zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-04-30 12:07:51 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add a presubmit to verify no new JS dependencies (#1334)

Browse source 
* Add a presubmit to verify no new JS dependencies

Verify that we have a known set of javascript dependencies.  This guards
against the inadvertent introduction of a new dependency with a disallowed
license.

TESTED: Added a new package to packages.json, observed presubmit failure.

* Replaced f-strings, printed python version

For some reason, it looks like we're using a python version older than 3.6 on
our CI machines.

* Remove python version trace.
This commit is contained in:
Michael Muller 2021-09-23 14:42:47 -04:00 committed by GitHub
parent 831767ecdb
commit 9eb55edde7
1 changed files with 32 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
config/presubmits.py
View file

@ -17,9 +17,11 @@ These aren't built in to the static code analysis tools we use (e.g. Checkstyle,
Error Prone) so we must write them manually. Error Prone) so we must write them manually.
""" """
import json
import os import os
from typing import List, Tuple from typing import List, Tuple
import sys import sys
import textwrap
import re import re
# We should never analyze any generated files # We should never analyze any generated files
@ -28,6 +30,13 @@ UNIVERSALLY_SKIPPED_PATTERNS = {"/build/", "cloudbuild-caches", "/out/", ".git/"
FORBIDDEN = 1 FORBIDDEN = 1
REQUIRED = 2 REQUIRED = 2
# The list of expected json packages and their licenses.
# These should be one of the allowed licenses in:
# config/dependency-license/allowed_licenses.json
EXPECTED_JS_PACKAGES = [
'google-closure-library', # Owned by Google, Apache 2.0
]
class PresubmitCheck: class PresubmitCheck:
@ -308,6 +317,26 @@ def verify_flyway_index():
return not success return not success
def verify_javascript_deps():
"""Verifies that we haven't introduced any new javascript dependencies."""
with open('package.json') as f:
package = json.load(f)
deps = list(package['dependencies'].keys())
if deps != EXPECTED_JS_PACKAGES:
print('Unexpected javascript dependencies. Was expecting '
'%s, got %s.' % (EXPECTED_JS_PACKAGES, deps))
print(textwrap.dedent("""
* If the new dependencies are intentional, please verify that the
* license is one of the allowed licenses (see
* config/dependency-license/allowed_licenses.json) and add an entry
* for the package (with the license in a comment) to the
* EXPECTED_JS_PACKAGES variable in config/presubmits.py.
"""))
return True
return False
def get_files(): def get_files():
for root, dirnames, filenames in os.walk("."): for root, dirnames, filenames in os.walk("."):
for filename in filenames: for filename in filenames:
@ -331,5 +360,8 @@ if __name__ == "__main__":
# when we put it here it fails fast before all of the tests are run. # when we put it here it fails fast before all of the tests are run.
failed |= verify_flyway_index() failed |= verify_flyway_index()
# Make sure we haven't introduced any javascript dependencies.
failed |= verify_javascript_deps()
if failed: if failed:
sys.exit(1) sys.exit(1)