feat: backport googleapis v2 migration

Heavy lifting for migration to protobuf v2 APIs already done by
@noahdietz and @quirogas - reusing the code as-is.

Kudos.

Co-authored-by: Noah Dietz <noahdietz@users.noreply.github.com>
Co-authored-by: Santiago Quiroga <quirogas@users.noreply.github.com>

Author: 3 people

go.mod

@@ -6,8 +6,10 @@ require (
 	bitbucket.org/creachadair/stringset v0.0.14
 	buf.build/gen/go/aep/api/protocolbuffers/go v1.36.10-20251109183837-26a011a354ee.1
 	buf.build/go/bufplugin v0.9.0
+	cloud.google.com/go/iam v1.5.3
 	cloud.google.com/go/longrunning v0.7.0
 	github.com/bmatcuk/doublestar/v4 v4.9.1
+	github.com/bufbuild/protocompile v0.14.1
 	github.com/gertd/go-pluralize v0.2.1
 	github.com/google/go-cmp v0.7.0
 	github.com/jhump/protoreflect v1.17.0
@@ -19,6 +21,7 @@ require (
 	google.golang.org/genproto/googleapis/api v0.0.0-20251014184007-4626949a642f
 	google.golang.org/protobuf v1.36.10
 	gopkg.in/yaml.v2 v2.4.0
+	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
@@ -29,7 +32,6 @@ require (
 	buf.build/go/spdx v0.2.0 // indirect
 	cel.dev/expr v0.24.0 // indirect
 	github.com/antlr4-go/antlr/v4 v4.13.1 // indirect
-	github.com/bufbuild/protocompile v0.14.1 // indirect
 	github.com/clipperhouse/uax29/v2 v2.2.0 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/cel-go v0.26.1 // indirect

go.sum

@@ -1,9 +1,5 @@
 bitbucket.org/creachadair/stringset v0.0.14 h1:t1ejQyf8utS4GZV/4fM+1gvYucggZkfhb+tMobDxYOE=
 bitbucket.org/creachadair/stringset v0.0.14/go.mod h1:Ej8fsr6rQvmeMDf6CCWMWGb14H9mz8kmDgPPTdiVT0w=
-buf.build/gen/go/aep/api/protocolbuffers/go v1.36.10-20251016045117-f9844266f27f.1 h1:jK64CGldQTGX2ESi+v41uERp+z28OFqGyAn/T/Qs8Q0=
-buf.build/gen/go/aep/api/protocolbuffers/go v1.36.10-20251016045117-f9844266f27f.1/go.mod h1:JOZpZ+zS3G2OKO02hKlEazAGR5X9uVpFyeCamXBXg5c=
-buf.build/gen/go/aep/api/protocolbuffers/go v1.36.10-20251102152130-5f3e69139afa.1 h1:SEKgDODwWdsVL9nnOPkFBlZ9wAuO7kRQNobSZb5JR7I=
-buf.build/gen/go/aep/api/protocolbuffers/go v1.36.10-20251102152130-5f3e69139afa.1/go.mod h1:JOZpZ+zS3G2OKO02hKlEazAGR5X9uVpFyeCamXBXg5c=
 buf.build/gen/go/aep/api/protocolbuffers/go v1.36.10-20251109183837-26a011a354ee.1 h1:hvHgJH3scOHSRm9nC9JOdesPF9yc7Fl281TNQe60SL0=
 buf.build/gen/go/aep/api/protocolbuffers/go v1.36.10-20251109183837-26a011a354ee.1/go.mod h1:JOZpZ+zS3G2OKO02hKlEazAGR5X9uVpFyeCamXBXg5c=
 buf.build/gen/go/bufbuild/bufplugin/protocolbuffers/go v1.36.10-20250718181942-e35f9b667443.1 h1:FzJGrb8r7vir+P3zJ5Ebey8p54LYTYtQsrM/U35YO9Q=
@@ -20,6 +16,8 @@ buf.build/go/spdx v0.2.0 h1:IItqM0/cMxvFJJumcBuP8NrsIzMs/UYjp/6WSpq8LTw=
 buf.build/go/spdx v0.2.0/go.mod h1:bXdwQFem9Si3nsbNy8aJKGPoaPi5DKwdeEp5/ArZ6w8=
 cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY=
 cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw=
+cloud.google.com/go/iam v1.5.3 h1:+vMINPiDF2ognBJ97ABAYYwRgsaqxPbQDlMnbHMjolc=
+cloud.google.com/go/iam v1.5.3/go.mod h1:MR3v9oLkZCTlaqljW6Eb2d3HGDGK5/bDv93jhfISFvU=
 cloud.google.com/go/longrunning v0.7.0 h1:FV0+SYF1RIj59gyoWDRi45GiYUMM3K1qO51qoboQT1E=
 cloud.google.com/go/longrunning v0.7.0/go.mod h1:ySn2yXmjbK9Ba0zsQqunhDkYi0+9rlXIwnoAf+h+TPY=
 github.com/antlr4-go/antlr/v4 v4.13.1 h1:SqQKkuVZ+zWkMMNkjy5FZe5mr5WURWnlpmOuzYWrPrQ=

internal/v2/version.go

@@ -0,0 +1,17 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//	https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+package internal
+
+// Version is the current tagged release of the library.
+const Version = "2.2.0"

lint/v2/config.go

@@ -0,0 +1,164 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// 		https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package lint
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/bmatcuk/doublestar/v4"
+	"gopkg.in/yaml.v3"
+)
+
+// Configs determine if a rule is enabled or not on a file path.
+type Configs []Config
+
+// Config stores rule configurations for certain files
+// that the file path must match any of the included paths
+// but none of the excluded ones.
+type Config struct {
+	// Explicitly specify the input file paths in scope of this config.
+	// If omitted, it applies to all input file paths.
+	IncludedPaths []string `json:"included_paths" yaml:"included_paths"`
+
+	// Explicitly specify the input files paths to exclude from using this
+	// config. If omitted, none of the input file paths are excluded.
+	ExcludedPaths []string `json:"excluded_paths" yaml:"excluded_paths"`
+
+	// The fully-qualifed rule name of a rule to enable as part of this config.
+	// Can be one of the following formats:
+	//
+	// - an individual rule: `core::0203::field-behavior-required`
+	// - an entire AIP rule group: `core::0203`
+	// - an entire AIP category: `core`
+	// - all rules: `all`
+	EnabledRules []string `json:"enabled_rules" yaml:"enabled_rules"`
+
+	// The fully-qualifed rule name of a rule to disable as part of this config.
+	// Can be one of the following formats:
+	//
+	// - an individual rule: `core::0203::field-behavior-required`
+	// - an entire AIP rule group: `core::0203`
+	// - an entire AIP category: `core`
+	// - all rules: `all`
+	DisabledRules []string `json:"disabled_rules" yaml:"disabled_rules"`
+}
+
+// ReadConfigsFromFile reads Configs from a file.
+// It supports JSON(.json) and YAML(.yaml or .yml) files.
+func ReadConfigsFromFile(path string) (Configs, error) {
+	var parse func(io.Reader) (Configs, error)
+	switch filepath.Ext(path) {
+	case ".json":
+		parse = ReadConfigsJSON
+	case ".yaml", ".yml":
+		parse = ReadConfigsYAML
+	}
+	if parse == nil {
+		return nil, fmt.Errorf("reading Configs: unsupported format `%q` with file path `%q`", filepath.Ext(path), path)
+	}
+
+	f, err := os.Open(path)
+	if err != nil {
+		return nil, fmt.Errorf("readConfig: %s", err.Error())
+	}
+	defer f.Close()
+
+	return parse(f)
+}
+
+// ReadConfigsJSON reads Configs from a JSON file.
+func ReadConfigsJSON(f io.Reader) (Configs, error) {
+	b, err := io.ReadAll(f)
+	if err != nil {
+		return nil, err
+	}
+	var c Configs
+	if err := json.Unmarshal(b, &c); err != nil {
+		return nil, err
+	}
+	return c, nil
+}
+
+// ReadConfigsYAML reads Configs from a YAML(.yml or .yaml) file.
+func ReadConfigsYAML(f io.Reader) (Configs, error) {
+	b, err := io.ReadAll(f)
+	if err != nil {
+		return nil, err
+	}
+	var c Configs
+	if err := yaml.Unmarshal(b, &c); err != nil {
+		return nil, err
+	}
+	return c, nil
+}
+
+// IsRuleEnabled returns true if a rule is enabled by the configs.
+func (configs Configs) IsRuleEnabled(rule string, path string) bool {
+	// Enabled by default if the rule does not belong to one of the default
+	// disabled groups. Otherwise, needs to be explicitly enabled.
+	enabled := !matchRule(rule, defaultDisabledRules...)
+	for _, c := range configs {
+		if c.matchPath(path) {
+			if matchRule(rule, c.DisabledRules...) {
+				enabled = false
+			}
+			if matchRule(rule, c.EnabledRules...) {
+				enabled = true
+			}
+		}
+	}
+
+	return enabled
+}
+
+func (c Config) matchPath(path string) bool {
+	if matchPath(path, c.ExcludedPaths...) {
+		return false
+	}
+	return len(c.IncludedPaths) == 0 || matchPath(path, c.IncludedPaths...)
+}
+
+func matchPath(path string, pathPatterns ...string) bool {
+	path = filepath.ToSlash(path)
+	for _, pattern := range pathPatterns {
+		pattern = filepath.ToSlash(pattern)
+		if matched, _ := doublestar.Match(pattern, path); matched {
+			return true
+		}
+	}
+	return false
+}
+
+func matchRule(rule string, rulePrefixes ...string) bool {
+	rule = strings.ToLower(rule)
+	for _, prefix := range rulePrefixes {
+		prefix = strings.ToLower(prefix)
+		prefix = strings.TrimSuffix(prefix, nameSeparator) // "core::" -> "core"
+		prefix = strings.TrimPrefix(prefix, nameSeparator) // "::http-body" -> "http-body"
+		if prefix == "all" ||
+			prefix == rule ||
+			strings.HasPrefix(rule, prefix+nameSeparator) || // e.g., "core" matches "core::http-body", but not "core-rules::http-body"
+			strings.HasSuffix(rule, nameSeparator+prefix) || // e.g., "http-body" matches "core::http-body", but not "core::google-http-body"
+			strings.Contains(rule, nameSeparator+prefix+nameSeparator) { // e.g., "http-body" matches "core::http-body::post", but not "core::google-http-body::post"
+			return true
+		}
+	}
+	return false
+}