From c4c3d6d89f5374e86cf745f420cff79e38a1f444 Mon Sep 17 00:00:00 2001 From: "blink-so[bot]" <211532188+blink-so[bot]@users.noreply.github.com> Date: Fri, 27 Jun 2025 11:25:06 +0000 Subject: [PATCH 1/3] feat: Add JetBrains auto-approval compliance linter Implements comprehensive linting to ensure compliance with JetBrains auto-approval requirements for Toolbox plugins. Features: - Shell script for JetBrains compliance checking - Detekt integration for code quality - GitHub Actions workflow for CI/CD - Comprehensive documentation Compliance checks: - Forbidden experimental API usage detection - Manual thread creation warnings - Java runtime hooks detection - Library bundling warnings - Coroutines best practices Based on clarified requirements from JetBrains team allowing: - coroutineScope.launch usage - Library-managed threads (with proper cleanup) - Some coroutines experimental APIs (select, onTimeout) Co-authored-by: matifali <10648092+matifali@users.noreply.github.com> --- .github/workflows/jetbrains-compliance.yml | 59 ++++++++++++ JETBRAINS_COMPLIANCE.md | 97 ++++++++++++++++++++ build.gradle.kts | 18 ++++ gradle/libs.versions.toml | 4 +- scripts/jetbrains-compliance-check.sh | 102 +++++++++++++++++++++ 5 files changed, 279 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/jetbrains-compliance.yml create mode 100644 JETBRAINS_COMPLIANCE.md create mode 100755 scripts/jetbrains-compliance-check.sh diff --git a/.github/workflows/jetbrains-compliance.yml b/.github/workflows/jetbrains-compliance.yml new file mode 100644 index 0000000..91077ec --- /dev/null +++ b/.github/workflows/jetbrains-compliance.yml @@ -0,0 +1,59 @@ +name: JetBrains Auto-Approval Compliance + +on: + push: + branches: [ main, develop ] + pull_request: + branches: [ main, develop ] + +jobs: + compliance-check: + runs-on: ubuntu-latest + name: JetBrains Compliance Linting + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'temurin' + + - name: Cache Gradle packages + uses: actions/cache@v4 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle- + + - name: Make scripts executable + run: chmod +x ./scripts/jetbrains-compliance-check.sh + + - name: Run JetBrains Compliance Checks + run: | + echo "Running JetBrains auto-approval compliance checks..." + ./scripts/jetbrains-compliance-check.sh + + - name: Comment PR with compliance status + if: github.event_name == 'pull_request' && failure() + uses: actions/github-script@v7 + with: + script: | + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: '⚠️ **JetBrains Auto-Approval Compliance Check Failed**\n\n' + + 'This PR contains code that violates JetBrains auto-approval requirements:\n\n' + + '- ❌ Do **not** use forbidden Kotlin experimental APIs\n' + + '- ❌ Do **not** add lambdas, handlers, or class handles to Java runtime hooks\n' + + '- ❌ Do **not** create threads manually (use coroutines or ensure cleanup in `CoderRemoteProvider#close()`)\n' + + '- ❌ Do **not** bundle libraries already provided by Toolbox\n' + + '- ❌ Do **not** perform ill-intentioned actions\n\n' + + 'Please check the workflow logs for detailed violations and fix them before merging.' + }) diff --git a/JETBRAINS_COMPLIANCE.md b/JETBRAINS_COMPLIANCE.md new file mode 100644 index 0000000..c625651 --- /dev/null +++ b/JETBRAINS_COMPLIANCE.md @@ -0,0 +1,97 @@ +# JetBrains Auto-Approval Compliance + +This document describes the linting setup to ensure compliance with JetBrains auto-approval requirements for Toolbox plugins. + +## Overview + +JetBrains has enabled auto-approval for this plugin, which requires following specific guidelines to maintain the approval status. This repository includes automated checks to ensure compliance. + +## Requirements + +Based on communication with JetBrains team, the following requirements must be met: + +### ✅ Allowed +- **Coroutines**: Use `coroutineScope.launch` for concurrent operations +- **Library-managed threads**: Libraries like OkHttp with their own thread pools are acceptable +- **Some experimental coroutines APIs**: `kotlinx.coroutines.selects.select` and `kotlinx.coroutines.selects.onTimeout` are acceptable +- **Proper cleanup**: Ensure resources are released in `CoderRemoteProvider#close()` method + +### ❌ Forbidden +- **Kotlin experimental APIs**: Core Kotlin experimental APIs (not coroutines-specific ones) +- **Java runtime hooks**: No lambdas, handlers, or class handles to Java runtime hooks +- **Manual thread creation**: Avoid `Thread()`, `Executors.new*()`, `ThreadPoolExecutor`, etc. +- **Bundled libraries**: Don't bundle libraries already provided by Toolbox +- **Ill-intentioned actions**: No malicious or harmful code + +## Linting Setup + +### JetBrains Compliance Check Script + +The primary compliance checking is done via a shell script: + +```bash +./scripts/jetbrains-compliance-check.sh +``` + +This script checks for: +- Forbidden experimental API usage +- Manual thread creation patterns +- Java runtime hooks +- Potentially bundled libraries +- Coroutines best practices + +### Standard Code Quality (Detekt) + +Standard Kotlin code quality is checked using Detekt: + +```bash +./gradlew detekt +``` + +## CI/CD Integration + +The GitHub Actions workflow `.github/workflows/jetbrains-compliance.yml` runs compliance checks on every PR and push. + +## Running Locally + +### Quick Compliance Check +```bash +# Run JetBrains compliance check +./scripts/jetbrains-compliance-check.sh +``` + +### Full Code Quality Check +```bash +# Run detekt for code quality +./gradlew detekt + +# View HTML report +open build/reports/detekt/detekt.html +``` + +## Understanding Results + +### Compliance Check Results + +- **✅ No critical violations**: Code complies with JetBrains requirements +- **❌ Critical violations**: Must be fixed before auto-approval +- **⚠️ Warnings**: Should be reviewed but may be acceptable + +### Common Warnings + +1. **Manual thread creation**: If you see warnings about thread creation: + - Prefer coroutines: `coroutineScope.launch { ... }` + - If using libraries with threads, ensure cleanup in `close()` + +2. **Library imports**: If you see warnings about library imports: + - Verify the library isn't bundled in the final plugin + - Check that Toolbox doesn't already provide the library + +3. **GlobalScope usage**: If you see warnings about `GlobalScope`: + - Use the coroutine scope provided by Toolbox instead + +## Resources + +- [JetBrains Toolbox Plugin Development](https://plugins.jetbrains.com/docs/toolbox/) +- [Detekt Documentation](https://detekt.dev/) +- [Kotlin Coroutines Guide](https://kotlinlang.org/docs/coroutines-guide.html) diff --git a/build.gradle.kts b/build.gradle.kts index 93d13a0..8f2fc08 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -22,6 +22,7 @@ plugins { alias(libs.plugins.gradle.wrapper) alias(libs.plugins.changelog) alias(libs.plugins.gettext) + alias(libs.plugins.detekt) } @@ -110,6 +111,23 @@ tasks.test { useJUnitPlatform() } +// Detekt configuration for code quality +detekt { + buildUponDefaultConfig = true + allRules = false +} + +// Configure detekt for code quality reporting +tasks.withType().configureEach { + jvmTarget = "21" + reports { + html.required.set(true) + xml.required.set(true) + } + // Don't fail build on detekt issues - just report them + ignoreFailures = true +} + tasks.jar { archiveBaseName.set(extension.id) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 4647eb8..e52dd3d 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -15,6 +15,7 @@ changelog = "2.2.1" gettext = "0.7.0" plugin-structure = "3.308" mockk = "1.14.4" +detekt = "1.23.7" [libraries] toolbox-core-api = { module = "com.jetbrains.toolbox:core-api", version.ref = "toolbox-plugin-api" } @@ -45,4 +46,5 @@ dependency-license-report = { id = "com.github.jk1.dependency-license-report", v ksp = { id = "com.google.devtools.ksp", version.ref = "ksp" } gradle-wrapper = { id = "me.filippov.gradle.jvm.wrapper", version.ref = "gradle-wrapper" } changelog = { id = "org.jetbrains.changelog", version.ref = "changelog" } -gettext = { id = "name.kropp.kotlinx-gettext", version.ref = "gettext" } \ No newline at end of file +gettext = { id = "name.kropp.kotlinx-gettext", version.ref = "gettext" } +detekt = { id = "io.gitlab.arturbosch.detekt", version.ref = "detekt" } diff --git a/scripts/jetbrains-compliance-check.sh b/scripts/jetbrains-compliance-check.sh new file mode 100755 index 0000000..1dae630 --- /dev/null +++ b/scripts/jetbrains-compliance-check.sh @@ -0,0 +1,102 @@ +#!/bin/bash + +# JetBrains Auto-Approval Compliance Check Script +# This script checks for violations of JetBrains auto-approval requirements + +set -e + +echo "🔍 JetBrains Auto-Approval Compliance Check" +echo "===========================================" +echo + +VIOLATIONS=0 +SOURCE_DIR="src/main/kotlin" + +# Function to report violations +report_violation() { + echo "❌ VIOLATION: $1" + echo " File: $2" + echo " Line: $3" + echo " Context: $4" + echo + VIOLATIONS=$((VIOLATIONS + 1)) +} + +# Function to report warnings +report_warning() { + echo "⚠️ WARNING: $1" + echo " File: $2" + echo " Line: $3" + echo " Context: $4" + echo +} + +echo "1. Checking for experimental API usage..." +# Check for forbidden experimental annotations (excluding acceptable coroutines ones) +grep -rn "@ExperimentalApi\|@ExperimentalStdlibApi\|@ExperimentalUnsignedTypes\|@ExperimentalContracts\|@ExperimentalTypeInference\|@InternalCoroutinesApi\|@ExperimentalTime" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_violation "Forbidden experimental API usage" "$file" "$line" "$content" +done + +# Check for @OptIn with forbidden experimental APIs +grep -rn "@OptIn.*ExperimentalApi\|@OptIn.*ExperimentalStdlibApi\|@OptIn.*InternalCoroutinesApi" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_violation "@OptIn with forbidden experimental API" "$file" "$line" "$content" +done + +echo "2. Checking for manual thread creation..." +# Check for direct thread creation +grep -rn "Thread(\|ThreadPoolExecutor\|ScheduledThreadPoolExecutor\|ForkJoinPool\|Timer(\|TimerTask" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_warning "Manual thread creation detected - ensure proper cleanup in CoderRemoteProvider#close()" "$file" "$line" "$content" +done + +# Check for Executors usage +grep -rn "Executors\.new\|CompletableFuture\.runAsync\|CompletableFuture\.supplyAsync" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_warning "Executor/CompletableFuture usage detected - ensure proper cleanup in CoderRemoteProvider#close()" "$file" "$line" "$content" +done + +# Check for classes extending Thread or implementing Runnable +grep -rn "class.*extends Thread\|class.*implements Runnable\|: Thread\|: Runnable" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_warning "Class extending Thread or implementing Runnable - consider using coroutines" "$file" "$line" "$content" +done + +echo "3. Checking for Java runtime hooks..." +# Check for runtime hooks +grep -rn "Runtime\..*addShutdownHook\|System\.setSecurityManager\|setUncaughtExceptionHandler\|setDefaultUncaughtExceptionHandler" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_violation "Java runtime hook usage forbidden" "$file" "$line" "$content" +done + +# Check for suspicious system property modifications +grep -rn "System\.setProperty.*java\.security\|System\.setProperty.*java\.awt\.headless\|System\.setProperty.*file\.encoding" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_violation "Suspicious system property modification" "$file" "$line" "$content" +done + +echo "4. Checking for bundled libraries..." +# Check for imports that might indicate bundled libraries +grep -rn "import org\.slf4j\|import org\.jetbrains\.annotations" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_warning "Import of potentially bundled library - ensure it's not bundled" "$file" "$line" "$content" +done + +echo "5. Checking for coroutines best practices..." +# Check for GlobalScope usage (should use provided scope) +grep -rn "GlobalScope\.launch\|GlobalScope\.async" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do + report_warning "GlobalScope usage detected - consider using provided coroutine scope" "$file" "$line" "$content" +done + +echo "===========================================" +if [ $VIOLATIONS -eq 0 ]; then + echo "✅ No critical violations found!" + echo " Your code appears to comply with JetBrains auto-approval requirements." + echo + echo "📋 Summary of requirements:" + echo " ✓ No forbidden Kotlin experimental APIs" + echo " ✓ No Java runtime hooks" + echo " ✓ No suspicious system modifications" + echo " ⚠️ Manual thread creation warnings (if any) - ensure cleanup in close()" + echo " ⚠️ Library bundling warnings (if any) - verify not bundling Toolbox libs" + echo + exit 0 +else + echo "❌ Found $VIOLATIONS critical violations!" + echo " Please fix these issues before submitting for auto-approval." + echo + exit 1 +fi From 1db5e379b10f2fad49ee21022cb528525343944b Mon Sep 17 00:00:00 2001 From: "blink-so[bot]" <211532188+blink-so[bot]@users.noreply.github.com> Date: Tue, 8 Jul 2025 09:06:47 +0000 Subject: [PATCH 2/3] refactor: Use detekt.yml for JetBrains compliance rules Addresses PR feedback to use detekt's built-in rules instead of shell script: - Add comprehensive detekt.yml with JetBrains compliance rules - Use ForbiddenAnnotation for experimental API detection - Use ForbiddenMethodCall for runtime hooks and thread creation - Use ForbiddenImport for bundled library detection - Update GitHub Actions to use detekt for compliance checking - Update documentation to reflect detekt-based approach - Keep shell script as backup for manual verification Benefits: - More precise rule matching with detekt's AST analysis - Better integration with IDE and CI/CD - Detailed HTML reports with exact locations - Configurable severity levels and custom messages Co-authored-by: matifali <10648092+matifali@users.noreply.github.com> --- .github/workflows/jetbrains-compliance.yml | 17 +- JETBRAINS_COMPLIANCE.md | 39 ++-- build.gradle.kts | 9 +- detekt.yml | 204 +++++++++++++++++++++ 4 files changed, 241 insertions(+), 28 deletions(-) create mode 100644 detekt.yml diff --git a/.github/workflows/jetbrains-compliance.yml b/.github/workflows/jetbrains-compliance.yml index 91077ec..d1d2019 100644 --- a/.github/workflows/jetbrains-compliance.yml +++ b/.github/workflows/jetbrains-compliance.yml @@ -31,13 +31,22 @@ jobs: restore-keys: | ${{ runner.os }}-gradle- - - name: Make scripts executable - run: chmod +x ./scripts/jetbrains-compliance-check.sh + - name: Make gradlew executable + run: chmod +x ./gradlew - name: Run JetBrains Compliance Checks run: | - echo "Running JetBrains auto-approval compliance checks..." - ./scripts/jetbrains-compliance-check.sh + echo "Running JetBrains auto-approval compliance checks with detekt..." + ./gradlew detekt + + - name: Upload detekt reports + uses: actions/upload-artifact@v4 + if: always() + with: + name: detekt-reports + path: | + build/reports/detekt/ + retention-days: 30 - name: Comment PR with compliance status if: github.event_name == 'pull_request' && failure() diff --git a/JETBRAINS_COMPLIANCE.md b/JETBRAINS_COMPLIANCE.md index c625651..cfce619 100644 --- a/JETBRAINS_COMPLIANCE.md +++ b/JETBRAINS_COMPLIANCE.md @@ -25,27 +25,26 @@ Based on communication with JetBrains team, the following requirements must be m ## Linting Setup -### JetBrains Compliance Check Script +### JetBrains Compliance with Detekt -The primary compliance checking is done via a shell script: +The primary compliance checking is done using Detekt with custom configuration in `detekt.yml`: ```bash -./scripts/jetbrains-compliance-check.sh +./gradlew detekt ``` -This script checks for: -- Forbidden experimental API usage -- Manual thread creation patterns -- Java runtime hooks -- Potentially bundled libraries -- Coroutines best practices +This configuration includes JetBrains-specific rules that check for: +- **ForbiddenAnnotation**: Detects forbidden experimental API usage +- **ForbiddenMethodCall**: Detects Java runtime hooks and manual thread creation +- **ForbiddenImport**: Detects potentially bundled libraries +- **Standard code quality rules**: Complexity, naming, performance, etc. -### Standard Code Quality (Detekt) +### Backup Compliance Check Script -Standard Kotlin code quality is checked using Detekt: +A shell script is also available for quick manual checks: ```bash -./gradlew detekt +./scripts/jetbrains-compliance-check.sh ``` ## CI/CD Integration @@ -54,21 +53,21 @@ The GitHub Actions workflow `.github/workflows/jetbrains-compliance.yml` runs co ## Running Locally -### Quick Compliance Check -```bash -# Run JetBrains compliance check -./scripts/jetbrains-compliance-check.sh -``` - -### Full Code Quality Check +### Primary Compliance Check ```bash -# Run detekt for code quality +# Run JetBrains compliance and code quality check ./gradlew detekt # View HTML report open build/reports/detekt/detekt.html ``` +### Quick Manual Check +```bash +# Run backup shell script for quick manual verification +./scripts/jetbrains-compliance-check.sh +``` + ## Understanding Results ### Compliance Check Results diff --git a/build.gradle.kts b/build.gradle.kts index 8f2fc08..1e8c5cc 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -111,21 +111,22 @@ tasks.test { useJUnitPlatform() } -// Detekt configuration for code quality +// Detekt configuration for JetBrains compliance and code quality detekt { + config.setFrom("$projectDir/detekt.yml") buildUponDefaultConfig = true allRules = false } -// Configure detekt for code quality reporting +// Configure detekt for JetBrains compliance and code quality tasks.withType().configureEach { jvmTarget = "21" reports { html.required.set(true) xml.required.set(true) } - // Don't fail build on detekt issues - just report them - ignoreFailures = true + // Fail build on detekt issues for JetBrains compliance + ignoreFailures = false } diff --git a/detekt.yml b/detekt.yml new file mode 100644 index 0000000..5e5e6c8 --- /dev/null +++ b/detekt.yml @@ -0,0 +1,204 @@ +# Detekt configuration for JetBrains Toolbox Plugin Auto-Approval Compliance +# Based on clarified requirements from JetBrains team + +build: + maxIssues: 1000 # Allow many issues for code quality reporting + excludeCorrectable: false + +config: + validation: true + warningsAsErrors: false # Don't treat warnings as errors + checkExhaustiveness: false + +# CRITICAL: JetBrains Compliance Rules using detekt built-in rules +style: + active: true + + # JetBrains Auto-Approval Compliance: Forbidden experimental annotations + ForbiddenAnnotation: + active: true + annotations: + - reason: 'Forbidden for JetBrains auto-approval: Core Kotlin experimental APIs are not allowed' + value: 'kotlin.ExperimentalStdlibApi' + - reason: 'Forbidden for JetBrains auto-approval: Core Kotlin experimental APIs are not allowed' + value: 'kotlin.ExperimentalUnsignedTypes' + - reason: 'Forbidden for JetBrains auto-approval: Core Kotlin experimental APIs are not allowed' + value: 'kotlin.contracts.ExperimentalContracts' + - reason: 'Forbidden for JetBrains auto-approval: Core Kotlin experimental APIs are not allowed' + value: 'kotlin.experimental.ExperimentalTypeInference' + - reason: 'Forbidden for JetBrains auto-approval: Internal coroutines APIs should be avoided' + value: 'kotlinx.coroutines.InternalCoroutinesApi' + - reason: 'Forbidden for JetBrains auto-approval: Experimental time APIs are not allowed' + value: 'kotlin.time.ExperimentalTime' + # Note: ExperimentalCoroutinesApi, DelicateCoroutinesApi, FlowPreview are acceptable + # based on JetBrains feedback about select/onTimeout being OK + + # JetBrains Auto-Approval Compliance: Forbidden method calls + ForbiddenMethodCall: + active: true + methods: + # Java runtime hooks - forbidden + - reason: 'Forbidden for JetBrains auto-approval: Java runtime hooks are not allowed' + value: 'java.lang.Runtime.addShutdownHook' + - reason: 'Forbidden for JetBrains auto-approval: Java runtime hooks are not allowed' + value: 'java.lang.System.setSecurityManager' + - reason: 'Forbidden for JetBrains auto-approval: Java runtime hooks are not allowed' + value: 'java.lang.Thread.setUncaughtExceptionHandler' + - reason: 'Forbidden for JetBrains auto-approval: Java runtime hooks are not allowed' + value: 'java.lang.Thread.setDefaultUncaughtExceptionHandler' + # Manual thread creation - warnings (allowed with proper cleanup) + - reason: 'Warning for JetBrains auto-approval: Manual thread creation detected. Consider using coroutineScope.launch or ensure proper cleanup in CoderRemoteProvider#close()' + value: 'java.lang.Thread.' + - reason: 'Warning for JetBrains auto-approval: Manual thread creation detected. Consider using coroutineScope.launch or ensure proper cleanup in CoderRemoteProvider#close()' + value: 'java.util.concurrent.Executors.newFixedThreadPool' + - reason: 'Warning for JetBrains auto-approval: Manual thread creation detected. Consider using coroutineScope.launch or ensure proper cleanup in CoderRemoteProvider#close()' + value: 'java.util.concurrent.Executors.newCachedThreadPool' + - reason: 'Warning for JetBrains auto-approval: Manual thread creation detected. Consider using coroutineScope.launch or ensure proper cleanup in CoderRemoteProvider#close()' + value: 'java.util.concurrent.Executors.newSingleThreadExecutor' + - reason: 'Warning for JetBrains auto-approval: Manual thread creation detected. Consider using coroutineScope.launch or ensure proper cleanup in CoderRemoteProvider#close()' + value: 'java.util.concurrent.CompletableFuture.runAsync' + - reason: 'Warning for JetBrains auto-approval: Manual thread creation detected. Consider using coroutineScope.launch or ensure proper cleanup in CoderRemoteProvider#close()' + value: 'java.util.concurrent.CompletableFuture.supplyAsync' + + # JetBrains Auto-Approval Compliance: Forbidden imports + ForbiddenImport: + active: true + imports: + # Potentially bundled libraries - warnings + - reason: 'Warning for JetBrains auto-approval: Ensure slf4j is not bundled - it is provided by Toolbox' + value: 'org.slf4j.*' + - reason: 'Warning for JetBrains auto-approval: Ensure annotations library is not bundled - it is provided by Toolbox' + value: 'org.jetbrains.annotations.*' + # Runtime hook classes - forbidden + - reason: 'Forbidden for JetBrains auto-approval: Runtime hook classes are not allowed' + value: 'java.lang.Runtime' + - reason: 'Forbidden for JetBrains auto-approval: Security manager modifications are not allowed' + value: 'java.security.SecurityManager' + + # Other important style rules + MagicNumber: + active: true + ignoreNumbers: + - '-1' + - '0' + - '1' + - '2' + ignoreHashCodeFunction: true + ignorePropertyDeclaration: false + ignoreLocalVariableDeclaration: false + ignoreConstantDeclaration: true + ignoreCompanionObjectPropertyDeclaration: true + ignoreAnnotation: false + ignoreNamedArgument: true + ignoreEnums: false + ignoreRanges: false + ignoreExtensionFunctions: true + + MaxLineLength: + active: true + maxLineLength: 120 + excludePackageStatements: true + excludeImportStatements: true + excludeCommentStatements: false + + NewLineAtEndOfFile: + active: true + + WildcardImport: + active: true + +# Essential built-in rules for basic code quality +complexity: + active: true + CyclomaticComplexMethod: + active: true + threshold: 15 + LongMethod: + active: true + threshold: 60 + LongParameterList: + active: true + functionThreshold: 6 + constructorThreshold: 7 + NestedBlockDepth: + active: true + threshold: 4 + +coroutines: + active: true + GlobalCoroutineUsage: + active: true + RedundantSuspendModifier: + active: true + SleepInsteadOfDelay: + active: true + +exceptions: + active: true + ExceptionRaisedInUnexpectedLocation: + active: true + ObjectExtendsThrowable: + active: true + PrintStackTrace: + active: true + ReturnFromFinally: + active: true + SwallowedException: + active: true + ThrowingExceptionFromFinally: + active: true + ThrowingExceptionsWithoutMessageOrCause: + active: true + TooGenericExceptionCaught: + active: true + TooGenericExceptionThrown: + active: true + +naming: + active: true + ClassNaming: + active: true + classPattern: '[A-Z][a-zA-Z0-9]*' + FunctionNaming: + active: true + functionPattern: '[a-z][a-zA-Z0-9]*' + PackageNaming: + active: true + packagePattern: '[a-z]+(\.?[a-z][A-Za-z0-9]*)*' + VariableNaming: + active: true + variablePattern: '[a-z][A-Za-z0-9]*' + +performance: + active: true + ArrayPrimitive: + active: true + ForEachOnRange: + active: true + SpreadOperator: + active: true + UnnecessaryTemporaryInstantiation: + active: true + +potential-bugs: + active: true + EqualsAlwaysReturnsTrueOrFalse: + active: true + EqualsWithHashCodeExist: + active: true + ExplicitGarbageCollectionCall: + active: true + HasPlatformType: + active: true + InvalidRange: + active: true + UnreachableCatchBlock: + active: true + UnreachableCode: + active: true + UnsafeCallOnNullableType: + active: true + UnsafeCast: + active: true + WrongEqualsTypeParameter: + active: true From 6945f6a30f73e0b3968706dbc47edc4e06b86799 Mon Sep 17 00:00:00 2001 From: "blink-so[bot]" <211532188+blink-so[bot]@users.noreply.github.com> Date: Tue, 8 Jul 2025 09:11:15 +0000 Subject: [PATCH 3/3] cleanup: Remove redundant shell script The shell script is no longer needed since detekt.yml provides: - More accurate AST-based analysis vs regex patterns - Better IDE and CI/CD integration - Comprehensive HTML reports - Standard configuration format - Combined compliance + code quality checking Simplifies the implementation to use only detekt for all linting. Co-authored-by: matifali <10648092+matifali@users.noreply.github.com> --- JETBRAINS_COMPLIANCE.md | 13 +--- scripts/jetbrains-compliance-check.sh | 102 -------------------------- 2 files changed, 1 insertion(+), 114 deletions(-) delete mode 100755 scripts/jetbrains-compliance-check.sh diff --git a/JETBRAINS_COMPLIANCE.md b/JETBRAINS_COMPLIANCE.md index cfce619..306d684 100644 --- a/JETBRAINS_COMPLIANCE.md +++ b/JETBRAINS_COMPLIANCE.md @@ -39,13 +39,7 @@ This configuration includes JetBrains-specific rules that check for: - **ForbiddenImport**: Detects potentially bundled libraries - **Standard code quality rules**: Complexity, naming, performance, etc. -### Backup Compliance Check Script -A shell script is also available for quick manual checks: - -```bash -./scripts/jetbrains-compliance-check.sh -``` ## CI/CD Integration @@ -53,7 +47,6 @@ The GitHub Actions workflow `.github/workflows/jetbrains-compliance.yml` runs co ## Running Locally -### Primary Compliance Check ```bash # Run JetBrains compliance and code quality check ./gradlew detekt @@ -62,11 +55,7 @@ The GitHub Actions workflow `.github/workflows/jetbrains-compliance.yml` runs co open build/reports/detekt/detekt.html ``` -### Quick Manual Check -```bash -# Run backup shell script for quick manual verification -./scripts/jetbrains-compliance-check.sh -``` + ## Understanding Results diff --git a/scripts/jetbrains-compliance-check.sh b/scripts/jetbrains-compliance-check.sh deleted file mode 100755 index 1dae630..0000000 --- a/scripts/jetbrains-compliance-check.sh +++ /dev/null @@ -1,102 +0,0 @@ -#!/bin/bash - -# JetBrains Auto-Approval Compliance Check Script -# This script checks for violations of JetBrains auto-approval requirements - -set -e - -echo "🔍 JetBrains Auto-Approval Compliance Check" -echo "===========================================" -echo - -VIOLATIONS=0 -SOURCE_DIR="src/main/kotlin" - -# Function to report violations -report_violation() { - echo "❌ VIOLATION: $1" - echo " File: $2" - echo " Line: $3" - echo " Context: $4" - echo - VIOLATIONS=$((VIOLATIONS + 1)) -} - -# Function to report warnings -report_warning() { - echo "⚠️ WARNING: $1" - echo " File: $2" - echo " Line: $3" - echo " Context: $4" - echo -} - -echo "1. Checking for experimental API usage..." -# Check for forbidden experimental annotations (excluding acceptable coroutines ones) -grep -rn "@ExperimentalApi\|@ExperimentalStdlibApi\|@ExperimentalUnsignedTypes\|@ExperimentalContracts\|@ExperimentalTypeInference\|@InternalCoroutinesApi\|@ExperimentalTime" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_violation "Forbidden experimental API usage" "$file" "$line" "$content" -done - -# Check for @OptIn with forbidden experimental APIs -grep -rn "@OptIn.*ExperimentalApi\|@OptIn.*ExperimentalStdlibApi\|@OptIn.*InternalCoroutinesApi" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_violation "@OptIn with forbidden experimental API" "$file" "$line" "$content" -done - -echo "2. Checking for manual thread creation..." -# Check for direct thread creation -grep -rn "Thread(\|ThreadPoolExecutor\|ScheduledThreadPoolExecutor\|ForkJoinPool\|Timer(\|TimerTask" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_warning "Manual thread creation detected - ensure proper cleanup in CoderRemoteProvider#close()" "$file" "$line" "$content" -done - -# Check for Executors usage -grep -rn "Executors\.new\|CompletableFuture\.runAsync\|CompletableFuture\.supplyAsync" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_warning "Executor/CompletableFuture usage detected - ensure proper cleanup in CoderRemoteProvider#close()" "$file" "$line" "$content" -done - -# Check for classes extending Thread or implementing Runnable -grep -rn "class.*extends Thread\|class.*implements Runnable\|: Thread\|: Runnable" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_warning "Class extending Thread or implementing Runnable - consider using coroutines" "$file" "$line" "$content" -done - -echo "3. Checking for Java runtime hooks..." -# Check for runtime hooks -grep -rn "Runtime\..*addShutdownHook\|System\.setSecurityManager\|setUncaughtExceptionHandler\|setDefaultUncaughtExceptionHandler" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_violation "Java runtime hook usage forbidden" "$file" "$line" "$content" -done - -# Check for suspicious system property modifications -grep -rn "System\.setProperty.*java\.security\|System\.setProperty.*java\.awt\.headless\|System\.setProperty.*file\.encoding" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_violation "Suspicious system property modification" "$file" "$line" "$content" -done - -echo "4. Checking for bundled libraries..." -# Check for imports that might indicate bundled libraries -grep -rn "import org\.slf4j\|import org\.jetbrains\.annotations" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_warning "Import of potentially bundled library - ensure it's not bundled" "$file" "$line" "$content" -done - -echo "5. Checking for coroutines best practices..." -# Check for GlobalScope usage (should use provided scope) -grep -rn "GlobalScope\.launch\|GlobalScope\.async" $SOURCE_DIR 2>/dev/null | while IFS=: read -r file line content; do - report_warning "GlobalScope usage detected - consider using provided coroutine scope" "$file" "$line" "$content" -done - -echo "===========================================" -if [ $VIOLATIONS -eq 0 ]; then - echo "✅ No critical violations found!" - echo " Your code appears to comply with JetBrains auto-approval requirements." - echo - echo "📋 Summary of requirements:" - echo " ✓ No forbidden Kotlin experimental APIs" - echo " ✓ No Java runtime hooks" - echo " ✓ No suspicious system modifications" - echo " ⚠️ Manual thread creation warnings (if any) - ensure cleanup in close()" - echo " ⚠️ Library bundling warnings (if any) - verify not bundling Toolbox libs" - echo - exit 0 -else - echo "❌ Found $VIOLATIONS critical violations!" - echo " Please fix these issues before submitting for auto-approval." - echo - exit 1 -fi