defaults

[pablopunk]

• Add tests
• Ignore on linux
• Add cog images to the header so it's easier to tell that it's not only about plaintext dotfiles

Summary by CodeRabbit

• New Features

  • Added options for exporting and importing application preferences through new command-line options.
  • Introduced support for downloading files using wget in module's init.lua.

• Improvements

  • Enhanced module processing to include default configuration management.
  • Updated messaging to provide clearer feedback on operations related to user configurations.
  • Enriched the README with new sections and examples to improve user understanding.

• Tests

  • Added new test cases for handling defaults export and import functionality.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

The changes in the dot.lua script enhance its functionality for managing application preferences through new command-line options. A new boolean variable, MOCK_DEFAULTS, is introduced to facilitate mock operations. The parse_args function is updated to recognize options for exporting and importing defaults. Additionally, two new functions, files_are_equal and process_defaults, are added. The README.md file is updated to include new features, particularly the support for downloading files with wget, and the "To do" section is revised to reflect completed tasks and future enhancements.

Changes

File	Change Summary
dot.lua	Added functions: files_are_equal for file comparison and process_defaults for managing app preferences. Updated process_module to call process_defaults. Modified parse_args to recognize --mock-defaults, --defaults-export, and --defaults-import options. Adjusted print messages for operation feedback.
README.md	Added sections on "Modules," "Dependencies," "Dotfiles," and "macOS Preferences (Defaults)." Included wget configuration for downloading files. Updated "To do" section to reflect completed tasks and future enhancements, including support for Mac defaults, tests, and remembering the last used profile.
spec/dot_spec.lua	Added test case for handling defaults export and import functionality, verifying plist file creation and import execution.

Poem

In the land of code where rabbits play,
New functions hop in, brightening the day.
Files compared with a gentle touch,
Preferences managed, oh so much!
With options to export and import with glee,
Our script's now as clever as can be! 🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 6a895ec and e2754df.

📒 Files selected for processing (2)

• README.md (7 hunks)
• dot.lua (9 hunks)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 6

🧹 Outside diff range and nitpick comments (1)

dot.lua (1)

794-797: Refactor Suggestion: Centralize Argument Parsing

The options --defaults-export and --defaults-import are parsed outside the parse_args function. For consistency and maintainability, consider handling these options within parse_args.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 59213a0 and e70e052.

📒 Files selected for processing (1)

• dot.lua (4 hunks)

🔇 Additional comments (2)

dot.lua (2)

90-90: Default Case in print_message Function Handled Correctly

The assignment of default color and symbol ensures that messages with unspecified types are displayed properly.

---

704-706: Integration of process_defaults Function

The call to process_defaults in process_module is correctly integrated, and the dependencies_changed flag is appropriately updated.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between e70e052 and 0b1254b.

📒 Files selected for processing (1)

• README.md (1 hunks)

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (2)

spec/dot_spec.lua (1)

511-546: Enhance test coverage for defaults functionality.

While the test case covers the basic flow, consider adding:

1. Negative test cases:
   • Invalid app names
   • Missing or inaccessible plist files
   • Permission issues
2. Cleanup of created files in the after_each block
3. Verification of error messages

 it("should handle defaults export and import", function()
   -- Set up 'defaults_test' module with defaults configuration
   setup_module(
     "defaults_test",
     [[
return {
   defaults = {
     {
       plist = "./defaults/SwiftShift.plist",
       app = "com.pablopunk.SwiftShift",
     }
   }
}
]]
   )

   -- Create module directory
   pl_dir.makepath(pl_path.join(modules_dir, "defaults_test", "defaults"))

   -- Run dot.lua with --defaults-export and --mock-defaults options
   assert.is_true(run_dot "defaults_test --defaults-export --mock-defaults")

   -- Check if the plist file was created
   local plist_path = pl_path.join(modules_dir, "defaults_test", "defaults", "SwiftShift.plist")
   assert.is_true(pl_path.isfile(plist_path), "Expected plist file to be created")

   -- Verify the content of the plist file
   local content = pl_file.read(plist_path)
   assert.are.equal("mocked preferences", content)

   -- Run dot.lua with --defaults-import and --mock-defaults options
   assert.is_true(run_dot "defaults_test --defaults-import --mock-defaults")
+
+  -- Negative test cases
+  -- Test with invalid app name
+  setup_module(
+    "defaults_test_invalid",
+    [[
+return {
+  defaults = {
+    {
+      plist = "./defaults/Invalid.plist",
+      app = "invalid.app.name",
+    }
+  }
+}
+]]
+  )
+  assert.is_false(run_dot "defaults_test_invalid --defaults-export --mock-defaults")
+
+  -- Test with missing plist file
+  setup_module(
+    "defaults_test_missing",
+    [[
+return {
+  defaults = {
+    {
+      plist = "./defaults/Missing.plist",
+      app = "com.example.app",
+    }
+  }
+}
+]]
+  )
+  assert.is_false(run_dot "defaults_test_missing --defaults-import --mock-defaults")
 end)

dot.lua (1)

117-129: Consider improving mock defaults implementation.

The current mock implementation only handles basic cases. Consider:

1. Simulating error cases for testing
2. Adding validation of input parameters
3. Supporting different plist formats

 if MOCK_DEFAULTS and cmd:match("^defaults") then
   if cmd:match("export") then
     -- Simulate exporting preferences to a file
     local plist_file = cmd:match('export ".-" "(.-)"')
+    -- Validate input parameters
+    if not plist_file then
+      return 1, "Invalid plist file path"
+    end
     local file = io.open(plist_file, "w")
+    if not file then
+      return 1, "Failed to create plist file"
+    end
     file:write("mocked preferences")
     file:close()
     return 0, ""
   elseif cmd:match("import") then
     -- Simulate importing preferences
+    local app = cmd:match('import "(.-)"')
+    if not app then
+      return 1, "Invalid app name"
+    end
     return 0, ""
   end
 end

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 0b1254b and 6a895ec.

📒 Files selected for processing (2)

• dot.lua (9 hunks)
• spec/dot_spec.lua (1 hunks)

🔇 Additional comments (5)

dot.lua (5)

7-7: LGTM: Command-line options for defaults management.

The new command-line options and their corresponding flags are well-structured and follow the existing pattern.

Also applies to: 17-19, 37-42, 56-58, 75-77

---

734-736: LGTM: Integration with process_module function.

The integration of defaults processing with the main module processing flow is clean and consistent.

---

824-826: LGTM: Mock defaults initialization.

The initialization of the mock defaults flag is consistent with other mock flags.

---

611-622: ⚠️ Potential issue

Security Issue: Command Injection in files_are_equal Function

The function constructs a shell command using unsanitized file paths.

Apply this fix to prevent command injection:

-  local cmd = string.format('diff "%s" "%s"', file1, file2)
+  local cmd = string.format('diff %q %q', file1, file2)

---

623-703: ⚠️ Potential issue

Multiple Security Issues in process_defaults Function

Several instances of potential command injection vulnerabilities exist in this function.

Apply these fixes:

1. Export command:

-local export_cmd = string.format('defaults export "%s" "%s"', app, tmp_file)
+local export_cmd = string.format('defaults export %q %q', app, tmp_file)

2. Move commands:

-local move_cmd = string.format('mv "%s" "%s"', tmp_file, resolved_plist)
+local move_cmd = string.format('mv %q %q', tmp_file, resolved_plist)

3. Import command:

-local import_cmd = string.format('defaults import "%s" "%s"', app, resolved_plist)
+local import_cmd = string.format('defaults import %q %q', app, resolved_plist)

Additionally:

• The use of os.tmpname() is insecure
• Consider adding input validation for app names and plist paths