vehiculum_audit 0.0.1

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Vehiculum mobility solutions GmbH
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,40 @@
+# vehiculum-audit
+
+A set of tools for convenient technical analysis of web applications built with Ruby and Ruby on Rails.
+
+- Brakeman - a static analysis security vulnerability scanner for Ruby on Rails applications
+- Bullet - a gem that finds and kills N+1 queries and unused eager loading
+- Bundler-audit - a patch-level verification for Bundler
+- Fasterer - a gem that helps Rubies go faster
+- Reek - a code smell detector
+- RuboCop - a Ruby static code analyzer and code formatter
+
+The tools are configured for displaying output to the console in a single format which results in better readability and no need to switch between the tools.
+
+The complete list of the tools and links to official repositories can be found in vehiculum_audit.gemspec file.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```
+gem 'vehiculum_audit', group: %w(development test)
+```
+Then execute the following commands:
+
+```
+$ bundle
+$ rails vehiculum_audit:install
+```
+
+## How to use this gem?
+
+By executing the command below, you'll get a list of commands that will allow you to launch either all the tools at a time or launch every single tool separately.
+
+```
+$ rails --tasks vehiculum_audit
+```
+
+## License
+
+The gem is available as open source under the terms of the MIT License.

data/Rakefile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'vehiculum_audit'
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require 'irb'
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/configs/.fasterer.yml

@@ -0,0 +1,3 @@
+exclude_paths:
+  - 'vendor/**/*.rb'
+  - 'db/schema.rb'

data/lib/configs/.reek.yml

@@ -0,0 +1,20 @@
+exclude_paths:
+  - db/migrate
+
+Attribute:
+  enabled: false
+
+ControlParameter:
+  enabled: false
+
+FeatureEnvy:
+  enabled: false
+
+IrresponsibleModule:
+  enabled: false
+
+TooManyStatements:
+  max_statements: 6
+
+UtilityFunction:
+  enabled: false

data/lib/configs/.rspec

@@ -0,0 +1,5 @@
+--color
+--format documentation
+--profile
+--order rand
+--require spec_helper

data/lib/configs/.rubocop.yml

@@ -0,0 +1,157 @@
+require:
+  - rubocop-minitest
+  - rubocop-rake
+
+inherit_gem:
+  vehiculum-codestyle:
+    - default.yml
+
+inherit_from: .rubocop_todo.yml
+
+Style/Documentation:
+  Enabled: false
+
+Style/MixinUsage:
+  Exclude:
+    - 'bin/setup'
+    - 'bin/update'
+
+Metrics/MethodLength:
+  Max: 68
+
+Metrics/ClassLength:
+  Max: 258
+  Exclude:
+    - 'app/components/consumer/factories/persist_leasing_request.rb'
+
+Metrics/ModuleLength:
+  Max: 212
+
+Metrics/ParameterLists:
+  Enabled: false
+
+Style/ExponentialNotation:
+  Enabled: false
+  EnforcedStyle: engineering
+
+Style/HashEachMethods:
+  Enabled: true
+
+Style/HashTransformKeys:
+  Enabled: true
+
+Style/HashTransformValues:
+  Enabled: true
+
+Style/MethodMissingSuper:
+  Enabled: false
+
+Style/MissingRespondToMissing:
+  Enabled: false
+
+Style/NumericLiteralPrefix:
+  Enabled: false
+
+Naming/VariableNumber:
+  Enabled: false
+
+Naming/PredicateName:
+  Enabled: false
+
+Style/DoubleNegation:
+  Enabled: false
+
+Style/EmptyMethod:
+  Enabled: false
+
+Style/StringLiteralsInInterpolation:
+  Enabled: false
+
+# Nodody really wants this. We are using Ruby! ` return ` as direct call should be used as less as possible
+Style/GuardClause:
+  Enabled: false
+
+Style/FormatStringToken:
+  Exclude:
+    - spec/**/*
+
+Style/CaseEquality:
+  Exclude:
+    - spec/**/*
+
+Style/SafeNavigation:
+  Enabled: false
+
+Metrics/AbcSize:
+  Max: 99
+  Exclude:
+    - spec/**/*
+
+Metrics/CyclomaticComplexity:
+  Max: 13
+
+Metrics/PerceivedComplexity:
+  Max: 14
+
+Layout/LineLength:
+  Max: 120
+  IgnoredPatterns: ['(\A|\s)#']
+
+Layout/MultilineHashBraceLayout:
+  EnforcedStyle: symmetrical
+
+Layout/HashAlignment:
+  Enabled: false
+
+Layout/ParameterAlignment:
+  Enabled: false
+
+Layout/SpaceAroundMethodCallOperator:
+  Enabled: true
+
+Metrics/BlockLength:
+  Enabled: false
+
+# Allows to create getter and setter methods with get_ and set_
+Naming/AccessorMethodName:
+  Enabled: false
+
+Naming/MemoizedInstanceVariableName:
+  Enabled: false
+
+Lint/AmbiguousBlockAssociation:
+  Exclude:
+    - "spec/**/*"
+
+Lint/AmbiguousOperator:
+  Enabled: true
+
+Lint/RaiseException:
+  Enabled: true
+
+Lint/StructNewOverride:
+  Enabled: true
+
+AllCops:
+  DisplayCopNames: true
+  TargetRubyVersion: 2.6.5
+  CacheRootDirectory: tmp/test-results
+  Exclude:
+    - db/**/*
+    - bin/**
+    - utils/**/*
+    - Guardfile
+    - config/**/*
+    - node_modules/**/*
+    - vendor/**/*
+    - Gemfile
+    - Gemfile.lock
+
+RSpec/RepeatedDescription:
+  Enabled: false
+
+RSpec/RepeatedExampleGroupBody:
+  Enabled: false
+
+RSpec/RepeatedExampleGroupDescription:
+  Enabled: false

data/lib/tasks/vehiculum_audit.rake

@@ -0,0 +1,214 @@
+require 'traceroute'
+
+namespace :vehiculum_audit do
+  task :create_configs do
+    configs = [
+      { gem: 'RSpec',      file: '.rspec' },
+      { gem: 'Rubocop',    file: '.rubocop.yml' },
+      { gem: 'Reek',       file: '.reek.yml' },
+      { gem: 'Fasterer',   file: '.fasterer.yml' }
+    ]
+
+    configs.each do |config|
+      print "Creating config for #{config[:gem]}... "
+
+      cp File.join(File.join(File.dirname(__dir__), 'configs'), config[:file]), Dir.pwd, preserve: true, verbose: false
+
+      puts 'Done!'.green
+    end
+
+    mkdir_p File.join(Dir.pwd, 'doc'), verbose: false
+  end
+
+  task :install_bullet do
+    print 'Creating config for Bullet... '
+
+    file = File.join(Dir.pwd, 'config', 'environments', 'development.rb')
+    content = File.read(file)
+
+    unless content =~ /Bullet/
+      config = <<~BULLET
+        config.after_initialize do
+          Bullet.tap do |bullet|
+            bullet.enable = true
+            bullet.alert = false
+            bullet.bullet_logger = true
+            bullet.console = false
+            bullet.growl = false
+            bullet.rails_logger = true
+            bullet.add_footer = false
+            bullet.airbrake = false
+          end
+        end
+      BULLET
+
+      config = config.split("\n").map { |l| l.prepend(' ' * 2) }.join("\n")
+
+      File.write(file, content.gsub(/^end/, "\n#{config}\nend"))
+    end
+
+    puts 'Done!'.green
+  end
+
+  task :install_simplecov do
+    print 'Creating config for Simplecov... '
+
+    file = File.join(Dir.pwd, 'spec', 'spec_helper.rb')
+    content = File.read(file)
+
+    unless content =~ /simplecov/
+      config = <<~SIMPLECOV
+        require 'simplecov'
+
+        SimpleCov.start 'rails' do
+          coverage_dir File.join('doc', 'coverage')
+
+          groups = %w[channels commands controllers decorators features forms
+                      helpers jobs libs mailers models policies queries
+                      serializers services tasks uploaders values]
+
+          groups.each { |name| add_group name.capitalize, "/app/\#{name}" }
+        end
+      SIMPLECOV
+
+      File.write(file, config + "\n" + content)
+    end
+
+    puts 'Done!'.green
+  end
+
+  task :info do
+    puts
+
+    box 'Important!', color: :red do
+      <<~INFO
+        You need to install the following utilites:
+
+        On MacOS:
+
+          $ brew install graphviz
+
+        On Linux:
+
+          $ apt-get install graphviz
+      INFO
+    end
+
+    box 'How to use'
+
+    puts <<~INFO
+      You can run all linters using this command:
+
+        $ rails vehiculum_audit:all
+
+      Check output into the console and go to the <project_root>/doc directory.
+      There you will find diagrams and some reports in html format.
+
+      If you want to see test coverage report you need to run tests first:
+
+        $ rspec
+
+      For more information see:
+
+        $ rails -T vehiculum_audit
+    INFO
+
+    puts
+  end
+
+  desc 'Install VehiculumAudit'
+  task :install do
+    box '~ * ~   VehiculumAudit   ~ * ~'.upcase
+
+    %w[create_configs install_bullet install_simplecov info].each do |task|
+      Rake::Task["vehiculum_audit:#{task}"].invoke
+    end
+  end
+
+  desc 'Bundler audit'
+  task :bundler_audit do
+    system 'bundle audit check --update'
+  end
+
+  desc 'Run Reek'
+  task :reek do
+    system 'bundle exec reek -c .reek.yml'
+  end
+
+  desc 'Run Rubocop'
+  task :rubocop do
+    system 'bundle exec rubocop'
+  end
+
+  desc 'Run Fasterer'
+  task :fasterer do
+    system 'bundle exec fasterer'
+  end
+
+  desc 'Run Brakeman'
+  task :brakeman do
+    system 'bundle exec brakeman -q'
+  end
+
+  desc 'Run Traceroute'
+  task traceroute: :environment do
+    traceroute = Traceroute.new Rails.application
+    traceroute.load_everything!
+
+    defined_action_methods = traceroute.defined_action_methods
+
+    routed_actions = traceroute.routed_actions
+
+    unused_routes = routed_actions - defined_action_methods
+    unreachable_action_methods = defined_action_methods - routed_actions
+
+    puts "Unused routes (#{unused_routes.count}):"
+    unused_routes.each { |route| puts "  #{route}" }
+
+    puts "Unreachable action methods (#{unreachable_action_methods.count}):"
+    unreachable_action_methods.each { |action| puts "  #{action}" }
+  end
+
+  desc 'Run ALL linters'
+  task :all do
+    %w[
+      bundler_audit
+      reek
+      rubocop
+      fasterer
+      brakeman
+      traceroute
+    ].each do |task|
+      box task
+
+      Rake::Task["vehiculum_audit:#{task}"].invoke
+
+      puts
+    end
+  end
+
+  def box(text, width: 100, color: :default)
+    char = '#'
+    output = [char * (width + 2)]
+    output << char + ' ' * width + char
+    output << char + text.upcase.center(width) + char
+    output << char + ' ' * width + char
+    output << char * (width + 2)
+
+    puts output.join("\n").colorize(color)
+
+    if block_given?
+      return unless yield.is_a? String
+
+      lines = yield.lines
+      lines.unshift(' ')
+      lines << ' '
+      lines.map! { |line| '# '.colorize(color) + line.delete("\n").ljust(width - 2) + ' #'.colorize(color) }
+      lines << char.colorize(color) * (width + 2)
+
+      puts lines.join("\n")
+    end
+
+    puts
+  end
+end