1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
|
package Perl::Critic::Policy::Subroutines::ProtectPrivateSubs;
use 5.010001;
use strict;
use warnings;
use English qw< $EVAL_ERROR -no_match_vars >;
use Readonly;
use Perl::Critic::Utils qw<
:severities $EMPTY is_function_call is_method_call hashify
>;
use parent 'Perl::Critic::Policy';
our $VERSION = '1.156';
#-----------------------------------------------------------------------------
Readonly::Scalar my $DESC => q<Private subroutine/method used>;
Readonly::Scalar my $EXPL => q<Use published APIs>;
#-----------------------------------------------------------------------------
sub supported_parameters {
return (
{
name => 'private_name_regex',
description => 'Pattern that determines what a private subroutine is.',
default_string => '\b_\w+\b', ## no critic (RequireInterpolationOfMetachars)
behavior => 'string',
parser => \&_parse_private_name_regex,
},
{
name => 'allow',
description =>
q<Subroutines matching the private name regex to allow under this policy.>,
default_string => $EMPTY,
behavior => 'string list',
list_always_present_values => [ qw<
POSIX::_PC_CHOWN_RESTRICTED
POSIX::_PC_LINK_MAX
POSIX::_PC_MAX_CANON
POSIX::_PC_MAX_INPUT
POSIX::_PC_NAME_MAX
POSIX::_PC_NO_TRUNC
POSIX::_PC_PATH_MAX
POSIX::_PC_PIPE_BUF
POSIX::_PC_VDISABLE
POSIX::_POSIX_ARG_MAX
POSIX::_POSIX_CHILD_MAX
POSIX::_POSIX_CHOWN_RESTRICTED
POSIX::_POSIX_JOB_CONTROL
POSIX::_POSIX_LINK_MAX
POSIX::_POSIX_MAX_CANON
POSIX::_POSIX_MAX_INPUT
POSIX::_POSIX_NAME_MAX
POSIX::_POSIX_NGROUPS_MAX
POSIX::_POSIX_NO_TRUNC
POSIX::_POSIX_OPEN_MAX
POSIX::_POSIX_PATH_MAX
POSIX::_POSIX_PIPE_BUF
POSIX::_POSIX_SAVED_IDS
POSIX::_POSIX_SSIZE_MAX
POSIX::_POSIX_STREAM_MAX
POSIX::_POSIX_TZNAME_MAX
POSIX::_POSIX_VDISABLE
POSIX::_POSIX_VERSION
POSIX::_SC_ARG_MAX
POSIX::_SC_CHILD_MAX
POSIX::_SC_CLK_TCK
POSIX::_SC_JOB_CONTROL
POSIX::_SC_NGROUPS_MAX
POSIX::_SC_OPEN_MAX
POSIX::_SC_PAGESIZE
POSIX::_SC_SAVED_IDS
POSIX::_SC_STREAM_MAX
POSIX::_SC_TZNAME_MAX
POSIX::_SC_VERSION
POSIX::_exit
> ],
},
);
}
sub default_severity { return $SEVERITY_MEDIUM }
sub default_themes { return qw( core maintenance certrule ) }
sub applies_to { return 'PPI::Token::Word' }
#-----------------------------------------------------------------------------
sub _parse_private_name_regex {
my ($self, $parameter, $config_string) = @_;
$config_string //= $parameter->get_default_string();
my $regex;
eval { $regex = qr/$config_string/; 1 } ## no critic (RegularExpressions)
or $self->throw_parameter_value_exception(
'private_name_regex',
$config_string,
undef,
"is not a valid regular expression: $EVAL_ERROR",
);
$self->__set_parameter_value($parameter, $regex);
return;
}
#-----------------------------------------------------------------------------
sub violates {
my ( $self, $elem, undef ) = @_;
if ( my $prior = $elem->sprevious_sibling() ) {
state $exceptions = { hashify( qw( package require use ) ) };
return if exists $exceptions->{ $prior->content() };
}
if (
$self->_is_other_pkg_private_function($elem)
or $self->_is_other_pkg_private_method($elem)
) {
return $self->violation( $DESC, $EXPL, $elem );
}
return; # ok!
}
sub _is_other_pkg_private_function {
my ( $self, $elem ) = @_;
return if ! is_method_call($elem) && ! is_function_call($elem);
my $private_name_regex = $self->{_private_name_regex};
my $content = $elem->content();
return
$content =~ m< \w+::$private_name_regex \z >xms
&& $content !~ m< \A SUPER::$private_name_regex \z >xms
&& ! $self->{_allow}{$content};
}
sub _is_other_pkg_private_method {
my ( $self, $elem ) = @_;
my $private_name_regex = $self->{_private_name_regex};
my $content = $elem->content();
# look for structures like "Some::Package->_foo()"
return if $content !~ m< \A $private_name_regex \z >xms;
my $operator = $elem->sprevious_sibling() or return;
return if $operator->content() ne q[->];
my $package = $operator->sprevious_sibling() or return;
return if not $package->isa('PPI::Token::Word');
# sometimes the previous sib is a keyword, as in:
# shift->_private_method(); This is typically used as
# shorthand for "my $self=shift; $self->_private_method()"
return if $package->content() eq 'shift'
or $package->content() eq '__PACKAGE__';
# Maybe the user wanted to exempt this explicitly.
return if $self->{_allow}{"${package}::$content"};
return 1;
}
1;
__END__
#-----------------------------------------------------------------------------
=pod
=head1 NAME
Perl::Critic::Policy::Subroutines::ProtectPrivateSubs - Prevent access to private subs in other packages.
=head1 AFFILIATION
This Policy is part of the core L<Perl::Critic|Perl::Critic>
distribution.
=head1 DESCRIPTION
By convention Perl authors (like authors in many other languages)
indicate private methods and variables by inserting a leading
underscore before the identifier. This policy catches attempts to
access private variables from outside the package itself.
The subroutines in the L<POSIX|POSIX> package which begin with an underscore
(e.g. C<POSIX::_POSIX_ARG_MAX>) are not flagged as errors by this
policy.
=head1 CONFIGURATION
You can define what a private subroutine name looks like by specifying
a regular expression for the C<private_name_regex> option in your
F<.perlcriticrc>:
[Subroutines::ProtectPrivateSubs]
private_name_regex = _(?!_)\w+
The above example is a way of saying that subroutines that start with
a double underscore are not considered to be private. (Perl::Critic,
in its implementation, uses leading double underscores to indicate a
distribution-private subroutine-- one that is allowed to be invoked by
other Perl::Critic modules, but not by anything outside of
Perl::Critic.)
You can configure additional subroutines to accept by specifying them
in a space-delimited list to the C<allow> option:
[Subroutines::ProtectPrivateSubs]
allow = FOO::_bar FOO::_baz
These are added to the default list of exemptions from this policy.
Allowing a subroutine also allows the corresponding method call. So
C<< FOO::_bar >> in the above example allows both C<< FOO::_bar() >>
and C<< FOO->_bar() >>.
=head1 HISTORY
This policy is inspired by a similar test in L<B::Lint|B::Lint>.
=head1 BUGS
Doesn't forbid C<< $pkg->_foo() >> because it can't tell the
difference between that and C<< $self->_foo() >>.
=head1 SEE ALSO
L<Perl::Critic::Policy::Variables::ProtectPrivateVars|Perl::Critic::Policy::Variables::ProtectPrivateVars>
=head1 AUTHOR
Chris Dolan <cdolan@cpan.org>
=head1 COPYRIGHT
Copyright (c) 2006-2011 Chris Dolan.
This program is free software; you can redistribute it and/or modify
it under the same terms as Perl itself. The full text of this license
can be found in the LICENSE file included with this module.
=cut
# Local Variables:
# mode: cperl
# cperl-indent-level: 4
# fill-column: 78
# indent-tabs-mode: nil
# c-indentation-style: bsd
# End:
# ex: set ts=8 sts=4 sw=4 tw=78 ft=perl expandtab shiftround :
|
