RubyGems - whoosh - Versions diffs - 1.2.0 → 1.2.2 - Mend

whoosh 1.2.0 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/whoosh/cli/main.rb +135 -0
data/lib/whoosh/cli/project_generator.rb +43 -0
data/lib/whoosh/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 133af39d011ac77fc6e0773ea19652cb990f5c8d129d40b7f301796062e23e1f
-  data.tar.gz: 5145a7c3177f2ddef7667f8faa6a6c2681b38fd279351c95ceda93ce69999c2a
+  metadata.gz: 336c26ea284a871dafa4b1d26f173293947e30470000539dbf3e0da799063bea
+  data.tar.gz: 6acf7d5007d008070aaddb543a42de5bddf3b3aa2de838e1be5ccba5d18b9442
 SHA512:
-  metadata.gz: 4e99f75634ea05e7e2673164f6bdd8b71ea704e6ee02023370b8b77207666bee6291a02d7423d8d036c4014651ba17673c3f23639e64a2a68b5038799b1dca99
-  data.tar.gz: 4427cce1a58e9d35841a372ca782f831d6aa3ef513e2309f14e4f6b284a4d12461b102fe5a963768e1a01af2e98db7fc82f7084e970f1a150ef7092f2033c8bf
+  metadata.gz: 86aebc850e904960fe87d08aa7c6e8d6aba82c5e411e66e0e9ae65fb64d5510b8ddae4125099554fecac71907c163ce854d1adc416bd8e84ee5f6f3376556809
+  data.tar.gz: 99c067d27463fff53a3cb5818836a11e90e0e86d1f886d211770a6407725b6ca0ba72cd3e52c94bd4b204d57e5d282ff89d102863c9410c545c63e3d60bcf332

data/lib/whoosh/cli/main.rb CHANGED Viewed

@@ -224,6 +224,141 @@ module Whoosh
         end
       }
+      desc "ci", "Run full CI pipeline (lint + security + audit + tests + coverage)"
+      def ci
+        puts "=> Whoosh CI Pipeline"
+        puts "=" * 50
+        puts ""
+        steps = []
+        skipped = []
+        # Step 1: Rubocop (lint)
+        if system("bundle exec rubocop --version > /dev/null 2>&1")
+          steps << { name: "Rubocop (lint)", cmd: "bundle exec rubocop --format simple" }
+        else
+          skipped << "Rubocop (add rubocop to Gemfile)"
+        end
+        # Step 2: Brakeman (security scan)
+        if system("bundle exec brakeman --version > /dev/null 2>&1")
+          steps << { name: "Brakeman (security)", cmd: "bundle exec brakeman -q --no-pager" }
+        else
+          skipped << "Brakeman (add brakeman to Gemfile)"
+        end
+        # Step 3: Bundle audit (CVE check)
+        if system("bundle exec bundle-audit version > /dev/null 2>&1")
+          steps << { name: "Bundle Audit (CVE)", cmd: "bundle exec bundle-audit check --update" }
+        elsif system("bundle audit --help > /dev/null 2>&1")
+          steps << { name: "Bundle Audit (CVE)", cmd: "bundle audit" }
+        else
+          skipped << "Bundle Audit (add bundler-audit to Gemfile)"
+        end
+        # Step 4: Secret leak scan (built-in, no gem needed)
+        steps << { name: "Secret Scan", type: :secret_scan }
+        # Step 5: RSpec (tests)
+        if system("bundle exec rspec --version > /dev/null 2>&1")
+          steps << { name: "RSpec (tests)", cmd: "bundle exec rspec --format progress" }
+        else
+          skipped << "RSpec (add rspec to Gemfile)"
+        end
+        # Step 6: Coverage check (built-in)
+        steps << { name: "Coverage Check", type: :coverage_check }
+        skipped.each { |s| puts "  [skip] #{s}" }
+        puts "" unless skipped.empty?
+        failed = []
+        steps.each_with_index do |step, i|
+          puts "--- [#{i + 1}/#{steps.length}] #{step[:name]} ---"
+          success = case step[:type]
+          when :secret_scan
+            run_secret_scan
+          when :coverage_check
+            run_coverage_check
+          else
+            system(step[:cmd])
+          end
+          if success
+            puts "  ✓ #{step[:name]} passed"
+          else
+            puts "  ✗ #{step[:name]} FAILED"
+            failed << step[:name]
+          end
+          puts ""
+        end
+        puts "=" * 50
+        if failed.empty?
+          puts "=> All #{steps.length} checks passed! ✓"
+          exit 0
+        else
+          puts "=> FAILED: #{failed.join(', ')}"
+          exit 1
+        end
+      end
+      private
+      def run_secret_scan
+        patterns = [
+          /(?:api[_-]?key|secret|password|token)\s*[:=]\s*["'][A-Za-z0-9+\/=]{8,}["']/i,
+          /(?:sk-|pk-|rk-)[a-zA-Z0-9]{20,}/,
+          /-----BEGIN (?:RSA |EC )?PRIVATE KEY-----/,
+          /AKIA[0-9A-Z]{16}/,  # AWS access key
+        ]
+        leaked = []
+        Dir.glob("{app.rb,lib/**/*.rb,endpoints/**/*.rb,config/**/*.rb}").each do |file|
+          next if file.include?("spec/") || file.include?("test/")
+          content = File.read(file) rescue next
+          patterns.each do |pattern|
+            content.each_line.with_index do |line, i|
+              if line.match?(pattern) && !line.include?("ENV[") && !line.include?("ENV.fetch")
+                leaked << "#{file}:#{i + 1}: #{line.strip[0..80]}"
+              end
+            end
+          end
+        end
+        if leaked.empty?
+          true
+        else
+          puts "  Potential secrets found:"
+          leaked.each { |l| puts "    #{l}" }
+          false
+        end
+      end
+      def run_coverage_check
+        coverage_file = File.join(Dir.pwd, "coverage", ".last_run.json")
+        unless File.exist?(coverage_file)
+          puts "  [info] No coverage data found (add simplecov to test_helper for tracking)"
+          true  # Don't fail if SimpleCov not set up
+        else
+          require "json"
+          data = JSON.parse(File.read(coverage_file))
+          coverage = data.dig("result", "line") || data.dig("result", "covered_percent") || 0
+          threshold = 80
+          if coverage >= threshold
+            puts "  Coverage: #{coverage.round(1)}% (threshold: #{threshold}%)"
+            true
+          else
+            puts "  Coverage: #{coverage.round(1)}% — below #{threshold}% threshold"
+            false
+          end
+        end
+      end
+      public
       desc "new NAME", "Create a new Whoosh project"
       option :minimal, type: :boolean, default: false
       option :full, type: :boolean, default: false

data/lib/whoosh/cli/project_generator.rb CHANGED Viewed

@@ -31,6 +31,7 @@ module Whoosh
         write(dir, ".rspec", rspec_config)
         write(dir, "Dockerfile", dockerfile)
         write(dir, ".dockerignore", dockerignore)
+        write(dir, ".rubocop.yml", rubocop_config)
         write(dir, "README.md", readme(name))
         # Create empty SQLite DB directory
@@ -55,6 +56,8 @@ module Whoosh
         puts "  http://localhost:9292/docs      # Swagger UI"
         puts "  http://localhost:9292/metrics   # Prometheus metrics"
         puts ""
+        puts "  whoosh ci           # run lint + security + tests"
+        puts ""
       end
       class << self
@@ -145,6 +148,10 @@ module Whoosh
             group :development, :test do
               gem "rspec"
               gem "rack-test"
+              gem "rubocop", require: false
+              gem "brakeman", require: false
+              gem "bundler-audit", require: false
+              gem "simplecov", require: false
             end
           GEM
@@ -251,6 +258,13 @@ module Whoosh
           <<~RUBY
             # frozen_string_literal: true
+            require "simplecov"
+            SimpleCov.start do
+              add_filter "/test/"
+              add_filter "/spec/"
+              minimum_coverage 80
+            end
             require "whoosh/test"
             require_relative "../app"
@@ -349,6 +363,35 @@ module Whoosh
           DOCKERFILE
         end
+        def rubocop_config
+          <<~YAML
+            AllCops:
+              TargetRubyVersion: 3.4
+              NewCops: enable
+              SuggestExtensions: false
+              Exclude:
+                - db/migrations/**/*
+                - vendor/**/*
+            Style/FrozenStringLiteralComment:
+              Enabled: true
+            Style/StringLiterals:
+              EnforcedStyle: double_quotes
+            Layout/LineLength:
+              Max: 120
+            Metrics/MethodLength:
+              Max: 25
+            Metrics/BlockLength:
+              Exclude:
+                - spec/**/*
+                - test/**/*
+          YAML
+        end
         def dockerignore
           <<~IGNORE
             .git

data/lib/whoosh/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Whoosh
-  VERSION = "1.2.0"
+  VERSION = "1.2.2"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: whoosh
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.2.2
 platform: ruby
 authors:
 - Johannes Dwi Cahyo