From 92433ea634294dda0cc8c723449f92353873073f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Brais=20Gab=C3=ADn?= Date: Thu, 2 Dec 2021 10:43:08 +0100 Subject: [PATCH] Enable ForbiddenMethodCall (#4334) * Enable ForbiddenMethodCall on detekt code base * Move Resources extensions from tooling to utils * Forbid Url.openStream calls and Class.getResourceAsStream --- config/detekt/detekt.yml | 7 +++++++ detekt-api/build.gradle.kts | 1 + .../arturbosch/detekt/api/internal/Versions.kt | 3 ++- .../kotlin/io/gitlab/arturbosch/detekt/cli/Main.kt | 1 + detekt-core/build.gradle.kts | 1 + .../arturbosch/detekt/core/config/Configurations.kt | 2 +- .../arturbosch/detekt/core/config/DefaultConfig.kt | 2 +- .../detekt/core/tooling/DefaultConfigProvider.kt | 2 +- .../detekt/core/config/CompositeConfigSpec.kt | 3 +-- .../arturbosch/detekt/core/config/YamlConfigSpec.kt | 2 +- .../arturbosch/detekt/generator/DetektPrinter.kt | 6 +++--- .../detekt/generator/out/AbstractWriter.kt | 13 ++++++++----- detekt-report-html/build.gradle.kts | 1 + .../github/detekt/report/html/HtmlOutputReport.kt | 3 ++- .../detekt/sample/extensions/reports/Reports.kt | 1 - detekt-test/build.gradle.kts | 1 + .../io/gitlab/arturbosch/detekt/test/Resources.kt | 3 ++- detekt-utils/build.gradle.kts | 3 +++ .../kotlin/io/github/detekt/utils}/Resources.kt | 2 +- settings.gradle.kts | 1 + 20 files changed, 39 insertions(+), 19 deletions(-) create mode 100644 detekt-utils/build.gradle.kts rename {detekt-tooling/src/main/kotlin/io/github/detekt/tooling/internal => detekt-utils/src/main/kotlin/io/github/detekt/utils}/Resources.kt (95%) diff --git a/config/detekt/detekt.yml b/config/detekt/detekt.yml index 59cdae0a0be..eca1cd42c5f 100644 --- a/config/detekt/detekt.yml +++ b/config/detekt/detekt.yml @@ -164,6 +164,13 @@ style: - '@author' - '@requiresTypeResolution' excludes: ['**/detekt-rules-style/**/ForbiddenComment.kt'] + ForbiddenMethodCall: + active: true + methods: + - 'kotlin.io.print' + - 'kotlin.io.println' + - 'java.net.URL.openStream()' + - 'java.lang.Class.getResourceAsStream()' ForbiddenVoid: active: true LibraryCodeMustSpecifyReturnType: diff --git a/detekt-api/build.gradle.kts b/detekt-api/build.gradle.kts index 5ee507c90dc..97ea37a6eca 100644 --- a/detekt-api/build.gradle.kts +++ b/detekt-api/build.gradle.kts @@ -10,6 +10,7 @@ plugins { dependencies { api(libs.kotlin.compilerEmbeddable) api(projects.detektPsiUtils) + implementation(projects.detektUtils) testImplementation(projects.detektTest) testImplementation(libs.bundles.testImplementation) diff --git a/detekt-api/src/main/kotlin/io/gitlab/arturbosch/detekt/api/internal/Versions.kt b/detekt-api/src/main/kotlin/io/gitlab/arturbosch/detekt/api/internal/Versions.kt index eaf78c5bbf2..a8542ddb16d 100644 --- a/detekt-api/src/main/kotlin/io/gitlab/arturbosch/detekt/api/internal/Versions.kt +++ b/detekt-api/src/main/kotlin/io/gitlab/arturbosch/detekt/api/internal/Versions.kt @@ -1,5 +1,6 @@ package io.gitlab.arturbosch.detekt.api.internal +import io.github.detekt.utils.openSafeStream import io.gitlab.arturbosch.detekt.api.Extension import java.net.URL import java.util.jar.Manifest @@ -18,7 +19,7 @@ fun whichJava(): String = System.getProperty("java.runtime.version") * Returns the bundled detekt version. */ fun whichDetekt(): String? { - fun readVersion(resource: URL): String? = resource.openStream() + fun readVersion(resource: URL): String? = resource.openSafeStream() .use { Manifest(it).mainAttributes.getValue("DetektVersion") } return Extension::class.java.classLoader.getResources("META-INF/MANIFEST.MF") diff --git a/detekt-cli/src/main/kotlin/io/gitlab/arturbosch/detekt/cli/Main.kt b/detekt-cli/src/main/kotlin/io/gitlab/arturbosch/detekt/cli/Main.kt index bccd31abf72..18d211adca9 100644 --- a/detekt-cli/src/main/kotlin/io/gitlab/arturbosch/detekt/cli/Main.kt +++ b/detekt-cli/src/main/kotlin/io/gitlab/arturbosch/detekt/cli/Main.kt @@ -17,6 +17,7 @@ import kotlin.system.exitProcess fun main(args: Array) { val result = CliRunner().run(args) + @Suppress("ForbiddenMethodCall") when (val error = result.error) { is InvalidConfig, is MaxIssuesReached -> println(error.message) is UnexpectedError -> { diff --git a/detekt-core/build.gradle.kts b/detekt-core/build.gradle.kts index e534ad2afae..3c72d997c37 100644 --- a/detekt-core/build.gradle.kts +++ b/detekt-core/build.gradle.kts @@ -13,6 +13,7 @@ dependencies { implementation(projects.detektReportTxt) implementation(projects.detektReportXml) implementation(projects.detektReportSarif) + implementation(projects.detektUtils) testRuntimeOnly(projects.detektRules) testRuntimeOnly(projects.detektFormatting) diff --git a/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/config/Configurations.kt b/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/config/Configurations.kt index 301545d60bf..34a8a5f0bd8 100644 --- a/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/config/Configurations.kt +++ b/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/config/Configurations.kt @@ -2,7 +2,7 @@ package io.gitlab.arturbosch.detekt.core.config import io.github.detekt.tooling.api.spec.ConfigSpec import io.github.detekt.tooling.api.spec.ProcessingSpec -import io.github.detekt.tooling.internal.openSafeStream +import io.github.detekt.utils.openSafeStream import io.gitlab.arturbosch.detekt.api.Config import java.net.URI import java.net.URL diff --git a/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/config/DefaultConfig.kt b/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/config/DefaultConfig.kt index 2dc84f9f09e..a8477aa8955 100644 --- a/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/config/DefaultConfig.kt +++ b/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/config/DefaultConfig.kt @@ -1,6 +1,6 @@ package io.gitlab.arturbosch.detekt.core.config -import io.github.detekt.tooling.internal.getSafeResourceAsStream +import io.github.detekt.utils.getSafeResourceAsStream import io.gitlab.arturbosch.detekt.api.Config internal object DefaultConfig { diff --git a/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/tooling/DefaultConfigProvider.kt b/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/tooling/DefaultConfigProvider.kt index 63de133ee3d..c9138364557 100644 --- a/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/tooling/DefaultConfigProvider.kt +++ b/detekt-core/src/main/kotlin/io/gitlab/arturbosch/detekt/core/tooling/DefaultConfigProvider.kt @@ -1,7 +1,7 @@ package io.gitlab.arturbosch.detekt.core.tooling import io.github.detekt.tooling.api.DefaultConfigurationProvider -import io.github.detekt.tooling.internal.openSafeStream +import io.github.detekt.utils.openSafeStream import io.gitlab.arturbosch.detekt.api.Config import io.gitlab.arturbosch.detekt.core.config.DefaultConfig import java.nio.file.Files diff --git a/detekt-core/src/test/kotlin/io/gitlab/arturbosch/detekt/core/config/CompositeConfigSpec.kt b/detekt-core/src/test/kotlin/io/gitlab/arturbosch/detekt/core/config/CompositeConfigSpec.kt index 7cbc5c67d7a..2da8f6713e8 100644 --- a/detekt-core/src/test/kotlin/io/gitlab/arturbosch/detekt/core/config/CompositeConfigSpec.kt +++ b/detekt-core/src/test/kotlin/io/gitlab/arturbosch/detekt/core/config/CompositeConfigSpec.kt @@ -47,8 +47,7 @@ class CompositeConfigSpec : Spek({ "is not of required type Boolean" assertThatThrownBy { - val value: Boolean = config.valueOrDefault("active", true) - println(value) + config.valueOrDefault("active", true) }.isInstanceOf(IllegalStateException::class.java) .hasMessageContaining(expectedErrorMessage) } diff --git a/detekt-core/src/test/kotlin/io/gitlab/arturbosch/detekt/core/config/YamlConfigSpec.kt b/detekt-core/src/test/kotlin/io/gitlab/arturbosch/detekt/core/config/YamlConfigSpec.kt index 3cb415e0ffb..68e9435ce8d 100644 --- a/detekt-core/src/test/kotlin/io/gitlab/arturbosch/detekt/core/config/YamlConfigSpec.kt +++ b/detekt-core/src/test/kotlin/io/gitlab/arturbosch/detekt/core/config/YamlConfigSpec.kt @@ -3,7 +3,7 @@ package io.gitlab.arturbosch.detekt.core.config import io.github.detekt.test.utils.resourceAsPath -import io.github.detekt.tooling.internal.getSafeResourceAsStream +import io.github.detekt.utils.getSafeResourceAsStream import io.gitlab.arturbosch.detekt.api.Config import io.gitlab.arturbosch.detekt.test.yamlConfig import io.gitlab.arturbosch.detekt.test.yamlConfigFromContent diff --git a/detekt-generator/src/main/kotlin/io/gitlab/arturbosch/detekt/generator/DetektPrinter.kt b/detekt-generator/src/main/kotlin/io/gitlab/arturbosch/detekt/generator/DetektPrinter.kt index 2c7336f2b80..0ac50efe9e3 100644 --- a/detekt-generator/src/main/kotlin/io/gitlab/arturbosch/detekt/generator/DetektPrinter.kt +++ b/detekt-generator/src/main/kotlin/io/gitlab/arturbosch/detekt/generator/DetektPrinter.kt @@ -10,9 +10,9 @@ import io.gitlab.arturbosch.detekt.generator.printer.defaultconfig.ConfigPrinter class DetektPrinter(private val arguments: GeneratorArgs) { - private val markdownWriter = MarkdownWriter() - private val yamlWriter = YamlWriter() - private val propertiesWriter = PropertiesWriter() + private val markdownWriter = MarkdownWriter(System.out) + private val yamlWriter = YamlWriter(System.out) + private val propertiesWriter = PropertiesWriter(System.out) fun print(pages: List) { pages.forEach { diff --git a/detekt-generator/src/main/kotlin/io/gitlab/arturbosch/detekt/generator/out/AbstractWriter.kt b/detekt-generator/src/main/kotlin/io/gitlab/arturbosch/detekt/generator/out/AbstractWriter.kt index e67ace0fc8a..835f47d94b1 100644 --- a/detekt-generator/src/main/kotlin/io/gitlab/arturbosch/detekt/generator/out/AbstractWriter.kt +++ b/detekt-generator/src/main/kotlin/io/gitlab/arturbosch/detekt/generator/out/AbstractWriter.kt @@ -1,9 +1,12 @@ package io.gitlab.arturbosch.detekt.generator.out +import java.io.PrintStream import java.nio.file.Files import java.nio.file.Path -internal abstract class AbstractWriter { +internal abstract class AbstractWriter( + private val outputPrinter: PrintStream, +) { protected abstract val ending: String @@ -15,21 +18,21 @@ internal abstract class AbstractWriter { } } Files.write(filePath, content().toByteArray()) - println("Wrote: $filePath") + outputPrinter.println("Wrote: $filePath") } } -internal class MarkdownWriter : AbstractWriter() { +internal class MarkdownWriter(outputPrinter: PrintStream) : AbstractWriter(outputPrinter) { override val ending = "md" } -internal class YamlWriter : AbstractWriter() { +internal class YamlWriter(outputPrinter: PrintStream) : AbstractWriter(outputPrinter) { override val ending = "yml" } -internal class PropertiesWriter : AbstractWriter() { +internal class PropertiesWriter(outputPrinter: PrintStream) : AbstractWriter(outputPrinter) { override val ending = "properties" } diff --git a/detekt-report-html/build.gradle.kts b/detekt-report-html/build.gradle.kts index 0ec332d2925..42f7cdb23ea 100644 --- a/detekt-report-html/build.gradle.kts +++ b/detekt-report-html/build.gradle.kts @@ -5,6 +5,7 @@ plugins { dependencies { compileOnly(projects.detektApi) compileOnly(projects.detektMetrics) + implementation(projects.detektUtils) implementation(libs.kotlinx.html) { exclude(group = "org.jetbrains.kotlin") } diff --git a/detekt-report-html/src/main/kotlin/io/github/detekt/report/html/HtmlOutputReport.kt b/detekt-report-html/src/main/kotlin/io/github/detekt/report/html/HtmlOutputReport.kt index cb3fee27474..f92ef36a2d5 100644 --- a/detekt-report-html/src/main/kotlin/io/github/detekt/report/html/HtmlOutputReport.kt +++ b/detekt-report-html/src/main/kotlin/io/github/detekt/report/html/HtmlOutputReport.kt @@ -2,6 +2,7 @@ package io.github.detekt.report.html import io.github.detekt.metrics.ComplexityReportGenerator import io.github.detekt.psi.toUnifiedString +import io.github.detekt.utils.openSafeStream import io.gitlab.arturbosch.detekt.api.Detektion import io.gitlab.arturbosch.detekt.api.Finding import io.gitlab.arturbosch.detekt.api.OutputReport @@ -48,7 +49,7 @@ class HtmlOutputReport : OutputReport() { override fun render(detektion: Detektion) = javaClass.getResource("/$DEFAULT_TEMPLATE")!! - .openStream() + .openSafeStream() .bufferedReader() .use { it.readText() } .replace(PLACEHOLDER_VERSION, renderVersion()) diff --git a/detekt-sample-extensions/src/main/kotlin/io/gitlab/arturbosch/detekt/sample/extensions/reports/Reports.kt b/detekt-sample-extensions/src/main/kotlin/io/gitlab/arturbosch/detekt/sample/extensions/reports/Reports.kt index 0db7f636941..8e532e8e456 100644 --- a/detekt-sample-extensions/src/main/kotlin/io/gitlab/arturbosch/detekt/sample/extensions/reports/Reports.kt +++ b/detekt-sample-extensions/src/main/kotlin/io/gitlab/arturbosch/detekt/sample/extensions/reports/Reports.kt @@ -5,7 +5,6 @@ import io.gitlab.arturbosch.detekt.sample.extensions.processors.fqNamesKey fun qualifiedNamesReport(detektion: Detektion): String? { val fqNames = detektion.getData(fqNamesKey) - println("fqNames: $fqNames") if (fqNames.isNullOrEmpty()) return null return with(StringBuilder()) { diff --git a/detekt-test/build.gradle.kts b/detekt-test/build.gradle.kts index dfd2bbe83b8..534c18fd0aa 100644 --- a/detekt-test/build.gradle.kts +++ b/detekt-test/build.gradle.kts @@ -6,6 +6,7 @@ plugins { dependencies { api(projects.detektApi) api(projects.detektTestUtils) + implementation(projects.detektUtils) compileOnly(libs.assertj) implementation(projects.detektCore) implementation(projects.detektParser) diff --git a/detekt-test/src/main/kotlin/io/gitlab/arturbosch/detekt/test/Resources.kt b/detekt-test/src/main/kotlin/io/gitlab/arturbosch/detekt/test/Resources.kt index 13a5d981b79..b90f1e98838 100644 --- a/detekt-test/src/main/kotlin/io/gitlab/arturbosch/detekt/test/Resources.kt +++ b/detekt-test/src/main/kotlin/io/gitlab/arturbosch/detekt/test/Resources.kt @@ -1,10 +1,11 @@ package io.gitlab.arturbosch.detekt.test import io.github.detekt.test.utils.resource +import io.github.detekt.utils.openSafeStream import io.gitlab.arturbosch.detekt.api.Config import io.gitlab.arturbosch.detekt.core.config.YamlConfig import java.io.StringReader -fun yamlConfig(name: String) = resource(name).toURL().openStream().reader().use(YamlConfig::load) +fun yamlConfig(name: String) = resource(name).toURL().openSafeStream().reader().use(YamlConfig::load) fun yamlConfigFromContent(content: String): Config = StringReader(content.trimIndent()).use(YamlConfig::load) diff --git a/detekt-utils/build.gradle.kts b/detekt-utils/build.gradle.kts new file mode 100644 index 00000000000..ed0de36f81c --- /dev/null +++ b/detekt-utils/build.gradle.kts @@ -0,0 +1,3 @@ +plugins { + id("module") +} diff --git a/detekt-tooling/src/main/kotlin/io/github/detekt/tooling/internal/Resources.kt b/detekt-utils/src/main/kotlin/io/github/detekt/utils/Resources.kt similarity index 95% rename from detekt-tooling/src/main/kotlin/io/github/detekt/tooling/internal/Resources.kt rename to detekt-utils/src/main/kotlin/io/github/detekt/utils/Resources.kt index f2f60407b53..07c794ee063 100644 --- a/detekt-tooling/src/main/kotlin/io/github/detekt/tooling/internal/Resources.kt +++ b/detekt-utils/src/main/kotlin/io/github/detekt/utils/Resources.kt @@ -1,4 +1,4 @@ -package io.github.detekt.tooling.internal +package io.github.detekt.utils import java.io.InputStream import java.net.URL diff --git a/settings.gradle.kts b/settings.gradle.kts index 9b1ef516ae1..d4a14097bbc 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -33,6 +33,7 @@ include("detekt-sample-extensions") include("detekt-test") include("detekt-test-utils") include("detekt-tooling") +include("detekt-utils") enableFeaturePreview("VERSION_CATALOGS") enableFeaturePreview("TYPESAFE_PROJECT_ACCESSORS")