Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

neeto-compliance

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

neeto-compliance

  • 1.0.58
  • Rubygems
  • Socket score

Version published
Maintainers
1
Created
Source

neetoCompliance

This gem would audit and check a repository for compliance with Neeto development guidelines. Release status

Getting Started

Installation

Add this line to your application's Gemfile:

gem "neeto-compliance", git: "https://github.com/bigbinary/neeto-compliance"

And then execute:

$ bundle install

Also add a step into the CI process:


- name: Neeto Compliance
  commands:
    - bundle exec neeto-audit

Run the compliance audit

  bundle exec neeto-audit

Development

Verifying changes locally

Let's say that we are trying to add a new verifier for a common file maintained by neeto-commons-backend. In that case, once the verifier and common file is added locally, we can do the following to verify the changes:

  • Choose any neeto app, say like neeto-testify-web
  • Open Gemfile.common from the neeto app, and update the paths of the following gems:
# These paths will change relative to where you've placed your gems
gem "neeto-compliance", path: "../neeto-compliance"
gem "neeto-commons", path: "../neeto-commons"
  • Once that is done, you can install these local gems in the neeto app:
bundle install
  • After that is done, you can verify the local verifiers by running:
bundle exec neeto-audit

Note: Make sure to revert/clean the changes from the neeto app locally once you are done with the verification.

Architecture

The process starts when the user calls the ruby script 'neeto-audit'. This can be called either with an argument '-a' or without it. When called with the argument '-a', the script tries to fix any audit failures automatically if possible. Usually, we don't use the script with any arguments. Once the neeto-audit script is called, the neeto-compliance invoke either 'auto_correct' or 'process' method on the object of Runner class.

Runner class

Runner (lib/neeto_compliance/runner.rb) is a class defined in neeto-compliance gem which is responsible for running and printing the result of each verifiers (or checks in simple terms).

Verifiers

All the verifiers can be found in the location, 'lib/neeto_compliance/verifiers'. Each verifier follows a common structure. All verifiers inherit a class called Base (lib/neeto_compliance/verifiers/base.rb) which is having the common methods used in all the verifiers. The runner is responsible for invoking 'process' method of each verifiers. The process method is inherited from the Base class and is responsible for invoke 'valid?' method of each verifier. The logic inside the 'valid?' method will be different in each verifiers hence it resides inside the verifier class.

Verifiers list

Currently, we have two verifiers list (lib/neeto_compliance/verifiers_list.rb), One for neeto-auth-web and other for all others neeto applications. The reason for this is that neeto-auth-web is different from all other neeto applications and is only used for authentication purpose hence the architecture is slightly different from others. There is a class called VerifierList which has two class methods, 'neeto_auth' and 'neeto_apps'. These two methods return a list of verifiers depending upon the neeto-application for which the audit script is being used.

Verifying common files

To verify the structure of any file, we need reference files. For the same reason, we have a copy of these files (neeto-commons-backend/lib/neeto-commons-backend/common_files) in the neeto_common gems which we use for the comparison with the local file. To find the file in the neeto-common gem we need the path where the gems are installed for the specific ruby version. To find the same, we use info of the neeto_common gem. This can be retrieved using the shell command,

  bundle info neeto-commons-backend

The above command prints the summary, homepage, source code and path of the neeto_common gem. We can extract the path from the output of this command to get the path of neeto_common gem and use it to find the common files we have in that gem for comparison with the local ones. The path for the common files in neeto-commons-backend is, 'neeto-commons-backend/lib/neeto-commons-backend/common_files'.

FAQs

Package last updated on 23 May 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc