Module: PackageProtections

Extended by:
T::Sig
Defined in:
lib/package_protections.rb,
lib/package_protections/offense.rb,
lib/package_protections/private.rb,
lib/package_protections/private/output.rb,
lib/package_protections/protected_package.rb,
lib/package_protections/per_file_violation.rb,
lib/package_protections/violation_behavior.rb,
lib/package_protections/protection_interface.rb,
lib/package_protections/private/configuration.rb,
lib/package_protections/private/colorized_string.rb,
lib/package_protections/private/metadata_modifiers.rb,
lib/package_protections/rubocop_protection_interface.rb,
lib/package_protections/private/incoming_privacy_protection.rb,
lib/package_protections/private/outgoing_dependency_protection.rb

Overview

typed: strict frozen_string_literal: true

Defined Under Namespace

Modules: ProtectionInterface, RubocopProtectionInterface Classes: IncorrectPublicApiUsageError, Offense, PerFileViolation, ProtectedPackage, ViolationBehavior

Constant Summary collapse

PROTECTIONS_TODO_YML =
'protections_todo.yml'
EXPECTED_PACK_DIRECTORIES =
T.let(%w[packs packages gems components], T::Array[String])
Identifier =

A protection identifier is just a string that identifies the name of the protection within a ‘package.yml`

T.type_alias { String }

Class Method Summary collapse

Class Method Details

.allObject



56
57
58
# File 'lib/package_protections.rb', line 56

def self.all
  config.protections
end

.bust_cache!Object



165
166
167
168
# File 'lib/package_protections.rb', line 165

def self.bust_cache!
  Private.bust_cache!
  RuboCop::Packs.bust_cache!
end

.configObject



61
62
63
64
65
# File 'lib/package_protections.rb', line 61

def self.config
  Private.load_client_configuration
  @config = T.let(@config, T.nilable(Private::Configuration))
  @config ||= Private::Configuration.new
end

.configure {|PackageProtections.config| ... } ⇒ Object



50
51
52
# File 'lib/package_protections.rb', line 50

def configure(&blk)
  yield(PackageProtections.config)
end

.get_offenses(packages:, new_violations:) ⇒ Object



87
88
89
90
91
92
# File 'lib/package_protections.rb', line 87

def self.get_offenses(packages:, new_violations:)
  Private.get_offenses(
    packages: packages,
    new_violations: new_violations
  ).compact
end

.rubocop_yml(root_pathname: Bundler.root) ⇒ Object



160
161
162
# File 'lib/package_protections.rb', line 160

def self.rubocop_yml(root_pathname: Bundler.root)
  Private.rubocop_yml(root_pathname: root_pathname)
end

.set_defaults!(packages, protection_identifiers: PackageProtections.all.map(&:identifier), verbose: true) ⇒ Object



147
148
149
# File 'lib/package_protections.rb', line 147

def self.set_defaults!(packages, protection_identifiers: PackageProtections.all.map(&:identifier), verbose: true)
  Private.set_defaults!(packages, protection_identifiers: protection_identifiers, verbose: verbose)
end

.validate!Object



97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# File 'lib/package_protections.rb', line 97

def self.validate!
  errors = T.let([], T::Array[String])
  valid_identifiers = PackageProtections.all.map(&:identifier)

  ParsePackwerk.all.each do |p|
     = p.['protections'] || {}

    # Validate that there are no invalid keys
    invalid_identifiers = .keys - valid_identifiers
    if invalid_identifiers.any?
      errors << "Invalid configuration for package `#{p.name}`. The metadata keys #{invalid_identifiers.inspect} are not a valid behavior under the `protection` metadata namespace. Valid keys are #{valid_identifiers.inspect}. See https://github.com/rubyatscale/package_protections#readme for more info"
    end

    # Validate that all protections requiring configuration have explicit configuration
    unspecified_protections = valid_identifiers - .keys
    protections_requiring_explicit_configuration = unspecified_protections.reject do |protection_key|
      protection = PackageProtections.with_identifier(protection_key)
      protection.default_behavior.fail_never?
    end

    protections_requiring_explicit_configuration.each do |protection_identifier|
      errors << "All protections must explicitly set unless their default behavior is `fail_never`. Missing protection #{protection_identifier} for package #{p.name}."
    end

    # Validate that all protections have all preconditions met
    .each do |protection_identifier, value|
      next if !valid_identifiers.include?(protection_identifier)

      behavior = ViolationBehavior.from_raw_value(value)
      protection = PackageProtections.with_identifier(protection_identifier)
      unmet_preconditions = protection.unmet_preconditions_for_behavior(behavior, p)
      if unmet_preconditions
        errors << "#{protection_identifier} protection does not have the valid preconditions in #{p.name}. #{unmet_preconditions}. See https://github.com/rubyatscale/package_protections#readme for more info"
      end
    end
  end

  errors
end

.with_identifier(identifier) ⇒ Object



71
72
73
74
75
# File 'lib/package_protections.rb', line 71

def self.with_identifier(identifier)
  @map ||= T.let(@map, T.nilable(T::Hash[Identifier, ProtectionInterface]))
  @map ||= all.to_h { |protection| [protection.identifier, protection] }
  @map.fetch(identifier)
end