Module: PackageProtections

Extended by:

T::Sig

Defined in:

lib/package_protections.rb,
lib/package_protections/offense.rb,
lib/package_protections/private.rb,
lib/package_protections/private/output.rb,
lib/package_protections/protected_package.rb,
lib/package_protections/per_file_violation.rb,
lib/package_protections/violation_behavior.rb,
lib/package_protections/protection_interface.rb,
lib/package_protections/private/configuration.rb,
lib/package_protections/private/colorized_string.rb,
lib/package_protections/private/metadata_modifiers.rb,
lib/package_protections/rubocop_protection_interface.rb,
lib/package_protections/private/incoming_privacy_protection.rb,
lib/package_protections/private/outgoing_dependency_protection.rb

Overview

typed: strict frozen_string_literal: true

Defined Under Namespace

Modules: ProtectionInterface, RubocopProtectionInterface Classes: IncorrectPublicApiUsageError, Offense, PerFileViolation, ProtectedPackage, ViolationBehavior

Constant Summary

PROTECTIONS_TODO_YML =

'protections_todo.yml'

EXPECTED_PACK_DIRECTORIES =

T.let(%w[packs packages gems components], T::Array[String])

Identifier =

A protection identifier is just a string that identifies the name of the protection within a ‘package.yml`

T.type_alias { String }

Class Method Summary

• .all ⇒ Object
• .bust_cache! ⇒ Object
• .config ⇒ Object
• .configure {|PackageProtections.config| ... } ⇒ Object
• .get_offenses(packages:, new_violations:) ⇒ Object
• .rubocop_yml(root_pathname: Bundler.root) ⇒ Object
• .set_defaults!(packages, protection_identifiers: PackageProtections.all.map(&:identifier), verbose: true) ⇒ Object
• .validate! ⇒ Object
• .with_identifier(identifier) ⇒ Object

Class Method Details

.all ⇒ Object

# File 'lib/package_protections.rb', line 56

def self.all
  config.protections
end

.bust_cache! ⇒ Object

# File 'lib/package_protections.rb', line 165

def self.bust_cache!
  Private.bust_cache!
  RuboCop::Packs.bust_cache!
end

.config ⇒ Object

# File 'lib/package_protections.rb', line 61

def self.config
  Private.load_client_configuration
  @config = T.let(@config, T.nilable(Private::Configuration))
  @config ||= Private::Configuration.new
end

.configure {|PackageProtections.config| ... } ⇒ Object

Yields:

• (PackageProtections.config)

# File 'lib/package_protections.rb', line 50

def configure(&blk)
  yield(PackageProtections.config)
end

.get_offenses(packages:, new_violations:) ⇒ Object

# File 'lib/package_protections.rb', line 87

def self.get_offenses(packages:, new_violations:)
  Private.get_offenses(
    packages: packages,
    new_violations: new_violations
  ).compact
end

.rubocop_yml(root_pathname: Bundler.root) ⇒ Object

# File 'lib/package_protections.rb', line 160

def self.rubocop_yml(root_pathname: Bundler.root)
  Private.rubocop_yml(root_pathname: root_pathname)
end

.set_defaults!(packages, protection_identifiers: PackageProtections.all.map(&:identifier), verbose: true) ⇒ Object

# File 'lib/package_protections.rb', line 147

def self.set_defaults!(packages, protection_identifiers: PackageProtections.all.map(&:identifier), verbose: true)
  Private.set_defaults!(packages, protection_identifiers: protection_identifiers, verbose: verbose)
end

.validate! ⇒ Object

# File 'lib/package_protections.rb', line 97

def self.validate!
  errors = T.let([], T::Array[String])
  valid_identifiers = PackageProtections.all.map(&:identifier)

  ParsePackwerk.all.each do |p|
    metadata = p.metadata['protections'] || {}

    # Validate that there are no invalid keys
    invalid_identifiers = metadata.keys - valid_identifiers
    if invalid_identifiers.any?
      errors << "Invalid configuration for package `#{p.name}`. The metadata keys #{invalid_identifiers.inspect} are not a valid behavior under the `protection` metadata namespace. Valid keys are #{valid_identifiers.inspect}. See https://github.com/rubyatscale/package_protections#readme for more info"
    end

    # Validate that all protections requiring configuration have explicit configuration
    unspecified_protections = valid_identifiers - metadata.keys
    protections_requiring_explicit_configuration = unspecified_protections.reject do |protection_key|
      protection = PackageProtections.with_identifier(protection_key)
      protection.default_behavior.fail_never?
    end

    protections_requiring_explicit_configuration.each do |protection_identifier|
      errors << "All protections must explicitly set unless their default behavior is `fail_never`. Missing protection #{protection_identifier} for package #{p.name}."
    end

    # Validate that all protections have all preconditions met
    metadata.each do |protection_identifier, value|
      next if !valid_identifiers.include?(protection_identifier)

      behavior = ViolationBehavior.from_raw_value(value)
      protection = PackageProtections.with_identifier(protection_identifier)
      unmet_preconditions = protection.unmet_preconditions_for_behavior(behavior, p)
      if unmet_preconditions
        errors << "#{protection_identifier} protection does not have the valid preconditions in #{p.name}. #{unmet_preconditions}. See https://github.com/rubyatscale/package_protections#readme for more info"
      end
    end
  end

  errors
end

.with_identifier(identifier) ⇒ Object

# File 'lib/package_protections.rb', line 71

def self.with_identifier(identifier)
  @map ||= T.let(@map, T.nilable(T::Hash[Identifier, ProtectionInterface]))
  @map ||= all.to_h { |protection| [protection.identifier, protection] }
  @map.fetch(identifier)
end