nidi3 / code-assert Goto Github PK
View Code? Open in Web Editor NEWAssert that the java code of a project satisfies certain checks.
License: Apache License 2.0
Assert that the java code of a project satisfies certain checks.
License: Apache License 2.0
I use the code-assert module to find package cycles, which works fine. Thanks for that! However, I noticed that the code-assert module also includes several dependencies that are not necessary and, in my case, cause issues. Because of that I had to manually exclude those, and (re)add commons-io.
Please try to split the module, and/or remove dependencies. This is how I now include code-assert to find package cycles:
testFixturesImplementation 'commons-io:commons-io:latest.release'
testFixturesImplementation('guru.nidi:code-assert:latest.release') {
exclude group: 'guru.nidi', module: 'graphviz-java'
exclude group: 'org.hamcrest', module: 'hamcrest-core'
exclude group: 'com.github.spotbugs', module: 'spotbugs'
exclude group: 'com.h3xstream.findsecbugs', module: 'findsecbugs-plugin'
exclude group: 'net.sourceforge.pmd', module: 'pmd-java'
exclude group: 'com.puppycrawl.tools', module: 'checkstyle'
exclude group: 'io.gitlab.arturbosch.detekt', module: 'detekt-core'
exclude group: 'io.gitlab.arturbosch.detekt', module: 'detekt-rules'
exclude group: 'com.github.shyiko.ktlint', module: 'ktlint-core'
exclude group: 'com.github.shyiko.ktlint', module: 'ktlint-ruleset-standard'
exclude group: 'org.slf4j', module: 'slf4j-api'
exclude group: 'org.slf4j', module: 'jcl-over-slf4j'
exclude group: 'org.slf4j', module: 'jul-to-slf4j'
}
Currently running the same test (part of a multi-module Maven Project) produces different results in IntelliJ and Maven due to different working directories.
I have worked around it as follows:
AnalyzerConfig config;
if (module.equals(Paths.get(".").toAbsolutePath().normalize().toFile().getName())) {
// Already within the module, no need to specify it.
config = AnalyzerConfig.maven().main();
} else {
config = AnalyzerConfig.maven(module).main();
}
It would be great if the maven()
part could autodetect this correctly in order to always being able to simply use AnalyzerConfig.maven().main()
.
I have a package named 'connectors' that contains several packages but not direct classes.
I want to have a rule like:
DependencyRule common, connector;
@Override
public void defineRules() {
common.mustNotUse(connector.allSubOf());
connector.andAllSub().mayUse(common);
}
But this test failed:
java.lang.AssertionError:
Expected: Comply with rules
but:
NOT_EXISTING com.xxx.connector There is a rule for this element, but it has not been found in the code.
But the package exists.
If I add a class directly in the package, the error disappears.
Do I miss something ?
currently, we cannot detect the enclosing method of a lambda
When running the example code exactly as in the read me file I am getting the following exception
java.lang.NoClassDefFoundError: Could not initialize class edu.umd.cs.findbugs.ba.AnalysisContext
at edu.umd.cs.findbugs.FindBugs2.clearCaches(FindBugs2.java:347)
at edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:327)
at guru.nidi.codeassert.findbugs.FindBugsAnalyzer.analyze(FindBugsAnalyzer.java:50)
at code.scan.CodeQualityTest.findBugs(CodeQualityTest.java:31)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:515)
at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:115)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$6(TestMethodTestDescriptor.java:171)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:72)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:167)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:114)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:59)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:105)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:72)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:95)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:71)
It's a multi build Gradle project with dependencies set like the following
subprojects { subproject ->
apply plugin: "java"
apply plugin: 'checkstyle'
dependencies {
testImplementation 'guru.nidi:code-assert:0.9.15'
testCompile("org.assertj:assertj-core:3.11.1")
}
...
Hi everybody,
here is the test I launch (in a standard IntelliJ java project built with Gradle):
@Test
public void testFindBugs() {
AnalyzerConfig config = AnalyzerConfig.gradle().main();
BugCollector collector = new BugCollector();
FindBugsResult result = new FindBugsAnalyzer(config, collector).analyze();
MatcherAssert.assertThat(result, CodeAssertMatchers.hasNoBugs());
}
but the test fails with the following stacktrace:
guru.nidi.codeassert.AnalyzerException: Problem executing FindBugs.
and I spotted it is thrown by the following code in Findbugs2.java
(line 273)
} else if (codebase.isEmpty()) {
throw new IOException("No files to analyze could be opened");
what configuration am I missing?
As this project support pmd and findbugs.
Support for checkstyle will be good extension.
For example, adding javax.*
should not cause the check to fail if no javax class was used.
This would make it much easier to define a set of generic base rules for all modules in a project.
When using the Kotlin Multiplatform Gradle plugin, the directory layout is slightly different. I had to use the following config to make things work:
val config = AnalyzerConfig.gradle(Language.KOTLIN).main()
.withSources(File("src/jvmMain/kotlin"))
.withClasses(File("build/classes/kotlin/jvm/main"))
This could probably be added as a preset, in addition to the one from the regular Kotlin/JVM plugin.
Hi I am trying to write some rules for my project but I get some violations of dependencies that I am not aware why they are happening:
The project is at https://github.com/lordofthejars/games-monolith and the test https://github.com/lordofthejars/games-monolith/blob/master/gamepage/impl/src/test/java/org/lordofthejars/games/game/DependencyTest.java
When it runs I got:
NOT_EXISTING org.lordofthejars.games.details.impl There is a rule for this element, but it has not been found in the code.
NOT_EXISTING org.lordofthejars.games.reviews.impl There is a rule for this element, but it has not been found in the code.
UNDEFINED io.reactivex There is no rule given for this element.
DENIED org.lordofthejars.games.game -> This dependency is forbidden.
io.reactivex (by org.lordofthejars.games.game.GameResource, org.lordofthejars.games.game.GameResource$1, org.lordofthejars.games.game.GameResource$2)
DENIED org.lordofthejars.games.game.impl -> This dependency is forbidden.
io.reactivex (by org.lordofthejars.games.game.impl.SchedulerProducer)
org.lordofthejars.games.game (by org.lordofthejars.games.game.impl.TemplateProducer)
But why? I am not sure since for example io.reactivex
is added as exclusion
Thank you very much.
http://find-sec-bugs.github.io/ or is it suppored already ?
This library is a real gem and very powerful. The DSL is very easy to read, however it isn't very discoverable when being used for the first time. This is no doubt hurting adoption quite a bit.
I had to search and experiment quite a long time to figure out how to restrict dependencies between certain packages in my code and certain external libraries. After a lot of NPEs and digging through the tests of this project on GitHub, I eventually came up with this:
class ComMyProject : DependencyRuler() {
var p1: DependencyRule? = null
var p2: DependencyRule? = null
var p3: DependencyRule? = null
override fun defineRules() {
base().mayUse(base().allSubOf())
p1?.mayUse(p2)
p2?.mayUse(p3)
}
}
val comMyProject = ComMyProject()
val rules = DependencyRules.denyAll()
.withRelativeRules(comVeturantoServer)
.withExternals(
// Unrestricted use of these external packages
"java.*",
"javax.*",
"org.*",
"net.*",
"kotlin.*",
"kotlinx.*"
)
allow(rules, comMyProject.p2, "com.mapbox.*")
allow(rules, comMyProject.p3, "com.google.gson")
assertThat(DependencyAnalyzer(config).rules(rules).analyze(), matchesRulesExactly())
private fun allow(
rules: DependencyRules,
rule: DependencyRule?,
pkg: String
) {
rules.addRule(
rules.rule(
pkg
).mayBeUsedBy(
rule
)
)
}
This took me over an hour and, while it works, I still have no idea whether this is the idiomatic way to do this.
Adding a few more examples to the docs for this case and a number of other common ones would be immensely helpful.
This is needed to support Kotlin 1.4.
In order to achieve this now one has to manually override the dependency in build.gradle.kts
.
_ fails
$self_ does not do the expected thing
This is important because this version contains a fix of this jacoco/jacoco#1155, and it is critical for projects using modern Kotlin versions.
As the GA release is due later this year...
because of the last dot
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.