Implement first initial checks

.credo.exs

@@ -0,0 +1,135 @@
+%{
+  configs: [
+    %{
+      name: "default",
+      files: %{
+        included: ["*.exs", "lib/", "priv/", "config/", "rel/", "test/"],
+        excluded: [~r"/_build/", ~r"/deps/"]
+      },
+      plugins: [],
+      requires: [],
+      strict: true,
+      parse_timeout: 5000,
+      color: true,
+      checks: %{
+        enabled: [
+          # Consistency Checks
+          {Credo.Check.Consistency.ExceptionNames, []},
+          {Credo.Check.Consistency.LineEndings, []},
+          {Credo.Check.Consistency.SpaceAroundOperators, []},
+          {Credo.Check.Consistency.SpaceInParentheses, []},
+          {Credo.Check.Consistency.TabsOrSpaces, []},
+
+          # Design Checks
+          {Credo.Check.Design.AliasUsage, [if_nested_deeper_than: 1, if_called_more_often_than: 2]},
+          {Credo.Check.Design.TagTODO, []},
+          {Credo.Check.Design.TagFIXME, []},
+
+          # Readability Checks
+          {Credo.Check.Readability.FunctionNames, []},
+          {Credo.Check.Readability.MaxLineLength, [priority: :low, max_length: 200]},
+          {Credo.Check.Readability.ModuleAttributeNames, []},
+          {Credo.Check.Readability.ModuleNames, []},
+          {Credo.Check.Readability.ParenthesesInCondition, []},
+          {Credo.Check.Readability.PredicateFunctionNames, []},
+          {Credo.Check.Readability.RedundantBlankLines, []},
+          {Credo.Check.Readability.Semicolons, []},
+          {Credo.Check.Readability.SpaceAfterCommas, []},
+          {Credo.Check.Readability.StringSigils, []},
+          {Credo.Check.Readability.TrailingBlankLine, []},
+          {Credo.Check.Readability.TrailingWhiteSpace, []},
+          {Credo.Check.Readability.VariableNames, []},
+
+          # Refactoring Opportunities
+          {Credo.Check.Refactor.ABCSize, max_size: 40},
+          {Credo.Check.Refactor.Apply, []},
+          {Credo.Check.Refactor.CyclomaticComplexity, []},
+          {Credo.Check.Refactor.FunctionArity, []},
+          {Credo.Check.Refactor.LongQuoteBlocks, []},
+          {Credo.Check.Refactor.MatchInCondition, []},
+          {Credo.Check.Refactor.Nesting, []},
+          {Credo.Check.Refactor.FilterFilter, []},
+          {Credo.Check.Refactor.RejectReject, []},
+
+          # Warnings
+          {Credo.Check.Warning.ApplicationConfigInModuleAttribute, []},
+          {Credo.Check.Warning.BoolOperationOnSameValues, []},
+          {Credo.Check.Warning.ExpensiveEmptyEnumCheck, []},
+          {Credo.Check.Warning.IExPry, []},
+          {Credo.Check.Warning.IoInspect, []},
+          {Credo.Check.Warning.OperationOnSameValues, []},
+          {Credo.Check.Warning.OperationWithConstantResult, []},
+          {Credo.Check.Warning.RaiseInsideRescue, []},
+          {Credo.Check.Warning.SpecWithStruct, []},
+          {Credo.Check.Warning.WrongTestFileExtension, []},
+          {Credo.Check.Warning.UnusedEnumOperation, []},
+          {Credo.Check.Warning.UnusedFileOperation, []},
+          {Credo.Check.Warning.UnusedKeywordOperation, []},
+          {Credo.Check.Warning.UnusedListOperation, []},
+          {Credo.Check.Warning.UnusedPathOperation, []},
+          {Credo.Check.Warning.UnusedRegexOperation, []},
+          {Credo.Check.Warning.UnusedStringOperation, []},
+          {Credo.Check.Warning.UnusedTupleOperation, []},
+          {Credo.Check.Warning.UnsafeExec, []},
+
+          # Naming
+          {CredoNaming.Check.Warning.AvoidSpecificTermsInModuleNames, terms: ["Manager", "Fetcher", "Builder", "Persister", "Serializer", ~r/^Helpers?$/i, ~r/^Utils?$/i]},
+          {CredoNaming.Check.Consistency.ModuleFilename, excluded_paths: ["config", "mix.exs", "priv", "test/support"], acronyms: []}
+        ],
+        disabled: [
+          {Credo.Check.Consistency.MultiAliasImportRequireUse, []},
+          {Credo.Check.Consistency.ParameterPatternMatching, []},
+          {Credo.Check.Consistency.UnusedVariableNames, []},
+          {Credo.Check.Design.DuplicatedCode, []},
+          {Credo.Check.Design.SkipTestWithoutComment, []},
+          {Credo.Check.Readability.AliasAs, []},
+          {Credo.Check.Readability.AliasOrder, []},
+          {Credo.Check.Readability.BlockPipe, []},
+          {Credo.Check.Readability.ImplTrue, []},
+          {Credo.Check.Readability.LargeNumbers, []},
+          {Credo.Check.Readability.ModuleDoc, false},
+          {Credo.Check.Readability.MultiAlias, []},
+          {Credo.Check.Readability.NestedFunctionCalls, []},
+          {Credo.Check.Readability.OneArityFunctionInPipe, false},
+          {Credo.Check.Readability.ParenthesesOnZeroArityDefs, []},
+          {Credo.Check.Readability.PipeIntoAnonymousFunctions, []},
+          {Credo.Check.Readability.PreferImplicitTry, []},
+          {Credo.Check.Readability.SeparateAliasRequire, []},
+          {Credo.Check.Readability.SingleFunctionToBlockPipe, []},
+          {Credo.Check.Readability.SinglePipe, []},
+          {Credo.Check.Readability.Specs, []},
+          {Credo.Check.Readability.StrictModuleLayout, []},
+          {Credo.Check.Readability.UnnecessaryAliasExpansion, []},
+          {Credo.Check.Readability.WithCustomTaggedTuple, []},
+          {Credo.Check.Readability.WithSingleClause, []},
+          {Credo.Check.Refactor.ABCSize, []},
+          {Credo.Check.Refactor.AppendSingleItem, []},
+          {Credo.Check.Refactor.CaseTrivialMatches, false},
+          {Credo.Check.Refactor.CondStatements, []},
+          {Credo.Check.Refactor.DoubleBooleanNegation, []},
+          {Credo.Check.Refactor.FilterCount, false},
+          {Credo.Check.Refactor.FilterReject, []},
+          {Credo.Check.Refactor.IoPuts, []},
+          {Credo.Check.Refactor.MapInto, false},
+          {Credo.Check.Refactor.MapJoin, []},
+          {Credo.Check.Refactor.MapMap, []},
+          {Credo.Check.Refactor.ModuleDependencies, []},
+          {Credo.Check.Refactor.NegatedConditionsInUnless, []},
+          {Credo.Check.Refactor.NegatedConditionsWithElse, []},
+          {Credo.Check.Refactor.NegatedIsNil, []},
+          {Credo.Check.Refactor.PipeChainStart, [excluded_argument_types: ~w(atom binary fn keyword)a, excluded_functions: ~w(from)]},
+          {Credo.Check.Refactor.RedundantWithClauseResult, []},
+          {Credo.Check.Refactor.RejectFilter, []},
+          {Credo.Check.Refactor.UnlessWithElse, []},
+          {Credo.Check.Refactor.VariableRebinding, []},
+          {Credo.Check.Refactor.WithClauses, []},
+          {Credo.Check.Warning.LazyLogging, []},
+          {Credo.Check.Warning.LeakyEnvironment, []},
+          {Credo.Check.Warning.MapGetUnsafePass, []},
+          {Credo.Check.Warning.MixEnv, []},
+          {Credo.Check.Warning.UnsafeToAtom, []}
+        ]
+      }
+    }
+  ]
+}

.formatter.exs

@@ -1,4 +1,5 @@
-# Used by "mix format"
 [
-  inputs: ["{mix,.formatter}.exs", "{config,lib,test}/**/*.{ex,exs}"]
+  inputs: ["*.exs", "{lib,test}/**/*.{ex,exs}"],
+  line_length: 180,
+  plugins: [Styler]
 ]

.github/pull_request_template.md

@@ -0,0 +1,22 @@
+## 📖 Description and reason
+
+<!-- What are the changes and why are they necessary? -->
+
+## 👷 Work done
+
+#### Tasks
+
+- [x] Task 1
+- [ ] Task 2
+
+#### Additional notes
+
+<!-- What are topics you would like to discuss or require a closer look? -->
+
+## 🎉 Result
+
+<!-- What is the result? Include screenshots if necessary. -->
+
+## 🦀 Dispatch
+
+`#dispatch/elixir`

.github/workflows/ci.yaml

@@ -0,0 +1,31 @@
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+  ci:
+    runs-on: ubuntu-20.04
+    strategy:
+      matrix:
+        elixir-version: [1.15.x, 1.14.x, 1.13.x, 1.12.x]
+        include:
+          - elixir-version: 1.15.x
+            otp-version: 26.x
+          - elixir-version: 1.14.x
+            otp-version: 25.x
+          - elixir-version: 1.13.x
+            otp-version: 25.x
+          - elixir-version: 1.12.x
+            otp-version: 24.x
+    steps:
+      - uses: actions/checkout@v2
+      - uses: erlef/setup-beam@v1
+        with:
+          otp-version: ${{ matrix.otp-version }}
+          elixir-version: ${{ matrix.elixir-version }}
+      - run: make dependencies
+      - run: make lint
+      - run: make test
+      - run: mix hex.publish --dry-run
+        env:
+          HEX_API_KEY: DRYRUN

.github/workflows/publish.yaml

@@ -0,0 +1,21 @@
+name: Publish
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    env:
+      HEX_API_KEY: ${{ secrets.MIREGO_HEXPM_API_KEY }}
+    steps:
+      - uses: actions/checkout@v2
+      - uses: erlef/setup-beam@v1
+        with:
+          otp-version: 26.x
+          elixir-version: 1.15.x
+      - run: mix deps.get
+      - run: mix compile --docs
+      - run: mix hex.publish --yes

.tool-versions

@@ -0,0 +1 @@
+elixir 1.15.5-otp-26

CHANGELOG.md

@@ -0,0 +1,12 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+
+## 0.1.0 (2023-11-30)
+
+- Initial release

LICENSE.md

@@ -0,0 +1,26 @@
+Copyright (c) 2020, Mirego
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+- Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer.
+- Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+- Neither the name of the Mirego nor the names of its contributors may
+  be used to endorse or promote products derived from this software without
+  specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.

Makefile

@@ -0,0 +1,65 @@
+# Configuration
+# -------------
+
+APP_NAME = `grep 'app:' mix.exs | sed -e 's/\[//g' -e 's/ //g' -e 's/app://' -e 's/[:,]//g'`
+APP_VERSION = `grep '@version ' mix.exs | cut -d '"' -f2`
+GIT_REVISION = `git rev-parse HEAD`
+
+# Introspection targets
+# ---------------------
+
+.PHONY: help
+help: header targets
+
+.PHONY: header
+header:
+	@echo "\033[34mEnvironment\033[0m"
+	@echo "\033[34m---------------------------------------------------------------\033[0m"
+	@printf "\033[33m%-23s\033[0m" "APP_NAME"
+	@printf "\033[35m%s\033[0m" $(APP_NAME)
+	@echo ""
+	@printf "\033[33m%-23s\033[0m" "APP_VERSION"
+	@printf "\033[35m%s\033[0m" $(APP_VERSION)
+	@echo ""
+	@printf "\033[33m%-23s\033[0m" "GIT_REVISION"
+	@printf "\033[35m%s\033[0m" $(GIT_REVISION)
+	@echo "\n"
+
+.PHONY: targets
+targets:
+	@echo "\033[34mTargets\033[0m"
+	@echo "\033[34m---------------------------------------------------------------\033[0m"
+	@perl -nle'print $& if m{^[a-zA-Z_-]+:.*?## .*$$}' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-22s\033[0m %s\n", $$1, $$2}'
+
+# Development targets
+# -------------------
+
+.PHONY: dependencies
+dependencies: ## Install dependencies
+	mix deps.get --force
+
+# CI targets
+# ----------
+
+.PHONY: lint
+lint: lint-compile lint-format lint-credo ## Run lint tools on the code
+
+.PHONY: lint-compile
+lint-compile:
+	mix compile --warnings-as-errors --force
+
+.PHONY: lint-format
+lint-format:
+	mix format --dry-run --check-formatted
+
+.PHONY: lint-credo
+lint-credo:
+	mix credo --strict
+
+.PHONY: test
+test: ## Run the test suite
+	mix test
+
+.PHONY: format
+format: ## Run formatting tools on the code
+	mix format

README.md

@@ -1,21 +1,48 @@
-# AbsintheSecurity
+<div align="center">
+  <img src="https://user-images.githubusercontent.com/11348/75812982-32921e80-5d5d-11ea-9c3b-ad46fd6005f9.png" width="500" />
+  <br /><br />
+  <code>AbsintheSecurity</code> provides security utilities to validate a GraphQL query before executing it.
+  <a href="https://github.com/mirego/absinthe_security/actions?query=workflow%3ACI+branch%3Amain"><img src="https://github.com/mirego/absinthe_security/workflows/CI/badge.svg?branch=main" /></a>
+  <a href="https://hex.pm/packages/absinthe_security"><img src="https://img.shields.io/hexpm/v/absinthe_security.svg" /></a>
+</div>
 
-**TODO: Add description**
+## Description
+
+This library is designed to enhance the security of your GraphQL API built with Absinthe by providing convenient utilities for query validation.
+
+***Directive Limit Validation***: Ensure GraphQL queries don't contain an excessive number of directives, preventing potential security vulnerabilities.
+
+***Alias Limit Validation***: Validate queries to ensure they don't use an excessive number of aliases, promoting efficient and maintainable code.
+
+***Query Depth Validation***: Guard against overly nested queries by validating the depth of GraphQL queries, mitigating potential performance issues.
 
 ## Installation
 
-If [available in Hex](https://hex.pm/docs/publish), the package can be installed
-by adding `absinthe_security` to your list of dependencies in `mix.exs`:
+### Project dependency
+
+Add `absinthe_security` to the `deps` function in your project’s `mix.exs` file:
 
 ```elixir
-def deps do
+defp deps do
   [
-    {:absinthe_security, "~> 0.1.0"}
+    {:absinthe_security, "~> 1.0"}
   ]
 end
 ```
 
-Documentation can be generated with [ExDoc](https://github.com/elixir-lang/ex_doc)
-and published on [HexDocs](https://hexdocs.pm). Once published, the docs can
-be found at <https://hexdocs.pm/absinthe_security>.
+Then run `mix do deps.get, deps.compile` inside your project’s directory.
+
+## Requirements
+
+- [Git](https://git-scm.com)
+- [Elixir](https://elixir-lang.org/) ~1.14
+
+## License
+
+`AbsintheSecurity` is © 2023 [Mirego](https://www.mirego.com) and may be freely distributed under the [New BSD license](http://opensource.org/licenses/BSD-3-Clause). See the [`LICENSE.md`](https://github.com/mirego/absinthe_security/blob/main/LICENSE.md) file.
+
+## About Mirego
+
+[Mirego](https://www.mirego.com) is a team of passionate people who believe that work is a place where you can innovate and have fun. We’re a team of [talented people](https://life.mirego.com) who imagine and build beautiful Web and mobile applications. We come together to share ideas and [change the world](http://www.mirego.org).
 
+We also [love open-source software](https://open.mirego.com) and we try to give back to the community as much as we can.