content).precompiled
+        end
+      end
+    end
+  end
+end

data/lib/spektr/version.rb

@@ -0,0 +1,3 @@
+module Spektr
+  VERSION = "0.1.0"
+end

data/lib/spektr/warning.rb

@@ -0,0 +1,23 @@
+module Spektr
+  class Warning
+    attr_accessor :path, :full_path, :check, :location, :message, :confidence, :line
+    def initialize(path, full_path, check, location, message, confidence = :high)
+      @path = path
+      @check = check
+      @location = location
+      @message = message
+      @confidence = confidence
+      if full_path && @location && File.exist?(full_path)
+        @line = IO.readlines(full_path)[@location.line - 1].strip
+      end
+    end
+
+    def full_message
+      if @location
+        "#{message} at line #{@location.line} of #{@path}"
+      else
+        "#{message}"
+      end
+    end
+  end
+end

data/lib/spektr.rb

@@ -0,0 +1,120 @@
+require 'spektr/version'
+require 'bundler'
+require 'parser'
+require 'parser/current'
+require 'unparser'
+require 'erb'
+require 'haml'
+require 'active_support/core_ext/string/inflections'
+require 'logger'
+require 'tty/spinner'
+require 'tty/table'
+
+require 'zeitwerk'
+loader = Zeitwerk::Loader.for_gem
+loader.collapse("#{__dir__}/processors")
+loader.setup # ready!
+loader.eager_load
+
+module Spektr
+  class Error < StandardError; end
+
+  def self.run(root = nil, output_format = 'terminal', debug = false, checks = nil)
+    pastel = Pastel.new
+    @output_format = output_format
+    start_spinner('Initializing')
+    @log_level = debug ? Logger::DEBUG : Logger::WARN
+    checks = Checks.load(checks)
+    root = './' if root.nil?
+    @app = App.new(checks: checks, root: root)
+    stop_spinner
+    puts "\n"
+    puts pastel.bold('Checks:')
+    puts "\n"
+    puts checks.collect(&:name).join(', ')
+    # table = TTY::Table.new([['Checks', checks.collect(&:name).join(', ')]])
+    # puts table.render(:basic)
+    puts "\n"
+
+    start_spinner('Loading files')
+    @app.load
+    stop_spinner
+    puts "\n"
+    table = TTY::Table.new([
+                             ['Rails version', @app.rails_version],
+                             ['Initializers', @app.initializers.size],
+                             ['Controllers', @app.controllers.size],
+                             ['Models', @app.models.size],
+                             ['Views', @app.views.size],
+                             ['Routes', @app.routes.size],
+                             ['Lib files', @app.lib_files.size]
+                           ])
+    puts table.render(:basic)
+    puts "\n"
+    start_spinner('Scanning files')
+    @app.scan!
+    stop_spinner
+    puts "\n"
+    json = @app.report
+    case output_format
+    when 'json'
+      json
+    when 'terminal'
+      puts pastel.bold("Advisories\n")
+
+      json[:advisories].each do |advisory|
+        puts "#{pastel.green('Name:')} #{advisory[:name]}\n"
+        puts "#{pastel.green('Check:')} #{advisory[:check]}\n"
+        puts "#{pastel.green('Description:')} #{advisory[:description]}\n"
+        puts "#{pastel.green('Path:')} #{advisory[:path]}\n"
+        puts "#{pastel.green('Location:')} #{advisory[:location]}\n"
+        puts "#{pastel.green('Code:')} #{advisory[:line]}\n"
+        puts "\n"
+        puts "\n"
+      end
+
+      puts pastel.bold("Summary\n")
+      summary = []
+      json[:advisories].group_by { |a| a[:name] }.each do |n, i|
+        summary << [pastel.green(n), i.size]
+      end
+
+      table = TTY::Table.new(summary, padding: [2, 2, 2, 2])
+      puts table.render(:basic)
+      puts "\n\n"
+      exit 1 if json[:advisories].any?
+    else
+      puts 'Unknown format'
+    end
+  end
+
+  def self.terminal?
+    @output_format == 'terminal'
+  end
+
+  def self.start_spinner(label)
+    return unless terminal?
+
+    @spinner = TTY::Spinner.new("[:spinner] #{label}", format: :classic)
+    @spinner.auto_spin
+  end
+
+  def self.stop_spinner
+    return unless terminal?
+
+    @spinner&.stop('Done!')
+  end
+
+  def self.swap_spinner(label)
+    stop_spinner
+    start_spinner(label)
+  end
+
+  def self.logger
+    @logger ||= begin
+      logger = Logger.new(STDOUT)
+      logger.level = @log_level || Logger::WARN
+      logger
+    end
+  end
+end