nidi3 / code-assert Goto Github PK

View Code? Open in Web Editor NEW

100.0 5.0 10.0 1.41 MB

Assert that the java code of a project satisfies certain checks.

License: Apache License 2.0

Java 98.79% JavaScript 0.71% HTML 0.06% Kotlin 0.44%

test-coverage code-analysis code-quality java kotlin architecture-as-code

code-assert's People

Stargazers

Watchers

Forkers

robbrinkman simasch seanf keeplearningandtrying andi-huber alexrogalskiy commandertvis stefku

code-assert's Issues

Split code-assert into several modules

I use the code-assert module to find package cycles, which works fine. Thanks for that! However, I noticed that the code-assert module also includes several dependencies that are not necessary and, in my case, cause issues. Because of that I had to manually exclude those, and (re)add commons-io.

Please try to split the module, and/or remove dependencies. This is how I now include code-assert to find package cycles:

testFixturesImplementation 'commons-io:commons-io:latest.release'
testFixturesImplementation('guru.nidi:code-assert:latest.release') {
        exclude group: 'guru.nidi', module: 'graphviz-java'
        exclude group: 'org.hamcrest', module: 'hamcrest-core'
        exclude group: 'com.github.spotbugs', module: 'spotbugs'
        exclude group: 'com.h3xstream.findsecbugs', module: 'findsecbugs-plugin'
        exclude group: 'net.sourceforge.pmd', module: 'pmd-java'
        exclude group: 'com.puppycrawl.tools', module: 'checkstyle'
        exclude group: 'io.gitlab.arturbosch.detekt', module: 'detekt-core'
        exclude group: 'io.gitlab.arturbosch.detekt', module: 'detekt-rules'
        exclude group: 'com.github.shyiko.ktlint', module: 'ktlint-core'
        exclude group: 'com.github.shyiko.ktlint', module: 'ktlint-ruleset-standard'
        exclude group: 'org.slf4j', module: 'slf4j-api'
        exclude group: 'org.slf4j', module: 'jcl-over-slf4j'
        exclude group: 'org.slf4j', module: 'jul-to-slf4j'
    }

"use" instead of "depend"

support minimal source code parsing

support class level dependencies

Improve Maven module detection

Currently running the same test (part of a multi-module Maven Project) produces different results in IntelliJ and Maven due to different working directories.

I have worked around it as follows:

AnalyzerConfig config;
if (module.equals(Paths.get(".").toAbsolutePath().normalize().toFile().getName())) {
    // Already within the module, no need to specify it.
    config = AnalyzerConfig.maven().main();
} else {
    config = AnalyzerConfig.maven(module).main();
}

It would be great if the maven() part could autodetect this correctly in order to always being able to simply use AnalyzerConfig.maven().main().

allow saving current state of violations and ignore it

see https://www.archunit.org/userguide/html/000_Index.html#_freezing_arch_rules

Failure when having rules on a package that only contains packages

I have a package named 'connectors' that contains several packages but not direct classes.
I want to have a rule like:

      DependencyRule common, connector;
  
      @Override
      public void defineRules() {
          common.mustNotUse(connector.allSubOf());
          connector.andAllSub().mayUse(common);
      }

But this test failed:

java.lang.AssertionError: 
Expected: Comply with rules
     but: 
NOT_EXISTING com.xxx.connector              There is a rule for this element, but it has not been found in the code.

But the package exists.
If I add a class directly in the package, the error disappears.

Do I miss something ?

Errors in lambdas are not matched my method expressisons

currently, we cannot detect the enclosing method of a lambda

support method level model

NoClassDefFound error while running example code

When running the example code exactly as in the read me file I am getting the following exception


        java.lang.NoClassDefFoundError: Could not initialize class edu.umd.cs.findbugs.ba.AnalysisContext
	at edu.umd.cs.findbugs.FindBugs2.clearCaches(FindBugs2.java:347)
	at edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:327)
	at guru.nidi.codeassert.findbugs.FindBugsAnalyzer.analyze(FindBugsAnalyzer.java:50)
	at code.scan.CodeQualityTest.findBugs(CodeQualityTest.java:31)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:515)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:115)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$6(TestMethodTestDescriptor.java:171)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:72)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:167)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:114)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:59)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:105)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:72)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:95)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:71)

It's a multi build Gradle project with dependencies set like the following

subprojects { subproject ->
    apply plugin: "java"
    apply plugin: 'checkstyle'
    dependencies {
        testImplementation 'guru.nidi:code-assert:0.9.15'
        testCompile("org.assertj:assertj-core:3.11.1")

    }
...

support test coverage

support isDependentOf

Treat ignored packages if they are explicitly mentioned in a rule

Codebase is empty using Gradle

Hi everybody,

here is the test I launch (in a standard IntelliJ java project built with Gradle):

    @Test
    public void testFindBugs() {
        AnalyzerConfig config = AnalyzerConfig.gradle().main();
        BugCollector collector = new BugCollector();
        FindBugsResult result = new FindBugsAnalyzer(config, collector).analyze();
        MatcherAssert.assertThat(result, CodeAssertMatchers.hasNoBugs());
    }

but the test fails with the following stacktrace:

guru.nidi.codeassert.AnalyzerException: Problem executing FindBugs.

and I spotted it is thrown by the following code in Findbugs2.java (line 273)

                    } else if  (codebase.isEmpty()) {
                        throw new IOException("No files to analyze could be opened");

what configuration am I missing?

AnalyzerConfig.maven().test() also checks main() classes through class dependencies

Support SpotBugs and ErrorProne

Support checkstyle

As this project support pmd and findbugs.
Support for checkstyle will be good extension.

add possibility to group classes/packages with annotations

use plantUML as rule source

see https://www.archunit.org/userguide/html/000_Index.html#_plantuml_component_diagrams_as_rules

Ignore Cpd's given a code snippet

Externals should fail dependency rules if not used

For example, adding javax.* should not cause the check to fail if no javax class was used.

This would make it much easier to define a set of generic base rules for all modules in a project.

support global package in ModelRuler

add possibility to ignore classes

Kotlin Multiplatform Gradle project layout support

When using the Kotlin Multiplatform Gradle plugin, the directory layout is slightly different. I had to use the following config to make things work:

val config = AnalyzerConfig.gradle(Language.KOTLIN).main()
        .withSources(File("src/jvmMain/kotlin"))
        .withClasses(File("build/classes/kotlin/jvm/main"))

This could probably be added as a preset, in addition to the one from the regular Kotlin/JVM plugin.

[Question] Why I got these forbidden dependencies?

Hi I am trying to write some rules for my project but I get some violations of dependencies that I am not aware why they are happening:

The project is at https://github.com/lordofthejars/games-monolith and the test https://github.com/lordofthejars/games-monolith/blob/master/gamepage/impl/src/test/java/org/lordofthejars/games/game/DependencyTest.java

When it runs I got:

NOT_EXISTING org.lordofthejars.games.details.impl          There is a rule for this element, but it has not been found in the code.
NOT_EXISTING org.lordofthejars.games.reviews.impl          There is a rule for this element, but it has not been found in the code.
UNDEFINED    io.reactivex                                  There is no rule given for this element.
DENIED       org.lordofthejars.games.game ->               This dependency is forbidden.
  io.reactivex (by org.lordofthejars.games.game.GameResource, org.lordofthejars.games.game.GameResource$1, org.lordofthejars.games.game.GameResource$2)
DENIED       org.lordofthejars.games.game.impl ->          This dependency is forbidden.
  io.reactivex (by org.lordofthejars.games.game.impl.SchedulerProducer)
  org.lordofthejars.games.game (by org.lordofthejars.games.game.impl.TemplateProducer)

But why? I am not sure since for example io.reactivex is added as exclusion

Thank you very much.

add support for findbugs-sec

http://find-sec-bugs.github.io/ or is it suppored already ?

Document additional use-cases

This library is a real gem and very powerful. The DSL is very easy to read, however it isn't very discoverable when being used for the first time. This is no doubt hurting adoption quite a bit.

I had to search and experiment quite a long time to figure out how to restrict dependencies between certain packages in my code and certain external libraries. After a lot of NPEs and digging through the tests of this project on GitHub, I eventually came up with this:

class ComMyProject : DependencyRuler() {
    var p1: DependencyRule? = null
    var p2: DependencyRule? = null
    var p3: DependencyRule? = null
    override fun defineRules() {
        base().mayUse(base().allSubOf())
        p1?.mayUse(p2)
        p2?.mayUse(p3)
    }
}

val comMyProject = ComMyProject()
val rules = DependencyRules.denyAll()
    .withRelativeRules(comVeturantoServer)
    .withExternals(
        // Unrestricted use of these external packages
        "java.*",
        "javax.*",
        "org.*",
        "net.*",
        "kotlin.*",
        "kotlinx.*"
    )
allow(rules, comMyProject.p2, "com.mapbox.*")
allow(rules, comMyProject.p3, "com.google.gson")

assertThat(DependencyAnalyzer(config).rules(rules).analyze(), matchesRulesExactly())

private fun allow(
    rules: DependencyRules,
    rule: DependencyRule?,
    pkg: String
) {
    rules.addRule(
        rules.rule(
            pkg
        ).mayBeUsedBy(
            rule
        )
    )
}

This took me over an hour and, while it works, I still have no idea whether this is the idiomatic way to do this.

Adding a few more examples to the docs for this case and a number of other common ones would be immensely helpful.

kotlin and https://github.com/arturbosch/detekt and https://github.com/shyiko/ktlint
scala
groovy

nidi3 / code-assert Goto Github PK

code-assert's People

Stargazers

Watchers

Forkers

code-assert's Issues

Recommend Projects

Recommend Topics

Recommend Org