mirror of
https://github.com/dart-lang/sdk
synced 2024-10-07 08:50:47 +00:00
Enable lints to understand short-form git-dependencies
This will fix the case where insecure git-dependencies are not caught when using the short-form git-dependencies. https://github.com/dart-lang/linter/pull/3087/files#diff-b58e5cf5db10a02c5191e3240563bdbb9fc04727327ad709e406ac6ec4366532R25 Change-Id: I83826df588b1df4e29df1fec9d65c9ab7f62b57d Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/221945 Auto-Submit: Jonas Jensen <jonasfj@google.com> Commit-Queue: Phil Quitslund <pquitslund@google.com> Reviewed-by: Phil Quitslund <pquitslund@google.com>
This commit is contained in:
parent
4a51fffe45
commit
ad9e6d2ec3
|
@ -37,6 +37,12 @@ PSDependencyList? _processDependencies(
|
|||
|
||||
PSGitRepo? _processGitRepo(
|
||||
YamlScalar key, YamlNode v, ResourceProvider? resourceProvider) {
|
||||
if (v is YamlScalar) {
|
||||
_PSGitRepo repo = _PSGitRepo();
|
||||
repo.token = _PSNode(key, resourceProvider);
|
||||
repo.url = PSEntry(repo.token, _PSNode(v, resourceProvider));
|
||||
return repo;
|
||||
}
|
||||
if (v is! YamlMap) {
|
||||
return null;
|
||||
}
|
||||
|
@ -130,9 +136,44 @@ class PSEntry {
|
|||
String toString() => '${key != null ? (key.toString() + ': ') : ''}$value';
|
||||
}
|
||||
|
||||
/// Representation of git-dependency in `pubspec.yaml`.
|
||||
///
|
||||
/// **Example** of a git-dependency:
|
||||
/// ```yaml
|
||||
/// dependencies:
|
||||
/// foo:
|
||||
/// git: # <-- this is the [token] property
|
||||
/// url: https://github.com/example/example
|
||||
/// ref: main # ref is optional
|
||||
/// ```
|
||||
///
|
||||
/// This may also be written in the form:
|
||||
/// ```yaml
|
||||
/// dependencies:
|
||||
/// foo:
|
||||
/// git: https://github.com/example/example
|
||||
/// # ^-token ^--url
|
||||
/// # In this case [ref] is `null`.
|
||||
/// ```
|
||||
abstract class PSGitRepo {
|
||||
/// [PSEntry] for `ref: main` where [PSEntry.key] is `ref` and [PSEntry.value]
|
||||
/// is `main`.
|
||||
PSEntry? get ref;
|
||||
|
||||
/// The `'git'` from the `pubspec.yaml`, this is the key that indicates this
|
||||
/// is a git-dependency.
|
||||
PSNode? get token;
|
||||
|
||||
/// [PSEntry] for `url: https://...` or `git: https://`, where [PSEntry.key]
|
||||
/// is either `url` or `git`, and [PSEntry.key] is the URL.
|
||||
///
|
||||
/// If the git-dependency is given in the form:
|
||||
/// ```yaml
|
||||
/// dependencies:
|
||||
/// foo:
|
||||
/// git: https://github.com/example/example
|
||||
/// ```
|
||||
/// Then [token] and [url.key] will be the same object.
|
||||
PSEntry? get url;
|
||||
}
|
||||
|
||||
|
|
|
@ -48,6 +48,8 @@ dependencies:
|
|||
dev_dependencies:
|
||||
markdown: '>=0.7.1+2 <0.8.0'
|
||||
unittest: '>=0.11.0 <0.12.0'
|
||||
kittens2:
|
||||
git: git://github.com/munificent/kittens2.git
|
||||
dependency_overrides:
|
||||
foo: 1.2.0
|
||||
repository: https://github.com/dart-lang/linter
|
||||
|
@ -148,6 +150,14 @@ issue_tracker: https://github.com/dart-lang/linter/issues
|
|||
testValue(
|
||||
'url', git.url, equals('git://github.com/munificent/kittens.git'));
|
||||
});
|
||||
|
||||
group('git (short form)', () {
|
||||
PSDependency dep = findDependency(ps.devDependencies, name: 'kittens2');
|
||||
PSGitRepo git = dep.git!;
|
||||
test('ref', () => expect(git.ref, isNull));
|
||||
testValue(
|
||||
'url', git.url, equals('git://github.com/munificent/kittens2.git'));
|
||||
});
|
||||
});
|
||||
// group('visiting', () {
|
||||
// test('smoke', () {
|
||||
|
|
Loading…
Reference in a new issue