danger-dangermattic 1.1.2 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e67bce42d784090d66f708da30837272d7ba007361e0ca5e8a3112934f7662c
-  data.tar.gz: b52fd5c635ff28d370d19cbbcb5ce0149e947fdb7f6f2fd10b8e7e00543adf7d
+  metadata.gz: '094bf199c42dcc05762611116e76958dd679f4fd528aee911a0f2e56cef7ec1e'
+  data.tar.gz: 0ea8f18010582cf5d91d0f75a5e7aeadf677fce8bf46fe9d006f0b2cb5985c15
 SHA512:
-  metadata.gz: 4e9316d9415127bfef3be854d7ef5662f15df950f623123f1c325ef282e520f0f75d229d6955ec5980cc4286e7c67a5f4738c76486a7a68f316cdc467da7f812
-  data.tar.gz: 58f1deea10b0c92e769de341fee2e918c04321b8bff563bf872e60cd4c8dba30d6b4dd0caf99c7ccdd2cec0e6c309ff5af17ad069ec2e9c27f194c74c061ec8d
+  metadata.gz: 477a907cde572da9e3c5a76eee541e38b82a240a12b8691dec4c2a1697ebb7a664b80836d5eca45513d26a95e270e67b9cbcde08562f9abb691684fa47a21b93
+  data.tar.gz: cc0e1a03b5ddb87b3a7961665f7318feceaff2efe437d261b484c5fad1455a78872c719baee93642d0698dc24314bbc4a22cdb9218c8bc80c7ae6997bfbf55f3

data/.github/workflows/README.md

@@ -0,0 +1,71 @@
+# Dangermattic GitHub Workflows Documentation
+
+We provide reusable GitHub workflows to be used with Dangermattic.
+Each workflow is designed to be called from other workflows using the `workflow_call` event and input parameters.
+All jobs are run on `ubuntu-latest`.
+
+## Check Labels on Issues
+
+**File:** `workflows/reusable-check-labels-on-issues.yml`
+
+This workflow is an independent check (not using Danger) to verify if the labels on an issue match specified regex patterns.
+
+### Inputs:
+- `label-format-list`: JSON list of regex formats expected for the labels (default: `[".*"]`)
+- `label-error-message`: Error message when labels don't match
+- `label-success-message`: Success message when labels match
+- `cancel-running-jobs`: Cancel in-progress jobs when new ones are created (default: `true`)
+
+### Secrets:
+- `github-token`: Required GitHub token
+
+### Job: `check-issue-labels`
+- Permissions: `issues: write`
+- Main step: "🏷️ Check Issue Labels"
+  - Checks if issue labels match the specified regex patterns
+  - Posts a comment on the issue with success or error message
+
+## Retry Buildkite Step on Pull Request Events
+
+**File:** `workflows/reusable-retry-buildkite-step-on-events.yml`
+
+This workflow retries a specific job in a Buildkite pipeline.
+
+### Inputs:
+- `org-slug`: Buildkite organization slug
+- `pipeline-slug`: Slug of the Buildkite pipeline to be run
+- `retry-step-key`: Key of the Buildkite job to be retried
+- `build-commit-sha`: Commit to check for running Buildkite Builds
+- `cancel-running-github-jobs`: Cancel in-progress GitHub jobs when new ones are created (default: `true`)
+
+### Secrets:
+- `buildkite-api-token`: Required Buildkite API token
+
+### Job: `retry-buildkite-job`
+- Main step: "🔄 Retry job on the latest Buildkite Build"
+  - Retrieves the latest Buildkite build for the specified commit
+  - Identifies the job to retry based on the provided step key
+  - Retries the job if it's in an appropriate state (passed, failed, canceled, or finished)
+
+## Run Danger on GitHub
+
+**File:** `workflows/reusable-run-danger.yml`
+
+This workflow runs Danger directly on GitHub Actions.
+
+### Inputs:
+- `remove-previous-comments`: Remove previous Danger comments and add a new one (default: `false`)
+- `cancel-running-jobs`: Cancel in-progress jobs when new ones are created (default: `true`)
+
+### Secrets:
+- `github-token`: Required GitHub token
+
+### Job: `dangermattic`
+- Steps:
+  1. Checkout repository
+  2. Set up Ruby
+  3. Run Danger PR Check
+     - Executes Danger in read-only mode for forks and Dependabot PRs
+     - Runs Danger with full functionality for PRs where the configured token has access to the repo
+
+These reusable workflows can be incorporated into other workflows in your repository to perform specific tasks related to issue labeling, Buildkite job management, and pull request checks using Danger.

data/.github/workflows/reusable-check-labels-on-issues.yml

@@ -1,30 +1,38 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
 on:
   workflow_call:
     inputs:
       label-format-list:
-        description: 'The Regex formats expected for the labels; must be a JSON list'
-        default: '[
-          ".*"
-        ]'
+        description: The Regex formats expected for the labels; must be a JSON list
+        default: |
+          [
+            ".*"
+          ]
         type: string
         required: false
       label-error-message:
-        description: 'Error message to be posted when the labels set don''t match the required list of formats.'
-        default: 'At least one label is required.'
+        description: Error message to be posted when the labels set don't match the required list of formats.
+        default: At least one label is required.
         type: string
         required: false
       label-success-message:
-        description: 'Message to be posted when the labels set fulfill the entire list of expected formats.'
-        default: '✅ Yay, issue looks great!'
+        description: Message to be posted when the labels set fulfill the entire list of expected formats.
+        default: ✅ Yay, issue looks great!
         type: string
         required: false
+      cancel-running-jobs:
+        description: Cancel currently in progress jobs when new ones are added.
+        default: true
+        type: boolean
+        required: false
     secrets:
       github-token:
         required: true
 
 concurrency:
-  group: danger-${{ github.event.issue.number }}
-  cancel-in-progress: true
+  group: ${{ github.workflow }}-${{ github.event.issue.number }}
+  cancel-in-progress: ${{ inputs.cancel-running-jobs }}
 
 jobs:
   check-issue-labels:
@@ -32,7 +40,7 @@ jobs:
     permissions:
       issues: write
     steps:
-      - name: "🏷️ Check Issue Labels"
+      - name: 🏷️ Check Issue Labels
         env:
           GITHUB_TOKEN: ${{ secrets.github-token }}
           GH_REPO: ${{ github.repository }}

data/.github/workflows/reusable-retry-buildkite-step-on-events.yml

@@ -1,24 +1,26 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
 on:
   workflow_call:
     inputs:
       org-slug:
-        description: 'Buildkite organization slug'
+        description: Buildkite organization slug
         required: true
         type: string
       pipeline-slug:
-        description: 'Slug of the Buildkite pipeline to be run'
+        description: Slug of the Buildkite pipeline to be run
         required: true
         type: string
       retry-step-key:
-        description: 'Key of the Buildkite job to be retried'
+        description: Key of the Buildkite job to be retried
         required: true
         type: string
       build-commit-sha:
-        description: 'Commit to check for running Buildkite Builds on. Usually github.event.pull_request.head.sha .'
+        description: Commit to check for running Buildkite Builds on. Usually github.event.pull_request.head.sha .
         required: true
         type: string
       cancel-running-github-jobs:
-        description: 'Cancel currently in progress Github jobs when new ones are added.'
+        description: Cancel currently in progress Github jobs when new ones are added.
         default: true
         type: boolean
         required: false
@@ -27,14 +29,14 @@ on:
         required: true
 
 concurrency:
-  group: danger-buildkite-retry-${{ github.ref }}
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ inputs.cancel-running-github-jobs }}
 
 jobs:
   retry-buildkite-job:
     runs-on: ubuntu-latest
     steps:
-      - name: "🔄 Retry job on the latest Buildkite Build"
+      - name: 🔄 Retry job on the latest Buildkite Build
         env:
           READ_ONLY_MODE: ${{ github.event.pull_request.head.repo.fork || github.actor == 'dependabot[bot]' }}
         run: |

data/.github/workflows/reusable-run-danger.yml

@@ -1,13 +1,15 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
 on:
   workflow_call:
     inputs:
       remove-previous-comments:
-        description: 'Configures Danger to always remove previous comments and add a new one instead of editing the same comment.'
+        description: Configures Danger to always remove previous comments and add a new one instead of editing the same comment.
         default: false
         type: boolean
         required: false
       cancel-running-jobs:
-        description: 'Cancel currently in progress jobs when new ones are added.'
+        description: Cancel currently in progress jobs when new ones are added.
         default: true
         type: boolean
         required: false
@@ -16,22 +18,22 @@ on:
         required: true
 
 concurrency:
-  group: danger-${{ github.ref }}
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ inputs.cancel-running-jobs }}
 
 jobs:
   dangermattic:
     runs-on: ubuntu-latest
     steps:
-      - name: "📥 Checkout Repo"
+      - name: 📥 Checkout Repo
         uses: actions/checkout@v4
         with:
           fetch-depth: 100
-      - name: "💎 Ruby Setup"
+      - name: 💎 Ruby Setup
         uses: ruby/setup-ruby@v1
         with:
           bundler-cache: true
-      - name: "☢️ Danger PR Check"
+      - name: ☢️ Danger PR Check
         env:
           PR_URL: ${{ github.event.pull_request.html_url }}
           READ_ONLY_MODE: ${{ github.event.pull_request.head.repo.fork || github.actor == 'dependabot[bot]' }}

data/CHANGELOG.md

@@ -20,11 +20,21 @@ _None_
 
 _None_
 
+## 1.2.0
+
+### New Features
+
+- `manifest_pr_checker`: add check for `Package.resolved` using full paths [#86]
+
+### Bug Fixes
+
+- `view_changes_checker`:  update GitHub assets URL regex to be less strict [#89]
+
 ## 1.1.2
 
 ### Internal Changes
 
-- Bump Ruby dependencies (#76)
+- Bump Ruby dependencies [#76]
 
 ## 1.1.1
 
@@ -36,19 +46,19 @@ _None_
 
 ### New Features
 
-- Reusable GitHub Workflow for retrying Buildkite jobs (#64)
+- Reusable GitHub Workflow for retrying Buildkite jobs [#64]
 
 ## 1.0.2
 
 ### Bug Fixes
 
-- Clean up and update dependencies. (#62)
+- Clean up and update dependencies. [#62]
 
 ## 1.0.1
 
 ### Bug Fixes
 
-- Fix `tracks_checker` plugin so that only additions / removals in a diff are considered in the check, therefore not including the context parts of the diff. (#58)
+- Fix `tracks_checker` plugin so that only additions / removals in a diff are considered in the check, therefore not including the context parts of the diff. [#58]
 
 ## 1.0.0
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    danger-dangermattic (1.1.2)
+    danger-dangermattic (1.2.0)
       danger (~> 9.4)
       danger-plugin-api (~> 1.0)
       danger-rubocop (~> 0.13)
@@ -13,6 +13,7 @@ GEM
     addressable (2.8.7)
       public_suffix (>= 2.0.2, < 7.0)
     ast (2.4.2)
+    base64 (0.2.0)
     claide (1.1.0)
     claide-plugins (0.9.2)
       cork
@@ -22,7 +23,8 @@ GEM
     colored2 (3.1.2)
     cork (0.3.0)
       colored2 (~> 3.1)
-    danger (9.5.0)
+    danger (9.5.1)
+      base64 (~> 0.2)
       claide (~> 1.0)
       claide-plugins (>= 0.9.2)
       colored2 (~> 3.1)
@@ -33,6 +35,7 @@ GEM
       kramdown (~> 2.3)
       kramdown-parser-gfm (~> 1.0)
       octokit (>= 4.0)
+      pstore (~> 0.1)
       terminal-table (>= 1, < 4)
     danger-plugin-api (1.0.0)
       danger (> 2.0)
@@ -40,12 +43,13 @@ GEM
       danger
       rubocop (~> 1.0)
     diff-lcs (1.5.1)
-    faraday (2.10.1)
-      faraday-net_http (>= 2.0, < 3.2)
+    faraday (2.12.0)
+      faraday-net_http (>= 2.0, < 3.4)
+      json
       logger
     faraday-http-cache (2.5.1)
       faraday (>= 0.8)
-    faraday-net_http (3.1.1)
+    faraday-net_http (3.3.0)
       net-http
     ffi (1.17.0)
     ffi (1.17.0-arm64-darwin)
@@ -53,7 +57,7 @@ GEM
     git (1.19.1)
       addressable (~> 2.8)
       rchardet (~> 1.8)
-    guard (2.18.1)
+    guard (2.19.0)
       formatador (>= 0.2.4)
       listen (>= 2.7, < 4.0)
       lumberjack (>= 1.0.12, < 2.0)
@@ -67,7 +71,7 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    json (2.7.2)
+    json (2.7.5)
     kramdown (2.4.0)
       rexml
     kramdown-parser-gfm (1.1.0)
@@ -76,7 +80,7 @@ GEM
     listen (3.9.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    logger (1.6.0)
+    logger (1.6.1)
     lumberjack (1.2.10)
     method_source (1.1.0)
     nap (1.1.0)
@@ -86,17 +90,18 @@ GEM
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    octokit (9.1.0)
+    octokit (9.2.0)
       faraday (>= 1, < 3)
       sawyer (~> 0.9)
     open4 (1.3.4)
-    parallel (1.25.1)
-    parser (3.3.4.0)
+    parallel (1.26.3)
+    parser (3.3.5.1)
       ast (~> 2.4.1)
       racc
     pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
+    pstore (0.1.3)
     public_suffix (6.0.1)
     racc (1.8.1)
     rainbow (3.1.1)
@@ -106,50 +111,47 @@ GEM
       ffi (~> 1.0)
     rchardet (1.8.0)
     regexp_parser (2.9.2)
-    rexml (3.3.4)
-      strscan
+    rexml (3.3.9)
     rspec (3.13.0)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
       rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.0)
+    rspec-core (3.13.2)
       rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.1)
+    rspec-expectations (3.13.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.1)
+    rspec-mocks (3.13.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
     rspec-support (3.13.1)
-    rubocop (1.65.1)
+    rubocop (1.68.0)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 2.4, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.31.1, < 2.0)
+      rubocop-ast (>= 1.32.2, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.31.3)
+    rubocop-ast (1.33.0)
       parser (>= 3.3.1.0)
     rubocop-rake (0.6.0)
       rubocop (~> 1.0)
-    rubocop-rspec (3.0.3)
+    rubocop-rspec (3.2.0)
       rubocop (~> 1.61)
     ruby-progressbar (1.13.0)
     sawyer (0.9.2)
       addressable (>= 2.3.5)
       faraday (>= 0.17.3, < 3)
     shellany (0.0.1)
-    strscan (3.1.0)
     terminal-table (3.0.2)
       unicode-display_width (>= 1.1.1, < 3)
-    thor (1.3.1)
-    unicode-display_width (2.5.0)
-    uri (0.13.0)
-    yard (0.9.36)
+    thor (1.3.2)
+    unicode-display_width (2.6.0)
+    uri (0.13.1)
+    yard (0.9.37)
 
 PLATFORMS
   arm64-darwin-22

data/README.md

@@ -35,6 +35,10 @@ Once the main Gem is installed, all Dangermattic plugins are available in your `
 
 All available plugins are defined here: https://github.com/Automattic/dangermattic/tree/trunk/lib/dangermattic/plugins
 
+## GitHub Workflows
+
+Dangermattic also provides some useful reusable GitHub workflows. For more information on available workflows and how to use them, please refer to the [Workflows README](.github/workflows/README.md).
+
 ## Development
 
 - Clone the repo and run `bundle install` to setup dependencies
@@ -66,3 +70,26 @@ my_new_plugin_checker.check_method(param: my_param_value)
 ```
 
 Please follow the existing naming convention for validation and check plugins: classes end with a `*Checker` suffix and the main validation methods are named with a `check_*` prefix.
+
+## Releasing a new version
+
+To create a new release of the Dangermattic gem, use the `new_release` Rake task:
+
+```
+bundle exec rake new_release
+```
+
+This task will:
+
+1. Parse the `CHANGELOG.md` file to get the latest version and pending changes.
+1. Prompt for the new version number.
+1. Update the `VERSION` constant in the `gem_version.rb` file.
+1. Update the `CHANGELOG.md` file with the new version.
+1. Create a new branch, commit the changes, and push to GitHub.
+1. Open a draft Pull Request for the release.
+
+After running the task, follow the instructions provided to complete the release process:
+
+1. Review and merge the Pull Request.
+1. Create a GitHub release targeting the `trunk` branch, using the changelog content provided.
+1. Publishing the GitHub release with a tag will trigger a CI workflow to publish the new gem version to RubyGems.

data/lib/dangermattic/gem_version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dangermattic
-  VERSION = '1.1.2'
+  VERSION = '1.2.0'
 end

data/lib/dangermattic/plugins/manifest_pr_checker.rb

@@ -29,6 +29,7 @@ module Danger
   #
   class ManifestPRChecker < Plugin
     MESSAGE = '`%s` was changed without updating its corresponding `%s`. %s.'
+    SWIFT_INSTRUCTION = 'Please resolve the Swift packages as appropriate to your project setup (e.g. in Xcode or by running `swift package resolve`)'
 
     # Performs all the checks, asserting that changes on `Gemfile`, `Podfile` and `Package.swift` must have corresponding
     # lock file changes.
@@ -46,7 +47,6 @@ module Danger
     #
     # @param report_type [Symbol] (optional) The type of report for the message. Types: :error, :warning (default), :message.
     #
-    #
     # @return [void]
     def check_gemfile_lock_updated(report_type: :warning)
       check_manifest_lock_updated(
@@ -61,7 +61,6 @@ module Danger
     #
     # @param report_type [Symbol] (optional) The type of report for the message. Types: :error, :warning (default), :message.
     #
-    #
     # @return [void]
     def check_podfile_lock_updated(report_type: :warning)
       check_manifest_lock_updated(
@@ -76,13 +75,27 @@ module Danger
     #
     # @param report_type [Symbol] (optional) The type of report for the message. Types: :error, :warning (default), :message.
     #
-    #
     # @return [void]
     def check_swift_package_resolved_updated(report_type: :warning)
       check_manifest_lock_updated(
         file_name: 'Package.swift',
         lock_file_name: 'Package.resolved',
-        instruction: 'Please resolve the Swift packages in Xcode',
+        instruction: SWIFT_INSTRUCTION,
+        report_type: report_type
+      )
+    end
+
+    # Check if the `Package.swift` file was modified without a corresponding `Package.resolved` update,
+    # checking for exact path matches
+    #
+    # @param report_type [Symbol] (optional) The type of report for the message. Types: :error, :warning (default), :message.
+    #
+    # @return [void]
+    def check_swift_package_resolved_updated_strict(manifest_path:, manifest_lock_path:, report_type: :warning)
+      check_manifest_lock_updated_strict(
+        manifest_path: manifest_path,
+        manifest_lock_path: manifest_lock_path,
+        instruction: SWIFT_INSTRUCTION,
         report_type: report_type
       )
     end
@@ -91,16 +104,27 @@ module Danger
 
     def check_manifest_lock_updated(file_name:, lock_file_name:, instruction:, report_type: :warning)
       # Find all the modified manifest files
-      manifest_modified_files = git.modified_files.select { |f| File.basename(f) == file_name }
+      manifest_modified_files = git_utils.all_changed_files.select { |f| File.basename(f) == file_name }
 
       # For each manifest file, check if the corresponding lockfile (in the same dir) was also modified
       manifest_modified_files.each do |manifest_file|
-        lockfile_modified = git.modified_files.any? { |f| File.dirname(f) == File.dirname(manifest_file) && File.basename(f) == lock_file_name }
+        lockfile_modified = git_utils.all_changed_files.any? { |f| File.dirname(f) == File.dirname(manifest_file) && File.basename(f) == lock_file_name }
         next if lockfile_modified
 
         message = format(MESSAGE, manifest_file, lock_file_name, instruction)
         reporter.report(message: message, type: report_type)
       end
     end
+
+    def check_manifest_lock_updated_strict(manifest_path:, manifest_lock_path:, instruction:, report_type: :warning)
+      manifest_modified = git_utils.all_changed_files.include?(manifest_path)
+      return unless manifest_modified
+
+      lockfile_modified = git_utils.all_changed_files.include?(manifest_lock_path)
+      return if lockfile_modified
+
+      message = format(MESSAGE, manifest_path, File.basename(manifest_lock_path), instruction)
+      reporter.report(message: message, type: report_type)
+    end
   end
 end

data/lib/dangermattic/plugins/view_changes_checker.rb

@@ -18,7 +18,7 @@ module Danger
     MEDIA_IN_PR_BODY_PATTERNS = [
       %r{https?://\S*\.(gif|jpg|jpeg|png|svg)},
       %r{https?://\S*\.(mp4|avi|mov|mkv)},
-      %r{https?://\S*github\S+/\S+/assets/\d+/},
+      %r{https?://\S*github\S+/\S+/assets/},
       /!\[(.*?)\]\((.*?)\)/,
       /<img\s+[^>]*src\s*=\s*[^>]*>/,
       /<video\s+[^>]*src\s*=\s*[^>]*>/
@@ -31,7 +31,7 @@ module Danger
     # displaying a warning if view files have been modified but no screenshot or video is included.
     #
     # @return [void]
-    def check
+    def check(report_type: :warning)
       view_files_modified = git.modified_files.any? do |file|
         VIEW_EXTENSIONS_IOS =~ file || VIEW_EXTENSIONS_ANDROID =~ file
       end
@@ -40,7 +40,7 @@ module Danger
         github.pr_body =~ pattern
       end
 
-      warn(MESSAGE) if view_files_modified && !pr_has_media
+      reporter.report(message: MESSAGE, type: report_type) if view_files_modified && !pr_has_media
     end
   end
 end

data/spec/manifest_pr_checker_spec.rb

@@ -17,7 +17,7 @@ module Danger
       describe 'Bundler' do
         it 'reports a warning when a PR changed the Gemfile but not the Gemfile.lock' do
           modified_files = ['Gemfile']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_gemfile_lock_updated
 
@@ -27,7 +27,7 @@ module Danger
 
         it 'reports no warnings when both the Gemfile and the Gemfile.lock were updated' do
           modified_files = ['Gemfile', 'Gemfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_gemfile_lock_updated
 
@@ -36,7 +36,7 @@ module Danger
 
         it 'reports no warnings when only the Gemfile.lock was updated' do
           modified_files = ['Gemfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_gemfile_lock_updated
 
@@ -47,7 +47,7 @@ module Danger
       describe 'CocoaPods' do
         it 'reports a warning when a PR changed the Podfile but not the Podfile.lock' do
           modified_files = ['Podfile']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -57,7 +57,7 @@ module Danger
 
         it 'reports no warnings when both the Podfile and the Podfile.lock were updated' do
           modified_files = ['Podfile', 'Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -66,7 +66,7 @@ module Danger
 
         it 'reports a warning when a PR changed a custom located Podfile but not the corresponding Podfile.lock' do
           modified_files = ['./path/to/Podfile', './my/Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -76,7 +76,7 @@ module Danger
 
         it 'reports multiple warnings when a PR changed multiple custom located Podfiles but not the corresponding Podfile.lock' do
           modified_files = ['./dir1/Podfile', './dir2/Podfile', './dir3/Podfile', './dir1/Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -89,7 +89,7 @@ module Danger
 
         it 'reports no warnings when both custom located Podfile`s and their corresponding Podfile.lock were updated' do
           modified_files = ['./my/path/to/Podfile', './another/path/to/Podfile', './my/path/to/Podfile.lock', './another/path/to/Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -98,7 +98,7 @@ module Danger
 
         it 'reports no warnings when only the Podfile.lock was updated' do
           modified_files = ['Podfile.lock']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
           @plugin.check_podfile_lock_updated
 
@@ -107,32 +107,73 @@ module Danger
       end
 
       describe 'Swift Package Manager' do
-        it 'reports a warning when a PR changed the Package.swift but not the Package.resolved' do
-          modified_files = ['Package.swift']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+        describe '#check_swift_package_resolved_updated' do
+          it 'reports a warning when a PR changed the Package.swift but not the Package.resolved' do
+            modified_files = ['Package.swift']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
-          @plugin.check_swift_package_resolved_updated
+            @plugin.check_swift_package_resolved_updated
 
-          expected_warning = format(ManifestPRChecker::MESSAGE, 'Package.swift', 'Package.resolved', 'Please resolve the Swift packages in Xcode')
-          expect(@dangerfile).to report_warnings([expected_warning])
-        end
+            expected_warning = format(ManifestPRChecker::MESSAGE, 'Package.swift', 'Package.resolved', ManifestPRChecker::SWIFT_INSTRUCTION)
+            expect(@dangerfile).to report_warnings([expected_warning])
+          end
 
-        it 'reports no warnings when both the Package.swift and the Package.resolved were updated' do
-          modified_files = ['Package.swift', 'Package.resolved']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+          it 'reports no warnings when both the Package.swift and the Package.resolved were updated' do
+            modified_files = ['Package.swift', 'Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
-          @plugin.check_swift_package_resolved_updated
+            @plugin.check_swift_package_resolved_updated
 
-          expect(@dangerfile).to not_report
+            expect(@dangerfile).to not_report
+          end
+
+          it 'reports no warnings when only the Package.resolved was updated' do
+            modified_files = ['Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
+
+            @plugin.check_swift_package_resolved_updated
+
+            expect(@dangerfile).to not_report
+          end
         end
 
-        it 'reports no warnings when only the Package.resolved was updated' do
-          modified_files = ['Package.resolved']
-          allow(@plugin.git).to receive(:modified_files).and_return(modified_files)
+        describe '#check_swift_package_resolved_updated_strict' do
+          it 'reports a warning when a PR changed the specific Package.swift but not its Package.resolved' do
+            modified_files = ['Apps/App1/Package.swift', 'Apps/App2/Package.swift', 'Apps/App2/Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
 
-          @plugin.check_swift_package_resolved_updated
+            @plugin.check_swift_package_resolved_updated_strict(
+              manifest_path: 'Apps/App1/Package.swift',
+              manifest_lock_path: 'Apps/App1/Package.resolved'
+            )
 
-          expect(@dangerfile).to not_report
+            expected_warning = format(ManifestPRChecker::MESSAGE, 'Apps/App1/Package.swift', 'Package.resolved', ManifestPRChecker::SWIFT_INSTRUCTION)
+            expect(@dangerfile).to report_warnings([expected_warning])
+          end
+
+          it 'reports no warning when both the specific Package.swift and Package.resolved were updated' do
+            modified_files = ['Apps/App1/Package.swift', 'Apps/App1/Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
+
+            @plugin.check_swift_package_resolved_updated_strict(
+              manifest_path: 'Apps/App1/Package.swift',
+              manifest_lock_path: 'Apps/App1/Package.resolved'
+            )
+
+            expect(@dangerfile).to not_report
+          end
+
+          it 'reports no warning when the specific Package.swift was not modified' do
+            modified_files = ['Apps/App2/Package.swift', 'Apps/App2/Package.resolved']
+            allow(@plugin.git_utils).to receive(:all_changed_files).and_return(modified_files)
+
+            @plugin.check_swift_package_resolved_updated_strict(
+              manifest_path: 'Apps/App1/Package.swift',
+              manifest_lock_path: 'Apps/App1/Package.resolved'
+            )
+
+            expect(@dangerfile).to not_report
+          end
         end
       end
     end

data/spec/view_changes_checker_spec.rb

@@ -75,7 +75,7 @@ module Danger
         expect(@dangerfile).to not_report
       end
 
-      it 'does nothing when a PR with view code changes has a video defined with a simple URL' do
+      it 'does nothing when a PR with view code changes has a video defined with a simple repo assets URL' do
         allow(@plugin.github).to receive(:pr_body)
           .and_return("see video:\nhttps://github.com/woocommerce/woocommerce-ios/assets/1864060/0e983305-5047-40a3-8829-734e0b582b96 body body")
 
@@ -83,6 +83,15 @@ module Danger
 
         expect(@dangerfile).to not_report
       end
+
+      it 'does nothing when a PR with view code changes has a video defined with a simple GitHub assets URL' do
+        allow(@plugin.github).to receive(:pr_body)
+          .and_return("see video:\nhttps://github.com/user-attachments/assets/f3461fec-f96c-4376-9e00-f8faf65f3457 body body")
+
+        @plugin.check
+
+        expect(@dangerfile).to not_report
+      end
     end
 
     shared_examples 'PR without view code changes' do |modified_files|

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: danger-dangermattic
 version: !ruby/object:Gem::Version
-  version: 1.1.2
+  version: 1.2.0
 platform: ruby
 authors:
 - Automattic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-08-05 00:00:00.000000000 Z
+date: 2024-11-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: danger
@@ -201,6 +201,7 @@ files:
 - ".buildkite/gem-push.sh"
 - ".buildkite/pipeline.yml"
 - ".bundle/config"
+- ".github/workflows/README.md"
 - ".github/workflows/reusable-check-labels-on-issues.yml"
 - ".github/workflows/reusable-retry-buildkite-step-on-events.yml"
 - ".github/workflows/reusable-run-danger.yml"