danger-packwerk 0.8.0 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0ad3f46c259911564eb4b955fb62e8152962db5c5682a6ba6000054dde9d8128
-  data.tar.gz: ef61b403058b20869cda462629724943317e55f5f4b1bfe125f9be7323a634c4
+  metadata.gz: cf8895f7ae2e94e0b1d09e146176b6777ba8f952fe03381380071114fcec2bd4
+  data.tar.gz: 2e68e2096375433cfad68d85ca8d5eac7855dcb542b34f79417a53b1e4c9eb1b
 SHA512:
-  metadata.gz: cfc452185f83aef5f9ff5e53c475ac7472d7cfcda477a0a1f1fcc863704df6e93358a6e6096f5d4f1afb68176c687c8748a8c2c2562458c03bac47d120de91b4
-  data.tar.gz: '08df3f5e1d6e6d7367c3dc85f464346cf479dd13b5d831b26847b194f90190cb33e429c92095517124ae78eb0d23479c2a3b1146ab5a1ef529bfe967b9cf9192'
+  metadata.gz: bfbe7e86650ac170c89c014f7519d0d40abdb3d864b995d8cdb5ef2478ec3e4fe6f2e3afc4854dbc216e622a8adc99761bd7d9a420167553db6b70084446740f
+  data.tar.gz: b6729e1b52a5f25ae5da573d706bb1f3fc4217c750976dcd51aafd7611a5c7f53b4851727e3fd20cb66065570d2a99b0c4a4c367572c84fc08fb6918dfdfeb6b

data/README.md

@@ -2,7 +2,7 @@
 
 `danger-packwerk` integrates [`packwerk`](https://github.com/Shopify/packwerk) with [`danger`](https://github.com/danger/danger) to provide inline comments in PRs related to boundaries in a Rails application.
 
-## Installation
+## Installation and Basic Usage
 Step 1: Add this line to your `Gemfile` (to whatever group your CI uses, as it is not needed in production) and `bundle install`:
 
 ```ruby
@@ -13,41 +13,50 @@ Step 2: Add these to your `Dangerfile`:
 
 ```ruby
 packwerk.check
-deprecated_references_yml_changes.check
+package_todo_yml_changes.check
 ```
 
 That's it for basic usage!
 
-## Usage
+## Advanced Usage
 
 There are currently two danger checks that ship with `danger-packwerk`:
 1) One that runs `bin/packwerk check` and leaves inline comments in source code on new violations
-2) One that looks at changes to `deprecated_references.yml` files and leaves inline comments on added violations.
+2) One that looks at changes to `package_todo.yml` files and leaves inline comments on added violations.
 
 In upcoming iterations, we will include other danger checks, including:
 1) A danger check that detects changes to `package.yml` files and posts user-configurable messages on the `package.yml` files that are modified.
 2) A danger check that detects changes to `packwerk.yml` files and allows you to specify the action taken when that happens.
 
 ## packwerk.check
-![This is an image displaying a comment from the Danger github bot. The comment is inline with the PR in Github and displays the following text. Dependency violation: ::FeatureFlag belongs to 'packs/feature_flags', but 'packs/gusto_slack' does not specify a dependency on 'packs/feature_flags'. Are we missing an abstraction? Is the code making the reference, and the referenced constant, in the right packages? Inference details: this is a reference to ::FeatureFlag which seems to be defined in packs/feature_flags/app/models/feature_flag.rb. To receive help interpreting or resolving this error message, see: https://github.com/Shopify/packwerk/blob/main/TROUBLESHOOT.md#Troubleshooting-violations Privacy violation: '::FeatureFlag' is private to 'packs/feature_flags' but referenced from 'packs/gusto_slack'. Is there a public entrypoint in 'packs/feature_flags/app/public/' that you can use instead? Inference details: this is a reference to ::FeatureFlag which seems to be defined in packs/feature_flags/app/models/feature_flag.rb. To receive help interpreting or resolving this error message, see: https://github.com/Shopify/packwerk/blob/main/TROUBLESHOOT.md#Troubleshooting-violations](docs/basic_usage.png)
+![This is an image displaying a comment from the Danger github bot after running bin/packwerk check.](docs/check_1.png)
+![This is an image displaying a comment from the Danger github bot after running bin/packwerk check with the "quick suggestions" accordian open](docs/check_2.png)
 
-Without any configuration, `packwerk.check` should just work. By default, it will post a maximum of 15 messages in a PR, using the default messaging from packwerk, and it will not fail the build.
+Without any configuration, `packwerk.check` should just work. By default, it will post a maximum of 15 messages in a PR and it will not fail the build.
 
 `packwerk.check` can be configured to in the following ways:
 
 ### Change the message that displays in the markdown
-The default message displayed is from `bin/packwerk check`. To customize this this, pass in `offenses_formatter` to `packwerk.check` in your `Dangerfile`. Here's a simple example:
+To customize the message in the GitHub comment, pass in `offenses_formatter` to `packwerk.check` in your `Dangerfile`. Here's a simple example:
 ```ruby
-packwerk.check(
-  # Offenses are a T::Array[Packwerk::ReferenceOffense] => https://github.com/Shopify/packwerk/blob/main/lib/packwerk/reference_offense.rb
-  offenses_formatter: -> (offenses) do
-    "There are #{offenses.count} packwerk offenses on this line!"
+class MyFormatter
+  extend T::Sig
+  include DangerPackwerk::Check::OffensesFormatter
+  # Packwerk::ReferenceOffense: https://github.com/Shopify/packwerk/blob/main/lib/packwerk/reference_offense.rb
+  sig { override.params(offenses: T::Array[Packwerk::ReferenceOffense], repo_link: String, org_name: String).returns(String) }
+  def format_offenses(offenses, repo_link, org_name)
+    # your logic here
   end
-)
+end
+
+packwerk.check(offenses_formatter: MyFormatter.new)
 ```
 
-A more advanced example could give more specific information about the violation and information specific to your organization or project about how to resolve. Here is a screenshot of what our message looks like at Gusto:
-![This is an image displaying a comment from the Danger github bot. The comment is inline with the PR in Github and displays the following text: Hi there! It looks like FeatureFlag is private API of packs/feature_flags, which is also not in packs/gusto_slack's list of dependencies. Before you run bin/packwerk update-deprecations, read through How to Handle Dependency and Privacy Violations (with Flow Chart!). Here are some quick suggestions to resolve: Does the code you are writing live in the right pack? If not, try bin/move_to_pack -n packs/destination_pack -f packs/gusto_slack/app/services/slack/client.rb. Does FeatureFlag live in the right pack? If not, try bin/move_to_pack -n packs/destination_pack -f packs/feature_flags/app/models/feature_flag.rb. Do we actually want to depend on packs/feature_flags. If so, try adding packs/feature_flags to packs/gusto_slack/package.yml dependencies. If not, what can we change about the design so we do not have to depend on packs/feature_flags? Does API in packs/feature_flags/public support this use case? If not, can we work with @Gusto/product-infrastructure to create and use a public API? If FeatureFlag should already be public, try bin/make_public -f packs/feature_flags/app/models/feature_flag.rb. Need help? Join us in #ruby-modularity or provide feedback.](docs/advanced_usage.png)
+If you'd like to keep the default messaging but add some context customized to your organization, you can pass that in as follows:
+```ruby
+custom_help_message = "Need help? Check out our internal docs [here](www.example.com)"
+packwerk.check(offenses_formatter: DangerPackwerk::Check::DefaultFormatter.new(custom_help_message: custom_help_message))
+```
 
 ### Fail the build on new violations
 Simply pass in `fail_build: true` into `check`, as such:
@@ -75,42 +84,48 @@ packwerk.check(
 )
 ```
 
-## deprecated_references_yml_changes.check
-![This is an image displaying a comment from the Danger github bot. The comment is inline with the PR in Github and displays the following text. We noticed you ran `bin/packwerk update-deprecations`. Make sure to read through the docs for other ways to resolve.](docs/basic_usage_2.png)
+## package_todo_yml_changes.check
+![This is an image displaying an inline comment from the Danger github bot.](docs/update.png)
 
-Without any configuration, `deprecated_references_yml_changes.check` should just work. By default, it will post a maximum of 15 messages in a PR, using default messaging defined within this gem.
+Without any configuration, `package_todo_yml_changes.check` should just work. By default, it will post a maximum of 15 messages in a PR, using default messaging defined within this gem.
 
-`deprecated_references_yml_changes.check` can be configured to in the following ways:
+`package_todo_yml_changes.check` can be configured to in the following ways:
 
 ### Change the message that displays in the markdown
-The default message displayed is from `lib/danger-packwerk/private/default_offenses_formatter.rb`. To customize this this, pass in `offenses_formatter` to `deprecated_references_yml_changes.check` in your `Dangerfile`. Here's a simple example:
+To customize the message in the GitHub comment, pass in `offenses_formatter` to `package_todo_yml_changes.check` in your `Dangerfile`. Here's a simple example:
 ```ruby
-deprecated_references_yml_changes.check(
-  # Offenses are a T::Array[DangerPackwerk::BasicReferenceOffense]
-  offenses_formatter: -> (added_offenses) do
-    "There are #{added_offenses.count} new violations this line!"
+class MyFormatter
+  extend T::Sig
+  include DangerPackwerk::Update::OffensesFormatter
+  # DangerPackwerk::BasicReferenceOffense
+  sig { override.params(offenses: T::Array[DangerPackwerk::BasicReferenceOffense], repo_link: String, org_name: String).returns(String) }
+  def format_offenses(offenses, repo_link, org_name)
+    # your logic here
   end
-)
+end
+
+package_todo_yml_changes.check(offenses_formatter: MyFormatter.new)
 ```
 
-A more advanced example could give more specific information about the violation and information specific to your organization or project about how to resolve. Here is a screenshot of what our message looks like at Gusto:
-![This is an image displaying a comment from the Danger github bot. The comment is inline with the PR in Github and displays the following text. Hi again! It looks like FeatureFlag is private API of packs/feature_flags, which is also not in packs/gusto_slack's list of dependencies.. We noticed you ran bin/packwerk update-deprecations. Make sure to read through How to Handle Dependency and Privacy Violations (with Flow Chart!). Could you add some context as a reply here about why we needed to add these violations packs/gusto_slack/package.yml is configured with notify_on_new_violations to notify @Gusto/product-infrastructure (#product-infrastructure) on new dependency violations. packs/feature_flags/package.yml is configured with notify_on_new_violations to notify @Gusto/product-infrastructure (#product-infrastructure) on new privacy violations
-Need help? Join us in #ruby-modularity or provide feedback.
-](docs/advanced_usage_2.png)
+If you'd like to keep the default messaging but add some context customized to your organization, you can pass that in as follows:
+```ruby
+custom_help_message = "Need help? Check out our internal docs [here](www.example.com)"
+package_todo_yml_changes.check(offenses_formatter: DangerPackwerk::Update::DefaultFormatter.new(custom_help_message: custom_help_message))
+```
 
 ### Change the max number of comments that will display
 If you do not change this, the default max is 15. More information about why we chose this number in the source code.
 ```ruby
-deprecated_references_yml_changes.check(max_comments: 3)
+package_todo_yml_changes.check(max_comments: 3)
 ```
 
 ### Do something extra before we leave comments
 Maybe you want to notify slack or do something else before we leave comments.
 
 ```ruby
-deprecated_references_yml_changes.check(
-  # violation_diff is a DangerPackwerk::ViolationDiff and changed_deprecated_references_ymls is a T::Array[String]
-  before_comment: -> (violation_diff, changed_deprecated_references_ymls) do
+package_todo_yml_changes.check(
+  # violation_diff is a DangerPackwerk::ViolationDiff and changed_package_todo_ymls is a T::Array[String]
+  before_comment: -> (violation_diff, changed_package_todo_ymls) do
     # Notify slack or otherwise do something extra!
   end
 )

data/lib/danger-packwerk/basic_reference_offense.rb

@@ -4,8 +4,8 @@ module DangerPackwerk
   #
   # We call this BasicReferenceOffense as it is intended to have a subset of the interface of Packwerk::ReferenceOffense, located here:
   # https://github.com/Shopify/packwerk/blob/a22862b59f7760abf22bda6804d41a52d05301d8/lib/packwerk/reference_offense.rb#L1
-  # However, we cannot actually construct a Packwerk::ReferenceOffense from `deprecated_referencs.yml` alone, since they are normally
-  # constructed in packwerk when packwerk parses the AST and actually outputs `deprecated_references.yml`, a process in which some information,
+  # However, we cannot actually construct a Packwerk::ReferenceOffense from `package_todo.yml` alone, since they are normally
+  # constructed in packwerk when packwerk parses the AST and actually outputs `package_todo.yml`, a process in which some information,
   # such as the location where the constant is defined, is lost.
   #
   class BasicReferenceOffense < T::Struct
@@ -41,21 +41,21 @@ module DangerPackwerk
     const :type, String
     const :file_location, Location
 
-    sig { params(deprecated_references_yml: String).returns(T::Array[BasicReferenceOffense]) }
-    def self.from(deprecated_references_yml)
-      deprecated_references_yml_pathname = Pathname.new(deprecated_references_yml)
+    sig { params(package_todo_yml: String).returns(T::Array[BasicReferenceOffense]) }
+    def self.from(package_todo_yml)
+      package_todo_yml_pathname = Pathname.new(package_todo_yml)
 
-      from_package = ParsePackwerk.package_from_path(deprecated_references_yml_pathname)
+      from_package = ParsePackwerk.package_from_path(package_todo_yml_pathname)
       from_package_name = from_package.name
-      violations = Private::DeprecatedReferences.from(deprecated_references_yml_pathname).violations
+      violations = Private::PackageTodo.from(package_todo_yml_pathname).violations
 
       # See the larger comment below for more information on why we need this information.
       # This is a small optimization that lets us find the location of referenced files within
-      # a `deprecated_references.yml` file. Getting this now allows us to avoid reading through the file
+      # a `package_todo.yml` file. Getting this now allows us to avoid reading through the file
       # once for every referenced file in the inner loop below.
       file_reference_to_line_number_index = T.let({}, T::Hash[String, T::Array[Integer]])
       all_referenced_files = violations.flat_map(&:files).uniq
-      deprecated_references_yml_pathname.readlines.each_with_index do |line, index|
+      package_todo_yml_pathname.readlines.each_with_index do |line, index|
         # We can use `find` here to exit early since each line will include one path that is unique to that file.
         # Paths should not be substrings of each other, since they are all paths relative to the root.
         file_on_line = all_referenced_files.find { |file| line.include?(file) }
@@ -69,24 +69,24 @@ module DangerPackwerk
       violations.flat_map do |violation|
         #
         # We identify two locations associated with this violation.
-        # First, we find the reference to the constant within the `deprecated_references.yml` file.
-        # We know that each constant reference can occur only once per `deprecated_references.yml` file
+        # First, we find the reference to the constant within the `package_todo.yml` file.
+        # We know that each constant reference can occur only once per `package_todo.yml` file
         # The reason for this is that we know that only one file in the codebase can define a constant, and packwerk's constant_resolver will actually
         # raise if this assumption is not true: https://github.com/Shopify/constant_resolver/blob/e78af0c8d5782b06292c068cfe4176e016c51b34/lib/constant_resolver.rb#L74
         #
-        # Second, we find the reference to the specific file that references the constant within the `deprecated_references.yml` file.
-        # This can occur multiple times per `deprecated_references.yml` file, but we know that the very first reference to the file after the class name key will be the one we care
+        # Second, we find the reference to the specific file that references the constant within the `package_todo.yml` file.
+        # This can occur multiple times per `package_todo.yml` file, but we know that the very first reference to the file after the class name key will be the one we care
         # about, so we take the first instance that occurs after the class is listed.
         #
-        # Note though that since one constant reference in a `deprecated_referencs.yml` can be both a privacy and a dependency violation AND it can occur in many files,
+        # Note though that since one constant reference in a `package_todo.yml` can be both a privacy and a dependency violation AND it can occur in many files,
         # we need to group them. That is -- if `MyPrivateConstant` is both a dependency and a privacy violation AND it occurs in 10 files, that would represent 20 violations.
         # Therefore we will group all of those 20 into one message to the user rather than providing 20 messages.
         #
-        _line, class_name_line_number = deprecated_references_yml_pathname.readlines.each_with_index.find do |line, _index|
+        _line, class_name_line_number = package_todo_yml_pathname.readlines.each_with_index.find do |line, _index|
           # If you have a class `::MyClass`, then you can get a false match if another constant in the file
           # is named `MyOtherClass::MyClassThing`. Therefore we include quotes in our match to ensure that we match
           # the constant and only the constant.
-          # Right now `packwerk` `deprecated_references.yml` files typically use double quotes, but sometimes folks linters change this to single quotes.
+          # Right now `packwerk` `package_todo.yml` files typically use double quotes, but sometimes folks linters change this to single quotes.
           # To be defensive, we match against either.
           class_name_with_quote_boundaries = /["|']#{violation.class_name}["|']:/
           line.match?(class_name_with_quote_boundaries)
@@ -94,16 +94,16 @@ module DangerPackwerk
 
         if class_name_line_number.nil?
           debug_info = { class_name: violation.class_name, to_package_name: violation.to_package_name, type: violation.type }
-          raise "Unable to find reference to violation #{debug_info} in #{deprecated_references_yml}"
+          raise "Unable to find reference to violation #{debug_info} in #{package_todo_yml}"
         end
 
         violation.files.map do |file|
           file_line_numbers = file_reference_to_line_number_index.fetch(file, [])
           file_line_number = file_line_numbers.select { |index| index > class_name_line_number }.min
-          raise "Unable to find reference to violation #{{ file: file, to_package_name: violation.to_package_name, type: violation.type }} in #{deprecated_references_yml}" if file_line_number.nil?
+          raise "Unable to find reference to violation #{{ file: file, to_package_name: violation.to_package_name, type: violation.type }} in #{package_todo_yml}" if file_line_number.nil?
 
           # We add one to the line number since `each_with_index` is zero-based indexed but Github line numbers are one-based indexed
-          file_location = Location.new(file: deprecated_references_yml, line_number: file_line_number + 1)
+          file_location = Location.new(file: package_todo_yml, line_number: file_line_number + 1)
 
           BasicReferenceOffense.new(
             class_name: violation.class_name,

data/lib/danger-packwerk/check/default_formatter.rb

@@ -45,7 +45,7 @@ module DangerPackwerk
         team_to_work_with = constant_source_package_ownership_info.owning_team ? constant_source_package_ownership_info.markdown_link_to_github_members_no_tag : 'the pack owner'
         privacy_violation_message = "- Does API in #{constant_source_package.name}/public support this use case?\n  - If not, can we work with #{team_to_work_with} to create and use a public API?\n  - If `#{constant_name}` should already be public, try `bin/packs make_public #{constant_location}`."
 
-        if violation_types.include?(Packwerk::ViolationType::Dependency) && violation_types.include?(Packwerk::ViolationType::Privacy)
+        if violation_types.include?(::DangerPackwerk::DEPENDENCY_VIOLATION_TYPE) && violation_types.include?(::DangerPackwerk::PRIVACY_VIOLATION_TYPE)
           <<~MESSAGE
             **Packwerk Violation**
             - Type: Privacy :lock: + Dependency :knot:
@@ -65,7 +65,7 @@ module DangerPackwerk
 
             _#{@custom_help_message}_
           MESSAGE
-        elsif violation_types.include?(Packwerk::ViolationType::Dependency)
+        elsif violation_types.include?(::DangerPackwerk::DEPENDENCY_VIOLATION_TYPE)
           <<~MESSAGE
             **Packwerk Violation**
             - Type: Dependency :knot:
@@ -84,7 +84,7 @@ module DangerPackwerk
 
             _#{@custom_help_message}_
           MESSAGE
-        else # violation_types.include?(Packwerk::ViolationType::Privacy)
+        else # violation_types.include?(::DangerPackwerk::PRIVACY_VIOLATION_TYPE)
           <<~MESSAGE
             **Packwerk Violation**
             - Type: Privacy :lock:

data/lib/danger-packwerk/{danger_deprecated_references_yml_changes.rb → danger_package_todo_yml_changes.rb}

@@ -9,7 +9,7 @@ require 'danger-packwerk/violation_diff'
 require 'open3'
 
 module DangerPackwerk
-  class DangerDeprecatedReferencesYmlChanges < Danger::Plugin
+  class DangerPackageTodoYmlChanges < Danger::Plugin
     extend T::Sig
 
     # We choose 5 here because violation additions tend to fall into a bimodal distribution, where most PRs only add a handful (<10) of new violations,
@@ -17,8 +17,8 @@ module DangerPackwerk
     # Therefore we hope to capture the majority case of people making changes to code while not spamming PRs that do a big rename.
     # We set a max (rather than unlimited) to avoid GitHub rate limiting and general spam if a PR does some sort of mass rename.
     DEFAULT_MAX_COMMENTS = 5
-    BeforeComment = T.type_alias { T.proc.params(violation_diff: ViolationDiff, changed_deprecated_references_ymls: T::Array[String]).void }
-    DEFAULT_BEFORE_COMMENT = T.let(->(violation_diff, changed_deprecated_references_ymls) {}, BeforeComment)
+    BeforeComment = T.type_alias { T.proc.params(violation_diff: ViolationDiff, changed_package_todo_ymls: T::Array[String]).void }
+    DEFAULT_BEFORE_COMMENT = T.let(->(violation_diff, changed_package_todo_ymls) {}, BeforeComment)
 
     sig do
       params(
@@ -36,13 +36,13 @@ module DangerPackwerk
       repo_link = github.pr_json[:base][:repo][:html_url]
       org_name = github.pr_json[:base][:repo][:owner][:login]
 
-      changed_deprecated_references_ymls = (git.modified_files + git.added_files + git.deleted_files).grep(DEPRECATED_REFERENCES_PATTERN)
+      changed_package_todo_ymls = (git.modified_files + git.added_files + git.deleted_files).grep(PACKAGE_TODO_PATTERN)
 
       violation_diff = get_violation_diff
 
       before_comment.call(
         violation_diff,
-        changed_deprecated_references_ymls.to_a
+        changed_package_todo_ymls.to_a
       )
 
       current_comment_count = 0
@@ -67,16 +67,16 @@ module DangerPackwerk
       added_violations = T.let([], T::Array[BasicReferenceOffense])
       removed_violations = T.let([], T::Array[BasicReferenceOffense])
 
-      git.added_files.grep(DEPRECATED_REFERENCES_PATTERN).each do |added_deprecated_references_yml_file|
+      git.added_files.grep(PACKAGE_TODO_PATTERN).each do |added_package_todo_yml_file|
         # Since the file is added, we know on the base commit there are no violations related to this pack,
         # and that all violations from this file are new
-        added_violations += BasicReferenceOffense.from(added_deprecated_references_yml_file)
+        added_violations += BasicReferenceOffense.from(added_package_todo_yml_file)
       end
 
-      git.deleted_files.grep(DEPRECATED_REFERENCES_PATTERN).each do |deleted_deprecated_references_yml_file|
+      git.deleted_files.grep(PACKAGE_TODO_PATTERN).each do |deleted_package_todo_yml_file|
         # Since the file is deleted, we know on the HEAD commit there are no violations related to this pack,
         # and that all violations from this file are deleted
-        deleted_violations = get_violations_before_patch_for(deleted_deprecated_references_yml_file)
+        deleted_violations = get_violations_before_patch_for(deleted_package_todo_yml_file)
         removed_violations += deleted_violations
       end
 
@@ -84,13 +84,13 @@ module DangerPackwerk
       renamed_files_before = git.renamed_files.map { |before_after_file| before_after_file[:before] }
       renamed_files_after = git.renamed_files.map { |before_after_file| before_after_file[:after] }
 
-      git.modified_files.grep(DEPRECATED_REFERENCES_PATTERN).each do |modified_deprecated_references_yml_file|
-        # We skip over modified files if one of the modified files is a renamed `deprecated_references.yml` file.
+      git.modified_files.grep(PACKAGE_TODO_PATTERN).each do |modified_package_todo_yml_file|
+        # We skip over modified files if one of the modified files is a renamed `package_todo.yml` file.
         # This allows us to rename packs while ignoring "new violations" in those renamed packs.
-        next if renamed_files_before.include?(modified_deprecated_references_yml_file)
+        next if renamed_files_before.include?(modified_package_todo_yml_file)
 
-        head_commit_violations = BasicReferenceOffense.from(modified_deprecated_references_yml_file)
-        base_commit_violations = get_violations_before_patch_for(modified_deprecated_references_yml_file)
+        head_commit_violations = BasicReferenceOffense.from(modified_package_todo_yml_file)
+        base_commit_violations = get_violations_before_patch_for(modified_package_todo_yml_file)
         added_violations += head_commit_violations - base_commit_violations
         removed_violations += base_commit_violations - head_commit_violations
       end
@@ -128,9 +128,9 @@ module DangerPackwerk
 
     private
 
-    sig { params(deprecated_references_yml_file: String).returns(T::Array[BasicReferenceOffense]) }
-    def get_violations_before_patch_for(deprecated_references_yml_file)
-      # The strategy to get the violations before this PR is to reverse the patch on each `deprecated_references.yml`.
+    sig { params(package_todo_yml_file: String).returns(T::Array[BasicReferenceOffense]) }
+    def get_violations_before_patch_for(package_todo_yml_file)
+      # The strategy to get the violations before this PR is to reverse the patch on each `package_todo.yml`.
       # A previous strategy attempted to use `git merge-base --fork-point`, but there are many situations where it returns
       # empty values. That strategy is fickle because it depends on the state of the `reflog` within the CI suite, which appears
       # to not be reliable to depend on.
@@ -139,24 +139,24 @@ module DangerPackwerk
       # the PR without needing to use git commands that interpret the branch history based on local git history.
       #
       # We apply the patch to the original file so that we can seamlessly reverse the patch applied to that file (since patches are coupled to
-      # the files they modify). After parsing the violations from that `deprecated_references.yml` file with the patch reversed,
+      # the files they modify). After parsing the violations from that `package_todo.yml` file with the patch reversed,
       # we use a temporary copy of the original file to rewrite to it with the original contents.
       # Note that practically speaking, we don't need to rewrite the original contents (since we already fetched the
       # original contents above and the CI file system should be ephemeral). However, we do this anyways in case we later change these
       # assumptions, or another client's environment is different and expects these files not to be mutated.
 
       # Keep track of the original file contents. If the original file has been deleted, then we delete the file after inverting the patch at the end, rather than rewriting it.
-      deprecated_references_yml_file_copy = (File.read(deprecated_references_yml_file) if File.exist?(deprecated_references_yml_file))
+      package_todo_yml_file_copy = (File.read(package_todo_yml_file) if File.exist?(package_todo_yml_file))
 
       Tempfile.create do |patch_file|
-        # Normally we'd use `git.diff_for_file(deprecated_references_yml_file).patch` here, but there is a bug where it does not work for deleted files yet.
+        # Normally we'd use `git.diff_for_file(package_todo_yml_file).patch` here, but there is a bug where it does not work for deleted files yet.
         # I have a fix for that here: https://github.com/danger/danger/pull/1357
         # Until that lands, I'm just using the underlying implementation of that method to get the diff for a file.
         # Note that I might want to use a safe escape operator, `&.patch` and return gracefully if the patch cannot be found.
         # However I'd be interested in why that ever happens, so for now going to proceed as is.
         # (Note that better yet we'd have observability into these so I can just log under those circumstances rather than surfacing an error to the user,
         # but we don't have that quite yet.)
-        patch_for_file = git.diff[deprecated_references_yml_file].patch
+        patch_for_file = git.diff[package_todo_yml_file].patch
         # This appears to be a known issue that patches require new lines at the end. It seems like this is an issue with Danger that
         # it gives us a patch without a newline.
         # https://stackoverflow.com/questions/18142870/git-error-fatal-corrupt-patch-at-line-36
@@ -165,13 +165,13 @@ module DangerPackwerk
         # https://git-scm.com/docs/git-apply
         _stdout, _stderr, _status = Open3.capture3("git apply --reverse #{patch_file.path}")
         # https://www.rubyguides.com/2019/05/ruby-tempfile/
-        BasicReferenceOffense.from(deprecated_references_yml_file)
+        BasicReferenceOffense.from(package_todo_yml_file)
       end
     ensure
-      if deprecated_references_yml_file_copy
-        File.write(deprecated_references_yml_file, deprecated_references_yml_file_copy)
+      if package_todo_yml_file_copy
+        File.write(package_todo_yml_file, package_todo_yml_file_copy)
       else
-        File.delete(deprecated_references_yml_file)
+        File.delete(package_todo_yml_file)
       end
     end
   end

data/lib/danger-packwerk/packwerk_wrapper.rb

@@ -60,6 +60,16 @@ module DangerPackwerk
       def show_stale_violations(offense_collection, for_files)
         ''
       end
+
+      sig { override.params(strict_mode_violations: T::Array[::Packwerk::ReferenceOffense]).returns(::String) }
+      def show_strict_mode_violations(strict_mode_violations)
+        ''
+      end
+
+      sig { override.returns(::String) }
+      def identifier
+        'offenses_aggregator'
+      end
     end
   end
 end

data/lib/danger-packwerk/private/{deprecated_references.rb → package_todo.rb}

@@ -3,7 +3,7 @@
 module DangerPackwerk
   module Private
     #
-    # The `Violation` and `DeprecatedReferences` classes come from Gusto's private `ParsePackwerk` gem.
+    # The `Violation` and `PackageTodo` classes come from Gusto's private `ParsePackwerk` gem.
     # Until we decide to open source that gem, we inline these as a private implementation detail of `DangerPackwerk` for now.
     #
     class Violation < T::Struct
@@ -25,22 +25,22 @@ module DangerPackwerk
       end
     end
 
-    class DeprecatedReferences < T::Struct
+    class PackageTodo < T::Struct
       extend T::Sig
 
       const :pathname, Pathname
       const :violations, T::Array[Violation]
 
-      sig { params(pathname: Pathname).returns(DeprecatedReferences) }
+      sig { params(pathname: Pathname).returns(PackageTodo) }
       def self.from(pathname)
         if pathname.exist?
-          deprecated_references_loaded_yml = YAML.load_file(pathname)
+          package_todo_loaded_yml = YAML.load_file(pathname)
 
           all_violations = []
-          deprecated_references_loaded_yml&.each_key do |to_package_name|
-            deprecated_references_per_package = deprecated_references_loaded_yml[to_package_name]
-            deprecated_references_per_package.each_key do |class_name|
-              symbol_usage = deprecated_references_per_package[class_name]
+          package_todo_loaded_yml&.each_key do |to_package_name|
+            package_todo_per_package = package_todo_loaded_yml[to_package_name]
+            package_todo_per_package.each_key do |class_name|
+              symbol_usage = package_todo_per_package[class_name]
               files = symbol_usage['files']
               violations = symbol_usage['violations']
               all_violations << Violation.new(type: 'dependency', to_package_name: to_package_name, class_name: class_name, files: files) if violations.include? 'dependency'

data/lib/danger-packwerk/private.rb

@@ -1,6 +1,6 @@
 # typed: strict
 
-require 'danger-packwerk/private/deprecated_references'
+require 'danger-packwerk/private/package_todo'
 require 'danger-packwerk/private/ownership_information'
 require 'constant_resolver'
 

data/lib/danger-packwerk/version.rb

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 
 module DangerPackwerk
-  VERSION = '0.8.0'
+  VERSION = '0.9.0'
 end

data/lib/danger-packwerk.rb

@@ -5,10 +5,12 @@
 require 'sorbet-runtime'
 
 module DangerPackwerk
-  DEPRECATED_REFERENCES_PATTERN = T.let(/.*?deprecated_references\.yml\z/.freeze, Regexp)
+  PACKAGE_TODO_PATTERN = T.let(/.*?package_todo\.yml\z/.freeze, Regexp)
+  DEPENDENCY_VIOLATION_TYPE = 'dependency'
+  PRIVACY_VIOLATION_TYPE = 'privacy'
 
   require 'danger-packwerk/danger_packwerk'
-  require 'danger-packwerk/danger_deprecated_references_yml_changes'
+  require 'danger-packwerk/danger_package_todo_yml_changes'
   require 'danger-packwerk/check/offenses_formatter'
   require 'danger-packwerk/check/default_formatter'
   require 'danger-packwerk/update/offenses_formatter'