danger 8.0.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f89ff08f152cedf23e9fcb48adc8b256ddb1ef8992c682bb6ad6ef1620ba1f5f
+  data.tar.gz: d9f689cd3b403177e3475d364f2aebe5b49a78e72eebfaeab49fad8d6ec3f619
+SHA512:
+  metadata.gz: 9b1db5d7f0ed5106614a967c5bd45cdb8b896327f29512d259f662c0ad994438bb2c9240c122aab93f228eb21bf2f80029d6cf851d7f315f7559e491aa60cb04
+  data.tar.gz: 51413afca0478a350693672cb831e67e5ed92ff5a6d026caa805bdb58ff09bf7b8bfbbdd5cfc16c83878d8164af26088036fbc5aa354d57c990c75dcb15f8f6f

data/LICENSE

@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2019-present Orta, Felix Krause
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+

data/README.md

@@ -0,0 +1,94 @@
+# Danger :no_entry_sign:
+
+[![License](http://img.shields.io/badge/license-MIT-green.svg?style=flat)](https://github.com/orta/danger/blob/master/LICENSE)
+[![Gem](https://img.shields.io/gem/v/danger.svg?style=flat)](http://rubygems.org/gems/danger)
+[![Travis CI](https://img.shields.io/travis/danger/danger.svg?style=flat)](https://travis-ci.org/danger/danger)
+[![Join the community on Spectrum](https://withspectrum.github.io/badge/badge.svg)](https://spectrum.chat/danger)
+
+Formalize your Pull Request etiquette.
+
+-------
+
+<p align="center">
+    <a href="#what-is-danger">What is Danger?</a> &bull;
+    <a href="VISION.md">Vision</a> &bull;
+    <a href="#im-here-to-help-out">Helping Out</a> &bull;
+    <a href="https://danger.systems/guides/creating_your_first_plugin.html">Plugin Development</a>
+</p>
+
+-------
+
+## What is Danger?
+
+Danger runs after your CI, automating your team's conventions surrounding code review.
+
+This provides another logical step in your process, through this Danger can help lint your rote tasks in daily code review.
+
+You can use Danger to codify your team's norms, leaving humans to think about harder problems.
+
+## For example?
+
+You can:
+
+* Enforce CHANGELOGs
+* Enforce links to Trello/JIRA in PR/MR bodies
+* Enforce using descriptive labels
+* Look out for common anti-patterns
+* Highlight interesting build artifacts
+* Give specific files extra focus
+
+Danger provides the glue to let _you_ build out the rules specific to your team's culture, offering useful metadata and a comprehensive plugin system to share common issues.
+
+## Getting Started
+
+Alright. So, actually, you may be in the wrong place. From here on in, this README is going to be for people who are interested in working on and improving on Danger.
+
+We keep all of the end-user documentation at [https://danger.systems](https://danger.systems).
+
+Some quick links: [Guides Index](https://danger.systems/guides.html), [DSL Reference](https://danger.systems/reference.html), [Getting Started](https://danger.systems/guides/getting_started.html) and [What does Danger Do?](https://danger.systems/guides/what_does_danger_do.html).
+
+## I'm here to help out!
+
+Brilliant. So, let's get you set up.
+
+``` sh
+git clone https://github.com/danger/danger.git
+cd danger
+bundle install
+bundle exec rake spec
+```
+
+This sets everything up and runs all of the tests.
+
+#### Theory
+
+Danger has a [VISION.md](https://github.com/danger/danger/blob/master/VISION.md) file, which sums up the ideas around what Danger is. It is the lower bounds of what Danger means. Orta has written on handling and creating Danger [on the Artsy blog](http://artsy.github.io/blog/categories/danger/), too.
+
+#### Documentation
+
+The code you write may end up in the public part of the website — the easiest way to tell is that it is vastly overdocumented. If you are working in a space that looks over-documented, please be extra considerate to add documentation. We expect the consumers of that documentation to be non-rubyists, thus you should avoid specific jargon and try to provide duplicate overlapping examples.
+
+#### Testing
+
+So far, we've not really figured out the right way to make tests for our CLI commands. When we have done so, they've ended up being brittle. So, ideally, try to move any logic that would go into a command into separate classes, and test those. We're okay with the command not having coverage, but ideally the classes that make up what it does will.
+
+I'd strongly recommend using `bundle exec guard` to run your tests as you work. Any changes you make in the lib, or specs will have corresponding tests run instantly.
+
+#### Debugging
+
+Ruby is super dynamic. One of the best ways to debug Ruby code is by using [pry](http://pryrepl.org/). We include pry for developers: when you have a problem, copy these two lines just before your problem and follow the instructions from "[I Want To Be A Danger Wizard](https://danger.systems/guides/troubleshooting.html#i-want-to-be-a-danger-wizard)."
+
+```ruby
+require 'pry'
+binding.pry
+```
+
+## License, Contributor's Guidelines and Code of Conduct
+
+We try to keep as much discussion as possible in GitHub issues, but also have a pretty inactive Slack --- if you'd like an invite, ping [@Orta](https://twitter.com/orta/) a DM on Twitter with your email. It's mostly interesting if you want to stay on top of Danger without all the emails from GitHub.
+
+> This project is open source under the MIT license, which means you have full access to the source code and can modify it to fit your own needs.
+
+> This project subscribes to the [Moya Contributors Guidelines](https://github.com/Moya/contributors) which TLDR: means we give out push access easily and often.
+
+> Contributors subscribe to the [Contributor Code of Conduct](https://contributor-covenant.org/version/1/3/0/) based on the [Contributor Covenant](https://contributor-covenant.org) version 1.3.0.

data/bin/danger

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+$LOAD_PATH.push File.expand_path("../../lib", __FILE__)
+
+require "danger"
+Danger::Runner.run ARGV

data/lib/assets/DangerfileTemplate

@@ -0,0 +1,13 @@
+# Sometimes it's a README fix, or something like that - which isn't relevant for
+# including in a project's CHANGELOG for example
+declared_trivial = github.pr_title.include? "#trivial"
+
+# Make it more obvious that a PR is a work in progress and shouldn't be merged yet
+warn("PR is classed as Work in Progress") if github.pr_title.include? "[WIP]"
+
+# Warn when there is a big PR
+warn("Big PR") if git.lines_of_code > 500
+
+# Don't let testing shortcuts get into master by accident
+fail("fdescribe left in tests") if `grep -r fdescribe specs/ `.length > 1
+fail("fit left in tests") if `grep -r fit specs/ `.length > 1

data/lib/danger.rb

@@ -0,0 +1,44 @@
+require "danger/version"
+require "danger/danger_core/dangerfile"
+require "danger/danger_core/environment_manager"
+require "danger/commands/runner"
+require "danger/plugin_support/plugin"
+require "danger/core_ext/string"
+require "danger/danger_core/executor"
+
+require "claide"
+require "colored2"
+require "pathname"
+require "terminal-table"
+require "cork"
+
+# Import all the Sources (CI, Request and SCM)
+Dir[File.expand_path("danger/*source/*.rb", File.dirname(__FILE__))].each do |file|
+  require file
+end
+
+module Danger
+  GEM_NAME = "danger".freeze
+
+  # @return [String] The path to the local gem directory
+  def self.gem_path
+    if Gem::Specification.find_all_by_name(GEM_NAME).empty?
+      raise "Couldn't find gem directory for 'danger'"
+    end
+    return Gem::Specification.find_by_name(GEM_NAME).gem_dir
+  end
+
+  # @return [String] Latest version of Danger on https://rubygems.org
+  def self.danger_outdated?
+    require "danger/clients/rubygems_client"
+    latest_version = RubyGemsClient.latest_danger_version
+
+    if Gem::Version.new(latest_version) > Gem::Version.new(Danger::VERSION)
+      latest_version
+    else
+      false
+    end
+  rescue StandardError => _e
+    false
+  end
+end

data/lib/danger/ci_source/appcenter.rb

@@ -0,0 +1,55 @@
+# https://docs.microsoft.com/en-us/appcenter/build/custom/variables/
+require "uri"
+require "danger/request_sources/github/github"
+
+module Danger
+  # ### CI Setup
+  #
+  # Add a script step to your appcenter-post-build.sh:
+  #
+  # ``` shell
+  #   #!/usr/bin/env bash
+  #   bundle install
+  #   bundle exec danger
+  # ```
+  #
+  # ### Token Setup
+  #
+  # Add the `DANGER_GITHUB_API_TOKEN` to your environment variables.
+  #
+  class Appcenter < CI
+    def self.validates_as_ci?(env)
+      env.key? "APPCENTER_BUILD_ID"
+    end
+
+    def self.validates_as_pr?(env)
+      return env["BUILD_REASON"] == "PullRequest"
+    end
+
+    def self.owner_for_github(env)
+      URI.parse(env["BUILD_REPOSITORY_URI"]).path.split("/")[1]
+    end
+
+    def self.repo_identifier_for_github(env)
+      repo_name = env["BUILD_REPOSITORY_NAME"]
+      owner = owner_for_github(env)
+      "#{owner}/#{repo_name}"
+    end
+
+    # Hopefully it's a temporary workaround (same as in Codeship integration) because App Center
+    # doesn't expose PR's ID. There's a future request https://github.com/Microsoft/appcenter/issues/79
+    def self.pr_from_env(env)
+      Danger::RequestSources::GitHub.new(nil, env).get_pr_from_branch(repo_identifier_for_github(env), env["BUILD_SOURCEBRANCHNAME"], owner_for_github(env))
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [Danger::RequestSources::GitHub]
+    end
+
+    def initialize(env)
+      self.pull_request_id = self.class.pr_from_env(env)
+      self.repo_url = env["BUILD_REPOSITORY_URI"]
+      self.repo_slug = self.class.repo_identifier_for_github(env)
+    end
+  end
+end

data/lib/danger/ci_source/appveyor.rb

@@ -0,0 +1,60 @@
+# https://www.appveyor.com/docs/build-configuration/
+module Danger
+  # ### CI Setup
+  #
+  # Install dependencies and add a danger step to your `appveyor.yml`.
+  # ```yaml
+  # install:
+  # - cmd: >-
+  #     set PATH=C:\Ruby25-x64\bin;%PATH%
+  #
+  #     bundle install
+  # after_test:
+  # - cmd: >-
+  #     bundle exec danger
+  # ```
+  #
+  # ### Token Setup
+  #
+  # For public repositories, add your plain token to environment variables in `appveyor.yml`.
+  # Encrypted environment variables will not be decrypted on PR builds.
+  # see here: https://www.appveyor.com/docs/build-configuration/#secure-variables
+  # ```yaml
+  # environment:
+  #   DANGER_GITHUB_API_TOKEN: <YOUR_TOKEN_HERE>
+  # ```
+  #
+  # For private repositories, enter your token in `Settings>Environment>Environment variables>Add variable` and turn on `variable encryption`.
+  # You will see encrypted variable text in `Settings>Export YAML` so just copy to your `appveyor.yml`.
+  # ```yaml
+  # environment:
+  #   DANGER_GITHUB_API_TOKEN:
+  #     secure: <YOUR_ENCRYPTED_TOKEN_HERE>
+  # ```
+  #
+  class AppVeyor < CI
+    def self.validates_as_ci?(env)
+      env.key? "APPVEYOR"
+    end
+
+    def self.validates_as_pr?(env)
+      return false unless env.key? "APPVEYOR_PULL_REQUEST_NUMBER"
+      env["APPVEYOR_PULL_REQUEST_NUMBER"].to_i > 0
+    end
+
+    def initialize(env)
+      self.repo_slug = env["APPVEYOR_REPO_NAME"]
+      self.pull_request_id = env["APPVEYOR_PULL_REQUEST_NUMBER"]
+      self.repo_url = GitRepo.new.origins # AppVeyor doesn't provide a repo url env variable for now
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [
+        Danger::RequestSources::GitHub,
+        Danger::RequestSources::BitbucketCloud,
+        Danger::RequestSources::BitbucketServer,
+        Danger::RequestSources::GitLab
+      ]
+    end
+  end
+end

data/lib/danger/ci_source/azure_pipelines.rb

@@ -0,0 +1,44 @@
+# https://docs.microsoft.com/en-us/azure/devops/pipelines/build/variables
+require "uri"
+require "danger/request_sources/github/github"
+
+module Danger
+  # ### CI Setup
+  #
+  # Add a script step:
+  #
+  # ``` shell
+  #   #!/usr/bin/env bash
+  #   bundle install
+  #   bundle exec danger
+  # ```
+  #
+  # ### Token Setup
+  #
+  # Add the `DANGER_GITHUB_API_TOKEN` to your environment variables.
+  #
+  class AzurePipelines < CI
+    def self.validates_as_ci?(env)
+      env.key? "AGENT_ID"
+    end
+
+    def self.validates_as_pr?(env)
+      return env["BUILD_REASON"] == "PullRequest"
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [
+        Danger::RequestSources::GitHub,
+        Danger::RequestSources::GitLab,
+        Danger::RequestSources::BitbucketServer,
+        Danger::RequestSources::BitbucketCloud
+      ]
+    end
+
+    def initialize(env)
+      self.pull_request_id = env["SYSTEM_PULLREQUEST_PULLREQUESTNUMBER"] || env["SYSTEM_PULLREQUEST_PULLREQUESTID"]
+      self.repo_url = env["BUILD_REPOSITORY_URI"]
+      self.repo_slug = env["BUILD_REPOSITORY_NAME"]
+    end
+  end
+end

data/lib/danger/ci_source/bamboo.rb

@@ -0,0 +1,41 @@
+require "set"
+
+module Danger
+  # ### CI Setup
+  #
+  # Add a Run Script task that executes `danger` (or `bundle exec danger` if you're using Bundler
+  # to manage your gems) as your as part of your Bamboo plan.
+  # The minimum supported version is Bamboo 6.9.
+  #
+  # ### Token Setup
+  #
+  # IMPORTANT: All required Bamboo environment variables will be available
+  # only if the plan is run as part of a pull request. This can be achieved by selecting:
+  # Configure plan -> Branches -> Create plan branch: "When pull request is created".
+  # Otherwise, `bamboo_repository_pr_key` and `bamboo_planRepository_repositoryUrl`
+  # will not be available.
+  #
+  class Bamboo < CI
+    def supported_request_sources
+      @supported_request_sources ||= [
+        Danger::RequestSources::BitbucketServer
+      ]
+    end
+
+    def self.validates_as_ci?(env)
+      env.key? "bamboo_buildKey"
+    end
+
+    def self.validates_as_pr?(env)
+      exists = ["bamboo_repository_pr_key", "bamboo_planRepository_repositoryUrl"].all? { |x| env[x] && !env[x].empty? }
+      exists && env["bamboo_repository_pr_key"].to_i > 0
+    end
+
+    def initialize(env)
+      self.repo_url = env["bamboo_planRepository_repositoryUrl"]
+      self.pull_request_id = env["bamboo_repository_pr_key"]
+      repo_matches = self.repo_url.match(%r{([\/:])([^\/]+\/[^\/]+?)(\.git$|$)})
+      self.repo_slug = repo_matches[2] unless repo_matches.nil?
+    end
+  end
+end

data/lib/danger/ci_source/bitbucket_pipelines.rb

@@ -0,0 +1,37 @@
+module Danger
+  # ### CI Setup
+  #
+  # Install dependencies and add a danger step to your `bitbucket-pipelines.yml`.
+  # ```yaml
+  #   script:
+  #     - bundle exec danger --verbose
+  # ```
+  #
+  # ### Token Setup
+  #
+  # Add `DANGER_BITBUCKETCLOUD_USERNAME` and `DANGER_BITBUCKETCLOUD_PASSWORD` to your pipeline repository variable
+  # or instead using `DANGER_BITBUCKETCLOUD_OAUTH_KEY` and `DANGER_BITBUCKETCLOUD_OAUTH_SECRET`.
+  #
+  # You can find them in Settings > Pipelines > Repository Variables
+
+  class BitbucketPipelines < CI
+
+    def self.validates_as_ci?(env)
+      env.key? "BITBUCKET_BUILD_NUMBER"
+    end
+
+    def self.validates_as_pr?(env)
+      env.key? "BITBUCKET_PR_ID"
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [Danger::RequestSources::BitbucketCloud]
+    end
+
+    def initialize(env)
+      self.repo_url = env["BITBUCKET_GIT_HTTP_ORIGIN"]
+      self.repo_slug = "#{env["BITBUCKET_REPO_OWNER"]}/#{env["BITBUCKET_REPO_SLUG"]}"
+      self.pull_request_id = env["BITBUCKET_PR_ID"]
+    end
+  end
+end

data/lib/danger/ci_source/bitrise.rb

@@ -0,0 +1,65 @@
+# http://devcenter.bitrise.io/docs/available-environment-variables
+require "danger/request_sources/github/github"
+require "danger/request_sources/gitlab"
+
+module Danger
+  # ### CI Setup
+  #
+  # Add a script step to your workflow:
+  #
+  # ```yml
+  # - script@1.1.2:
+  #     inputs:
+  #    - content: |-
+  #        bundle install
+  #        bundle exec danger
+  # ```
+  #
+  # ### Token Setup
+  #
+  # Add the `DANGER_GITHUB_API_TOKEN` to your workflow's [Secret App Env Vars](https://blog.bitrise.io/anyone-even-prs-can-have-secrets).
+  #
+  # ### bitbucket server and bitrsie
+  #
+  # Danger will read the environment variable GIT_REPOSITORY_URL to construct the Bitbucket Server API URL 
+  # finding the project and repo slug in the GIT_REPOSITORY_URL variable. This GIT_REPOSITORY_URL variable 
+  # comes from the App Settings tab for your Bitrsie App. If you are manually setting a repo URL in the 
+  # Git Clone Repo step, you may need to set adjust this propery in the settings tab, maybe even fake it.
+  # The patterns used are `(%r{\.com/(.*)})` and `(%r{\.com:(.*)})` and .split(/\.git$|$/) to remove ".git" if the URL contains it.  
+  #
+  class Bitrise < CI
+    def self.validates_as_ci?(env)
+      env.key? "BITRISE_IO"
+    end
+
+    def self.validates_as_pr?(env)
+      return !env["BITRISE_PULL_REQUEST"].to_s.empty?
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [
+        Danger::RequestSources::GitHub,
+        Danger::RequestSources::GitLab,
+        Danger::RequestSources::BitbucketServer,
+        Danger::RequestSources::BitbucketCloud
+      ]
+    end
+
+    def initialize(env)
+      self.pull_request_id = env["BITRISE_PULL_REQUEST"]
+      self.repo_url = env["GIT_REPOSITORY_URL"]
+      
+      matcher_url = self.repo_url
+
+      #If the URL contains https:// as :// leads to inaccurate matching. So we remove it and proceed to match.
+      if repo_url.include? "https://"
+        matcher_url["https://"] = ''
+      end
+
+      repo_matches = matcher_url.match(%r{([\/:])(([^\/]+\/)+[^\/]+?)(\.git$|$)})[2]
+
+      self.repo_slug = repo_matches unless repo_matches.nil?
+      
+    end
+  end
+end