0.49 support #667
0.49 support #667
Conversation
wakingrufus
force-pushed
the
ktlint-49
branch
2 times, most recently
from
6adfe1c to
260474a
Compare
|
Looking solid so far. I didn't realize how easy source sets were to work with these days. I would have created separate projects per version of Ktlint, but your solution is so much simpler. I love it! Nice work! 🎉 |
…tiple compileOnly targets create common abstraction for Lint errors and reporters
wakingrufus
force-pushed
the
ktlint-49
branch
3 times, most recently
from
f6467ca to
f87b082
Compare
plugin/src/adapter/kotlin/org/jlleitschuh/gradle/ktlint/reporter/GenericReporterProvider.kt
Outdated
Show resolved
Hide resolved
| @@ -10,9 +9,9 @@ import java.io.Serializable | |||
| * @param lintedFile file that was checked by KtLint | |||
| * @param lintErrors list of found errors and flag indicating if this error was corrected | |||
| */ | |||
| internal data class LintErrorResult( | |||
There was a problem hiding this comment.
I presume this is because kotlin doesn't see this class as being a part of the same project? There is a way to configure the kotlin compiler "friend path" but I don't know if that API is exposed via Gradle. So this is reasonable.
But if you're curious, feel free to look into it.
There was a problem hiding this comment.
Oh hey... Look what I found. A ticket I opened 5 years ago on this same topic: https://youtrack.jetbrains.com/issue/KT-20760
There was a problem hiding this comment.
I was able to get friend paths working, but making this internal will also require KtLintInvocation to be internal, and then the work action can't invoke it without also being internal, and I assume those can't be internal
| class SerializableReportersProviderLoader : | ||
| ReportersLoaderAdapter<Reporter, SerializableReporterProvider, Ktlint34Reporter, Ktlint34ReporterProvider> { | ||
| override fun loadAllReporterProviders(): List<ReporterProviderWrapper<SerializableReporterProvider>> = ServiceLoader | ||
| .load(ReporterProvider::class.java) | ||
| .toList().map { | ||
| ReporterProviderWrapper(it.id, SerializableReporterProvider(it)) | ||
| } |
There was a problem hiding this comment.
Good use of service loaders IMHO!
There was a problem hiding this comment.
I can't take credit, this code was already here :)
| serializedReporterProviders.inputStream().buffered() | ||
| ).use { | ||
| @Suppress("UNCHECKED_CAST") | ||
| it.readObject() as List<ReporterProviderV2<ReporterV2>> |
There was a problem hiding this comment.
Sanity check. No way for this deserialization to come from untrusted user input? Arbitrary deserialization of untrusted java objects is a common source of remote code execution vulnerabilities, via deserialization gadget chains.
There was a problem hiding this comment.
its deserializing from a file created by this plugin, which is a list of the reporters used.
if you were able to replace that file between the time the plugin writes and and when it is read, I suppose it could be malicious input. or if you modified the build to point loadedReporterProviders another location containing the bad file. This is always how this plugin has worked though (since i came to it). I think we could remove this serialization, but it would require doing the serviceloader call every time we need reporters which would impact performance.
There was a problem hiding this comment.
There's also the validating deserializer that comes from apache Commons. I think we have a use of it elsewhere
| return enabledReporters | ||
| .map { reporterType -> | ||
| val provider = enabledProviders.find { reporterType.reporterName == it.id } | ||
| ?: throw RuntimeException( | ||
| "KtLint plugin failed to load reporter ${reporterType.reporterName}." | ||
| ) | ||
|
|
||
| val options = if (reporterType == ReporterType.PLAIN_GROUP_BY_FILE) { | ||
| reporterType.options.associateWith { "true" } | ||
| } else { | ||
| emptyMap() | ||
| } |
There was a problem hiding this comment.
I feel like I've read this exact snippet a few times here. Any way to unify it into a common method?
There was a problem hiding this comment.
Its the same logic, applied to different ReporterProvider types, and we do access properties on those types. We don't have duck typing so i'd have to wrap those classes and convert back and forth to commonize this code, and imho the duplication isn't bad enough to add that much complexity
There was a problem hiding this comment.
Fair enough! I thought that may have been what was probably going on. Just wanted to check
| @@ -135,6 +135,7 @@ class KtlintBaselineSupportTest : AbstractPluginTest() { | |||
| buildGradle.appendText( | |||
| """ | |||
| ktlint.version = "$ktLintVersion" | |||
| ktlint.debug = true | |||
There was a problem hiding this comment.
Very sane, why we haven't done this before, I don't know 😂
There was a problem hiding this comment.
hah I needed this to debug some issues. I could remove it, but I guess we might as well leave this here otherwise we will probably forget about that option.
| @@ -12,7 +12,7 @@ import kotlin.streams.asStream | |||
|
|
|||
| object TestVersions { | |||
| const val minSupportedGradleVersion = KtlintBasePlugin.LOWEST_SUPPORTED_GRADLE_VERSION | |||
| const val maxSupportedGradleVersion = "8.0.1" | |||
| const val maxSupportedGradleVersion = "8.1.1" | |||
|
This is looking good. Anything else to make work? |
wakingrufus
force-pushed
the
ktlint-49
branch
3 times, most recently
from
430c08e to
d8b4213
Compare
plugin/src/main/kotlin/org/jlleitschuh/gradle/ktlint/worker/KtLintClassesSerializer.kt
Outdated
Show resolved
Hide resolved
wakingrufus
force-pushed
the
ktlint-49
branch
2 times, most recently
from
bf55d0b to
ca092e9
Compare
…tiple compileOnly targets create common abstraction for Lint errors and reporters
convert ktlint invocations from reflection to new method of using multiple compileOnly targets