woodpecker/vendor/github.com/OpenPeeDeeP/depguard/depguard.go
6543 56a854fe14
Update deps (#789)
* update github.com/docker/cli

* update github.com/docker/distribution

* update github.com/docker/docker

* update github.com/gin-gonic/gin

* update github.com/golang-jwt/jwt/v4

* update github.com/golangci/golangci-lint

* update github.com/gorilla/securecookie

* update github.com/mattn/go-sqlite3

* update github.com/moby/moby

* update github.com/prometheus/client_golang

* update github.com/xanzy/go-gitlab
2022-02-24 17:33:24 +01:00

301 lines
8.1 KiB
Go

package depguard
import (
"go/build"
"go/token"
"io/ioutil"
"path"
"sort"
"strings"
"github.com/gobwas/glob"
"golang.org/x/tools/go/loader"
)
// ListType states what kind of list is passed in.
type ListType int
const (
// LTBlacklist states the list given is a blacklist. (default)
LTBlacklist ListType = iota
// LTWhitelist states the list given is a whitelist.
LTWhitelist
)
// StringToListType makes it easier to turn a string into a ListType.
// It assumes that the string representation is lower case.
var StringToListType = map[string]ListType{
"allowlist": LTWhitelist,
"denylist": LTBlacklist,
"whitelist": LTWhitelist,
"blacklist": LTBlacklist,
}
// Issue with the package with PackageName at the Position.
type Issue struct {
PackageName string
Position token.Position
}
// Wrapper for glob patterns that allows for custom negation
type negatableGlob struct {
g glob.Glob
negate bool
}
// Depguard checks imports to make sure they follow the given list and constraints.
type Depguard struct {
ListType ListType
IncludeGoRoot bool
Packages []string
prefixPackages []string
globPackages []glob.Glob
TestPackages []string
prefixTestPackages []string
globTestPackages []glob.Glob
IgnoreFileRules []string
prefixIgnoreFileRules []string
globIgnoreFileRules []negatableGlob
prefixRoot []string
}
// Run checks for dependencies given the program and validates them against
// Packages.
func (dg *Depguard) Run(config *loader.Config, prog *loader.Program) ([]*Issue, error) {
// Shortcut execution on an empty blacklist as that means every package is allowed
if dg.ListType == LTBlacklist && len(dg.Packages) == 0 {
return nil, nil
}
if err := dg.initialize(config, prog); err != nil {
return nil, err
}
directImports, err := dg.createImportMap(prog)
if err != nil {
return nil, err
}
var issues []*Issue
for pkg, positions := range directImports {
for _, pos := range positions {
if ignoreFile(pos.Filename, dg.prefixIgnoreFileRules, dg.globIgnoreFileRules) {
continue
}
prefixList, globList := dg.prefixPackages, dg.globPackages
if len(dg.TestPackages) > 0 && strings.Index(pos.Filename, "_test.go") != -1 {
prefixList, globList = dg.prefixTestPackages, dg.globTestPackages
}
if dg.flagIt(pkg, prefixList, globList) {
issues = append(issues, &Issue{
PackageName: pkg,
Position: pos,
})
}
}
}
return issues, nil
}
func (dg *Depguard) initialize(config *loader.Config, prog *loader.Program) error {
// parse ordinary guarded packages
for _, pkg := range dg.Packages {
if strings.ContainsAny(pkg, "!?*[]{}") {
g, err := glob.Compile(pkg, '/')
if err != nil {
return err
}
dg.globPackages = append(dg.globPackages, g)
} else {
dg.prefixPackages = append(dg.prefixPackages, pkg)
}
}
// Sort the packages so we can have a faster search in the array
sort.Strings(dg.prefixPackages)
// parse guarded tests packages
for _, pkg := range dg.TestPackages {
if strings.ContainsAny(pkg, "!?*[]{}") {
g, err := glob.Compile(pkg, '/')
if err != nil {
return err
}
dg.globTestPackages = append(dg.globTestPackages, g)
} else {
dg.prefixTestPackages = append(dg.prefixTestPackages, pkg)
}
}
// Sort the test packages so we can have a faster search in the array
sort.Strings(dg.prefixTestPackages)
// parse ignore file rules
for _, rule := range dg.IgnoreFileRules {
if strings.ContainsAny(rule, "!?*[]{}") {
ng := negatableGlob{}
if strings.HasPrefix(rule, "!") {
ng.negate = true
rule = rule[1:] // Strip out the leading '!'
} else {
ng.negate = false
}
g, err := glob.Compile(rule, '/')
if err != nil {
return err
}
ng.g = g
dg.globIgnoreFileRules = append(dg.globIgnoreFileRules, ng)
} else {
dg.prefixIgnoreFileRules = append(dg.prefixIgnoreFileRules, rule)
}
}
// Sort the rules so we can have a faster search in the array
sort.Strings(dg.prefixIgnoreFileRules)
if !dg.IncludeGoRoot {
var err error
dg.prefixRoot, err = listRootPrefixs(config.Build)
if err != nil {
return err
}
}
return nil
}
func (dg *Depguard) createImportMap(prog *loader.Program) (map[string][]token.Position, error) {
importMap := make(map[string][]token.Position)
// For the directly imported packages
for _, imported := range prog.InitialPackages() {
// Go through their files
for _, file := range imported.Files {
// And populate a map of all direct imports and their positions
// This will filter out GoRoot depending on the Depguard.IncludeGoRoot
for _, fileImport := range file.Imports {
fileImportPath := cleanBasicLitString(fileImport.Path.Value)
if !dg.IncludeGoRoot && dg.isRoot(fileImportPath) {
continue
}
position := prog.Fset.Position(fileImport.Pos())
positions, found := importMap[fileImportPath]
if !found {
importMap[fileImportPath] = []token.Position{
position,
}
continue
}
importMap[fileImportPath] = append(positions, position)
}
}
}
return importMap, nil
}
func ignoreFile(filename string, prefixList []string, negatableGlobList []negatableGlob) bool {
if strInPrefixList(filename, prefixList) {
return true
}
return strInNegatableGlobList(filename, negatableGlobList)
}
func pkgInList(pkg string, prefixList []string, globList []glob.Glob) bool {
if strInPrefixList(pkg, prefixList) {
return true
}
return strInGlobList(pkg, globList)
}
func strInPrefixList(str string, prefixList []string) bool {
// Idx represents where in the prefix slice the passed in string would go
// when sorted. -1 Just means that it would be at the very front of the slice.
idx := sort.Search(len(prefixList), func(i int) bool {
return prefixList[i] > str
}) - 1
// This means that the string passed in has no way to be prefixed by anything
// in the prefix list as it is already smaller then everything
if idx == -1 {
return false
}
return strings.HasPrefix(str, prefixList[idx])
}
func strInGlobList(str string, globList []glob.Glob) bool {
for _, g := range globList {
if g.Match(str) {
return true
}
}
return false
}
func strInNegatableGlobList(str string, negatableGlobList []negatableGlob) bool {
for _, ng := range negatableGlobList {
// Return true when:
// - Match is true and negate is off
// - Match is false and negate is on
if ng.g.Match(str) != ng.negate {
return true
}
}
return false
}
// InList | WhiteList | BlackList
// y | | x
// n | x |
func (dg *Depguard) flagIt(pkg string, prefixList []string, globList []glob.Glob) bool {
return pkgInList(pkg, prefixList, globList) == (dg.ListType == LTBlacklist)
}
func cleanBasicLitString(value string) string {
return strings.Trim(value, "\"\\")
}
// We can do this as all imports that are not root are either prefixed with a domain
// or prefixed with `./` or `/` to dictate it is a local file reference
func listRootPrefixs(buildCtx *build.Context) ([]string, error) {
if buildCtx == nil {
buildCtx = &build.Default
}
root := path.Join(buildCtx.GOROOT, "src")
fs, err := ioutil.ReadDir(root)
if err != nil {
return nil, err
}
var pkgPrefix []string
for _, f := range fs {
if !f.IsDir() {
continue
}
pkgPrefix = append(pkgPrefix, f.Name())
}
return pkgPrefix, nil
}
func (dg *Depguard) isRoot(importPath string) bool {
// Idx represents where in the package slice the passed in package would go
// when sorted. -1 Just means that it would be at the very front of the slice.
idx := sort.Search(len(dg.prefixRoot), func(i int) bool {
return dg.prefixRoot[i] > importPath
}) - 1
// This means that the package passed in has no way to be prefixed by anything
// in the package list as it is already smaller then everything
if idx == -1 {
return false
}
// if it is prefixed by a root prefix we need to check if it is an exact match
// or prefix with `/` as this could return false posative if the domain was
// `archive.com` for example as `archive` is a go root package.
if strings.HasPrefix(importPath, dg.prefixRoot[idx]) {
return strings.HasPrefix(importPath, dg.prefixRoot[idx]+"/") || importPath == dg.prefixRoot[idx]
}
return false
}