Class: Pod::Command::Whitelist

Inherits:

Pod::Command

• Object
• Pod::Command
• Pod::Command::Whitelist

Defined in:

lib/cocoapods-whitelist/command/whitelist.rb

Class Method Summary

• .options ⇒ Object

Instance Method Summary

• #get_podspec_specifications ⇒ Object
• #get_whitelist ⇒ Object
• #initialize(argv) ⇒ Whitelist constructor

  A new instance of Whitelist.

• #parse_whitelist(raw_whitelist) ⇒ Object
• #prepare_outfile ⇒ Object
• #run ⇒ Object
• #show_error_message(message) ⇒ Object
• #show_result_message ⇒ Object
• #validate! ⇒ Object
• #validate_dependencies(podspec, whitelist, parentName = nil) ⇒ Object

  Checks the dependencies the project contains are in the whitelist.

Constructor Details

#initialize(argv) ⇒ Whitelist

Returns a new instance of Whitelist.

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 47

def initialize(argv)
  @whitelist_url = argv ? argv.option('config', DEFAULT_WHITELIST_URL) : DEFAULT_WHITELIST_URL
  @pospec_path = argv ? argv.option('podspec') : nil
  @fail_on_error = argv ? argv.flag?('fail-on-error') : false
  @outfile = argv ? argv.option('outfile') : nil
  @failure = false
  super
end

Class Method Details

.options ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 39

def self.options
  [ ['--config=CONFIG', 'Config file or URL for the blacklist'],
    ['--podspec=PODSPEC', 'Podspec file to be lint'],
    ['--fail-on-error', 'Raise an exception in case of error'],
    ['--outfile=PATH', 'Output the linter results to a file']
  ].concat(super)
end

Instance Method Details

#get_podspec_specifications ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 157

def get_podspec_specifications
  if @pospec_path
    return [Pod::Specification.from_file(@pospec_path)]
  end

  # Search .podspec in current directory
  podspecs = Dir.glob("./*.podspec")

  if podspecs.count == 0
    # Search .podspec in parent directory.
    # Some projects has Podfile into a subdirectory ("Example"), and run "pod install" from there.
    podspecs = Dir.glob("../*.podspec")
  end

  return podspecs.map { |path|  Pod::Specification.from_file(path) }
end

#get_whitelist ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 138

def get_whitelist
  begin
    open(@whitelist_url) { |io|
      buffer = io.read
      parse_whitelist(buffer)
    }
  rescue OpenURI::HTTPError => e
    status = e.io.status.join(' ')
    raise "Failed to fetch whitelist from '#{@whitelist_url}'.\n Error: #{status}"
  end
end

#parse_whitelist(raw_whitelist) ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 150

def parse_whitelist(raw_whitelist)
  json = JSON.parse(raw_whitelist)
  return json["whitelist"].map { |dependencyJson|
    AllowedDependency.new(dependencyJson["name"], dependencyJson["version"], dependencyJson["expire"])
  }
end

#prepare_outfile ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 186

def prepare_outfile
  if @outfile == nil
    return
  end

  if File.exist?(@outfile)
    FileUtils.rm(@outfile)
  elsif File.dirname(@outfile)
    FileUtils.mkdir_p(File.dirname(@outfile))
  end
end

#run ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 60

def run
  prepare_outfile
  whitelist = get_whitelist
  specifications = get_podspec_specifications

  if specifications.empty?
      UI.puts "No Podspec found".yellow
      return
  end

  specifications.map do |specification|
    validate_dependencies(JSON.parse(specification.to_json), whitelist)
  end

  show_result_message
end

#show_error_message(message) ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 174

def show_error_message(message)
  unless @outfile == nil
    IO.write(@outfile, "#{message}\n", mode: 'a')
  end

  if @fail_on_error
    UI.puts message.red
  else
    UI.puts message.yellow
  end
end

#show_result_message ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 77

def show_result_message
  return unless @failure
  message = "Please check your dependencies.\nYou can see the allowed dependencies at #{@whitelist_url}"
  show_error_message(message)
  if @fail_on_error
    raise Informative.new()
  end
end

#validate! ⇒ Object

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 56

def validate!
  help! "A whitelist file or URL is needed." unless @whitelist_url
end

#validate_dependencies(podspec, whitelist, parentName = nil) ⇒ Object

Checks the dependencies the project contains are in the whitelist

# File 'lib/cocoapods-whitelist/command/whitelist.rb', line 87

def validate_dependencies(podspec, whitelist, parentName = nil)
  pod_name = parentName ? "#{parentName}/#{podspec['name']}" : podspec['name']
  UI.puts "Verifying dependencies in #{pod_name}".green

  dependencies = podspec["dependencies"] ? podspec["dependencies"] : []
  not_allowed = []

  dependencies.each do |name, versions|
    # Skip subspec dependency
    next if parentName && name.start_with?("#{parentName}/")

    if versions.length != 1
      not_allowed.push("#{name} (#{versions.join(", ")}) Reason: A specific version must be defined for every dependency (just one). " +
      "Suggestion: find this dependency in your Podspec and add the version listed in the whitelist.")
      next
    end

    allowedDependency = whitelist.select { |item|
      name.start_with?(item.name.match(POD_NAME_REGEX).captures[POD_BASE_REGEX_POSITION]) && (!item.version || versions.grep(/#{item.version}/).any?)
    }

    # Checks if any of the allowed dependencies are expired, if so, fail with error
    allowedDependency.each { |dependency|
      if dependency.expire?
        not_allowed.push("#{name} Reason: Expired version. Please check the whitelist.")
      end
    }

    if allowedDependency.empty?
      not_allowed.push("#{name} (#{versions.join(", ")}) Reason: Specified version hasn't match any whitelisted version or Pod name is not valid")
      next
    end
  end

  if not_allowed.any?
    severity = @fail_on_error ? "Error" : "Warning"
    show_error_message(" #{severity}: Found dependencies not allowed:")
    not_allowed.each {|dependency| show_error_message("  - #{dependency}")}
    @failure = true
  else
    UI.puts " OK".green
  end

  # Validate subspecs dependencies
  if podspec["subspecs"]
    podspec["subspecs"].each do |subspec|
      validate_dependencies(subspec, whitelist, pod_name)
    end
  end
end