Add a homoglyph detector for gradle-wrapper.jar files

2024-11-23 17:22:01 +00:00 · 2020-01-13 12:39:40 -05:00 · 2020-01-13 12:39:40 -05:00 · ae0da6528c
commit ae0da6528c
parent c230e9d098
8 changed files with 4102 additions and 8 deletions
--- a/tests/data/invalid/gradlе-wrapper.jar
+++ b/tests/data/invalid/gradlе-wrapper.jar
--- a/tests/find.test.ts
+++ b/tests/find.test.ts
@ -4,7 +4,8 @@ import * as find from '../src/find'
 test('finds test data wrapper jars', async () => {
  const repoRoot = path.resolve('.')
  const wrapperJars = await find.findWrapperJars(repoRoot)
-  expect(wrapperJars.length).toBe(2)
+  expect(wrapperJars.length).toBe(3)
  expect(wrapperJars).toContain('__tests__/data/valid/gradle-wrapper.jar')
  expect(wrapperJars).toContain('__tests__/data/invalid/gradle-wrapper.jar')
+  expect(wrapperJars).toContain('__tests__/data/invalid/gradlе-wrapper.jar') // homoglyph
 })
--- a/tests/validate.test.ts
+++ b/tests/validate.test.ts
@ -4,11 +4,11 @@ import * as validate from '../src/validate'
 test('validates wrapper jars', async () => {
  const invalidWrapperJars = await validate.findInvalidWrapperJars(
    path.resolve('.'),
-    2,
+    3,
    false,
    []
  )
-  expect(invalidWrapperJars.length).toBe(1)
+  expect(invalidWrapperJars.length).toBe(2)
  expect(invalidWrapperJars[0]).toEqual(
    new validate.InvalidWrapperJar(
      '__tests__/data/invalid/gradle-wrapper.jar',
@ -19,8 +19,8 @@ test('validates wrapper jars', async () => {

 test('fails if not enough wrapper jars are found', async () => {
  await expect(
-    validate.findInvalidWrapperJars(path.resolve('.'), 3, false, [])
+    validate.findInvalidWrapperJars(path.resolve('.'), 4, false, [])
  ).rejects.toThrowError(
-    'Expected to find at least 3 Gradle Wrapper JARs but got only 2'
+    'Expected to find at least 4 Gradle Wrapper JARs but got only 3'
  )
 })
--- a/dist/index.js
+++ b/dist/index.js
--- a/jest.config.js
+++ b/jest.config.js
@ -7,5 +7,6 @@ module.exports = {
  transform: {
    '^.+\\.ts$': 'ts-jest'
  },
-  verbose: true
+  verbose: true,
+  setupFilesAfterEnv: ['./jest.setup.js']
 }
--- a/jest.setup.js
+++ b/jest.setup.js
@ -0,0 +1 @@
+jest.setTimeout(10000) // in milliseconds
--- a/src/find.ts
+++ b/src/find.ts
@ -2,12 +2,17 @@ import * as util from 'util'
 import * as path from 'path'
 import * as fs from 'fs'

+import * as homoglyphs from './homoglyphs'
+
 const readdir = util.promisify(fs.readdir)

 export async function findWrapperJars(baseDir: string): Promise<string[]> {
+  const targetWords = ['gradle-wrapper.jar']
  const files = await recursivelyListFiles(baseDir)
  return files
-    .filter(file => file.endsWith('gradle-wrapper.jar'))
+    .filter(
+      file => homoglyphs.search(path.basename(file), targetWords).length > 0
+    )
    .map(wrapperJar => path.relative(baseDir, wrapperJar))
 }

--- a/src/homoglyphs.ts
+++ b/src/homoglyphs.ts