blob: 62be05c587bdeaac9fac256281f04a8bd019b1d6 [file] [log] [blame]
# Copyright (c) 2012 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Top-level presubmit script for Chromium.
See http://dev.chromium.org/developers/how-tos/depottools/presubmit-scripts
for more details about the presubmit API built into depot_tools.
"""
PRESUBMIT_VERSION = '2.0.0'
# This line is 'magic' in that git-cl looks for it to decide whether to
# use Python3 instead of Python2 when running the code in this file.
USE_PYTHON3 = True
_EXCLUDED_PATHS = (
# File needs to write to stdout to emulate a tool it's replacing.
r"chrome[\\/]updater[\\/]mac[\\/]keystone[\\/]ksadmin.mm",
# Generated file.
(r"^components[\\/]variations[\\/]proto[\\/]devtools[\\/]"
r"client_variations.js"),
r"^native_client_sdksrc[\\/]build_tools[\\/]make_rules.py",
r"^native_client_sdk[\\/]src[\\/]build_tools[\\/]make_simple.py",
r"^native_client_sdk[\\/]src[\\/]tools[\\/].*.mk",
r"^net[\\/]tools[\\/]spdyshark[\\/].*",
r"^skia[\\/].*",
r"^third_party[\\/]blink[\\/].*",
r"^third_party[\\/]breakpad[\\/].*",
# sqlite is an imported third party dependency.
r"^third_party[\\/]sqlite[\\/].*",
r"^v8[\\/].*",
r".*MakeFile$",
r".+_autogen\.h$",
r".+_pb2\.py$",
r".+[\\/]pnacl_shim\.c$",
r"^gpu[\\/]config[\\/].*_list_json\.cc$",
r"tools[\\/]md_browser[\\/].*\.css$",
# Test pages for Maps telemetry tests.
r"tools[\\/]perf[\\/]page_sets[\\/]maps_perf_test.*",
# Test pages for WebRTC telemetry tests.
r"tools[\\/]perf[\\/]page_sets[\\/]webrtc_cases.*",
)
_EXCLUDED_SET_NO_PARENT_PATHS = (
# It's for historical reasons that blink isn't a top level directory, where
# it would be allowed to have "set noparent" to avoid top level owners
# accidentally +1ing changes.
'third_party/blink/OWNERS',
)
# Fragment of a regular expression that matches C++ and Objective-C++
# implementation files.
_IMPLEMENTATION_EXTENSIONS = r'\.(cc|cpp|cxx|mm)$'
# Fragment of a regular expression that matches C++ and Objective-C++
# header files.
_HEADER_EXTENSIONS = r'\.(h|hpp|hxx)$'
# Regular expression that matches code only used for test binaries
# (best effort).
_TEST_CODE_EXCLUDED_PATHS = (
r'.*[\\/](fake_|test_|mock_).+%s' % _IMPLEMENTATION_EXTENSIONS,
r'.+_test_(base|support|util)%s' % _IMPLEMENTATION_EXTENSIONS,
# Test suite files, like:
# foo_browsertest.cc
# bar_unittest_mac.cc (suffix)
# baz_unittests.cc (plural)
r'.+_(api|browser|eg|int|perf|pixel|unit|ui)?test(s)?(_[a-z]+)?%s' %
_IMPLEMENTATION_EXTENSIONS,
r'.+_(fuzz|fuzzer)(_[a-z]+)?%s' % _IMPLEMENTATION_EXTENSIONS,
r'.+sync_service_impl_harness%s' % _IMPLEMENTATION_EXTENSIONS,
r'.*[\\/](test|tool(s)?)[\\/].*',
# content_shell is used for running content_browsertests.
r'content[\\/]shell[\\/].*',
# Web test harness.
r'content[\\/]web_test[\\/].*',
# Non-production example code.
r'mojo[\\/]examples[\\/].*',
# Launcher for running iOS tests on the simulator.
r'testing[\\/]iossim[\\/]iossim\.mm$',
# EarlGrey app side code for tests.
r'ios[\\/].*_app_interface\.mm$',
# Views Examples code
r'ui[\\/]views[\\/]examples[\\/].*',
# Chromium Codelab
r'codelabs[\\/]*'
)
_THIRD_PARTY_EXCEPT_BLINK = 'third_party/(?!blink/)'
_TEST_ONLY_WARNING = (
'You might be calling functions intended only for testing from\n'
'production code. If you are doing this from inside another method\n'
'named as *ForTesting(), then consider exposing things to have tests\n'
'make that same call directly.\n'
'If that is not possible, you may put a comment on the same line with\n'
' // IN-TEST \n'
'to tell the PRESUBMIT script that the code is inside a *ForTesting()\n'
'method and can be ignored. Do not do this inside production code.\n'
'The android-binary-size trybot will block if the method exists in the\n'
'release apk.')
_INCLUDE_ORDER_WARNING = (
'Your #include order seems to be broken. Remember to use the right '
'collation (LC_COLLATE=C) and check\nhttps://google.github.io/styleguide/'
'cppguide.html#Names_and_Order_of_Includes')
# Format: Sequence of tuples containing:
# * Full import path.
# * Sequence of strings to show when the pattern matches.
# * Sequence of path or filename exceptions to this rule
_BANNED_JAVA_IMPORTS = (
(
'java.net.URI;',
(
'Use org.chromium.url.GURL instead of java.net.URI, where possible.',
),
(
'net/android/javatests/src/org/chromium/net/'
'AndroidProxySelectorTest.java',
'components/cronet/',
'third_party/robolectric/local/',
),
),
(
'android.support.test.rule.UiThreadTestRule;',
(
'Do not use UiThreadTestRule, just use '
'@org.chromium.base.test.UiThreadTest on test methods that should run '
'on the UI thread. See https://crbug.com/1111893.',
),
(),
),
(
'android.support.test.annotation.UiThreadTest;',
(
'Do not use android.support.test.annotation.UiThreadTest, use '
'org.chromium.base.test.UiThreadTest instead. See '
'https://crbug.com/1111893.',
),
()
),
(
'android.support.test.rule.ActivityTestRule;',
(
'Do not use ActivityTestRule, use '
'org.chromium.base.test.BaseActivityTestRule instead.',
),
(
'components/cronet/',
)
)
)
# Format: Sequence of tuples containing:
# * String pattern or, if starting with a slash, a regular expression.
# * Sequence of strings to show when the pattern matches.
# * Error flag. True if a match is a presubmit error, otherwise it's a warning.
_BANNED_JAVA_FUNCTIONS = (
(
'StrictMode.allowThreadDiskReads()',
(
'Prefer using StrictModeContext.allowDiskReads() to using StrictMode '
'directly.',
),
False,
),
(
'StrictMode.allowThreadDiskWrites()',
(
'Prefer using StrictModeContext.allowDiskWrites() to using StrictMode '
'directly.',
),
False,
),
(
'.waitForIdleSync()',
(
'Do not use waitForIdleSync as it masks underlying issues. There is '
'almost always something else you should wait on instead.',
),
False,
),
)
# Format: Sequence of tuples containing:
# * String pattern or, if starting with a slash, a regular expression.
# * Sequence of strings to show when the pattern matches.
# * Error flag. True if a match is a presubmit error, otherwise it's a warning.
_BANNED_OBJC_FUNCTIONS = (
(
'addTrackingRect:',
(
'The use of -[NSView addTrackingRect:owner:userData:assumeInside:] is'
'prohibited. Please use CrTrackingArea instead.',
'http://dev.chromium.org/developers/coding-style/cocoa-dos-and-donts',
),
False,
),
(
r'/NSTrackingArea\W',
(
'The use of NSTrackingAreas is prohibited. Please use CrTrackingArea',
'instead.',
'http://dev.chromium.org/developers/coding-style/cocoa-dos-and-donts',
),
False,
),
(
'convertPointFromBase:',
(
'The use of -[NSView convertPointFromBase:] is almost certainly wrong.',
'Please use |convertPoint:(point) fromView:nil| instead.',
'http://dev.chromium.org/developers/coding-style/cocoa-dos-and-donts',
),
True,
),
(
'convertPointToBase:',
(
'The use of -[NSView convertPointToBase:] is almost certainly wrong.',
'Please use |convertPoint:(point) toView:nil| instead.',
'http://dev.chromium.org/developers/coding-style/cocoa-dos-and-donts',
),
True,
),
(
'convertRectFromBase:',
(
'The use of -[NSView convertRectFromBase:] is almost certainly wrong.',
'Please use |convertRect:(point) fromView:nil| instead.',
'http://dev.chromium.org/developers/coding-style/cocoa-dos-and-donts',
),
True,
),
(
'convertRectToBase:',
(
'The use of -[NSView convertRectToBase:] is almost certainly wrong.',
'Please use |convertRect:(point) toView:nil| instead.',
'http://dev.chromium.org/developers/coding-style/cocoa-dos-and-donts',
),
True,
),
(
'convertSizeFromBase:',
(
'The use of -[NSView convertSizeFromBase:] is almost certainly wrong.',
'Please use |convertSize:(point) fromView:nil| instead.',
'http://dev.chromium.org/developers/coding-style/cocoa-dos-and-donts',
),
True,
),
(
'convertSizeToBase:',
(
'The use of -[NSView convertSizeToBase:] is almost certainly wrong.',
'Please use |convertSize:(point) toView:nil| instead.',
'http://dev.chromium.org/developers/coding-style/cocoa-dos-and-donts',
),
True,
),
(
r"/\s+UTF8String\s*]",
(
'The use of -[NSString UTF8String] is dangerous as it can return null',
'even if |canBeConvertedToEncoding:NSUTF8StringEncoding| returns YES.',
'Please use |SysNSStringToUTF8| instead.',
),
True,
),
(
r'__unsafe_unretained',
(
'The use of __unsafe_unretained is almost certainly wrong, unless',
'when interacting with NSFastEnumeration or NSInvocation.',
'Please use __weak in files build with ARC, nothing otherwise.',
),
False,
),
(
'freeWhenDone:NO',
(
'The use of "freeWhenDone:NO" with the NoCopy creation of ',
'Foundation types is prohibited.',
),
True,
),
)
# Format: Sequence of tuples containing:
# * String pattern or, if starting with a slash, a regular expression.
# * Sequence of strings to show when the pattern matches.
# * Error flag. True if a match is a presubmit error, otherwise it's a warning.
_BANNED_IOS_OBJC_FUNCTIONS = (
(
r'/\bTEST[(]',
(
'TEST() macro should not be used in Objective-C++ code as it does not ',
'drain the autorelease pool at the end of the test. Use TEST_F() ',
'macro instead with a fixture inheriting from PlatformTest (or a ',
'typedef).'
),
True,
),
(
r'/\btesting::Test\b',
(
'testing::Test should not be used in Objective-C++ code as it does ',
'not drain the autorelease pool at the end of the test. Use ',
'PlatformTest instead.'
),
True,
),
)
# Format: Sequence of tuples containing:
# * String pattern or, if starting with a slash, a regular expression.
# * Sequence of strings to show when the pattern matches.
# * Error flag. True if a match is a presubmit error, otherwise it's a warning.
_BANNED_IOS_EGTEST_FUNCTIONS = (
(
r'/\bEXPECT_OCMOCK_VERIFY\b',
(
'EXPECT_OCMOCK_VERIFY should not be used in EarlGrey tests because ',
'it is meant for GTests. Use [mock verify] instead.'
),
True,
),
)
# Format: Sequence of tuples containing:
# * String pattern or, if starting with a slash, a regular expression.
# * Sequence of strings to show when the pattern matches.
# * Error flag. True if a match is a presubmit error, otherwise it's a warning.
# * Sequence of paths to *not* check (regexps).
_BANNED_CPP_FUNCTIONS = (
(
r'/\busing namespace ',
(
'Using directives ("using namespace x") are banned by the Google Style',
'Guide ( http://google.github.io/styleguide/cppguide.html#Namespaces ).',
'Explicitly qualify symbols or use using declarations ("using x::foo").',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
# Make sure that gtest's FRIEND_TEST() macro is not used; the
# FRIEND_TEST_ALL_PREFIXES() macro from base/gtest_prod_util.h should be
# used instead since that allows for FLAKY_ and DISABLED_ prefixes.
(
'FRIEND_TEST(',
(
'Chromium code should not use gtest\'s FRIEND_TEST() macro. Include',
'base/gtest_prod_util.h and use FRIEND_TEST_ALL_PREFIXES() instead.',
),
False,
(),
),
(
'setMatrixClip',
(
'Overriding setMatrixClip() is prohibited; ',
'the base function is deprecated. ',
),
True,
(),
),
(
'SkRefPtr',
(
'The use of SkRefPtr is prohibited. ',
'Please use sk_sp<> instead.'
),
True,
(),
),
(
'SkAutoRef',
(
'The indirect use of SkRefPtr via SkAutoRef is prohibited. ',
'Please use sk_sp<> instead.'
),
True,
(),
),
(
'SkAutoTUnref',
(
'The use of SkAutoTUnref is dangerous because it implicitly ',
'converts to a raw pointer. Please use sk_sp<> instead.'
),
True,
(),
),
(
'SkAutoUnref',
(
'The indirect use of SkAutoTUnref through SkAutoUnref is dangerous ',
'because it implicitly converts to a raw pointer. ',
'Please use sk_sp<> instead.'
),
True,
(),
),
(
r'/HANDLE_EINTR\(.*close',
(
'HANDLE_EINTR(close) is invalid. If close fails with EINTR, the file',
'descriptor will be closed, and it is incorrect to retry the close.',
'Either call close directly and ignore its return value, or wrap close',
'in IGNORE_EINTR to use its return value. See http://crbug.com/269623'
),
True,
(),
),
(
r'/IGNORE_EINTR\((?!.*close)',
(
'IGNORE_EINTR is only valid when wrapping close. To wrap other system',
'calls, use HANDLE_EINTR. See http://crbug.com/269623',
),
True,
(
# Files that #define IGNORE_EINTR.
r'^base[\\/]posix[\\/]eintr_wrapper\.h$',
r'^ppapi[\\/]tests[\\/]test_broker\.cc$',
),
),
(
r'/v8::Extension\(',
(
'Do not introduce new v8::Extensions into the code base, use',
'gin::Wrappable instead. See http://crbug.com/334679',
),
True,
(
r'extensions[\\/]renderer[\\/]safe_builtins\.*',
),
),
(
'#pragma comment(lib,',
(
'Specify libraries to link with in build files and not in the source.',
),
True,
(
r'^base[\\/]third_party[\\/]symbolize[\\/].*',
r'^third_party[\\/]abseil-cpp[\\/].*',
),
),
(
r'/base::SequenceChecker\b',
(
'Consider using SEQUENCE_CHECKER macros instead of the class directly.',
),
False,
(),
),
(
r'/base::ThreadChecker\b',
(
'Consider using THREAD_CHECKER macros instead of the class directly.',
),
False,
(),
),
(
r'/(Time(|Delta|Ticks)|ThreadTicks)::FromInternalValue|ToInternalValue',
(
'base::TimeXXX::FromInternalValue() and ToInternalValue() are',
'deprecated (http://crbug.com/634507). Please avoid converting away',
'from the Time types in Chromium code, especially if any math is',
'being done on time values. For interfacing with platform/library',
'APIs, use FromMicroseconds() or InMicroseconds(), or one of the other',
'type converter methods instead. For faking TimeXXX values (for unit',
'testing only), use TimeXXX() + Microseconds(N). For',
'other use cases, please contact base/time/OWNERS.',
),
False,
(),
),
(
'CallJavascriptFunctionUnsafe',
(
"Don't use CallJavascriptFunctionUnsafe() in new code. Instead, use",
'AllowJavascript(), OnJavascriptAllowed()/OnJavascriptDisallowed(),',
'and CallJavascriptFunction(). See https://goo.gl/qivavq.',
),
False,
(
r'^content[\\/]browser[\\/]webui[\\/]web_ui_impl\.(cc|h)$',
r'^content[\\/]public[\\/]browser[\\/]web_ui\.h$',
r'^content[\\/]public[\\/]test[\\/]test_web_ui\.(cc|h)$',
),
),
(
'leveldb::DB::Open',
(
'Instead of leveldb::DB::Open() use leveldb_env::OpenDB() from',
'third_party/leveldatabase/env_chromium.h. It exposes databases to',
"Chrome's tracing, making their memory usage visible.",
),
True,
(
r'^third_party/leveldatabase/.*\.(cc|h)$',
),
),
(
'leveldb::NewMemEnv',
(
'Instead of leveldb::NewMemEnv() use leveldb_chrome::NewMemEnv() from',
'third_party/leveldatabase/leveldb_chrome.h. It exposes environments',
"to Chrome's tracing, making their memory usage visible.",
),
True,
(
r'^third_party/leveldatabase/.*\.(cc|h)$',
),
),
(
'RunLoop::QuitCurrent',
(
'Please migrate away from RunLoop::QuitCurrent*() methods. Use member',
'methods of a specific RunLoop instance instead.',
),
False,
(),
),
(
'base::ScopedMockTimeMessageLoopTaskRunner',
(
'ScopedMockTimeMessageLoopTaskRunner is deprecated. Prefer',
'TaskEnvironment::TimeSource::MOCK_TIME. There are still a',
'few cases that may require a ScopedMockTimeMessageLoopTaskRunner',
'(i.e. mocking the main MessageLoopForUI in browser_tests), but check',
'with gab@ first if you think you need it)',
),
False,
(),
),
(
'std::regex',
(
'Using std::regex adds unnecessary binary size to Chrome. Please use',
're2::RE2 instead (crbug.com/755321)',
),
True,
# Abseil's benchmarks never linked into chrome.
['third_party/abseil-cpp/.*_benchmark.cc'],
),
(
r'/\bstd::stoi\b',
(
'std::stoi uses exceptions to communicate results. ',
'Use base::StringToInt() instead.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::stol\b',
(
'std::stol uses exceptions to communicate results. ',
'Use base::StringToInt() instead.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::stoul\b',
(
'std::stoul uses exceptions to communicate results. ',
'Use base::StringToUint() instead.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::stoll\b',
(
'std::stoll uses exceptions to communicate results. ',
'Use base::StringToInt64() instead.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::stoull\b',
(
'std::stoull uses exceptions to communicate results. ',
'Use base::StringToUint64() instead.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::stof\b',
(
'std::stof uses exceptions to communicate results. ',
'For locale-independent values, e.g. reading numbers from disk',
'profiles, use base::StringToDouble().',
'For user-visible values, parse using ICU.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::stod\b',
(
'std::stod uses exceptions to communicate results. ',
'For locale-independent values, e.g. reading numbers from disk',
'profiles, use base::StringToDouble().',
'For user-visible values, parse using ICU.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::stold\b',
(
'std::stold uses exceptions to communicate results. ',
'For locale-independent values, e.g. reading numbers from disk',
'profiles, use base::StringToDouble().',
'For user-visible values, parse using ICU.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::to_string\b',
(
'std::to_string is locale dependent and slower than alternatives.',
'For locale-independent strings, e.g. writing numbers to disk',
'profiles, use base::NumberToString().',
'For user-visible strings, use base::FormatNumber() and',
'the related functions in base/i18n/number_formatting.h.',
),
False, # Only a warning since it is already used.
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::shared_ptr\b',
(
'std::shared_ptr should not be used. Use scoped_refptr instead.',
),
True,
[
# Needed for interop with third-party library.
'^third_party/blink/renderer/core/typed_arrays/array_buffer/' +
'array_buffer_contents\.(cc|h)',
'^third_party/blink/renderer/bindings/core/v8/' +
'v8_wasm_response_extensions.cc',
'^gin/array_buffer\.(cc|h)',
'^chrome/services/sharing/nearby/',
# gRPC provides some C++ libraries that use std::shared_ptr<>.
'^chromeos/services/libassistant/grpc/',
# Fuchsia provides C++ libraries that use std::shared_ptr<>.
'.*fuchsia.*test\.(cc|h)',
_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
r'/\bstd::weak_ptr\b',
(
'std::weak_ptr should not be used. Use base::WeakPtr instead.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
r'/\blong long\b',
(
'long long is banned. Use stdint.h if you need a 64 bit number.',
),
False, # Only a warning since it is already used.
[_THIRD_PARTY_EXCEPT_BLINK], # Don't warn in third_party folders.
),
(
r'/\bstd::bind\b',
(
'std::bind is banned because of lifetime risks.',
'Use base::BindOnce or base::BindRepeating instead.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
r'/\b#include <chrono>\b',
(
'<chrono> overlaps with Time APIs in base. Keep using',
'base classes.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
r'/\b#include <exception>\b',
(
'Exceptions are banned and disabled in Chromium.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
r'/\bstd::function\b',
(
'std::function is banned. Instead use base::OnceCallback or ',
'base::RepeatingCallback, which directly support Chromium\'s weak ',
'pointers, ref counting and more.',
),
False, # Only a warning since it is already used.
[_THIRD_PARTY_EXCEPT_BLINK], # Do not warn in third_party folders.
),
(
r'/\b#include <random>\b',
(
'Do not use any random number engines from <random>. Instead',
'use base::RandomBitGenerator.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
r'/\b#include <X11/',
(
'Do not use Xlib. Use xproto (from //ui/gfx/x:xproto) instead.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
r'/\bstd::ratio\b',
(
'std::ratio is banned by the Google Style Guide.',
),
True,
[_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
('base::ThreadRestrictions::ScopedAllowIO'),
(
'ScopedAllowIO is deprecated, use ScopedAllowBlocking instead.',
),
False,
(),
),
(
r'/\bRunMessageLoop\b',
(
'RunMessageLoop is deprecated, use RunLoop instead.',
),
False,
(),
),
(
'RunThisRunLoop',
(
'RunThisRunLoop is deprecated, use RunLoop directly instead.',
),
False,
(),
),
(
'RunAllPendingInMessageLoop()',
(
"Prefer RunLoop over RunAllPendingInMessageLoop, please contact gab@",
"if you're convinced you need this.",
),
False,
(),
),
(
'RunAllPendingInMessageLoop(BrowserThread',
(
'RunAllPendingInMessageLoop is deprecated. Use RunLoop for',
'BrowserThread::UI, BrowserTaskEnvironment::RunIOThreadUntilIdle',
'for BrowserThread::IO, and prefer RunLoop::QuitClosure to observe',
'async events instead of flushing threads.',
),
False,
(),
),
(
r'MessageLoopRunner',
(
'MessageLoopRunner is deprecated, use RunLoop instead.',
),
False,
(),
),
(
'GetDeferredQuitTaskForRunLoop',
(
"GetDeferredQuitTaskForRunLoop shouldn't be needed, please contact",
"gab@ if you found a use case where this is the only solution.",
),
False,
(),
),
(
'sqlite3_initialize(',
(
'Instead of calling sqlite3_initialize(), depend on //sql, ',
'#include "sql/initialize.h" and use sql::EnsureSqliteInitialized().',
),
True,
(
r'^sql/initialization\.(cc|h)$',
r'^third_party/sqlite/.*\.(c|cc|h)$',
),
),
(
'std::random_shuffle',
(
'std::random_shuffle is deprecated in C++14, and removed in C++17. Use',
'base::RandomShuffle instead.'
),
True,
(),
),
(
'ios/web/public/test/http_server',
(
'web::HTTPserver is deprecated use net::EmbeddedTestServer instead.',
),
False,
(),
),
(
'GetAddressOf',
(
'Improper use of Microsoft::WRL::ComPtr<T>::GetAddressOf() has been ',
'implicated in a few leaks. ReleaseAndGetAddressOf() is safe but ',
'operator& is generally recommended. So always use operator& instead. ',
'See http://crbug.com/914910 for more conversion guidance.'
),
True,
(),
),
(
'SHFileOperation',
(
'SHFileOperation was deprecated in Windows Vista, and there are less ',
'complex functions to achieve the same goals. Use IFileOperation for ',
'any esoteric actions instead.'
),
True,
(),
),
(
'StringFromGUID2',
(
'StringFromGUID2 introduces an unnecessary dependency on ole32.dll.',
'Use base::win::WStringFromGUID instead.'
),
True,
(
r'/base/win/win_util_unittest.cc'
),
),
(
'StringFromCLSID',
(
'StringFromCLSID introduces an unnecessary dependency on ole32.dll.',
'Use base::win::WStringFromGUID instead.'
),
True,
(
r'/base/win/win_util_unittest.cc'
),
),
(
'kCFAllocatorNull',
(
'The use of kCFAllocatorNull with the NoCopy creation of ',
'CoreFoundation types is prohibited.',
),
True,
(),
),
(
'mojo::ConvertTo',
(
'mojo::ConvertTo and TypeConverter are deprecated. Please consider',
'StructTraits / UnionTraits / EnumTraits / ArrayTraits / MapTraits /',
'StringTraits if you would like to convert between custom types and',
'the wire format of mojom types.'
),
False,
(
r'^fuchsia/engine/browser/url_request_rewrite_rules_manager\.cc$',
r'^fuchsia/engine/url_request_rewrite_type_converters\.cc$',
r'^third_party/blink/.*\.(cc|h)$',
r'^content/renderer/.*\.(cc|h)$',
),
),
(
'GetInterfaceProvider',
(
'InterfaceProvider is deprecated.',
'Please use ExecutionContext::GetBrowserInterfaceBroker and overrides',
'or Platform::GetBrowserInterfaceBroker.'
),
False,
(),
),
(
'CComPtr',
(
'New code should use Microsoft::WRL::ComPtr from wrl/client.h as a ',
'replacement for CComPtr from ATL. See http://crbug.com/5027 for more ',
'details.'
),
False,
(),
),
(
r'/\b(IFACE|STD)METHOD_?\(',
(
'IFACEMETHOD() and STDMETHOD() make code harder to format and read.',
'Instead, always use IFACEMETHODIMP in the declaration.'
),
False,
[_THIRD_PARTY_EXCEPT_BLINK], # Not an error in third_party folders.
),
(
'set_owned_by_client',
(
'set_owned_by_client is deprecated.',
'views::View already owns the child views by default. This introduces ',
'a competing ownership model which makes the code difficult to reason ',
'about. See http://crbug.com/1044687 for more details.'
),
False,
(),
),
(
'RemoveAllChildViewsWithoutDeleting',
(
'RemoveAllChildViewsWithoutDeleting is deprecated.',
'This method is deemed dangerous as, unless raw pointers are re-added,',
'calls to this method introduce memory leaks.'
),
False,
(),
),
(
r'/\bTRACE_EVENT_ASYNC_',
(
'Please use TRACE_EVENT_NESTABLE_ASYNC_.. macros instead',
'of TRACE_EVENT_ASYNC_.. (crbug.com/1038710).',
),
False,
(
r'^base/trace_event/.*',
r'^base/tracing/.*',
),
),
(
'RoInitialize',
(
'Improper use of [base::win]::RoInitialize() has been implicated in a ',
'few COM initialization leaks. Use base::win::ScopedWinrtInitializer ',
'instead. See http://crbug.com/1197722 for more information.'
),
True,
(
r'^base[\\/]win[\\/]scoped_winrt_initializer\.cc$'
),
),
)
# Format: Sequence of tuples containing:
# * String pattern or, if starting with a slash, a regular expression.
# * Sequence of strings to show when the pattern matches.
_DEPRECATED_MOJO_TYPES = (
(
r'/\bmojo::AssociatedInterfacePtrInfo\b',
(
'mojo::AssociatedInterfacePtrInfo<Interface> is deprecated.',
'Use mojo::PendingAssociatedRemote<Interface> instead.',
),
),
(
r'/\bmojo::AssociatedInterfaceRequest\b',
(
'mojo::AssociatedInterfaceRequest<Interface> is deprecated.',
'Use mojo::PendingAssociatedReceiver<Interface> instead.',
),
),
(
r'/\bmojo::InterfacePtr\b',
(
'mojo::InterfacePtr<Interface> is deprecated.',
'Use mojo::Remote<Interface> instead.',
),
),
(
r'/\bmojo::InterfacePtrInfo\b',
(
'mojo::InterfacePtrInfo<Interface> is deprecated.',
'Use mojo::PendingRemote<Interface> instead.',
),
),
(
r'/\bmojo::InterfaceRequest\b',
(
'mojo::InterfaceRequest<Interface> is deprecated.',
'Use mojo::PendingReceiver<Interface> instead.',
),
),
(
r'/\bmojo::MakeRequest\b',
(
'mojo::MakeRequest is deprecated.',
'Use mojo::Remote::BindNewPipeAndPassReceiver() instead.',
),
),
)
_IPC_ENUM_TRAITS_DEPRECATED = (
'You are using IPC_ENUM_TRAITS() in your code. It has been deprecated.\n'
'See http://www.chromium.org/Home/chromium-security/education/'
'security-tips-for-ipc')
_LONG_PATH_ERROR = (
'Some files included in this CL have file names that are too long (> 200'
' characters). If committed, these files will cause issues on Windows. See'
' https://crbug.com/612667 for more details.'
)
_JAVA_MULTIPLE_DEFINITION_EXCLUDED_PATHS = [
r".*[\\/]AppHooksImpl\.java",
r".*[\\/]BuildHooksAndroidImpl\.java",
r".*[\\/]LicenseContentProvider\.java",
r".*[\\/]PlatformServiceBridgeImpl.java",
r".*chrome[\\\/]android[\\\/]feed[\\\/]dummy[\\\/].*\.java",
]
# List of image extensions that are used as resources in chromium.
_IMAGE_EXTENSIONS = ['.svg', '.png', '.webp']
# These paths contain test data and other known invalid JSON files.
_KNOWN_TEST_DATA_AND_INVALID_JSON_FILE_PATTERNS = [
r'test[\\/]data[\\/]',
r'testing[\\/]buildbot[\\/]',
r'^components[\\/]policy[\\/]resources[\\/]policy_templates\.json$',
r'^third_party[\\/]protobuf[\\/]',
r'^third_party[\\/]blink[\\/]renderer[\\/]devtools[\\/]protocol\.json$',
r'^third_party[\\/]blink[\\/]web_tests[\\/]external[\\/]wpt[\\/]',
]
_VALID_OS_MACROS = (
# Please keep sorted.
'OS_AIX',
'OS_ANDROID',
'OS_APPLE',
'OS_ASMJS',
'OS_BSD',
'OS_CAT', # For testing.
'OS_CHROMEOS',
'OS_CYGWIN', # third_party code.
'OS_FREEBSD',
'OS_FUCHSIA',
'OS_IOS',
'OS_LINUX',
'OS_MAC',
'OS_NACL',
'OS_NACL_NONSFI',
'OS_NACL_SFI',
'OS_NETBSD',
'OS_OPENBSD',
'OS_POSIX',
'OS_QNX',
'OS_SOLARIS',
'OS_WIN',
)
# These are not checked on the public chromium-presubmit trybot.
# Add files here that rely on .py files that exists only for target_os="android"
# checkouts.
_ANDROID_SPECIFIC_PYDEPS_FILES = [
'chrome/android/features/create_stripped_java_factory.pydeps',
]
_GENERIC_PYDEPS_FILES = [
'android_webview/tools/run_cts.pydeps',
'base/android/jni_generator/jni_generator.pydeps',
'base/android/jni_generator/jni_registration_generator.pydeps',
'build/android/apk_operations.pydeps',
'build/android/devil_chromium.pydeps',
'build/android/gyp/aar.pydeps',
'build/android/gyp/aidl.pydeps',
'build/android/gyp/allot_native_libraries.pydeps',
'build/android/gyp/apkbuilder.pydeps',
'build/android/gyp/assert_static_initializers.pydeps',
'build/android/gyp/bytecode_processor.pydeps',
'build/android/gyp/bytecode_rewriter.pydeps',
'build/android/gyp/check_flag_expectations.pydeps',
'build/android/gyp/compile_java.pydeps',
'build/android/gyp/compile_resources.pydeps',
'build/android/gyp/copy_ex.pydeps',
'build/android/gyp/create_apk_operations_script.pydeps',
'build/android/gyp/create_app_bundle.pydeps',
'build/android/gyp/create_app_bundle_apks.pydeps',
'build/android/gyp/create_bundle_wrapper_script.pydeps',
'build/android/gyp/create_java_binary_script.pydeps',
'build/android/gyp/create_r_java.pydeps',
'build/android/gyp/create_r_txt.pydeps',
'build/android/gyp/create_size_info_files.pydeps',
'build/android/gyp/create_ui_locale_resources.pydeps',
'build/android/gyp/dex.pydeps',
'build/android/gyp/dex_jdk_libs.pydeps',
'build/android/gyp/dexsplitter.pydeps',
'build/android/gyp/dist_aar.pydeps',
'build/android/gyp/filter_zip.pydeps',
'build/android/gyp/gcc_preprocess.pydeps',
'build/android/gyp/generate_linker_version_script.pydeps',
'build/android/gyp/ijar.pydeps',
'build/android/gyp/jacoco_instr.pydeps',
'build/android/gyp/java_cpp_enum.pydeps',
'build/android/gyp/java_cpp_features.pydeps',
'build/android/gyp/java_cpp_strings.pydeps',
'build/android/gyp/java_google_api_keys.pydeps',
'build/android/gyp/jetify_jar.pydeps',
'build/android/gyp/jinja_template.pydeps',
'build/android/gyp/lint.pydeps',
'build/android/gyp/merge_manifest.pydeps',
'build/android/gyp/prepare_resources.pydeps',
'build/android/gyp/process_native_prebuilt.pydeps',
'build/android/gyp/proguard.pydeps',
'build/android/gyp/turbine.pydeps',
'build/android/gyp/unused_resources.pydeps',
'build/android/gyp/validate_static_library_dex_references.pydeps',
'build/android/gyp/write_build_config.pydeps',
'build/android/gyp/write_native_libraries_java.pydeps',
'build/android/gyp/zip.pydeps',
'build/android/incremental_install/generate_android_manifest.pydeps',
'build/android/incremental_install/write_installer_json.pydeps',
'build/android/resource_sizes.pydeps',
'build/android/test_runner.pydeps',
'build/android/test_wrapper/logdog_wrapper.pydeps',
'build/lacros/lacros_resource_sizes.pydeps',
'build/protoc_java.pydeps',
'chrome/android/monochrome/scripts/monochrome_python_tests.pydeps',
'chrome/test/chromedriver/log_replay/client_replay_unittest.pydeps',
'chrome/test/chromedriver/test/run_py_tests.pydeps',
'chromecast/resource_sizes/chromecast_resource_sizes.pydeps',
'components/cronet/tools/generate_javadoc.pydeps',
'components/cronet/tools/jar_src.pydeps',
'components/module_installer/android/module_desc_java.pydeps',
'content/public/android/generate_child_service.pydeps',
'net/tools/testserver/testserver.pydeps',
'testing/scripts/run_android_wpt.pydeps',
'testing/scripts/run_isolated_script_test.pydeps',
'third_party/android_platform/development/scripts/stack.pydeps',
'third_party/blink/renderer/bindings/scripts/build_web_idl_database.pydeps',
'third_party/blink/renderer/bindings/scripts/collect_idl_files.pydeps',
'third_party/blink/renderer/bindings/scripts/generate_bindings.pydeps',
'third_party/blink/renderer/bindings/scripts/validate_web_idl.pydeps',
'tools/binary_size/sizes.pydeps',
'tools/binary_size/supersize.pydeps',
]
_ALL_PYDEPS_FILES = _ANDROID_SPECIFIC_PYDEPS_FILES + _GENERIC_PYDEPS_FILES
# Bypass the AUTHORS check for these accounts.
_KNOWN_ROBOTS = set(
) | set('%s@appspot.gserviceaccount.com' % s for s in ('findit-for-me',)
) | set('%s@developer.gserviceaccount.com' % s for s in ('3su6n15k.default',)
) | set('%s@chops-service-accounts.iam.gserviceaccount.com' % s
for s in ('bling-autoroll-builder', 'v8-ci-autoroll-builder',
'wpt-autoroller', 'chrome-weblayer-builder',
'lacros-version-skew-roller', 'skylab-test-cros-roller')
) | set('%s@skia-public.iam.gserviceaccount.com' % s
for s in ('chromium-autoroll', 'chromium-release-autoroll')
) | set('%s@skia-corp.google.com.iam.gserviceaccount.com' % s
for s in ('chromium-internal-autoroll',)
) | set('%s@owners-cleanup-prod.google.com.iam.gserviceaccount.com' % s
for s in ('swarming-tasks',))
_INVALID_GRD_FILE_LINE = [
(r'<file lang=.* path=.*', 'Path should come before lang in GRD files.')
]
def _IsCPlusPlusFile(input_api, file_path):
"""Returns True if this file contains C++-like code (and not Python,
Go, Java, MarkDown, ...)"""
ext = input_api.os_path.splitext(file_path)[1]
# This list is compatible with CppChecker.IsCppFile but we should
# consider adding ".c" to it. If we do that we can use this function
# at more places in the code.
return ext in (
'.h',
'.cc',
'.cpp',
'.m',
'.mm',
)
def _IsCPlusPlusHeaderFile(input_api, file_path):
return input_api.os_path.splitext(file_path)[1] == ".h"
def _IsJavaFile(input_api, file_path):
return input_api.os_path.splitext(file_path)[1] == ".java"
def _IsProtoFile(input_api, file_path):
return input_api.os_path.splitext(file_path)[1] == ".proto"
def CheckNoUpstreamDepsOnClank(input_api, output_api):
"""Prevent additions of dependencies from the upstream repo on //clank."""
# clank can depend on clank
if input_api.change.RepositoryRoot().endswith('clank'):
return []
build_file_patterns = [
r'(.+/)?BUILD\.gn',
r'.+\.gni',
]
excluded_files = [
r'build[/\\]config[/\\]android[/\\]config\.gni'
]
bad_pattern = input_api.re.compile(r'^[^#]*//clank')
error_message = 'Disallowed import on //clank in an upstream build file:'
def FilterFile(affected_file):
return input_api.FilterSourceFile(
affected_file,
files_to_check=build_file_patterns,
files_to_skip=excluded_files)
problems = []
for f in input_api.AffectedSourceFiles(FilterFile):
local_path = f.LocalPath()
for line_number, line in f.ChangedContents():
if (bad_pattern.search(line)):
problems.append(
'%s:%d\n %s' % (local_path, line_number, line.strip()))
if problems:
return [output_api.PresubmitPromptOrNotify(error_message, problems)]
else:
return []
def CheckNoProductionCodeUsingTestOnlyFunctions(input_api, output_api):
"""Attempts to prevent use of functions intended only for testing in
non-testing code. For now this is just a best-effort implementation
that ignores header files and may have some false positives. A
better implementation would probably need a proper C++ parser.
"""
# We only scan .cc files and the like, as the declaration of
# for-testing functions in header files are hard to distinguish from
# calls to such functions without a proper C++ parser.
file_inclusion_pattern = [r'.+%s' % _IMPLEMENTATION_EXTENSIONS]
base_function_pattern = r'[ :]test::[^\s]+|ForTest(s|ing)?|for_test(s|ing)?'
inclusion_pattern = input_api.re.compile(r'(%s)\s*\(' % base_function_pattern)
comment_pattern = input_api.re.compile(r'//.*(%s)' % base_function_pattern)
allowlist_pattern = input_api.re.compile(r'// IN-TEST$')
exclusion_pattern = input_api.re.compile(
r'::[A-Za-z0-9_]+(%s)|(%s)[^;]+\{' % (
base_function_pattern, base_function_pattern))
# Avoid a false positive in this case, where the method name, the ::, and
# the closing { are all on different lines due to line wrapping.
# HelperClassForTesting::
# HelperClassForTesting(
# args)
# : member(0) {}
method_defn_pattern = input_api.re.compile(r'[A-Za-z0-9_]+::$')
def FilterFile(affected_file):
files_to_skip = (_EXCLUDED_PATHS +
_TEST_CODE_EXCLUDED_PATHS +
input_api.DEFAULT_FILES_TO_SKIP)
return input_api.FilterSourceFile(
affected_file,
files_to_check=file_inclusion_pattern,
files_to_skip=files_to_skip)
problems = []
for f in input_api.AffectedSourceFiles(FilterFile):
local_path = f.LocalPath()
in_method_defn = False
for line_number, line in f.ChangedContents():
if (inclusion_pattern.search(line) and
not comment_pattern.search(line) and
not exclusion_pattern.search(line) and
not allowlist_pattern.search(line) and
not in_method_defn):
problems.append(
'%s:%d\n %s' % (local_path, line_number, line.strip()))
in_method_defn = method_defn_pattern.search(line)
if problems:
return [output_api.PresubmitPromptOrNotify(_TEST_ONLY_WARNING, problems)]
else:
return []
def CheckNoProductionCodeUsingTestOnlyFunctionsJava(input_api, output_api):
"""This is a simplified version of
CheckNoProductionCodeUsingTestOnlyFunctions for Java files.
"""
javadoc_start_re = input_api.re.compile(r'^\s*/\*\*')
javadoc_end_re = input_api.re.compile(r'^\s*\*/')
name_pattern = r'ForTest(s|ing)?'
# Describes an occurrence of "ForTest*" inside a // comment.
comment_re = input_api.re.compile(r'//.*%s' % name_pattern)
# Describes @VisibleForTesting(otherwise = VisibleForTesting.PROTECTED)
annotation_re = input_api.re.compile(r'@VisibleForTesting\(')
# Catch calls.
inclusion_re = input_api.re.compile(r'(%s)\s*\(' % name_pattern)
# Ignore definitions. (Comments are ignored separately.)
exclusion_re = input_api.re.compile(r'(%s)[^;]+\{' % name_pattern)
problems = []
sources = lambda x: input_api.FilterSourceFile(
x,
files_to_skip=(('(?i).*test', r'.*\/junit\/')
+ input_api.DEFAULT_FILES_TO_SKIP),
files_to_check=[r'.*\.java$']
)
for f in input_api.AffectedFiles(include_deletes=False, file_filter=sources):
local_path = f.LocalPath()
is_inside_javadoc = False
for line_number, line in f.ChangedContents():
if is_inside_javadoc and javadoc_end_re.search(line):
is_inside_javadoc = False
if not is_inside_javadoc and javadoc_start_re.search(line):
is_inside_javadoc = True
if is_inside_javadoc:
continue
if (inclusion_re.search(line) and
not comment_re.search(line) and
not annotation_re.search(line) and
not exclusion_re.search(line)):
problems.append(
'%s:%d\n %s' % (local_path, line_number, line.strip()))
if problems:
return [output_api.PresubmitPromptOrNotify(_TEST_ONLY_WARNING, problems)]
else:
return []
def CheckNoIOStreamInHeaders(input_api, output_api):
"""Checks to make sure no .h files include <iostream>."""
files = []
pattern = input_api.re.compile(r'^#include\s*<iostream>',
input_api.re.MULTILINE)
for f in input_api.AffectedSourceFiles(input_api.FilterSourceFile):
if not f.LocalPath().endswith('.h'):
continue
contents = input_api.ReadFile(f)
if pattern.search(contents):
files.append(f)
if len(files):
return [output_api.PresubmitError(
'Do not #include <iostream> in header files, since it inserts static '
'initialization into every file including the header. Instead, '
'#include <ostream>. See http://crbug.com/94794',
files) ]
return []
def _CheckNoStrCatRedefines(input_api, output_api):
"""Checks no windows headers with StrCat redefined are included directly."""
files = []
pattern_deny = input_api.re.compile(
r'^#include\s*[<"](shlwapi|atlbase|propvarutil|sphelper).h[">]',
input_api.re.MULTILINE)
pattern_allow = input_api.re.compile(
r'^#include\s"base/win/windows_defines.inc"',
input_api.re.MULTILINE)
for f in input_api.AffectedSourceFiles(input_api.FilterSourceFile):
contents = input_api.ReadFile(f)
if pattern_deny.search(contents) and not pattern_allow.search(contents):
files.append(f.LocalPath())
if len(files):
return [output_api.PresubmitError(
'Do not #include shlwapi.h, atlbase.h, propvarutil.h or sphelper.h '
'directly since they pollute code with StrCat macro. Instead, '
'include matching header from base/win. See http://crbug.com/856536',
files) ]
return []
def CheckNoUNIT_TESTInSourceFiles(input_api, output_api):
"""Checks to make sure no source files use UNIT_TEST."""
problems = []
for f in input_api.AffectedFiles():
if (not f.LocalPath().endswith(('.cc', '.mm'))):
continue
for line_num, line in f.ChangedContents():
if 'UNIT_TEST ' in line or line.endswith('UNIT_TEST'):
problems.append(' %s:%d' % (f.LocalPath(), line_num))
if not problems:
return []
return [output_api.PresubmitPromptWarning('UNIT_TEST is only for headers.\n' +
'\n'.join(problems))]
def CheckNoDISABLETypoInTests(input_api, output_api):
"""Checks to prevent attempts to disable tests with DISABLE_ prefix.
This test warns if somebody tries to disable a test with the DISABLE_ prefix
instead of DISABLED_. To filter false positives, reports are only generated
if a corresponding MAYBE_ line exists.
"""
problems = []
# The following two patterns are looked for in tandem - is a test labeled
# as MAYBE_ followed by a DISABLE_ (instead of the correct DISABLED)
maybe_pattern = input_api.re.compile(r'MAYBE_([a-zA-Z0-9_]+)')
disable_pattern = input_api.re.compile(r'DISABLE_([a-zA-Z0-9_]+)')
# This is for the case that a test is disabled on all platforms.
full_disable_pattern = input_api.re.compile(
r'^\s*TEST[^(]*\([a-zA-Z0-9_]+,\s*DISABLE_[a-zA-Z0-9_]+\)',
input_api.re.MULTILINE)
for f in input_api.AffectedFiles(False):
if not 'test' in f.LocalPath() or not f.LocalPath().endswith('.cc'):
continue
# Search for MABYE_, DISABLE_ pairs.
disable_lines = {} # Maps of test name to line number.
maybe_lines = {}
for line_num, line in f.ChangedContents():
disable_match = disable_pattern.search(line)
if disable_match:
disable_lines[disable_match.group(1)] = line_num
maybe_match = maybe_pattern.search(line)
if maybe_match:
maybe_lines[maybe_match.group(1)] = line_num
# Search for DISABLE_ occurrences within a TEST() macro.
disable_tests = set(disable_lines.keys())
maybe_tests = set(maybe_lines.keys())
for test in disable_tests.intersection(maybe_tests):
problems.append(' %s:%d' % (f.LocalPath(), disable_lines[test]))
contents = input_api.ReadFile(f)
full_disable_match = full_disable_pattern.search(contents)
if full_disable_match:
problems.append(' %s' % f.LocalPath())
if not problems:
return []
return [
output_api.PresubmitPromptWarning(
'Attempt to disable a test with DISABLE_ instead of DISABLED_?\n' +
'\n'.join(problems))
]
def CheckForgettingMAYBEInTests(input_api, output_api):
"""Checks to make sure tests disabled conditionally are not missing a
corresponding MAYBE_ prefix.
"""
# Expect at least a lowercase character in the test name. This helps rule out
# false positives with macros wrapping the actual tests name.
define_maybe_pattern = input_api.re.compile(
r'^\#define MAYBE_(?P<test_name>\w*[a-z]\w*)')
test_maybe_pattern = r'^\s*\w*TEST[^(]*\(\s*\w+,\s*MAYBE_{test_name}\)'
suite_maybe_pattern = r'^\s*\w*TEST[^(]*\(\s*MAYBE_{test_name}[\),]'
warnings = []
# Read the entire files. We can't just read the affected lines, forgetting to
# add MAYBE_ on a change would not show up otherwise.
for f in input_api.AffectedFiles(False):
if not 'test' in f.LocalPath() or not f.LocalPath().endswith('.cc'):
continue
contents = input_api.ReadFile(f)
lines = contents.splitlines(True)
current_position = 0
warning_test_names = set()
for line_num, line in enumerate(lines, start=1):
current_position += len(line)
maybe_match = define_maybe_pattern.search(line)
if maybe_match:
test_name = maybe_match.group('test_name')
# Do not warn twice for the same test.
if (test_name in warning_test_names):
continue
warning_test_names.add(test_name)
# Attempt to find the corresponding MAYBE_ test or suite, starting from
# the current position.
test_match = input_api.re.compile(
test_maybe_pattern.format(test_name=test_name),
input_api.re.MULTILINE).search(contents, current_position)
suite_match = input_api.re.compile(
suite_maybe_pattern.format(test_name=test_name),
input_api.re.MULTILINE).search(contents, current_position)
if not test_match and not suite_match:
warnings.append(
output_api.PresubmitPromptWarning(
'%s:%d found MAYBE_ defined without corresponding test %s' %
(f.LocalPath(), line_num, test_name)))
return warnings
def CheckDCHECK_IS_ONHasBraces(input_api, output_api):
"""Checks to make sure DCHECK_IS_ON() does not skip the parentheses."""
errors = []
pattern = input_api.re.compile(r'DCHECK_IS_ON\b(?!\(\))',
input_api.re.MULTILINE)
for f in input_api.AffectedSourceFiles(input_api.FilterSourceFile):
if (not f.LocalPath().endswith(('.cc', '.mm', '.h'))):
continue
for lnum, line in f.ChangedContents():
if input_api.re.search(pattern, line):
errors.append(output_api.PresubmitError(
('%s:%d: Use of DCHECK_IS_ON() must be written as "#if ' +
'DCHECK_IS_ON()", not forgetting the parentheses.')
% (f.LocalPath(), lnum)))
return errors
# TODO(crbug/1138055): Reimplement CheckUmaHistogramChangesOnUpload check in a
# more reliable way. See
# https://chromium-review.googlesource.com/c/chromium/src/+/2500269
def CheckFlakyTestUsage(input_api, output_api):
"""Check that FlakyTest annotation is our own instead of the android one"""
pattern = input_api.re.compile(r'import android.test.FlakyTest;')
files = []
for f in input_api.AffectedSourceFiles(input_api.FilterSourceFile):
if f.LocalPath().endswith('Test.java'):
if pattern.search(input_api.ReadFile(f)):
files.append(f)
if len(files):
return [output_api.PresubmitError(
'Use org.chromium.base.test.util.FlakyTest instead of '
'android.test.FlakyTest',
files)]
return []
def CheckNoDEPSGIT(input_api, output_api):
"""Make sure .DEPS.git is never modified manually."""
if any(f.LocalPath().endswith('.DEPS.git') for f in
input_api.AffectedFiles()):
return [output_api.PresubmitError(
'Never commit changes to .DEPS.git. This file is maintained by an\n'
'automated system based on what\'s in DEPS and your changes will be\n'
'overwritten.\n'
'See https://sites.google.com/a/chromium.org/dev/developers/how-tos/'
'get-the-code#Rolling_DEPS\n'
'for more information')]
return []
def CheckValidHostsInDEPSOnUpload(input_api, output_api):
"""Checks that DEPS file deps are from allowed_hosts."""
# Run only if DEPS file has been modified to annoy fewer bystanders.
if all(f.LocalPath() != 'DEPS' for f in input_api.AffectedFiles()):
return []
# Outsource work to gclient verify
try:
gclient_path = input_api.os_path.join(
input_api.PresubmitLocalPath(),
'third_party', 'depot_tools', 'gclient.py')
input_api.subprocess.check_output(
[input_api.python_executable, gclient_path, 'verify'],
stderr=input_api.subprocess.STDOUT)
return []
except input_api.subprocess.CalledProcessError as error:
return [output_api.PresubmitError(
'DEPS file must have only git dependencies.',
long_text=error.output)]
def _GetMessageForMatchingType(input_api, affected_file, line_number, line,
type_name, message):
"""Helper method for CheckNoBannedFunctions and CheckNoDeprecatedMojoTypes.
Returns an string composed of the name of the file, the line number where the
match has been found and the additional text passed as |message| in case the
target type name matches the text inside the line passed as parameter.
"""
result = []
if input_api.re.search(r"^ *//", line): # Ignore comments about banned types.
return result
if line.endswith(" nocheck"): # A // nocheck comment will bypass this error.
return result
matched = False
if type_name[0:1] == '/':
regex = type_name[1:]
if input_api.re.search(regex, line):
matched = True
elif type_name in line:
matched = True
if matched:
result.append(' %s:%d:' % (affected_file.LocalPath(), line_number))
for message_line in message:
result.append(' %s' % message_line)
return result
def CheckNoBannedFunctions(input_api, output_api):
"""Make sure that banned functions are not used."""
warnings = []
errors = []
def IsExcludedFile(affected_file, excluded_paths):
local_path = affected_file.LocalPath()
for item in excluded_paths:
if input_api.re.match(item, local_path):
return True
return False
def IsIosObjcFile(affected_file):
local_path = affected_file.LocalPath()
if input_api.os_path.splitext(local_path)[-1] not in ('.mm', '.m', '.h'):
return False
basename = input_api.os_path.basename(local_path)
if 'ios' in basename.split('_'):
return True
for sep in (input_api.os_path.sep, input_api.os_path.altsep):
if sep and 'ios' in local_path.split(sep):
return True
return False
def CheckForMatch(affected_file, line_num, line, func_name, message, error):
problems = _GetMessageForMatchingType(input_api, f, line_num, line,
func_name, message)
if problems:
if error:
errors.extend(problems)
else:
warnings.extend(problems)
file_filter = lambda f: f.LocalPath().endswith(('.java'))
for f in input_api.AffectedFiles(file_filter=file_filter):
for line_num, line in f.ChangedContents():
for func_name, message, error in _BANNED_JAVA_FUNCTIONS:
CheckForMatch(f, line_num, line, func_name, message, error)
file_filter = lambda f: f.LocalPath().endswith(('.mm', '.m', '.h'))
for f in input_api.AffectedFiles(file_filter=file_filter):
for line_num, line in f.ChangedContents():
for func_name, message, error in _BANNED_OBJC_FUNCTIONS:
CheckForMatch(f, line_num, line, func_name, message, error)
for f in input_api.AffectedFiles(file_filter=IsIosObjcFile):
for line_num, line in f.ChangedContents():
for func_name, message, error in _BANNED_IOS_OBJC_FUNCTIONS:
CheckForMatch(f, line_num, line, func_name, message, error)
egtest_filter = lambda f: f.LocalPath().endswith(('_egtest.mm'))
for f in input_api.AffectedFiles(file_filter=egtest_filter):
for line_num, line in f.ChangedContents():
for func_name, message, error in _BANNED_IOS_EGTEST_FUNCTIONS:
CheckForMatch(f, line_num, line, func_name, message, error)
file_filter = lambda f: f.LocalPath().endswith(('.cc', '.mm', '.h'))
for f in input_api.AffectedFiles(file_filter=file_filter):
for line_num, line in f.ChangedContents():
for func_name, message, error, excluded_paths in _BANNED_CPP_FUNCTIONS:
if IsExcludedFile(f, excluded_paths):
continue
CheckForMatch(f, line_num, line, func_name, message, error)
result = []
if (warnings):
result.append(output_api.PresubmitPromptWarning(
'Banned functions were used.\n' + '\n'.join(warnings)))
if (errors):
result.append(output_api.PresubmitError(
'Banned functions were used.\n' + '\n'.join(errors)))
return result
def _CheckAndroidNoBannedImports(input_api, output_api):
"""Make sure that banned java imports are not used."""
errors = []
def IsException(path, exceptions):
for exception in exceptions:
if (path.startswith(exception)):
return True
return False
file_filter = lambda f: f.LocalPath().endswith(('.java'))
for f in input_api.AffectedFiles(file_filter=file_filter):
for line_num, line in f.ChangedContents():
for import_name, message, exceptions in _BANNED_JAVA_IMPORTS:
if IsException(f.LocalPath(), exceptions):
continue;
problems = _GetMessageForMatchingType(input_api, f, line_num, line,
'import ' + import_name, message)
if problems:
errors.extend(problems)
result = []
if (errors):
result.append(output_api.PresubmitError(
'Banned imports were used.\n' + '\n'.join(errors)))
return result
def CheckNoDeprecatedMojoTypes(input_api, output_api):
"""Make sure that old Mojo types are not used."""
warnings = []
errors = []
# For any path that is not an "ok" or an "error" path, a warning will be
# raised if deprecated mojo types are found.
ok_paths = ['components/arc']
error_paths = ['third_party/blink', 'content']
file_filter = lambda f: f.LocalPath().endswith(('.cc', '.mm', '.h'))
for f in input_api.AffectedFiles(file_filter=file_filter):
# Don't check //components/arc, not yet migrated (see crrev.com/c/1868870).
if any(map(lambda path: f.LocalPath().startswith(path), ok_paths)):
continue
for line_num, line in f.ChangedContents():
for func_name, message in _DEPRECATED_MOJO_TYPES:
problems = _GetMessageForMatchingType(input_api, f, line_num, line,
func_name, message)
if problems:
# Raise errors inside |error_paths| and warnings everywhere else.
if any(map(lambda path: f.LocalPath().startswith(path), error_paths)):
errors.extend(problems)
else:
warnings.extend(problems)
result = []
if (warnings):
result.append(output_api.PresubmitPromptWarning(
'Banned Mojo types were used.\n' + '\n'.join(warnings)))
if (errors):
result.append(output_api.PresubmitError(
'Banned Mojo types were used.\n' + '\n'.join(errors)))
return result
def CheckNoPragmaOnce(input_api, output_api):
"""Make sure that banned functions are not used."""
files = []
pattern = input_api.re.compile(r'^#pragma\s+once',
input_api.re.MULTILINE)
for f in input_api.AffectedSourceFiles(input_api.FilterSourceFile):
if not f.LocalPath().endswith('.h'):
continue
contents = input_api.ReadFile(f)
if pattern.search(contents):
files.append(f)
if files:
return [output_api.PresubmitError(
'Do not use #pragma once in header files.\n'
'See http://www.chromium.org/developers/coding-style#TOC-File-headers',
files)]
return []
def CheckNoTrinaryTrueFalse(input_api, output_api):
"""Checks to make sure we don't introduce use of foo ? true : false."""
problems = []
pattern = input_api.re.compile(r'\?\s*(true|false)\s*:\s*(true|false)')
for f in input_api.AffectedFiles():
if not f.LocalPath().endswith(('.cc', '.h', '.inl', '.m', '.mm')):
continue
for line_num, line in f.ChangedContents():
if pattern.match(line):
problems.append(' %s:%d' % (f.LocalPath(), line_num))
if not problems:
return []
return [output_api.PresubmitPromptWarning(
'Please consider avoiding the "? true : false" pattern if possible.\n' +
'\n'.join(problems))]
def CheckUnwantedDependencies(input_api, output_api):
"""Runs checkdeps on #include and import statements added in this
change. Breaking - rules is an error, breaking ! rules is a
warning.
"""
import sys
# We need to wait until we have an input_api object and use this
# roundabout construct to import checkdeps because this file is
# eval-ed and thus doesn't have __file__.
original_sys_path = sys.path
try:
sys.path = sys.path + [input_api.os_path.join(
input_api.PresubmitLocalPath(), 'buildtools', 'checkdeps')]
import checkdeps
from rules import Rule
finally:
# Restore sys.path to what it was before.
sys.path = original_sys_path
added_includes = []
added_imports = []
added_java_imports = []
for f in input_api.AffectedFiles():
if _IsCPlusPlusFile(input_api, f.LocalPath()):
changed_lines = [line for _, line in f.ChangedContents()]
added_includes.append([f.AbsoluteLocalPath(), changed_lines])
elif _IsProtoFile(input_api, f.LocalPath()):
changed_lines = [line for _, line in f.ChangedContents()]
added_imports.append([f.AbsoluteLocalPath(), changed_lines])
elif _IsJavaFile(input_api, f.LocalPath()):
changed_lines = [line for _, line in f.ChangedContents()]
added_java_imports.append([f.AbsoluteLocalPath(), changed_lines])
deps_checker = checkdeps.DepsChecker(input_api.PresubmitLocalPath())
error_descriptions = []
warning_descriptions = []
error_subjects = set()
warning_subjects = set()
for path, rule_type, rule_description in deps_checker.CheckAddedCppIncludes(
added_includes):
path = input_api.os_path.relpath(path, input_api.PresubmitLocalPath())
description_with_path = '%s\n %s' % (path, rule_description)
if rule_type == Rule.DISALLOW:
error_descriptions.append(description_with_path)
error_subjects.add("#includes")
else:
warning_descriptions.append(description_with_path)
warning_subjects.add("#includes")
for path, rule_type, rule_description in deps_checker.CheckAddedProtoImports(
added_imports):
path = input_api.os_path.relpath(path, input_api.PresubmitLocalPath())
description_with_path = '%s\n %s' % (path, rule_description)
if rule_type == Rule.DISALLOW:
error_descriptions.append(description_with_path)
error_subjects.add("imports")
else:
warning_descriptions.append(description_with_path)
warning_subjects.add("imports")
for path, rule_type, rule_description in deps_checker.CheckAddedJavaImports(
added_java_imports, _JAVA_MULTIPLE_DEFINITION_EXCLUDED_PATHS):
path = input_api.os_path.relpath(path, input_api.PresubmitLocalPath())
description_with_path = '%s\n %s' % (path, rule_description)
if rule_type == Rule.DISALLOW:
error_descriptions.append(description_with_path)
error_subjects.add("imports")
else:
warning_descriptions.append(description_with_path)
warning_subjects.add("imports")
results = []
if error_descriptions:
results.append(output_api.PresubmitError(
'You added one or more %s that violate checkdeps rules.'
% " and ".join(error_subjects),
error_descriptions))
if warning_descriptions:
results.append(output_api.PresubmitPromptOrNotify(
'You added one or more %s of files that are temporarily\n'
'allowed but being removed. Can you avoid introducing the\n'
'%s? See relevant DEPS file(s) for details and contacts.' %
(" and ".join(warning_subjects), "/".join(warning_subjects)),
warning_descriptions))
return results
def CheckFilePermissions(input_api, output_api):
"""Check that all files have their permissions properly set."""
if input_api.platform == 'win32':
return []
checkperms_tool = input_api.os_path.join(
input_api.PresubmitLocalPath(),
'tools', 'checkperms', 'checkperms.py')
args = [input_api.python_executable, checkperms_tool,
'--root', input_api.change.RepositoryRoot()]
with input_api.CreateTemporaryFile() as file_list:
for f in input_api.AffectedFiles():
# checkperms.py file/directory arguments must be relative to the
# repository.
file_list.write((f.LocalPath() + '\n').encode('utf8'))
file_list.close()
args += ['--file-list', file_list.name]
try:
input_api.subprocess.check_output(args)
return []
except input_api.subprocess.CalledProcessError as error:
return [output_api.PresubmitError(
'checkperms.py failed:',
long_text=error.output.decode('utf-8', 'ignore'))]
def CheckNoAuraWindowPropertyHInHeaders(input_api, output_api):
"""Makes sure we don't include ui/aura/window_property.h
in header files.
"""
pattern = input_api.re.compile(r'^#include\s*"ui/aura/window_property.h"')
errors = []
for f in input_api.AffectedFiles():
if not f.LocalPath().endswith('.h'):
continue
for line_num, line in f.ChangedContents():
if pattern.match(line):
errors.append(' %s:%d' % (f.LocalPath(), line_num))
results = []
if errors:
results.append(output_api.PresubmitError(
'Header files should not include ui/aura/window_property.h', errors))
return results
def CheckNoInternalHeapIncludes(input_api, output_api):
"""Makes sure we don't include any headers from
third_party/blink/renderer/platform/heap/impl or
third_party/blink/renderer/platform/heap/v8_wrapper from files outside of
third_party/blink/renderer/platform/heap
"""
impl_pattern = input_api.re.compile(
r'^\s*#include\s*"third_party/blink/renderer/platform/heap/impl/.*"')
v8_wrapper_pattern = input_api.re.compile(
r'^\s*#include\s*"third_party/blink/renderer/platform/heap/v8_wrapper/.*"')
file_filter = lambda f: not input_api.re.match(
r"^third_party[\\/]blink[\\/]renderer[\\/]platform[\\/]heap[\\/].*",
f.LocalPath())
errors = []
for f in input_api.AffectedFiles(file_filter=file_filter):
for line_num, line in f.ChangedContents():
if impl_pattern.match(line) or v8_wrapper_pattern.match(line):
errors.append(' %s:%d' % (f.LocalPath(), line_num))
results = []
if errors:
results.append(output_api.PresubmitError(
'Do not include files from third_party/blink/renderer/platform/heap/impl'
' or third_party/blink/renderer/platform/heap/v8_wrapper. Use the '
'relevant counterparts from third_party/blink/renderer/platform/heap',
errors))
return results
def _CheckForVersionControlConflictsInFile(input_api, f):
pattern = input_api.re.compile('^(?:<<<<<<<|>>>>>>>) |^=======$')
errors = []
for line_num, line in f.ChangedContents():
if f.LocalPath().endswith(('.md', '.rst', '.txt')):
# First-level headers in markdown look a lot like version control
# conflict markers. http://daringfireball.net/projects/markdown/basics
continue
if pattern.match(line):
errors.append(' %s:%d %s' % (f.LocalPath(), line_num, line))
return errors
def CheckForVersionControlConflicts(input_api, output_api):
"""Usually this is not intentional and will cause a compile failure."""
errors = []
for f in input_api.AffectedFiles():
errors.extend(_CheckForVersionControlConflictsInFile(input_api, f))
results = []
if errors:
results.append(output_api.PresubmitError(
'Version control conflict markers found, please resolve.', errors))
return results
def CheckGoogleSupportAnswerUrlOnUpload(input_api, output_api):
pattern = input_api.re.compile('support\.google\.com\/chrome.*/answer')
errors = []
for f in input_api.AffectedFiles():
for line_num, line in f.ChangedContents():
if pattern.search(line):
errors.append(' %s:%d %s' % (f.LocalPath(), line_num, line))
results = []
if errors:
results.append(output_api.PresubmitPromptWarning(
'Found Google support URL addressed by answer number. Please replace '
'with a p= identifier instead. See crbug.com/679462\n', errors))
return results
def CheckHardcodedGoogleHostsInLowerLayers(input_api, output_api):
def FilterFile(affected_file):
"""Filter function for use with input_api.AffectedSourceFiles,
below. This filters out everything except non-test files from
top-level directories that generally speaking should not hard-code
service URLs (e.g. src/android_webview/, src/content/ and others).
"""
return input_api.FilterSourceFile(
affected_file,
files_to_check=[r'^(android_webview|base|content|net)[\\/].*'],
files_to_skip=(_EXCLUDED_PATHS +
_TEST_CODE_EXCLUDED_PATHS +
input_api.DEFAULT_FILES_TO_SKIP))
base_pattern = ('"[^"]*(google|googleapis|googlezip|googledrive|appspot)'
'\.(com|net)[^"]*"')
comment_pattern = input_api.re.compile('//.*%s' % base_pattern)
pattern = input_api.re.compile(base_pattern)
problems = [] # items are (filename, line_number, line)
for f in input_api.AffectedSourceFiles(FilterFile):
for line_num, line in f.ChangedContents():
if not comment_pattern.search(line) and pattern.search(line):
problems.append((f.LocalPath(), line_num, line))
if problems:
return [output_api.PresubmitPromptOrNotify(
'Most layers below src/chrome/ should not hardcode service URLs.\n'
'Are you sure this is correct?',
[' %s:%d: %s' % (
problem[0], problem[1], problem[2]) for problem in problems])]
else:
return []
def CheckChromeOsSyncedPrefRegistration(input_api, output_api):
"""Warns if Chrome OS C++ files register syncable prefs as browser prefs."""
def FileFilter(affected_file):
"""Includes directories known to be Chrome OS only."""
return input_api.FilterSourceFile(
affected_file,
files_to_check=('^ash/',
'^chromeos/', # Top-level src/chromeos.
'/chromeos/', # Any path component.
'^components/arc',
'^components/exo'),
files_to_skip=(input_api.DEFAULT_FILES_TO_SKIP))
prefs = []
priority_prefs = []
for f in input_api.AffectedFiles(file_filter=FileFilter):
for line_num, line in f.ChangedContents():
if input_api.re.search('PrefRegistrySyncable::SYNCABLE_PREF', line):
prefs.append(' %s:%d:' % (f.LocalPath(), line_num))
prefs.append(' %s' % line)
if input_api.re.search(
'PrefRegistrySyncable::SYNCABLE_PRIORITY_PREF', line):
priority_prefs.append(' %s:%d' % (f.LocalPath(), line_num))
priority_prefs.append(' %s' % line)
results = []
if (prefs):
results.append(output_api.PresubmitPromptWarning(
'Preferences were registered as SYNCABLE_PREF and will be controlled '
'by browser sync settings. If these prefs should be controlled by OS '
'sync settings use SYNCABLE_OS_PREF instead.\n' + '\n'.join(prefs)))
if (priority_prefs):
results.append(output_api.PresubmitPromptWarning(
'Preferences were registered as SYNCABLE_PRIORITY_PREF and will be '
'controlled by browser sync settings. If these prefs should be '
'controlled by OS sync settings use SYNCABLE_OS_PRIORITY_PREF '
'instead.\n' + '\n'.join(prefs)))
return results
# TODO: add unit tests.
def CheckNoAbbreviationInPngFileName(input_api, output_api):
"""Makes sure there are no abbreviations in the name of PNG files.
The native_client_sdk directory is excluded because it has auto-generated PNG
files for documentation.
"""
errors = []
files_to_check = [r'.*_[a-z]_.*\.png$|.*_[a-z]\.png$']
files_to_skip = [r'^native_client_sdk[\\/]']
file_filter = lambda f: input_api.FilterSourceFile(
f, files_to_check=files_to_check, files_to_skip=files_to_skip)
for f in input_api.AffectedFiles(include_deletes=False,
file_filter=file_filter):
errors.append(' %s' % f.LocalPath())
results = []
if errors:
results.append(output_api.PresubmitError(
'The name of PNG files should not have abbreviations. \n'
'Use _hover.png, _center.png, instead of _h.png, _c.png.\n'
'Contact oshima@chromium.org if you have questions.', errors))
return results
def _ExtractAddRulesFromParsedDeps(parsed_deps):
"""Extract the rules that add dependencies from a parsed DEPS file.
Args:
parsed_deps: the locals dictionary from evaluating the DEPS file."""
add_rules = set()
add_rules.update([
rule[1:] for rule in parsed_deps.get('include_rules', [])
if rule.startswith('+') or rule.startswith('!')
])
for _, rules in parsed_deps.get('specific_include_rules',
{}).items():
add_rules.update([
rule[1:] for rule in rules
if rule.startswith('+') or rule.startswith('!')
])
return add_rules
def _ParseDeps(contents):
"""Simple helper for parsing DEPS files."""
# Stubs for handling special syntax in the root DEPS file.
class _VarImpl:
def __init__(self, local_scope):
self._local_scope = local_scope
def Lookup(self, var_name):
"""Implements the Var syntax."""
try:
return self._local_scope['vars'][var_name]
except KeyError:
raise Exception('Var is not defined: %s' % var_name)
local_scope = {}
global_scope = {
'Var': _VarImpl(local_scope).Lookup,
'Str': str,
}
exec(contents, global_scope, local_scope)
return local_scope
def _CalculateAddedDeps(os_path, old_contents, new_contents):
"""Helper method for CheckAddedDepsHaveTargetApprovals. Returns
a set of DEPS entries that we should look up.
For a directory (rather than a specific filename) we fake a path to
a specific filename by adding /DEPS. This is chosen as a file that
will seldom or never be subject to per-file include_rules.
"""
# We ignore deps entries on auto-generated directories.
AUTO_GENERATED_DIRS = ['grit', 'jni']
old_deps = _ExtractAddRulesFromParsedDeps(_ParseDeps(old_contents))
new_deps = _ExtractAddRulesFromParsedDeps(_ParseDeps(new_contents))
added_deps = new_deps.difference(old_deps)
results = set()
for added_dep in added_deps:
if added_dep.split('/')[0] in AUTO_GENERATED_DIRS:
continue
# Assume that a rule that ends in .h is a rule for a specific file.
if added_dep.endswith('.h'):
results.add(added_dep)
else:
results.add(os_path.join(added_dep, 'DEPS'))
return results
def CheckAddedDepsHaveTargetApprovals(input_api, output_api):
"""When a dependency prefixed with + is added to a DEPS file, we
want to make sure that the change is reviewed by an OWNER of the
target file or directory, to avoid layering violations from being
introduced. This check verifies that this happens.
"""
# We rely on Gerrit's code-owners to check approvals.
# input_api.gerrit is always set for Chromium, but other projects
# might not use Gerrit.
if not input_api.gerrit:
return []
if (input_api.change.issue and
input_api.gerrit.IsOwnersOverrideApproved(input_api.change.issue)):
# Skip OWNERS check when Owners-Override label is approved. This is intended
# for global owners, trusted bots, and on-call sheriffs. Review is still
# required for these changes.
return []
virtual_depended_on_files = set()
file_filter = lambda f: not input_api.re.match(
r"^third_party[\\/]blink[\\/].*", f.LocalPath())
for f in input_api.AffectedFiles(include_deletes=False,
file_filter=file_filter):
filename = input_api.os_path.basename(f.LocalPath())
if filename == 'DEPS':
virtual_depended_on_files.update(_CalculateAddedDeps(
input_api.os_path,
'\n'.join(f.OldContents()),
'\n'.join(f.NewContents())))
if not virtual_depended_on_files:
return []
if input_api.is_committing:
if input_api.tbr:
return [output_api.PresubmitNotifyResult(
'--tbr was specified, skipping OWNERS check for DEPS additions')]
if input_api.dry_run:
return [output_api.PresubmitNotifyResult(
'This is a dry run, skipping OWNERS check for DEPS additions')]
if not input_api.change.issue:
return [output_api.PresubmitError(
"DEPS approval by OWNERS check failed: this change has "
"no change number, so we can't check it for approvals.")]
output = output_api.PresubmitError
else:
output = output_api.PresubmitNotifyResult
owner_email, reviewers = (
input_api.canned_checks.GetCodereviewOwnerAndReviewers(
input_api,
None,
approval_needed=input_api.is_committing))
owner_email = owner_email or input_api.change.author_email
approval_status = input_api.owners_client.GetFilesApprovalStatus(
virtual_depended_on_files, reviewers.union([owner_email]), [])
missing_files = [
f for f in virtual_depended_on_files
if approval_status[f] != input_api.owners_client.APPROVED]
# We strip the /DEPS part that was added by
# _FilesToCheckForIncomingDeps to fake a path to a file in a
# directory.
def StripDeps(path):
start_deps = path.rfind('/DEPS')
if start_deps != -1:
return path[:start_deps]
else:
return path
unapproved_dependencies = ["'+%s'," % StripDeps(path)
for path in missing_files]
if unapproved_dependencies:
output_list = [
output('You need LGTM from owners of depends-on paths in DEPS that were '
'modified in this CL:\n %s' %
'\n '.join(sorted(unapproved_dependencies)))]
suggested_owners = input_api.owners_client.SuggestOwners(
missing_files, exclude=[owner_email])
output_list.append(output(
'Suggested missing target path OWNERS:\n %s' %
'\n '.join(suggested_owners or [])))
return output_list
return []
# TODO: add unit tests.
def CheckSpamLogging(input_api, output_api):
file_inclusion_pattern = [r'.+%s' % _IMPLEMENTATION_EXTENSIONS]
files_to_skip = (_EXCLUDED_PATHS +
_TEST_CODE_EXCLUDED_PATHS +
input_api.DEFAULT_FILES_TO_SKIP +
(r"^base[\\/]logging\.h$",
r"^base[\\/]logging\.cc$",
r"^base[\\/]task[\\/]thread_pool[\\/]task_tracker\.cc$",
r"^chrome[\\/]app[\\/]chrome_main_delegate\.cc$",
r"^chrome[\\/]browser[\\/]chrome_browser_main\.cc$",
r"^chrome[\\/]browser[\\/]ui[\\/]startup[\\/]"
r"startup_browser_creator\.cc$",
r"^chrome[\\/]browser[\\/]browser_switcher[\\/]bho[\\/].*",
r"^chrome[\\/]browser[\\/]diagnostics[\\/]" +
r"diagnostics_writer\.cc$",
r"^chrome[\\/]chrome_cleaner[\\/].*",
r"^chrome[\\/]chrome_elf[\\/]dll_hash[\\/]" +
r"dll_hash_main\.cc$",
r"^chrome[\\/]installer[\\/]setup[\\/].*",
r"^chromecast[\\/]",
r"^cloud_print[\\/]",
r"^components[\\/]browser_watcher[\\/]"
r"dump_stability_report_main_win.cc$",
r"^components[\\/]media_control[\\/]renderer[\\/]"
r"media_playback_options\.cc$",
r"^components[\\/]viz[\\/]service[\\/]display[\\/]"
r"overlay_strategy_underlay_cast\.cc$",
r"^components[\\/]zucchini[\\/].*",
# TODO(peter): Remove exception. https://crbug.com/534537
r"^content[\\/]browser[\\/]notifications[\\/]"
r"notification_event_dispatcher_impl\.cc$",
r"^content[\\/]common[\\/]gpu[\\/]client[\\/]"
r"gl_helper_benchmark\.cc$",
r"^courgette[\\/]courgette_minimal_tool\.cc$",
r"^courgette[\\/]courgette_tool\.cc$",
r"^extensions[\\/]renderer[\\/]logging_native_handler\.cc$",
r"^fuchsia[\\/]base[\\/]init_logging.cc$",
r"^fuchsia[\\/]engine[\\/]browser[\\/]frame_impl.cc$",
r"^fuchsia[\\/]runners[\\/]common[\\/]web_component.cc$",
r"^headless[\\/]app[\\/]headless_shell\.cc$",
r"^ipc[\\/]ipc_logging\.cc$",
r"^native_client_sdk[\\/]",
r"^remoting[\\/]base[\\/]logging\.h$",
r"^remoting[\\/]host[\\/].*",
r"^sandbox[\\/]linux[\\/].*",
r"^storage[\\/]browser[\\/]file_system[\\/]" +
r"dump_file_system.cc$",
r"^tools[\\/]",
r"^ui[\\/]base[\\/]resource[\\/]data_pack.cc$",
r"^ui[\\/]aura[\\/]bench[\\/]bench_main\.cc$",
r"^ui[\\/]ozone[\\/]platform[\\/]cast[\\/]",
r"^ui[\\/]base[\\/]x[\\/]xwmstartupcheck[\\/]"
r"xwmstartupcheck\.cc$"))
source_file_filter = lambda x: input_api.FilterSourceFile(
x, files_to_check=file_inclusion_pattern, files_to_skip=files_to_skip)
log_info = set([])
printf = set([])
for f in input_api.AffectedSourceFiles(source_file_filter):
for _, line in f.ChangedContents():
if input_api.re.search(r"\bD?LOG\s*\(\s*INFO\s*\)", line):
log_info.add(f.LocalPath())
elif input_api.re.search(r"\bD?LOG_IF\s*\(\s*INFO\s*,", line):
log_info.add(f.LocalPath())
if input_api.re.search(r"\bprintf\(", line):
printf.add(f.LocalPath())
elif input_api.re.search(r"\bfprintf\((stdout|stderr)", line):
printf.add(f.LocalPath())
if log_info:
return [output_api.PresubmitError(
'These files spam the console log with LOG(INFO):',
items=log_info)]
if printf:
return [output_api.PresubmitError(
'These files spam the console log with printf/fprintf:',
items=printf)]
return []
def CheckForAnonymousVariables(input_api, output_api):
"""These types are all expected to hold locks while in scope and
so should never be anonymous (which causes them to be immediately
destroyed)."""
they_who_must_be_named = [
'base::AutoLock',
'base::AutoReset',
'base::AutoUnlock',
'SkAutoAlphaRestore',
'SkAutoBitmapShaderInstall',
'SkAutoBlitterChoose',
'SkAutoBounderCommit',
'SkAutoCallProc',
'SkAutoCanvasRestore',
'SkAutoCommentBlock',
'SkAutoDescriptor',
'SkAutoDisableDirectionCheck',
'SkAutoDisableOvalCheck',
'SkAutoFree',
'SkAutoGlyphCache',
'SkAutoHDC',
'SkAutoLockColors',
'SkAutoLockPixels',
'SkAutoMalloc',
'SkAutoMaskFreeImage',
'SkAutoMutexAcquire',
'SkAutoPathBoundsUpdate',
'SkAutoPDFRelease',
'SkAutoRasterClipValidate',
'SkAutoRef',
'SkAutoTime',
'SkAutoTrace',
'SkAutoUnref',
]
anonymous = r'(%s)\s*[({]' % '|'.join(they_who_must_be_named)
# bad: base::AutoLock(lock.get());
# not bad: base::AutoLock lock(lock.get());
bad_pattern = input_api.re.compile(anonymous)
# good: new base::AutoLock(lock.get())
good_pattern = input_api.re.compile(r'\bnew\s*' + anonymous)
errors = []
for f in input_api.AffectedFiles():
if not f.LocalPath().endswith(('.cc', '.h', '.inl', '.m', '.mm')):
continue
for linenum, line in f.ChangedContents():
if bad_pattern.search(line) and not good_pattern.search(line):
errors.append('%s:%d' % (f.LocalPath(), linenum))
if errors:
return [output_api.PresubmitError(
'These lines create anonymous variables that need to be named:',
items=errors)]
return []
def CheckUniquePtrOnUpload(input_api, output_api):
# Returns whether |template_str| is of the form <T, U...> for some types T
# and U. Assumes that |template_str| is already in the form <...>.
def HasMoreThanOneArg(template_str):
# Level of <...> nesting.
nesting = 0
for c in template_str:
if c == '<':
nesting += 1
elif c == '>':
nesting -= 1
elif c == ',' and nesting == 1:
return True
return False
file_inclusion_pattern = [r'.+%s' % _IMPLEMENTATION_EXTENSIONS]
sources = lambda affected_file: input_api.FilterSourceFile(
affected_file,
files_to_skip=(_EXCLUDED_PATHS + _TEST_CODE_EXCLUDED_PATHS +
input_api.DEFAULT_FILES_TO_SKIP),
files_to_check=file_inclusion_pattern)
# Pattern to capture a single "<...>" block of template arguments. It can
# handle linearly nested blocks, such as "<std::vector<std::set<T>>>", but
# cannot handle branching structures, such as "<pair<set<T>,set<U>>". The
# latter would likely require counting that < and > match, which is not
# expressible in regular languages. Should the need arise, one can introduce
# limited counting (matching up to a total number of nesting depth), which
# should cover all practical cases for already a low nesting limit.
template_arg_pattern = (
r'<[^>]*' # Opening block of <.
r'>([^<]*>)?') # Closing block of >.
# Prefix expressing that whatever follows is not already inside a <...>
# block.
not_inside_template_arg_pattern = r'(^|[^<,\s]\s*)'
null_construct_pattern = input_api.re.compile(
not_inside_template_arg_pattern
+ r'\bstd::unique_ptr'
+ template_arg_pattern
+ r'\(\)')
# Same as template_arg_pattern, but excluding type arrays, e.g., <T[]>.
template_arg_no_array_pattern = (
r'<[^>]*[^]]' # Opening block of <.
r'>([^(<]*[^]]>)?') # Closing block of >.
# Prefix saying that what follows is the start of an expression.
start_of_expr_pattern = r'(=|\breturn|^)\s*'
# Suffix saying that what follows are call parentheses with a non-empty list
# of arguments.
nonempty_arg_list_pattern = r'\(([^)]|$)'
# Put the template argument into a capture group for deeper examination later.
return_construct_pattern = input_api.re.compile(
start_of_expr_pattern
+ r'std::unique_ptr'
+ '(?P<template_arg>'
+ template_arg_no_array_pattern
+ ')'
+ nonempty_arg_list_pattern)
problems_constructor = []
problems_nullptr = []
for f in input_api.AffectedSourceFiles(sources):
for line_number, line in f.ChangedContents():
# Disallow:
# return std::unique_ptr<T>(foo);
# bar = std::unique_ptr<T>(foo);
# But allow:
# return std::unique_ptr<T[]>(foo);
# bar = std::unique_ptr<T[]>(foo);
# And also allow cases when the second template argument is present. Those
# cases cannot be handled by std::make_unique:
# return std::unique_ptr<T, U>(foo);
# bar = std::unique_ptr<T, U>(foo);
local_path = f.LocalPath()
return_construct_result = return_construct_pattern.search(line)
if return_construct_result and not HasMoreThanOneArg(
return_construct_result.group('template_arg')):
problems_constructor.append(
'%s:%d\n %s' % (local_path, line_number, line.strip()))
# Disallow:
# std::unique_ptr<T>()
if null_construct_pattern.search(line):
problems_nullptr.append(
'%s:%d\n %s' % (local_path, line_number, line.strip()))
errors = []
if problems_nullptr:
errors.append(output_api.PresubmitPromptWarning(
'The following files use std::unique_ptr<T>(). Use nullptr instead.',
problems_nullptr))
if problems_constructor:
errors.append(output_api.PresubmitError(
'The following files use explicit std::unique_ptr constructor.'
'Use std::make_unique<T>() instead.',
problems_constructor))
return errors
def CheckUserActionUpdate(input_api, output_api):
"""Checks if any new user action has been added."""
if any('actions.xml' == input_api.os_path.basename(f) for f in
input_api.LocalPaths()):
# If actions.xml is already included in the changelist, the PRESUBMIT
# for actions.xml will do a more complete presubmit check.
return []
file_inclusion_pattern = [r'.*\.(cc|mm)$']
files_to_skip = (_EXCLUDED_PATHS +
_TEST_CODE_EXCLUDED_PATHS +
input_api.DEFAULT_FILES_TO_SKIP )
file_filter = lambda f: input_api.FilterSourceFile(
f, files_to_check=file_inclusion_pattern, files_to_skip=files_to_skip)
action_re = r'[^a-zA-Z]UserMetricsAction\("([^"]*)'
current_actions = None
for f in input_api.AffectedFiles(file_filter=file_filter):
for line_num, line in f.ChangedContents():
match = input_api.re.search(action_re, line)
if match:
# Loads contents in tools/metrics/actions/actions.xml to memory. It's
# loaded only once.
if not current_actions:
with open('tools/metrics/actions/actions.xml') as actions_f:
current_actions = actions_f.read()
# Search for the matched user action name in |current_actions|.
for action_name in match.groups():
action = 'name="{0}"'.format(action_name)
if action not in current_actions:
return [output_api.PresubmitPromptWarning(
'File %s line %d: %s is missing in '
'tools/metrics/actions/actions.xml. Please run '
'tools/metrics/actions/extract_actions.py to update.'
% (f.LocalPath(), line_num, action_name))]
return []
def _ImportJSONCommentEater(input_api):
import sys
sys.path = sys.path + [input_api.os_path.join(
input_api.PresubmitLocalPath(),
'tools', 'json_comment_eater')]
import json_comment_eater
return json_comment_eater
def _GetJSONParseError(input_api, filename, eat_comments=True):
try:
contents = input_api.ReadFile(filename)
if eat_comments:
json_comment_eater = _ImportJSONCommentEater(input_api)
contents = json_comment_eater.Nom(contents)
input_api.json.loads(contents)
except ValueError as e:
return e
return None
def _GetIDLParseError(input_api, filename):
try:
contents = input_api.ReadFile(filename)
idl_schema = input_api.os_path.join(
input_api.PresubmitLocalPath(),
'tools', 'json_schema_compiler', 'idl_schema.py')
process = input_api.subprocess.Popen(
[input_api.python_executable, idl_schema],
stdin=input_api.subprocess.PIPE,
stdout=input_api.subprocess.PIPE,
stderr=input_api.subprocess.PIPE,
universal_newlines=True)
(_, error) = process.communicate(input=contents)
return error or None
except ValueError as e:
return e
def CheckParseErrors(input_api, output_api):
"""Check that IDL and JSON files do not contain syntax errors."""
actions = {
'.idl': _GetIDLParseError,
'.json': _GetJSONParseError,
}
# Most JSON files are preprocessed and support comments, but these do not.
json_no_comments_patterns = [
r'^testing[\\/]',
]
# Only run IDL checker on files in these directories.
idl_included_patterns = [
r'^chrome[\\/]common[\\/]extensions[\\/]api[\\/]',
r'^extensions[\\/]common[\\/]api[\\/]',
]
def get_action(affected_file):
filename = affected_file.LocalPath()
return actions.get(input_api.os_path.splitext(filename)[1])
def FilterFile(affected_file):
action = get_action(affected_file)
if not action:
return False
path = affected_file.LocalPath()
if _MatchesFile(input_api,
_KNOWN_TEST_DATA_AND_INVALID_JSON_FILE_PATTERNS,
path):
return False
if (action == _GetIDLParseError and
not _MatchesFile(input_api, idl_included_patterns, path)):
return False
return True
results = []
for affected_file in input_api.AffectedFiles(
file_filter=FilterFile, include_deletes=False):
action = get_action(affected_file)
kwargs = {}
if (action == _GetJSONParseError and
_MatchesFile(input_api, json_no_comments_patterns,
affected_file.LocalPath())):
kwargs['eat_comments'] = False
parse_error = action(input_api,
affected_file.AbsoluteLocalPath(),
**kwargs)
if parse_error:
results.append(output_api.PresubmitError('%s could not be parsed: %s' %
(affected_file.LocalPath(), parse_error)))
return results
def CheckJavaStyle(input_api, output_api):
"""Runs checkstyle on changed java files and returns errors if any exist."""
import sys
original_sys_path = sys.path
try:
sys.path = sys.path + [input_api.os_path.join(
input_api.PresubmitLocalPath(), 'tools', 'android', 'checkstyle')]
import checkstyle
finally:
# Restore sys.path to what it was before.
sys.path = original_sys_path
return checkstyle.RunCheckstyle(
input_api, output_api, 'tools/android/checkstyle/chromium-style-5.0.xml',
files_to_skip=_EXCLUDED_PATHS + input_api.DEFAULT_FILES_TO_SKIP)
def CheckPythonDevilInit(input_api, output_api):
"""Checks to make sure devil is initialized correctly in python scripts."""
script_common_initialize_pattern = input_api.re.compile(
r'script_common\.InitializeEnvironment\(')
devil_env_config_initialize = input_api.re.compile(
r'devil_env\.config\.Initialize\(')
errors = []
sources = lambda affected_file: input_api.FilterSourceFile(
affected_file,
files_to_skip=(_EXCLUDED_PATHS + input_api.DEFAULT_FILES_TO_SKIP +
(r'^build[\\/]android[\\/]devil_chromium\.py',
r'^third_party[\\/].*',)),
files_to_check=[r'.*\.py$'])
for f in input_api.AffectedSourceFiles(sources):
for line_num, line in f.ChangedContents():
if (script_common_initialize_pattern.search(line) or
devil_env_config_initialize.search(line)):
errors.append("%s:%d" % (f.LocalPath(), line_num))
results = []
if errors:
results.append(output_api.PresubmitError(
'Devil initialization should always be done using '
'devil_chromium.Initialize() in the chromium project, to use better '
'defaults for dependencies (ex. up-to-date version of adb).',
errors))
return results
def _MatchesFile(input_api, patterns, path):
for pattern in patterns:
if input_api.re.search(pattern, path):
return True
return False
def _GetOwnersFilesToCheckForIpcOwners(input_api):
"""Gets a list of OWNERS files to check for correct security owners.
Returns:
A dictionary mapping an OWNER file to the list of OWNERS rules it must
contain to cover IPC-related files with noparent reviewer rules.
"""
# Whether or not a file affects IPC is (mostly) determined by a simple list
# of filename patterns.
file_patterns = [
# Legacy IPC:
'*_messages.cc',
'*_messages*.h',
'*_param_traits*.*',
# Mojo IPC:
'*.mojom',
'*_mojom_traits*.*',
'*_struct_traits*.*',
'*_type_converter*.*',
'*.typemap',
# Android native IPC:
'*.aidl',
# Blink uses a different file naming convention:
'*EnumTraits*.*',
"*MojomTraits*.*",
'*StructTraits*.*',
'*TypeConverter*.*',
]
# These third_party directories do not contain IPCs, but contain files
# matching the above patterns, which trigger false positives.
exclude_paths = [
'third_party/crashpad/*',
'third_party/blink/renderer/platform/bindings/*',
'third_party/protobuf/benchmarks/python/*',
'third_party/win_build_output/*',
# These files are just used to communicate between class loaders running
# in the same process.
'weblayer/browser/java/org/chromium/weblayer_private/interfaces/*',
'weblayer/browser/java/org/chromium/weblayer_private/test_interfaces/*',
]
# Dictionary mapping an OWNERS file path to Patterns.
# Patterns is a dictionary mapping glob patterns (suitable for use in per-file
# rules ) to a PatternEntry.
# PatternEntry is a dictionary with two keys:
# - 'files': the files that are matched by this pattern
# - 'rules': the per-file rules needed for this pattern
# For example, if we expect OWNERS file to contain rules for *.mojom and
# *_struct_traits*.*, Patterns might look like this:
# {
# '*.mojom': {
# 'files': ...,
# 'rules': [
# 'per-file *.mojom=set noparent',
# 'per-file *.mojom=file://ipc/SECURITY_OWNERS',
# ],
# },
# '*_struct_traits*.*': {
# 'files': ...,
# 'rules': [
# 'per-file *_struct_traits*.*=set noparent',
# 'per-file *_struct_traits*.*=file://ipc/SECURITY_OWNERS',
# ],
# },
# }
to_check = {}
def AddPatternToCheck(input_file, pattern):
owners_file = input_api.os_path.join(
input_api.os_path.dirname(input_file.LocalPath()), 'OWNERS')
if owners_file not in to_check:
to_check[owners_file] = {}
if pattern not in to_check[owners_file]:
to_check[owners_file][pattern] = {
'files': [],
'rules': [
'per-file %s=set noparent' % pattern,
'per-file %s=file://ipc/SECURITY_OWNERS' % pattern,
]
}
to_check[owners_file][pattern]['files'].append(input_file)
# Iterate through the affected files to see what we actually need to check
# for. We should only nag patch authors about per-file rules if a file in that
# directory would match that pattern. If a directory only contains *.mojom
# files and no *_messages*.h files, we should only nag about rules for
# *.mojom files.
for f in input_api.AffectedFiles(include_deletes=False):
# Manifest files don't have a strong naming convention. Instead, try to find
# affected .cc and .h files which look like they contain a manifest
# definition.
manifest_pattern = input_api.re.compile('manifests?\.(cc|h)$')
test_manifest_pattern = input_api.re.compile('test_manifests?\.(cc|h)')
if (manifest_pattern.search(f.LocalPath()) and not
test_manifest_pattern.search(f.LocalPath())):
# We expect all actual service manifest files to contain at least one
# qualified reference to service_manager::Manifest.
if 'service_manager::Manifest' in '\n'.join(f.NewContents()):
AddPatternToCheck(f, input_api.os_path.basename(f.LocalPath()))
for pattern in file_patterns:
if input_api.fnmatch.fnmatch(
input_api.os_path.basename(f.LocalPath()), pattern):
skip = False
for exclude in exclude_paths:
if input_api.fnmatch.fnmatch(f.LocalPath(), exclude):
skip = True
break
if skip:
continue
AddPatternToCheck(f, pattern)
break
return to_check
def _AddOwnersFilesToCheckForFuchsiaSecurityOwners(input_api, to_check):
"""Adds OWNERS files to check for correct Fuchsia security owners."""
file_patterns = [
# Component specifications.
'*.cml', # Component Framework v2.
'*.cmx', # Component Framework v1.
# Fuchsia IDL protocol specifications.
'*.fidl',
]
# Don't check for owners files for changes in these directories.
exclude_paths = [
'third_party/crashpad/*',
]
def AddPatternToCheck(input_file, pattern):
owners_file = input_api.os_path.join(
input_api.os_path.dirname(input_file.LocalPath()), 'OWNERS')
if owners_file not in to_check:
to_check[owners_file] = {}
if pattern not in to_check[owners_file]:
to_check[owners_file][pattern] = {
'files': [],
'rules': [
'per-file %s=set noparent' % pattern,
'per-file %s=file://fuchsia/SECURITY_OWNERS' % pattern,
]
}
to_check[owners_file][pattern]['files'].append(input_file)
# Iterate through the affected files to see what we actually need to check
# for. We should only nag patch authors about per-file rules if a file in that
# directory would match that pattern.
for f in input_api.AffectedFiles(include_deletes=False):
skip = False
for exclude in exclude_paths:
if input_api.fnmatch.fnmatch(f.LocalPath(), exclude):
skip = True
if skip:
continue
for pattern in file_patterns:
if input_api.fnmatch.fnmatch(
input_api.os_path.basename(f.LocalPath()), pattern):
AddPatternToCheck(f, pattern)
break
return to_check
def CheckSecurityOwners(input_api, output_api):
"""Checks that affected files involving IPC have an IPC OWNERS rule."""
to_check = _GetOwnersFilesToCheckForIpcOwners(input_api)
_AddOwnersFilesToCheckForFuchsiaSecurityOwners(input_api, to_check)
if to_check:
# If there are any OWNERS files to check, there are IPC-related changes in
# this CL. Auto-CC the review list.
output_api.AppendCC('ipc-security-reviews@chromium.org')
# Go through the OWNERS files to check, filtering out rules that are already
# present in that OWNERS file.
for owners_file, patterns in to_check.items():
try:
with open(owners_file) as f:
lines = set(f.read().splitlines())
for entry in patterns.values():
entry['rules'] = [rule for rule in entry['rules'] if rule not in lines
]
except IOError:
# No OWNERS file, so all the rules are definitely missing.
continue
# All the remaining lines weren't found in OWNERS files, so emit an error.
errors = []
for owners_file, patterns in to_check.items():
missing_lines = []
files = []
for _, entry in patterns.items():
missing_lines.extend(entry['rules'])
files.extend([' %s' % f.LocalPath() for f in entry['files']])
if missing_lines:
errors.append(
'Because of the presence of files:\n%s\n\n'
'%s needs the following %d lines added:\n\n%s' %
('\n'.join(files), owners_file, len(missing_lines),
'\n'.join(missing_lines)))
results = []
if errors:
if input_api.is_committing:
output = output_api.PresubmitError
else:
output = output_api.PresubmitPromptWarning
results.append(output(
'Found OWNERS files that need to be updated for IPC security ' +
'review coverage.\nPlease update the OWNERS files below:',
long_text='\n\n'.join(errors)))
return results
def _GetFilesUsingSecurityCriticalFunctions(input_api):
"""Checks affected files for changes to security-critical calls. This
function checks the full change diff, to catch both additions/changes
and removals.
Returns a dict keyed by file name, and the value is a set of detected
functions.
"""
# Map of function pretty name (displayed in an error) to the pattern to
# match it with.
_PATTERNS_TO_CHECK = {
'content::GetServiceSandboxType<>()':
'GetServiceSandboxType\\<'
}
_PATTERNS_TO_CHECK = {
k: input_api.re.compile(v)
for k, v in _PATTERNS_TO_CHECK.items()
}
# Scan all affected files for changes touching _FUNCTIONS_TO_CHECK.
files_to_functions = {}
for f in input_api.AffectedFiles():
diff = f.GenerateScmDiff()
for line in diff.split('\n'):
# Not using just RightHandSideLines() because removing a
# call to a security-critical function can be just as important
# as adding or changing the arguments.
if line.startswith('-') or (line.startswith('+') and
not line.startswith('++')):
for name, pattern in _PATTERNS_TO_CHECK.items():
if pattern.search(line):
path = f.LocalPath()
if not path in files_to_functions:
files_to_functions[path] = set()
files_to_functions[path].add(name)
return files_to_functions
def CheckSecurityChanges(input_api, output_api):
"""Checks that changes involving security-critical functions are reviewed
by the security team.
"""
files_to_functions = _GetFilesUsingSecurityCriticalFunctions(input_api)
if not len(files_to_functions):
return []
owner_email, reviewers = (
input_api.canned_checks.GetCodereviewOwnerAndReviewers(
input_api,
None,
approval_needed=input_api.is_committing))
# Load the OWNERS file for security changes.
owners_file = 'ipc/SECURITY_OWNERS'
security_owners = input_api.owners_client.ListOwners(owners_file)
has_security_owner = any([owner in reviewers for owner in security_owners])
if has_security_owner:
return []
msg = 'The following files change calls to security-sensive functions\n' \
'that need to be reviewed by {}.\n'.format(owners_file)
for path, names in files_to_functions.items():
msg += ' {}\n'.format(path)
for name in names:
msg += ' {}\n'.format(name)
msg += '\n'
if input_api.is_committing:
output = output_api.PresubmitError
else:
output = output_api.PresubmitNotifyResult
return [output(msg)]
def CheckSetNoParent(input_api, output_api):
"""Checks that set noparent is only used together with an OWNERS file in
//build/OWNERS.setnoparent (see also
//docs/code_reviews.md#owners-files-details)
"""
errors = []
allowed_owners_files_file = 'build/OWNERS.setnoparent'
allowed_owners_files = set()
with open(allowed_owners_files_file, 'r') as f:
for line in f:
line = line.strip()
if not line or line.startswith('#'):
continue
allowed_owners_files.add(line)
per_file_pattern = input_api.re.compile('per-file (.+)=(.+)')
for f in input_api.AffectedFiles(include_deletes=False):
if not f.LocalPath().endswith('OWNERS'):
continue
found_owners_files = set()
found_set_noparent_lines = dict()
# Parse the OWNERS file.
for lineno, line in enumerate(f.NewContents(), 1):
line = line.strip()
if line.startswith('set noparent'):
found_set_noparent_lines[''] = lineno
if line.startswith('file://'):
if line in allowed_owners_files:
found_owners_files.add('')
if line.startswith('per-file'):
match = per_file_pattern.match(line)
if match:
glob = match.group(1).strip()
directive = match.group(2).strip()
if directive == 'set noparent':
found_set_noparent_lines[glob] = lineno
if directive.startswith('file://'):
if directive in allowed_owners_files:
found_owners_files.add(glob)
# Check that every set noparent line has a corresponding file:// line
# listed in build/OWNERS.setnoparent. An exception is made for top level
# directories since src/OWNERS shouldn't review them.
if (f.LocalPath().count('/') != 1 and
(not f.LocalPath() in _EXCLUDED_SET_NO_PARENT_PATHS)):
for set_noparent_line in found_set_noparent_lines:
if set_noparent_line in found_owners_files:
continue
errors.append(' %s:%d' % (f.LocalPath(),
found_set_noparent_lines[set_noparent_line]))
results = []
if errors:
if input_api.is_committing:
output = output_api.PresubmitError
else:
output = output_api.PresubmitPromptWarning
results.append(output(
'Found the following "set noparent" restrictions in OWNERS files that '
'do not include owners from build/OWNERS.setnoparent:',
long_text='\n\n'.join(errors)))
return results
def CheckUselessForwardDeclarations(input_api, output_api):
"""Checks that added or removed lines in non third party affected
header files do not lead to new useless class or struct forward
declaration.
"""
results = []
class_pattern = input_api.re.compile(r'^class\s+(\w+);$',
input_api.re.MULTILINE)
struct_pattern = input_api.re.compile(r'^struct\s+(\w+);$',
input_api.re.MULTILINE)
for f in input_api.AffectedFiles(include_deletes=False):
if (f.LocalPath().startswith('third_party') and
not f.LocalPath().startswith('third_party/blink') and
not f.LocalPath().startswith('third_party\\blink')):
continue
if not f.LocalPath().endswith('.h'):
continue
contents = input_api.ReadFile(f)
fwd_decls = input_api.re.findall(class_pattern, contents)
fwd_decls.extend(input_api.re.findall(struct_pattern, contents))
useless_fwd_decls = []
for decl in fwd_decls:
count = sum(1 for _ in input_api.re.finditer(
r'\b%s\b' % input_api.re.escape(decl), contents))
if count == 1:
useless_fwd_decls.append(decl)
if not useless_fwd_decls:
continue
for line in f.GenerateScmDiff().splitlines():
if (line.startswith('-') and not line.startswith('--') or
line.startswith('+') and not line.startswith('++')):
for decl in useless_fwd_decls:
if input_api.re.search(r'\b%s\b' % decl, line[1:]):
results.append(output_api.PresubmitPromptWarning(
'%s: %s forward declaration is no longer needed' %
(f.LocalPath(), decl)))
useless_fwd_decls.remove(decl)
return results
def _CheckAndroidDebuggableBuild(input_api, output_api):
"""Checks that code uses BuildInfo.isDebugAndroid() instead of
Build.TYPE.equals('') or ''.equals(Build.TYPE) to check if
this is a debuggable build of Android.
"""
build_type_check_pattern = input_api.re.compile(
r'\bBuild\.TYPE\.equals\(|\.equals\(\s*\bBuild\.TYPE\)')
errors = []
sources = lambda affected_file: input_api.FilterSourceFile(
affected_file,
files_to_skip=(_EXCLUDED_PATHS +
_TEST_CODE_EXCLUDED_PATHS +
input_api.DEFAULT_FILES_TO_SKIP +
(r"^android_webview[\\/]support_library[\\/]"
"boundary_interfaces[\\/]",
r"^chrome[\\/]android[\\/]webapk[\\/].*",
r'^third_party[\\/].*',
r"tools[\\/]android[\\/]customtabs_benchmark[\\/].*",
r"webview[\\/]chromium[\\/]License.*",)),
files_to_check=[r'.*\.java$'])
for f in input_api.AffectedSourceFiles(sources):
for line_num, line in f.ChangedContents():
if build_type_check_pattern.search(line):
errors.append("%s:%d" % (f.LocalPath(), line_num))
results = []
if errors:
results.append(output_api.PresubmitPromptWarning(
'Build.TYPE.equals or .equals(Build.TYPE) usage is detected.'
' Please use BuildInfo.isDebugAndroid() instead.',
errors))
return results
# TODO: add unit tests
def _CheckAndroidToastUsage(input_api, output_api):
"""Checks that code uses org.chromium.ui.widget.Toast instead of
android.widget.Toast (Chromium Toast doesn't force hardware
acceleration on low-end devices, saving memory).
"""
toast_import_pattern = input_api.re.compile(
r'^import android\.widget\.Toast;$')
errors = []
sources = lambda affected_file: input_api.FilterSourceFile(
affected_file,
files_to_skip=(_EXCLUDED_PATHS +
_TEST_CODE_EXCLUDED_PATHS +
input_api.DEFAULT_FILES_TO_SKIP +
(r'^chromecast[\\/].*',
r'^remoting[\\/].*')),
files_to_check=[r'.*\.java$'])
for f in input_api.AffectedSourceFiles(sources):
for line_num, line in f.ChangedContents():
if toast_import_pattern.search(line):
errors.append("%s:%d" % (f.LocalPath(), line_num))
results = []
if errors:
results.append(output_api.PresubmitError(
'android.widget.Toast usage is detected. Android toasts use hardware'
' acceleration, and can be\ncostly on low-end devices. Please use'
' org.chromium.ui.widget.Toast instead.\n'
'Contact dskiba@chromium.org if you have any questions.',
errors))
return results