danger-wcc 0.0.6 → 0.1.0

data/spec/fixtures/dependencies/yarn_patch_bumps_minor.diff

@@ -0,0 +1,28 @@
+diff --git a/spec/fixtures/dependencies/yarn_old.txt b/spec/fixtures/dependencies/yarn_old.txt
+index 2fe9d0e..8ceb5eb 100644
+--- a/spec/fixtures/dependencies/yarn_old.txt
++++ b/spec/fixtures/dependencies/yarn_old.txt
+@@ -671,7 +671,7 @@ yarn list v1.22.4
+ ├─ lodash.trimstart@4.5.1
+ ├─ lodash.unescape@4.0.1
+ ├─ lodash.uniq@4.5.0
+-├─ lodash@4.17.15
++├─ lodash@4.18.1
+ ├─ log-symbols@1.0.2
+ ├─ log-update@1.0.2
+ ├─ lolex@3.0.0
+@@ -923,10 +923,10 @@ yarn list v1.22.4
+ ├─ react-calendar@2.19.0
+ ├─ react-dom@16.13.1
+ ├─ react-infinite-scroller@1.2.2
+-├─ react-instantsearch-core@5.3.2
+-├─ react-instantsearch-dom@5.3.2
+-├─ react-instantsearch-native@5.3.2
+-├─ react-instantsearch@5.3.2
++├─ react-instantsearch-core@5.3.3
++├─ react-instantsearch-dom@5.3.3
++├─ react-instantsearch-native@5.3.3
++├─ react-instantsearch@5.3.3
+ ├─ react-is@16.6.3
+ ├─ react-lifecycles-compat@3.0.4
+ ├─ react-property@1.0.1

data/spec/wcc/dependencies_spec.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+require File.expand_path('../spec_helper', __dir__)
+
+module Danger
+  describe Danger::DangerWCC do
+    before do
+      @dangerfile = testing_dangerfile
+      @my_plugin = @dangerfile.wcc
+      @git = @dangerfile.git
+      @github = @dangerfile.github
+
+      allow(@github).to receive(:html_link) do |text|
+        "<a href=\"github_html_link\">#{text}</a>"
+      end
+
+      allow(File).to receive(:exist?).and_call_original
+      allow(File).to receive(:read).and_call_original
+      allow(File).to receive(:exist?).with('yarn.lock')
+        .and_return(true)
+      allow(File).to receive(:readlines).with('yarn.lock')
+        .and_return(load_fixture('dependencies/yarn.lock').split("\n"))
+      allow(File).to receive(:read).with('package.json')
+        .and_return(load_fixture('dependencies/package.json'))
+    end
+
+    describe 'yarn dependencies' do
+      let(:subject) { Danger::DangerWCC::Dependencies.new(@my_plugin) }
+
+      it 'Errors when minor version changes' do
+        allow(subject).to receive(:run_and_diff)
+          .with(/yarn list/)
+          .and_return(load_fixture('dependencies/yarn_minor_version.diff'))
+        allow(@git).to receive(:diff)
+          .and_return([
+                        load_diff(
+                          'spec/fixtures/dependencies/package.json',
+                          'dependencies/package.json'
+                        )
+                      ])
+
+        # act
+        subject.perform
+
+        expect(@dangerfile.violation_report[:errors])
+          .to eq([Violation.new(
+            'Dangerous change! react-instantsearch was updated '\
+            'from 5.3.2 to 5.7.0 without a corresponding '\
+            'change to package.json!',
+            false,
+            'yarn.lock',
+            15_613,
+            type: :error
+          )])
+      end
+
+      it 'Errors when patch bump causes minor version changes' do
+        allow(File).to receive(:readlines).with('yarn.lock')
+          .and_return(
+            load_fixture('dependencies/yarn.lock_patch_bumps_minor.lock')
+            .split("\n")
+          )
+
+        allow(subject).to receive(:run_and_diff)
+          .with(/yarn list/)
+          .and_return(load_fixture('dependencies/yarn_patch_bumps_minor.diff'))
+        allow(@git).to receive(:diff)
+          .and_return(
+            [
+              load_diff(
+                'spec/fixtures/dependencies/'\
+                  'package.json_patch_bumps_minor.json',
+                'dependencies/package.json_patch_bumps_minor'
+              )
+            ]
+          )
+
+        # act
+        subject.perform
+
+        expect(@dangerfile.violation_report[:errors])
+          .to eq([Violation.new(
+            'Dangerous change! lodash was updated '\
+            'from 4.17.15 to 4.18.1 without a corresponding '\
+            'change to package.json!',
+            false,
+            'yarn.lock',
+            # make sure we pick out the right lodash!  There's 3 of them.
+            12_111,
+            type: :error
+          )])
+      end
+    end
+  end
+end

data/spec/wcc/plugin_spec.rb

@@ -17,7 +17,7 @@ module Danger
 
     describe 'all' do
       it 'runs all default and passes default options' do
-        %i[rubocop_exceptions flay todos brakeman].each do |check|
+        %i[rubocop_exceptions flay todos brakeman dependencies].each do |check|
           expect(@my_plugin).to receive(check)
             .with({})
         end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: danger-wcc
 version: !ruby/object:Gem::Version
-  version: 0.0.6
+  version: 0.1.0
 platform: ruby
 authors:
 - Watermark Dev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-10 00:00:00.000000000 Z
+date: 2020-08-19 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '5'
 - !ruby/object:Gem::Dependency
   name: brakeman
   requirement: !ruby/object:Gem::Requirement
@@ -279,6 +293,8 @@ files:
 - lib/wcc/commit_lint/subject_words_check.rb
 - lib/wcc/default.jshintrc
 - lib/wcc/defaults.reek
+- lib/wcc/dependencies.rb
+- lib/wcc/dependencies/yarn_info.rb
 - lib/wcc/github.rb
 - lib/wcc/jshint.rb
 - lib/wcc/plugin.rb
@@ -290,6 +306,16 @@ files:
 - spec/fixtures/brakeman/b.tmp
 - spec/fixtures/brakeman/brakeman.diff
 - spec/fixtures/brakeman/brakeman.out
+- spec/fixtures/dependencies/package.json
+- spec/fixtures/dependencies/package.json.diff
+- spec/fixtures/dependencies/package.json_patch_bumps_minor.diff
+- spec/fixtures/dependencies/package.json_patch_bumps_minor.json
+- spec/fixtures/dependencies/yarn.lock
+- spec/fixtures/dependencies/yarn.lock_patch_bumps_minor.lock
+- spec/fixtures/dependencies/yarn_minor_version.diff
+- spec/fixtures/dependencies/yarn_minor_version.txt
+- spec/fixtures/dependencies/yarn_old.txt
+- spec/fixtures/dependencies/yarn_patch_bumps_minor.diff
 - spec/fixtures/exception_context.diff
 - spec/fixtures/exception_inline_disabled_rule.diff
 - spec/fixtures/exception_insert_context.diff
@@ -319,6 +345,7 @@ files:
 - spec/fixtures_helper.rb
 - spec/spec_helper.rb
 - spec/wcc/commit_lint_spec.rb
+- spec/wcc/dependencies_spec.rb
 - spec/wcc/github_spec.rb
 - spec/wcc/jshint_spec.rb
 - spec/wcc/plugin_spec.rb
@@ -356,6 +383,16 @@ test_files:
 - spec/fixtures/brakeman/b.tmp
 - spec/fixtures/brakeman/brakeman.diff
 - spec/fixtures/brakeman/brakeman.out
+- spec/fixtures/dependencies/package.json
+- spec/fixtures/dependencies/package.json.diff
+- spec/fixtures/dependencies/package.json_patch_bumps_minor.diff
+- spec/fixtures/dependencies/package.json_patch_bumps_minor.json
+- spec/fixtures/dependencies/yarn.lock
+- spec/fixtures/dependencies/yarn.lock_patch_bumps_minor.lock
+- spec/fixtures/dependencies/yarn_minor_version.diff
+- spec/fixtures/dependencies/yarn_minor_version.txt
+- spec/fixtures/dependencies/yarn_old.txt
+- spec/fixtures/dependencies/yarn_patch_bumps_minor.diff
 - spec/fixtures/exception_context.diff
 - spec/fixtures/exception_inline_disabled_rule.diff
 - spec/fixtures/exception_insert_context.diff
@@ -385,6 +422,7 @@ test_files:
 - spec/fixtures_helper.rb
 - spec/spec_helper.rb
 - spec/wcc/commit_lint_spec.rb
+- spec/wcc/dependencies_spec.rb
 - spec/wcc/github_spec.rb
 - spec/wcc/jshint_spec.rb
 - spec/wcc/plugin_spec.rb