1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
|
# Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Makes sure that files include headers from allowed directories.
Checks DEPS files in the source tree for rules, and applies those rules to
"#include" commands in source files. Any source file including something not
permitted by the DEPS files will fail.
The format of the deps file:
First you have the normal module-level deps. These are the ones used by
gclient. An example would be:
deps = {
"base":"http://foo.bar/trunk/base"
}
DEPS files not in the top-level of a module won't need this. Then you have
any additional include rules. You can add (using "+") or subtract (using "-")
from the previously specified rules (including module-level deps).
include_rules = {
# Code should be able to use base (it's specified in the module-level
# deps above), but nothing in "base/evil" because it's evil.
"-base/evil",
# But this one subdirectory of evil is OK.
"+base/evil/not",
# And it can include files from this other directory even though there is
# no deps rule for it.
"+tools/crime_fighter"
}
DEPS files may be placed anywhere in the tree. Each one applies to all
subdirectories, where there may be more DEPS files that provide additions or
subtractions for their own sub-trees.
There is an implicit rule for the current directory (where the DEPS file lives)
and all of its subdirectories. This prevents you from having to explicitly
allow the current directory everywhere. This implicit rule is applied first,
so you can modify or remove it using the normal include rules.
The rules are processed in order. This means you can explicitly allow a higher
directory and then take away permissions from sub-parts, or the reverse.
Note that all directory separators must be slashes (Unix-style) and not
backslashes. All directories should be relative to the source root and use
only lowercase.
"""
import os
import optparse
import re
import sys
# Variable name used in the DEPS file to specify module-level deps.
DEPS_VAR_NAME = "deps"
# Variable name used in the DEPS file to add or subtract include files from
# the module-level deps.
INCLUDE_RULES_VAR_NAME = "include_rules"
# Optionally present in the DEPS file to list subdirectories which should not
# be checked. This allows us to skip third party code, for example.
SKIP_SUBDIRS_VAR_NAME = "skip_child_includes"
# We'll search for lines beginning with this string for checking.
INCLUDE_PREFIX = "#include"
# The maximum number of lines to check in each source file before giving up.
MAX_LINES = 150
# The maximum line length, this is to be efficient in the case of very long
# lines (which can't be #includes).
MAX_LINE_LENGTH = 128
# Set to true for more output. This is set by the command line options.
VERBOSE = False
# This regular expression will be used to extract filenames from include
# statements.
EXTRACT_INCLUDE_FILENAME = re.compile(INCLUDE_PREFIX + ' *"(.*)"')
# In lowercase, using forward slashes as directory separators, ending in a
# forward slash. Set by the command line options.
BASE_DIRECTORY = ""
# Specifies a single rule for an include, which can be either allow or disallow.
class Rule(object):
def __init__(self, allow, dir, source):
self._allow = allow
self._dir = dir
self._source = source
def __str__(self):
if (self._allow):
return '"+%s" from %s.' % (self._dir, self._source)
return '"-%s" from %s.' % (self._dir, self._source)
def ParentOrMatch(self, other):
"""Returns true if the input string is an exact match or is a parent
of the current rule. For example, the input "foo" would match "foo/bar"."""
return self._dir == other or self._dir.startswith(other + "/")
def ChildOrMatch(self, other):
"""Returns true if the input string would be covered by this rule. For
example, the input "foo/bar" would match the rule "foo"."""
return self._dir == other or other.startswith(self._dir + "/")
def ParseRuleString(rule_string, source):
"""Returns a tuple of a boolean indicating whether the directory is an allow
rule, and a string holding the directory name.
"""
if len(rule_string) < 1:
raise Exception('The rule string "%s" is too short\nin %s' %
(rule_string, source))
if rule_string[0] == "+":
return (True, rule_string[1:])
if rule_string[0] == "-":
return (False, rule_string[1:])
raise Exception('The rule string "%s" does not begin with a "+" or a "-"' %
rule_string)
class Rules:
def __init__(self):
"""Initializes the current rules with an empty rule list."""
self._rules = []
def __str__(self):
ret = "Rules = [\n"
ret += "\n".join([" %s" % x for x in self._rules])
ret += "]\n"
return ret
def AddRule(self, rule_string, source):
"""Adds a rule for the given rule string.
Args:
rule_string: The include_rule string read from the DEPS file to apply.
source: A string representing the location of that string (filename, etc.)
so that we can give meaningful errors.
"""
(add_rule, rule_dir) = ParseRuleString(rule_string, source)
# Remove any existing rules or sub-rules that apply. For example, if we're
# passed "foo", we should remove "foo", "foo/bar", but not "foobar".
self._rules = [x for x in self._rules if not x.ParentOrMatch(rule_dir)]
self._rules.insert(0, Rule(add_rule, rule_dir, source))
def DirAllowed(self, allowed_dir):
"""Returns a tuple (success, message), where success indicates if the given
directory is allowed given the current set of rules, and the message tells
why if the comparison failed."""
for rule in self._rules:
if rule.ChildOrMatch(allowed_dir):
# This rule applies.
if rule._allow:
return (True, "")
return (False, rule.__str__())
# No rules apply, fail.
return (False, "no rule applying")
def ApplyRules(existing_rules, deps, includes, cur_dir):
"""Applies the given deps and include rules, returning the new rules.
Args:
existing_rules: A set of existing rules that will be combined.
deps: The list of imports from the "deps" section of the DEPS file.
include: The list of rules from the "include_rules" section of DEPS.
cur_dir: The current directory. We will create an implicit rule that
allows inclusion from this directory.
Returns: A new set of rules combining the existing_rules with the other
arguments.
"""
rules = existing_rules
# First apply the implicit "allow" rule for the current directory.
if cur_dir.lower().startswith(BASE_DIRECTORY):
relative_dir = cur_dir[len(BASE_DIRECTORY) + 1:]
# Normalize path separators to slashes.
relative_dir = relative_dir.replace("\\", "/")
source = relative_dir
if len(source) == 0:
source = "top level" # Make the help string a little more meaningful.
rules.AddRule("+" + relative_dir, "Default rule for " + source)
else:
raise Exception("Internal error: base directory is not at the beginning" +
" for\n %s and base dir\n %s" %
(cur_dir, BASE_DIRECTORY))
# Next apply the DEPS additions, these are all allowed. Note that DEPS start
# out with "src/" which we want to trim.
for (index, key) in enumerate(deps):
if key.startswith("src/"):
key = key[4:]
rules.AddRule("+" + key, relative_dir + "'s deps for " + key)
# Last, apply the additional explicit rules.
for (index, rule_str) in enumerate(includes):
if not len(relative_dir):
rule_description = "the top level include_rules"
else:
rule_description = relative_dir + "'s include_rules"
rules.AddRule(rule_str, rule_description)
return rules
def ApplyDirectoryRules(existing_rules, dir_name):
"""Combines rules from the existing rules and the new directory.
Any directory can contain a DEPS file. Toplevel DEPS files can contain
module dependencies which are used by gclient. We use these, along with
additional include rules and implicit rules for the given directory, to
come up with a combined set of rules to apply for the directory.
Args:
existing_rules: The rules for the parent directory. We'll add-on to these.
dir_name: The directory name that the deps file may live in (if it exists).
This will also be used to generate the implicit rules.
Returns: A tuple containing: (1) the combined set of rules to apply to the
sub-tree, and (2) a list of all subdirectories that should NOT be
checked, as specified in the DEPS file (if any).
"""
# Check for a .svn directory in this directory. This will tell us if it's
# a source directory and should be checked.
if not os.path.exists(os.path.join(dir_name, ".svn")):
return (None, [])
# Check the DEPS file in this directory.
if VERBOSE:
print "Applying rules from", dir_name
def FromImpl(unused):
pass # NOP function so "From" doesn't fail.
scope = {"From": FromImpl}
deps_file = os.path.join(dir_name, "DEPS")
if not os.path.exists(deps_file):
if VERBOSE:
print " No deps file found in", dir_name
return (existing_rules, []) # Nothing to change from the input rules.
execfile(deps_file, scope)
deps = scope.get(DEPS_VAR_NAME, {})
include_rules = scope.get(INCLUDE_RULES_VAR_NAME, [])
skip_subdirs = scope.get(SKIP_SUBDIRS_VAR_NAME, [])
return (ApplyRules(existing_rules, deps, include_rules, dir_name),
skip_subdirs)
def ShouldCheckFile(file_name):
"""Returns True if the given file is a type we want to check."""
if len(file_name) < 2:
return False
return file_name.endswith(".cc") or file_name.endswith(".h")
def CheckLine(rules, line):
"""Checks the given file with the given rule set. If the line is an #include
directive and is illegal, a string describing the error will be returned.
Otherwise, None will be returned."""
if line[0:8] != "#include":
return None # Not an include line
found_item = EXTRACT_INCLUDE_FILENAME.match(line)
if not found_item:
return None # Not a match
include_path = found_item.group(1)
# Fix up backslashes in case somebody accidentally used them.
include_path.replace("\\", "/")
if include_path.find("/") < 0:
# Don't fail when no directory is specified. We may want to be more
# strict about this in the future.
if VERBOSE:
print " WARNING: directory specified with no path: " + include_path
return None
(allowed, why_failed) = rules.DirAllowed(include_path)
if not allowed:
if VERBOSE:
retval = "\nFor " + rules.__str__()
else:
retval = ""
return retval + ('Illegal include: "%s"\n Because of %s' %
(include_path, why_failed))
return None
def CheckFile(rules, file_name):
"""Checks the given file with the given rule set.
Args:
rules: The set of rules that apply to files in this directory.
file_name: The source file to check.
Returns: Either a string describing the error if there was one, or None if
the file checked out OK.
"""
if VERBOSE:
print "Checking: " + file_name
ret_val = "" # We'll collect the error messages in here
try:
cur_file = open(file_name, "r")
for cur_line in range(MAX_LINES):
cur_line = cur_file.readline(MAX_LINE_LENGTH)
line_status = CheckLine(rules, cur_line)
if line_status is not None:
if len(line_status) > 0: # Add newline to separate messages.
line_status += "\n"
ret_val += line_status
cur_file.close()
except IOError:
if VERBOSE:
print "Unable to open file: " + file_name
cur_file.close()
# Map empty string to None for easier checking.
if len(ret_val) == 0:
return None
return ret_val
def CheckDirectory(rules, dir_name):
(rules, skip_subdirs) = ApplyDirectoryRules(rules, dir_name)
if rules == None:
return True
# Collect a list of all files and directories to check.
files_to_check = []
dirs_to_check = []
success = True
contents = os.listdir(dir_name)
for cur in contents:
if cur in skip_subdirs:
continue # Don't check children that DEPS has asked us to skip.
full_name = os.path.join(dir_name, cur)
if os.path.isdir(full_name):
dirs_to_check.append(full_name)
elif ShouldCheckFile(full_name):
files_to_check.append(full_name)
# First check all files in this directory.
for cur in files_to_check:
file_status = CheckFile(rules, cur)
if file_status != None:
print "ERROR in " + cur + "\n" + file_status
success = False
# Next recurse into the subdirectories.
for cur in dirs_to_check:
if not CheckDirectory(rules, cur):
success = False
return success
def PrintUsage():
print """Usage: python checkdeps.py [--root <root>] [tocheck]
--root Specifies the repository root. This defaults to "../../.." relative
to the script file. This will be correct given the normal location
of the script in "<root>/tools/checkdeps".
tocheck Specifies the directory, relative to root, to check. This defaults
to "." so it checks everything. Only one level deep is currently
supported, so you can say "chrome" but not "chrome/browser".
Examples:
python checkdeps.py
python checkdeps.py --root c:\\source chrome"""
def main(options, args):
global VERBOSE
if options.verbose:
VERBOSE = True
# Optional base directory of the repository.
global BASE_DIRECTORY
if not options.base_directory:
BASE_DIRECTORY = os.path.abspath(
os.path.join(os.path.abspath(sys.argv[0]), "..\..\.."))
else:
BASE_DIRECTORY = os.path.abspath(sys.argv[2])
# Figure out which directory we have to check.
if len(args) == 0:
# No directory to check specified, use the repository root.
start_dir = BASE_DIRECTORY
elif len(args) == 1:
# Directory specified. Start here. It's supposed to be relative to the
# base directory.
start_dir = os.path.abspath(os.path.join(BASE_DIRECTORY, args[0]))
else:
# More than one argument, we don't handle this.
PrintUsage()
sys.exit(1)
print "Using base directory:", BASE_DIRECTORY
print "Checking:", start_dir
base_rules = Rules()
# The base directory should be lower case from here on since it will be used
# for substring matching on the includes, and we compile on case-insensitive
# systems. Plus, we always use slashes here since the include parsing code
# will also normalize to slashes.
BASE_DIRECTORY = BASE_DIRECTORY.lower()
BASE_DIRECTORY = BASE_DIRECTORY.replace("\\", "/")
start_dir = start_dir.replace("\\", "/")
success = CheckDirectory(base_rules, start_dir)
if not success:
print "\nFAILED\n"
sys.exit(1)
print "\nSUCCESS\n"
sys.exit(0)
if '__main__' == __name__:
option_parser = optparse.OptionParser()
option_parser.add_option("", "--root", default="", dest="base_directory",
help='Specifies the repository root. This defaults '
'to "../../.." relative to the script file, which '
'will normally be the repository root.')
option_parser.add_option("-v", "--verbose", action="store_true",
default=False, help="Print debug logging")
options, args = option_parser.parse_args()
main(options, args)
|
