danger-dangermattic 1.1.1 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b15ae97cc1a24568ecab35470fabcf26fcb858e586abf81f1c9cba4e8f28a095
-  data.tar.gz: 5a5441a1ffd66d05a136e3db188b3f20cb963ef8c376ea70af86b6194cf6a79c
+  metadata.gz: '094bf199c42dcc05762611116e76958dd679f4fd528aee911a0f2e56cef7ec1e'
+  data.tar.gz: 0ea8f18010582cf5d91d0f75a5e7aeadf677fce8bf46fe9d006f0b2cb5985c15
 SHA512:
-  metadata.gz: b5fe63d7356f08bd84721b91436eb66e66e6a3b1cb4b53c17e5e503e10d95417af516224c904dd788c5971b5e69d79e09e1d11c0a87673051a2bd34deb6add6a
-  data.tar.gz: 03c6f7e8fe657924e88aeaecd6d0bf56ae68f133f3b5ed0214267507ab1c4692f711b181a5ec41e2de47bb12e13da4e2af7d6cb0a1155d6ad628a2abf7f74a6d
+  metadata.gz: 477a907cde572da9e3c5a76eee541e38b82a240a12b8691dec4c2a1697ebb7a664b80836d5eca45513d26a95e270e67b9cbcde08562f9abb691684fa47a21b93
+  data.tar.gz: cc0e1a03b5ddb87b3a7961665f7318feceaff2efe437d261b484c5fad1455a78872c719baee93642d0698dc24314bbc4a22cdb9218c8bc80c7ae6997bfbf55f3

data/.github/workflows/README.md

@@ -0,0 +1,71 @@
+# Dangermattic GitHub Workflows Documentation
+
+We provide reusable GitHub workflows to be used with Dangermattic.
+Each workflow is designed to be called from other workflows using the `workflow_call` event and input parameters.
+All jobs are run on `ubuntu-latest`.
+
+## Check Labels on Issues
+
+**File:** `workflows/reusable-check-labels-on-issues.yml`
+
+This workflow is an independent check (not using Danger) to verify if the labels on an issue match specified regex patterns.
+
+### Inputs:
+- `label-format-list`: JSON list of regex formats expected for the labels (default: `[".*"]`)
+- `label-error-message`: Error message when labels don't match
+- `label-success-message`: Success message when labels match
+- `cancel-running-jobs`: Cancel in-progress jobs when new ones are created (default: `true`)
+
+### Secrets:
+- `github-token`: Required GitHub token
+
+### Job: `check-issue-labels`
+- Permissions: `issues: write`
+- Main step: "🏷️ Check Issue Labels"
+  - Checks if issue labels match the specified regex patterns
+  - Posts a comment on the issue with success or error message
+
+## Retry Buildkite Step on Pull Request Events
+
+**File:** `workflows/reusable-retry-buildkite-step-on-events.yml`
+
+This workflow retries a specific job in a Buildkite pipeline.
+
+### Inputs:
+- `org-slug`: Buildkite organization slug
+- `pipeline-slug`: Slug of the Buildkite pipeline to be run
+- `retry-step-key`: Key of the Buildkite job to be retried
+- `build-commit-sha`: Commit to check for running Buildkite Builds
+- `cancel-running-github-jobs`: Cancel in-progress GitHub jobs when new ones are created (default: `true`)
+
+### Secrets:
+- `buildkite-api-token`: Required Buildkite API token
+
+### Job: `retry-buildkite-job`
+- Main step: "🔄 Retry job on the latest Buildkite Build"
+  - Retrieves the latest Buildkite build for the specified commit
+  - Identifies the job to retry based on the provided step key
+  - Retries the job if it's in an appropriate state (passed, failed, canceled, or finished)
+
+## Run Danger on GitHub
+
+**File:** `workflows/reusable-run-danger.yml`
+
+This workflow runs Danger directly on GitHub Actions.
+
+### Inputs:
+- `remove-previous-comments`: Remove previous Danger comments and add a new one (default: `false`)
+- `cancel-running-jobs`: Cancel in-progress jobs when new ones are created (default: `true`)
+
+### Secrets:
+- `github-token`: Required GitHub token
+
+### Job: `dangermattic`
+- Steps:
+  1. Checkout repository
+  2. Set up Ruby
+  3. Run Danger PR Check
+     - Executes Danger in read-only mode for forks and Dependabot PRs
+     - Runs Danger with full functionality for PRs where the configured token has access to the repo
+
+These reusable workflows can be incorporated into other workflows in your repository to perform specific tasks related to issue labeling, Buildkite job management, and pull request checks using Danger.

data/.github/workflows/reusable-check-labels-on-issues.yml

@@ -1,30 +1,38 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
 on:
   workflow_call:
     inputs:
       label-format-list:
-        description: 'The Regex formats expected for the labels; must be a JSON list'
-        default: '[
-          ".*"
-        ]'
+        description: The Regex formats expected for the labels; must be a JSON list
+        default: |
+          [
+            ".*"
+          ]
         type: string
         required: false
       label-error-message:
-        description: 'Error message to be posted when the labels set don''t match the required list of formats.'
-        default: 'At least one label is required.'
+        description: Error message to be posted when the labels set don't match the required list of formats.
+        default: At least one label is required.
         type: string
         required: false
       label-success-message:
-        description: 'Message to be posted when the labels set fulfill the entire list of expected formats.'
-        default: '✅ Yay, issue looks great!'
+        description: Message to be posted when the labels set fulfill the entire list of expected formats.
+        default: ✅ Yay, issue looks great!
         type: string
         required: false
+      cancel-running-jobs:
+        description: Cancel currently in progress jobs when new ones are added.
+        default: true
+        type: boolean
+        required: false
     secrets:
       github-token:
         required: true
 
 concurrency:
-  group: danger-${{ github.event.issue.number }}
-  cancel-in-progress: true
+  group: ${{ github.workflow }}-${{ github.event.issue.number }}
+  cancel-in-progress: ${{ inputs.cancel-running-jobs }}
 
 jobs:
   check-issue-labels:
@@ -32,7 +40,7 @@ jobs:
     permissions:
       issues: write
     steps:
-      - name: "🏷️ Check Issue Labels"
+      - name: 🏷️ Check Issue Labels
         env:
           GITHUB_TOKEN: ${{ secrets.github-token }}
           GH_REPO: ${{ github.repository }}

data/.github/workflows/reusable-retry-buildkite-step-on-events.yml

@@ -1,24 +1,26 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
 on:
   workflow_call:
     inputs:
       org-slug:
-        description: 'Buildkite organization slug'
+        description: Buildkite organization slug
         required: true
         type: string
       pipeline-slug:
-        description: 'Slug of the Buildkite pipeline to be run'
+        description: Slug of the Buildkite pipeline to be run
         required: true
         type: string
       retry-step-key:
-        description: 'Key of the Buildkite job to be retried'
+        description: Key of the Buildkite job to be retried
         required: true
         type: string
       build-commit-sha:
-        description: 'Commit to check for running Buildkite Builds on. Usually github.event.pull_request.head.sha .'
+        description: Commit to check for running Buildkite Builds on. Usually github.event.pull_request.head.sha .
         required: true
         type: string
       cancel-running-github-jobs:
-        description: 'Cancel currently in progress Github jobs when new ones are added.'
+        description: Cancel currently in progress Github jobs when new ones are added.
         default: true
         type: boolean
         required: false
@@ -27,15 +29,19 @@ on:
         required: true
 
 concurrency:
-  group: danger-buildkite-retry-${{ github.ref }}
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ inputs.cancel-running-github-jobs }}
 
 jobs:
   retry-buildkite-job:
     runs-on: ubuntu-latest
     steps:
-      - name: "🔄 Retry job on the latest Buildkite Build"
+      - name: 🔄 Retry job on the latest Buildkite Build
+        env:
+          READ_ONLY_MODE: ${{ github.event.pull_request.head.repo.fork || github.actor == 'dependabot[bot]' }}
         run: |
+          [ "$READ_ONLY_MODE" = true ] && { echo "ℹ️ Cannot retry a Buildkite job from GitHub when running in read-only mode (from a fork or a Dependabot Pull Request). Please find the Buildkite job and retry manually."; exit 0; }
+
           ORG_SLUG="${{ inputs.org-slug }}"
           PIPELINE_SLUG="${{ inputs.pipeline-slug }}"
           RETRY_STEP_KEY="${{ inputs.retry-step-key }}"

data/.github/workflows/reusable-run-danger.yml

@@ -1,13 +1,15 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
 on:
   workflow_call:
     inputs:
       remove-previous-comments:
-        description: 'Configures Danger to always remove previous comments and add a new one instead of editing the same comment.'
+        description: Configures Danger to always remove previous comments and add a new one instead of editing the same comment.
         default: false
         type: boolean
         required: false
       cancel-running-jobs:
-        description: 'Cancel currently in progress jobs when new ones are added.'
+        description: Cancel currently in progress jobs when new ones are added.
         default: true
         type: boolean
         required: false
@@ -16,22 +18,22 @@ on:
         required: true
 
 concurrency:
-  group: danger-${{ github.ref }}
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ inputs.cancel-running-jobs }}
 
 jobs:
   dangermattic:
     runs-on: ubuntu-latest
     steps:
-      - name: "📥 Checkout Repo"
+      - name: 📥 Checkout Repo
         uses: actions/checkout@v4
         with:
           fetch-depth: 100
-      - name: "💎 Ruby Setup"
+      - name: 💎 Ruby Setup
         uses: ruby/setup-ruby@v1
         with:
           bundler-cache: true
-      - name: "☢️ Danger PR Check"
+      - name: ☢️ Danger PR Check
         env:
           PR_URL: ${{ github.event.pull_request.html_url }}
           READ_ONLY_MODE: ${{ github.event.pull_request.head.repo.fork || github.actor == 'dependabot[bot]' }}

data/CHANGELOG.md

@@ -2,6 +2,40 @@
 
 ---
 
+## Trunk
+
+### Breaking Changes
+
+_None_
+
+### New Features
+
+_None_
+
+### Bug Fixes
+
+_None_
+
+### Internal Changes
+
+_None_
+
+## 1.2.0
+
+### New Features
+
+- `manifest_pr_checker`: add check for `Package.resolved` using full paths [#86]
+
+### Bug Fixes
+
+- `view_changes_checker`:  update GitHub assets URL regex to be less strict [#89]
+
+## 1.1.2
+
+### Internal Changes
+
+- Bump Ruby dependencies [#76]
+
 ## 1.1.1
 
 ### Internal Changes
@@ -12,19 +46,19 @@
 
 ### New Features
 
-- Reusable GitHub Workflow for retrying Buildkite jobs (#64)
+- Reusable GitHub Workflow for retrying Buildkite jobs [#64]
 
 ## 1.0.2
 
 ### Bug Fixes
 
-- Clean up and update dependencies. (#62)
+- Clean up and update dependencies. [#62]
 
 ## 1.0.1
 
 ### Bug Fixes
 
-- Fix `tracks_checker` plugin so that only additions / removals in a diff are considered in the check, therefore not including the context parts of the diff. (#58)
+- Fix `tracks_checker` plugin so that only additions / removals in a diff are considered in the check, therefore not including the context parts of the diff. [#58]
 
 ## 1.0.0
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    danger-dangermattic (1.1.1)
+    danger-dangermattic (1.2.0)
       danger (~> 9.4)
       danger-plugin-api (~> 1.0)
       danger-rubocop (~> 0.13)
@@ -10,8 +10,8 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.6)
-      public_suffix (>= 2.0.2, < 6.0)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     ast (2.4.2)
     base64 (0.2.0)
     claide (1.1.0)
@@ -23,7 +23,8 @@ GEM
     colored2 (3.1.2)
     cork (0.3.0)
       colored2 (~> 3.1)
-    danger (9.4.3)
+    danger (9.5.1)
+      base64 (~> 0.2)
       claide (~> 1.0)
       claide-plugins (>= 0.9.2)
       colored2 (~> 3.1)
@@ -33,8 +34,8 @@ GEM
       git (~> 1.13)
       kramdown (~> 2.3)
       kramdown-parser-gfm (~> 1.0)
-      no_proxy_fix
       octokit (>= 4.0)
+      pstore (~> 0.1)
       terminal-table (>= 1, < 4)
     danger-plugin-api (1.0.0)
       danger (> 2.0)
@@ -42,18 +43,21 @@ GEM
       danger
       rubocop (~> 1.0)
     diff-lcs (1.5.1)
-    faraday (2.9.0)
-      faraday-net_http (>= 2.0, < 3.2)
+    faraday (2.12.0)
+      faraday-net_http (>= 2.0, < 3.4)
+      json
+      logger
     faraday-http-cache (2.5.1)
       faraday (>= 0.8)
-    faraday-net_http (3.1.0)
+    faraday-net_http (3.3.0)
       net-http
-    ffi (1.16.3)
+    ffi (1.17.0)
+    ffi (1.17.0-arm64-darwin)
     formatador (1.1.0)
     git (1.19.1)
       addressable (~> 2.8)
       rchardet (~> 1.8)
-    guard (2.18.1)
+    guard (2.19.0)
       formatador (>= 0.2.4)
       listen (>= 2.7, < 4.0)
       lumberjack (>= 1.0.12, < 2.0)
@@ -67,7 +71,7 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    json (2.7.2)
+    json (2.7.5)
     kramdown (2.4.0)
       rexml
     kramdown-parser-gfm (1.1.0)
@@ -76,30 +80,30 @@ GEM
     listen (3.9.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
+    logger (1.6.1)
     lumberjack (1.2.10)
     method_source (1.1.0)
     nap (1.1.0)
     nenv (0.3.0)
     net-http (0.4.1)
       uri
-    no_proxy_fix (0.1.2)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    octokit (8.1.0)
-      base64
+    octokit (9.2.0)
       faraday (>= 1, < 3)
       sawyer (~> 0.9)
     open4 (1.3.4)
-    parallel (1.24.0)
-    parser (3.3.1.0)
+    parallel (1.26.3)
+    parser (3.3.5.1)
       ast (~> 2.4.1)
       racc
     pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    public_suffix (5.0.5)
-    racc (1.8.0)
+    pstore (0.1.3)
+    public_suffix (6.0.1)
+    racc (1.8.1)
     rainbow (3.1.1)
     rake (13.2.1)
     rb-fsevent (0.11.2)
@@ -107,59 +111,47 @@ GEM
       ffi (~> 1.0)
     rchardet (1.8.0)
     regexp_parser (2.9.2)
-    rexml (3.2.8)
-      strscan (>= 3.0.9)
+    rexml (3.3.9)
     rspec (3.13.0)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
       rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.0)
+    rspec-core (3.13.2)
       rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.0)
+    rspec-expectations (3.13.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.1)
+    rspec-mocks (3.13.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
     rspec-support (3.13.1)
-    rubocop (1.63.5)
+    rubocop (1.68.0)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.31.1, < 2.0)
+      regexp_parser (>= 2.4, < 3.0)
+      rubocop-ast (>= 1.32.2, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.31.3)
+    rubocop-ast (1.33.0)
       parser (>= 3.3.1.0)
-    rubocop-capybara (2.20.0)
-      rubocop (~> 1.41)
-    rubocop-factory_bot (2.25.1)
-      rubocop (~> 1.41)
     rubocop-rake (0.6.0)
       rubocop (~> 1.0)
-    rubocop-rspec (2.29.2)
-      rubocop (~> 1.40)
-      rubocop-capybara (~> 2.17)
-      rubocop-factory_bot (~> 2.22)
-      rubocop-rspec_rails (~> 2.28)
-    rubocop-rspec_rails (2.28.3)
-      rubocop (~> 1.40)
+    rubocop-rspec (3.2.0)
+      rubocop (~> 1.61)
     ruby-progressbar (1.13.0)
     sawyer (0.9.2)
       addressable (>= 2.3.5)
       faraday (>= 0.17.3, < 3)
     shellany (0.0.1)
-    strscan (3.1.0)
     terminal-table (3.0.2)
       unicode-display_width (>= 1.1.1, < 3)
-    thor (1.3.1)
-    unicode-display_width (2.5.0)
-    uri (0.13.0)
-    yard (0.9.36)
+    thor (1.3.2)
+    unicode-display_width (2.6.0)
+    uri (0.13.1)
+    yard (0.9.37)
 
 PLATFORMS
   arm64-darwin-22

data/README.md

@@ -35,6 +35,10 @@ Once the main Gem is installed, all Dangermattic plugins are available in your `
 
 All available plugins are defined here: https://github.com/Automattic/dangermattic/tree/trunk/lib/dangermattic/plugins
 
+## GitHub Workflows
+
+Dangermattic also provides some useful reusable GitHub workflows. For more information on available workflows and how to use them, please refer to the [Workflows README](.github/workflows/README.md).
+
 ## Development
 
 - Clone the repo and run `bundle install` to setup dependencies
@@ -66,3 +70,26 @@ my_new_plugin_checker.check_method(param: my_param_value)
 ```
 
 Please follow the existing naming convention for validation and check plugins: classes end with a `*Checker` suffix and the main validation methods are named with a `check_*` prefix.
+
+## Releasing a new version
+
+To create a new release of the Dangermattic gem, use the `new_release` Rake task:
+
+```
+bundle exec rake new_release
+```
+
+This task will:
+
+1. Parse the `CHANGELOG.md` file to get the latest version and pending changes.
+1. Prompt for the new version number.
+1. Update the `VERSION` constant in the `gem_version.rb` file.
+1. Update the `CHANGELOG.md` file with the new version.
+1. Create a new branch, commit the changes, and push to GitHub.
+1. Open a draft Pull Request for the release.
+
+After running the task, follow the instructions provided to complete the release process:
+
+1. Review and merge the Pull Request.
+1. Create a GitHub release targeting the `trunk` branch, using the changelog content provided.
+1. Publishing the GitHub release with a tag will trigger a CI workflow to publish the new gem version to RubyGems.

data/Rakefile

@@ -11,7 +11,7 @@ task all: %i[specs lint]
 
 desc 'Ensure that the plugin passes `danger plugins lint`'
 task :danger_lint do
-  sh 'bundle exec danger plugins lint'
+  sh('bundle', 'exec', 'danger', 'plugins', 'lint')
 end
 
 desc 'Runs linting tasks: :rubocop and :danger_lint'
@@ -22,3 +22,90 @@ RSpec::Core::RakeTask.new(:specs)
 
 desc 'Run RuboCop on the lib/specs directory'
 RuboCop::RakeTask.new(:rubocop)
+
+desc 'Generate the docs using YARD'
+task :doc do
+  sh('bundle', 'exec', 'yard', 'doc')
+  # Open generated doc in browser
+  sh('open', 'yard-doc/index.html')
+end
+
+desc "Print stats about undocumented methods. Provide an optional path relative to 'lib/dangermattic/plugins' to only show stats for that subdirectory"
+task :docstats, [:path] do |_, args|
+  path = File.join('lib/dangermattic/plugins', args[:path] || '.')
+  sh('yard', 'stats', '--list-undoc', path)
+end
+
+VERSION_FILE = File.join('lib', 'dangermattic', 'gem_version.rb')
+
+desc 'Create a new version of the dangermattic gem'
+task :new_release do
+  require_relative(VERSION_FILE)
+
+  parser = ChangelogParser.new(file: 'CHANGELOG.md')
+  latest_version = parser.parse_pending_section
+
+  ## Print current info
+  Console.header "Current version is: #{Dangermattic::VERSION}"
+  Console.warning "Warning: Latest version number does not match latest version title in CHANGELOG (#{latest_version})!" unless latest_version == Dangermattic::VERSION
+
+  Console.header 'Pending CHANGELOG:'
+  changelog = parser.cleaned_pending_changelog_lines
+  Console.print_indented_lines(changelog)
+
+  ## Prompt for next version number
+  guess = parser.guessed_next_semantic_version(current: Dangermattic::VERSION)
+  new_version = Console.prompt('New version to release', guess)
+
+  ## Checkout branch, update files
+  GitHelper.check_or_create_branch(new_version)
+  Console.header 'Update `VERSION` constant in `version.rb`...'
+  update_version_constant(VERSION_FILE, new_version)
+  Console.header 'Updating CHANGELOG...'
+  parser.update_for_new_release(new_version: new_version)
+
+  # Commit and push
+  Console.header 'Commit and push changes...'
+  GitHelper.commit_files("Bumped to version #{new_version}", [VERSION_FILE, 'Gemfile.lock', 'CHANGELOG.md'])
+
+  Console.header 'Opening PR draft in your default browser...'
+  pr_body = <<~BODY
+    Releasing new version #{new_version}.
+
+    # What's Next
+
+    PR Author: Be sure to create and publish a GitHub Release pointing to `trunk` once this PR gets merged,
+    copy/pasting the following text as the GitHub Release's description:
+    ```
+    #{changelog.join}
+    ```
+  BODY
+  GitHelper.prepare_github_pr("release/#{new_version}", 'trunk', "Release #{new_version} into trunk", pr_body)
+
+  Console.info <<~INSTRUCTIONS
+
+    ---------------
+
+    >>> WHAT'S NEXT
+
+    Once the PR is merged, publish a GitHub release for `#{new_version}`, targeting `trunk`,
+    with the following text as description:
+
+    ```
+    #{changelog.join}
+    ```
+
+    The publication of the new GitHub release will create a git tag, which in turn will trigger
+    a CI workflow that will take care of doing the `gem push` of the new version to RubyGems.
+
+  INSTRUCTIONS
+end
+
+def update_version_constant(version_file, new_version)
+  content = File.read(version_file)
+  content.gsub!(/VERSION = .*/, "VERSION = '#{new_version}'")
+  File.write(version_file, content)
+
+  # Updates the Gemfile.lock with the new dangermattic version
+  sh('bundle', 'install', '--quiet')
+end

data/danger-dangermattic.gemspec

@@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = '~> 3.2'
 
   spec.add_dependency 'danger', '~> 9.4'
-  spec.add_runtime_dependency 'danger-plugin-api', '~> 1.0'
+  spec.add_dependency 'danger-plugin-api', '~> 1.0'
 
   # Danger plugins
   spec.add_dependency 'danger-rubocop', '~> 0.13'

data/lib/dangermattic/gem_version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dangermattic
-  VERSION = '1.1.1'
+  VERSION = '1.2.0'
 end

data/lib/dangermattic/plugins/manifest_pr_checker.rb

@@ -29,6 +29,7 @@ module Danger
   #
   class ManifestPRChecker < Plugin
     MESSAGE = '`%s` was changed without updating its corresponding `%s`. %s.'
+    SWIFT_INSTRUCTION = 'Please resolve the Swift packages as appropriate to your project setup (e.g. in Xcode or by running `swift package resolve`)'
 
     # Performs all the checks, asserting that changes on `Gemfile`, `Podfile` and `Package.swift` must have corresponding
     # lock file changes.
@@ -46,7 +47,6 @@ module Danger
     #
     # @param report_type [Symbol] (optional) The type of report for the message. Types: :error, :warning (default), :message.
     #
-    #
     # @return [void]
     def check_gemfile_lock_updated(report_type: :warning)
       check_manifest_lock_updated(
@@ -61,7 +61,6 @@ module Danger
     #
     # @param report_type [Symbol] (optional) The type of report for the message. Types: :error, :warning (default), :message.
     #
-    #
     # @return [void]
     def check_podfile_lock_updated(report_type: :warning)
       check_manifest_lock_updated(
@@ -76,13 +75,27 @@ module Danger
     #
     # @param report_type [Symbol] (optional) The type of report for the message. Types: :error, :warning (default), :message.
     #
-    #
     # @return [void]
     def check_swift_package_resolved_updated(report_type: :warning)
       check_manifest_lock_updated(
         file_name: 'Package.swift',
         lock_file_name: 'Package.resolved',
-        instruction: 'Please resolve the Swift packages in Xcode',
+        instruction: SWIFT_INSTRUCTION,
+        report_type: report_type
+      )
+    end
+
+    # Check if the `Package.swift` file was modified without a corresponding `Package.resolved` update,
+    # checking for exact path matches
+    #
+    # @param report_type [Symbol] (optional) The type of report for the message. Types: :error, :warning (default), :message.
+    #
+    # @return [void]
+    def check_swift_package_resolved_updated_strict(manifest_path:, manifest_lock_path:, report_type: :warning)
+      check_manifest_lock_updated_strict(
+        manifest_path: manifest_path,
+        manifest_lock_path: manifest_lock_path,
+        instruction: SWIFT_INSTRUCTION,
         report_type: report_type
       )
     end
@@ -91,16 +104,27 @@ module Danger
 
     def check_manifest_lock_updated(file_name:, lock_file_name:, instruction:, report_type: :warning)
       # Find all the modified manifest files
-      manifest_modified_files = git.modified_files.select { |f| File.basename(f) == file_name }
+      manifest_modified_files = git_utils.all_changed_files.select { |f| File.basename(f) == file_name }
 
       # For each manifest file, check if the corresponding lockfile (in the same dir) was also modified
       manifest_modified_files.each do |manifest_file|
-        lockfile_modified = git.modified_files.any? { |f| File.dirname(f) == File.dirname(manifest_file) && File.basename(f) == lock_file_name }
+        lockfile_modified = git_utils.all_changed_files.any? { |f| File.dirname(f) == File.dirname(manifest_file) && File.basename(f) == lock_file_name }
         next if lockfile_modified
 
         message = format(MESSAGE, manifest_file, lock_file_name, instruction)
         reporter.report(message: message, type: report_type)
       end
     end
+
+    def check_manifest_lock_updated_strict(manifest_path:, manifest_lock_path:, instruction:, report_type: :warning)
+      manifest_modified = git_utils.all_changed_files.include?(manifest_path)
+      return unless manifest_modified
+
+      lockfile_modified = git_utils.all_changed_files.include?(manifest_lock_path)
+      return if lockfile_modified
+
+      message = format(MESSAGE, manifest_path, File.basename(manifest_lock_path), instruction)
+      reporter.report(message: message, type: report_type)
+    end
   end
 end

data/lib/dangermattic/plugins/view_changes_checker.rb

@@ -18,7 +18,7 @@ module Danger
     MEDIA_IN_PR_BODY_PATTERNS = [
       %r{https?://\S*\.(gif|jpg|jpeg|png|svg)},
       %r{https?://\S*\.(mp4|avi|mov|mkv)},
-      %r{https?://\S*github\S+/\S+/assets/\d+/},
+      %r{https?://\S*github\S+/\S+/assets/},
       /!\[(.*?)\]\((.*?)\)/,
       /<img\s+[^>]*src\s*=\s*[^>]*>/,
       /<video\s+[^>]*src\s*=\s*[^>]*>/
@@ -31,7 +31,7 @@ module Danger
     # displaying a warning if view files have been modified but no screenshot or video is included.
     #
     # @return [void]
-    def check
+    def check(report_type: :warning)
       view_files_modified = git.modified_files.any? do |file|
         VIEW_EXTENSIONS_IOS =~ file || VIEW_EXTENSIONS_ANDROID =~ file
       end
@@ -40,7 +40,7 @@ module Danger
         github.pr_body =~ pattern
       end
 
-      warn(MESSAGE) if view_files_modified && !pr_has_media
+      reporter.report(message: MESSAGE, type: report_type) if view_files_modified && !pr_has_media
     end
   end
 end

data/rakelib/changelog_parser.rake

@@ -0,0 +1,108 @@
+# frozen_string_literal: true
+
+# Parses and updates changelog files for software projects.
+#
+# This class provides functionality to parse a changelog file, identify pending
+# sections for upcoming releases, and update the changelog for new releases based on
+# semantic versioning conventions.
+#
+# @example
+#   parser = ChangelogParser.new(file: 'CHANGELOG.md')
+#   latest_version = parser.parse_pending_section
+#   new_version = parser.guessed_next_semantic_version(current: '1.0.0')
+#   parser.update_for_new_release(new_version: new_version)
+class ChangelogParser
+  PENDING_SECTION_TITLE = 'Trunk'
+  EMPTY_PLACEHOLDER = '_None_'
+  SUBSECTIONS_SEMVER_MAP = { 'Breaking Changes': 3, 'New Features': 2, 'Bug Fixes': 1, 'Internal Changes': 1 }.freeze
+
+  def initialize(file: 'CHANGELOG.md')
+    @lines = File.readlines(file)
+    @current_index = nil
+    @pending_section = nil
+  end
+
+  # @return the title of the section after the pending one -- which should match the latest released version
+  def parse_pending_section
+    (lines_before_first_section, _, title) = advance_to_next_header(level: 2)
+    raise "Expected #{PENDING_SECTION_TITLE} as first section but found #{title} instead." unless title == PENDING_SECTION_TITLE
+
+    subsections = []
+    prev_subtitle = nil
+    loop do
+      (lines, next_level, next_subtitle) = advance_to_next_header(level: 2..3)
+      subsections.append({ title: prev_subtitle, lines: lines }) unless lines.reject { |l| l.chomp.empty? || l.chomp == EMPTY_PLACEHOLDER }.empty?
+      prev_subtitle = next_subtitle
+
+      break if next_level < 3
+    end
+    @pending_section = { lines_before: lines_before_first_section, subsections: subsections, next_title: prev_subtitle }
+    prev_subtitle
+  end
+
+  def cleaned_pending_changelog_lines
+    lines = []
+    @pending_section[:subsections].map do |s|
+      lines.append "### #{s[:title]}\n" unless s[:title].nil? # subsection title is nil for lines between h2 and first h3
+      lines += s[:lines]
+    end
+    lines
+  end
+
+  def guessed_next_semantic_version(current:)
+    comps = current.split('.')
+    idx_to_bump = 3 - semver_category
+    comps[idx_to_bump] = (comps[idx_to_bump].to_i + 1).to_s
+    ((idx_to_bump + 1)...(comps.length)).each { |i| comps[i] = '0' }
+    comps.join('.')
+  end
+
+  def update_for_new_release(new_version:, new_file: 'CHANGELOG.md')
+    raise 'You need to call #parse_pending_section first' if @pending_section.nil?
+
+    File.open(new_file, 'w') do |f|
+      f.puts @pending_section[:lines_before]
+      # Empty placeholder section for next version after this one
+      f.puts placeholder_section
+      # Section for new version, with the non-empty subsections found while parsing first section
+      f.puts "## #{new_version}\n\n"
+      f.puts cleaned_pending_changelog_lines
+      f.puts "## #{@pending_section[:next_title]}"
+      f.puts read_up_to_end
+    end
+  end
+
+  private
+
+  # Advance line pointer to next index of provided `level`
+  # @return [Array] A 3-item array of [scanned_lines, next_header_level, next_header_title]
+  def advance_to_next_header(level:)
+    range = level.is_a?(Range) ? level : level..level
+    regex = /^(\#{#{range.min},#{range.max}}) ?([^#].*)$/ # A line starting with {range.min,range.max} times '#' then optional space then a title
+    start_idx = @current_index.nil? ? 0 : @current_index + 1
+    offset = @lines[start_idx...].index { |l| l =~ regex }
+    @current_index = offset.nil? ? -1 : start_idx + offset
+
+    m = regex.match(@lines[@current_index])
+    [@lines[start_idx...@current_index], m[1].length, m[2]]
+  end
+
+  def read_up_to_end
+    idx = @current_index + 1
+    @current_index = -1
+    @lines[idx...]
+  end
+
+  def placeholder_section
+    lines = ["## #{PENDING_SECTION_TITLE}\n\n"]
+    lines += SUBSECTIONS_SEMVER_MAP.keys.map { |s| "### #{s}\n\n#{EMPTY_PLACEHOLDER}\n\n" }
+    lines.join
+  end
+
+  # @return the SemVer category (as described in Gem::Version doc). 3=major, 2=minor, 1=patch
+  def semver_category
+    raise 'You need to call #parse_pending_section first' if @pending_section.nil?
+
+    @pending_section[:subsections].map { |s| SUBSECTIONS_SEMVER_MAP[s[:title].to_sym] || 1 }.max || 1
+  end
+end

data/rakelib/console.rake

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+# Provides methods for colored console output and user interaction.
+#
+# The Console module contains methods for printing colored text to the terminal using
+# ANSI escape codes. It also includes utility methods for prompting user input.
+module Console
+  # ANSI colors
+  RED = 1
+  GREEN = 2
+  YELLOW = 3
+  PURPLE = 4
+
+  def self.color_puts(lines, color_code:)
+    puts "\x1b[3#{color_code}m#{lines}\x1b[0m"
+  end
+
+  def self.header(title)
+    color_puts(">>> #{title}", color_code: GREEN) # green
+  end
+
+  def self.info(text)
+    color_puts(text, color_code: YELLOW) # yellow
+  end
+
+  def self.warning(text)
+    color_puts(text, color_code: RED) # red
+  end
+
+  def self.print_indented_lines(lines)
+    color_puts(lines.map { |l| "| #{l}" }.join, color_code: YELLOW)
+  end
+
+  def self.prompt(text, default_value)
+    color_puts("#{text}? [default: #{default_value}] ", color_code: GREEN)
+    answer = $stdin.gets.chomp
+    answer = default_value if answer.empty?
+    answer
+  end
+
+  def self.confirm(text)
+    color_puts("#{text} [y/n]?", color_code: GREEN)
+    answer = $stdin.gets.chomp
+    answer.downcase == 'y'
+  end
+end

data/rakelib/git_helpers.rake

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'cgi'
+
+# Helper methods for common Git operations: checking / creating branches, preparing a pull request and
+# committing / pushing files.
+module GitHelper
+  def self.current_branch
+    `git --no-pager branch --show-current`.chomp
+  end
+
+  def self.check_or_create_branch(new_version)
+    release_branch = "release/#{new_version}"
+    branch_exists = !`git --no-pager branch -a --list --no-color #{release_branch}`.chomp.empty?
+    if current_branch == release_branch
+      puts 'Already on release branch'
+    elsif branch_exists
+      Rake.sh('git', 'checkout', release_branch)
+    else # create it
+      abort('Aborted, as not run from trunk nor release branch') unless current_branch == 'trunk' || Console.confirm("You are not on 'trunk', nor already on '#{release_branch}'. Do you really want to cut the release branch from #{current_branch}?")
+
+      Rake.sh('git', 'checkout', '-b', release_branch)
+    end
+  end
+
+  def self.prepare_github_pr(head, base, title, body)
+    require 'open-uri'
+    qtitle = CGI.escape(title)
+    qbody = CGI.escape(body)
+    uri = "https://github.com/Automattic/dangermattic/compare/#{base}...#{head}?expand=1&title=#{qtitle}&body=#{qbody}"
+    Rake.sh('open', uri)
+  end
+
+  def self.commit_files(message, files, push: true)
+    Rake.sh('git', 'add', *files)
+    Rake.sh('git', 'commit', '-m', message)
+    Rake.sh('git', 'push', '-q', '-u', 'origin', current_branch) if push
+  end
+end

data/spec/manifest_pr_checker_spec.rb

@@ -17,7 +17,7 @@ module Danger
       describe 'Bundler' do
         it 'reports a warning when a PR changed the Gemfile but not the Gemfile.lock' do
           modified_files = ['Gemfile']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_gemfile_lock_updated
 
@@ -27,7 +27,7 @@ module Danger
 
         it 'reports no warnings when both the Gemfile and the Gemfile.lock were updated' do
           modified_files = ['Gemfile', 'Gemfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_gemfile_lock_updated
 
@@ -36,7 +36,7 @@ module Danger
 
         it 'reports no warnings when only the Gemfile.lock was updated' do
           modified_files = ['Gemfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_gemfile_lock_updated
 
@@ -47,7 +47,7 @@ module Danger
       describe 'CocoaPods' do
         it 'reports a warning when a PR changed the Podfile but not the Podfile.lock' do
           modified_files = ['Podfile']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -57,7 +57,7 @@ module Danger
 
         it 'reports no warnings when both the Podfile and the Podfile.lock were updated' do
           modified_files = ['Podfile', 'Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -66,7 +66,7 @@ module Danger
 
         it 'reports a warning when a PR changed a custom located Podfile but not the corresponding Podfile.lock' do
           modified_files = ['./path/to/Podfile', './my/Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -76,7 +76,7 @@ module Danger
 
         it 'reports multiple warnings when a PR changed multiple custom located Podfiles but not the corresponding Podfile.lock' do
           modified_files = ['./dir1/Podfile', './dir2/Podfile', './dir3/Podfile', './dir1/Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -89,7 +89,7 @@ module Danger
 
         it 'reports no warnings when both custom located Podfile`s and their corresponding Podfile.lock were updated' do
           modified_files = ['./my/path/to/Podfile', './another/path/to/Podfile', './my/path/to/Podfile.lock', './another/path/to/Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -98,7 +98,7 @@ module Danger
 
         it 'reports no warnings when only the Podfile.lock was updated' do
           modified_files = ['Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -107,32 +107,73 @@ module Danger
       end
 
       describe 'Swift Package Manager' do
-        it 'reports a warning when a PR changed the Package.swift but not the Package.resolved' do
-          modified_files = ['Package.swift']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+        describe '#check_swift_package_resolved_updated' do
+          it 'reports a warning when a PR changed the Package.swift but not the Package.resolved' do
+            modified_files = ['Package.swift']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
-          @plugin.check_swift_package_resolved_updated
+            @plugin.check_swift_package_resolved_updated
 
-          expected_warning = format(ManifestPRChecker::MESSAGE, 'Package.swift', 'Package.resolved', 'Please resolve the Swift packages in Xcode')
-          expect(@dangerfile).to report_warnings([expected_warning])
-        end
+            expected_warning = format(ManifestPRChecker::MESSAGE, 'Package.swift', 'Package.resolved', ManifestPRChecker::SWIFT_INSTRUCTION)
+            expect(@dangerfile).to report_warnings([expected_warning])
+          end
 
-        it 'reports no warnings when both the Package.swift and the Package.resolved were updated' do
-          modified_files = ['Package.swift', 'Package.resolved']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          it 'reports no warnings when both the Package.swift and the Package.resolved were updated' do
+            modified_files = ['Package.swift', 'Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
-          @plugin.check_swift_package_resolved_updated
+            @plugin.check_swift_package_resolved_updated
 
-          expect(@dangerfile).to not_report
+            expect(@dangerfile).to not_report
+          end
+
+          it 'reports no warnings when only the Package.resolved was updated' do
+            modified_files = ['Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
+
+            @plugin.check_swift_package_resolved_updated
+
+            expect(@dangerfile).to not_report
+          end
         end
 
-        it 'reports no warnings when only the Package.resolved was updated' do
-          modified_files = ['Package.resolved']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+        describe '#check_swift_package_resolved_updated_strict' do
+          it 'reports a warning when a PR changed the specific Package.swift but not its Package.resolved' do
+            modified_files = ['Apps/App1/Package.swift', 'Apps/App2/Package.swift', 'Apps/App2/Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
-          @plugin.check_swift_package_resolved_updated
+            @plugin.check_swift_package_resolved_updated_strict(
+              manifest_path: 'Apps/App1/Package.swift',
+              manifest_lock_path: 'Apps/App1/Package.resolved'
+            )
 
-          expect(@dangerfile).to not_report
+            expected_warning = format(ManifestPRChecker::MESSAGE, 'Apps/App1/Package.swift', 'Package.resolved', ManifestPRChecker::SWIFT_INSTRUCTION)
+            expect(@dangerfile).to report_warnings([expected_warning])
+          end
+
+          it 'reports no warning when both the specific Package.swift and Package.resolved were updated' do
+            modified_files = ['Apps/App1/Package.swift', 'Apps/App1/Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
+
+            @plugin.check_swift_package_resolved_updated_strict(
+              manifest_path: 'Apps/App1/Package.swift',
+              manifest_lock_path: 'Apps/App1/Package.resolved'
+            )
+
+            expect(@dangerfile).to not_report
+          end
+
+          it 'reports no warning when the specific Package.swift was not modified' do
+            modified_files = ['Apps/App2/Package.swift', 'Apps/App2/Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
+
+            @plugin.check_swift_package_resolved_updated_strict(
+              manifest_path: 'Apps/App1/Package.swift',
+              manifest_lock_path: 'Apps/App1/Package.resolved'
+            )
+
+            expect(@dangerfile).to not_report
+          end
         end
       end
     end

data/spec/spec_helper.rb

@@ -28,7 +28,6 @@ require 'danger_plugin'
 # it comes with an extra function `.string` which will
 # strip all ANSI colours from the string.
 
-# rubocop:disable Lint/NestedMethodDefinition
 def testing_ui
   @output = StringIO.new
   def @output.winsize
@@ -41,7 +40,6 @@ def testing_ui
   end
   cork
 end
-# rubocop:enable Lint/NestedMethodDefinition
 
 # Example environment (ENV)
 def testing_env

data/spec/view_changes_checker_spec.rb

@@ -75,7 +75,7 @@ module Danger
         expect(@dangerfile).to not_report
       end
 
-      it 'does nothing when a PR with view code changes has a video defined with a simple URL' do
+      it 'does nothing when a PR with view code changes has a video defined with a simple repo assets URL' do
         allow(@plugin.github).to receive(:pr_body)
           .and_return("see video:\nhttps://github.com/woocommerce/woocommerce-ios/assets/1864060/0e983305-5047-40a3-8829-734e0b582b96 body body")
 
@@ -83,6 +83,15 @@ module Danger
 
         expect(@dangerfile).to not_report
       end
+
+      it 'does nothing when a PR with view code changes has a video defined with a simple GitHub assets URL' do
+        allow(@plugin.github).to receive(:pr_body)
+          .and_return("see video:\nhttps://github.com/user-attachments/assets/f3461fec-f96c-4376-9e00-f8faf65f3457 body body")
+
+        @plugin.check
+
+        expect(@dangerfile).to not_report
+      end
     end
 
     shared_examples 'PR without view code changes' do |modified_files|

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: danger-dangermattic
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.2.0
 platform: ruby
 authors:
 - Automattic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-21 00:00:00.000000000 Z
+date: 2024-11-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: danger
@@ -201,6 +201,7 @@ files:
 - ".buildkite/gem-push.sh"
 - ".buildkite/pipeline.yml"
 - ".bundle/config"
+- ".github/workflows/README.md"
 - ".github/workflows/reusable-check-labels-on-issues.yml"
 - ".github/workflows/reusable-retry-buildkite-step-on-events.yml"
 - ".github/workflows/reusable-run-danger.yml"
@@ -234,6 +235,9 @@ files:
 - lib/dangermattic/plugins/pr_size_checker.rb
 - lib/dangermattic/plugins/tracks_checker.rb
 - lib/dangermattic/plugins/view_changes_checker.rb
+- rakelib/changelog_parser.rake
+- rakelib/console.rake
+- rakelib/git_helpers.rake
 - spec/android_release_checker_spec.rb
 - spec/android_strings_checker_spec.rb
 - spec/android_unit_test_checker_spec.rb