danger 8.0.6 → 8.2.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3b175fad0150fdcb243c42f37c0b9683a7dc00db8b3be4ef81d01be0103b90bb
-  data.tar.gz: d422bf7eadd533e5591f1ac43cde404f38d124a3c398469a1b9563c5338e8370
+  metadata.gz: cd811a6fad28534b9e0b28ccbed30d0694e4ab3408ad22852a8897a56c55f2ed
+  data.tar.gz: 747e7a6ff6fce272eb7b732ced8f6358602159725e5490a3ce783f7ce06dcc83
 SHA512:
-  metadata.gz: d36a05ed7713cf0b50936c04feaa4cb49c8ba035b539ff265c9d7e231c2670efba007f5f4a2bf58936cab24c7aa0e09d5c9a2a9edff9714689fc5b03cc31d870
-  data.tar.gz: 611a647c06bab7c3949ded7ff12b5498b966d54f10056481ae720dfa3801f48ac27085d112f69c186feb5638b2b82b0f7583c0f020af33af8251705429fbf614
+  metadata.gz: 54612a3b0e7999fce7289a884febff1548edbfa92af9947a8c8cc4bbef5fa69451ac88b493bc2ba0125e23ef96f7a46846a7a3b1e7adb8ac4d8f98aafa0065ce
+  data.tar.gz: 6612a1c511c7fe579c2734f6b4c8b15955dc2a2dd196a4a0277a901d61307b58c2abdd7f000867c1f212d2db065b39c8dfcd9f83c774154b1089a37395f45096

data/README.md

@@ -51,7 +51,7 @@ Some quick links: [Guides Index](https://danger.systems/guides.html), [DSL Refer
 
 Brilliant. So, let's get you set up.
 
-``` sh
+```sh
 git clone https://github.com/danger/danger.git
 cd danger
 bundle install

data/lib/danger/ci_source/appcenter.rb

@@ -7,7 +7,7 @@ module Danger
   #
   # Add a script step to your appcenter-post-build.sh:
   #
-  # ``` shell
+  # ```shell
   #   #!/usr/bin/env bash
   #   bundle install
   #   bundle exec danger

data/lib/danger/ci_source/appveyor.rb

@@ -3,6 +3,7 @@ module Danger
   # ### CI Setup
   #
   # Install dependencies and add a danger step to your `appveyor.yml`.
+  #
   # ```yaml
   # install:
   # - cmd: >-
@@ -19,6 +20,7 @@ module Danger
   # For public repositories, add your plain token to environment variables in `appveyor.yml`.
   # Encrypted environment variables will not be decrypted on PR builds.
   # see here: https://www.appveyor.com/docs/build-configuration/#secure-variables
+  #
   # ```yaml
   # environment:
   #   DANGER_GITHUB_API_TOKEN: <YOUR_TOKEN_HERE>
@@ -26,6 +28,7 @@ module Danger
   #
   # For private repositories, enter your token in `Settings>Environment>Environment variables>Add variable` and turn on `variable encryption`.
   # You will see encrypted variable text in `Settings>Export YAML` so just copy to your `appveyor.yml`.
+  #
   # ```yaml
   # environment:
   #   DANGER_GITHUB_API_TOKEN:

data/lib/danger/ci_source/azure_pipelines.rb

@@ -7,7 +7,7 @@ module Danger
   #
   # Add a script step:
   #
-  # ``` shell
+  # ```shell
   #   #!/usr/bin/env bash
   #   bundle install
   #   bundle exec danger
@@ -19,7 +19,7 @@ module Danger
   #
   class AzurePipelines < CI
     def self.validates_as_ci?(env)
-      env.key? "AGENT_ID"
+      env.key?("AGENT_ID") && env["BUILD_REPOSITORY_PROVIDER"] != "TfsGit"
     end
 
     def self.validates_as_pr?(env)

data/lib/danger/ci_source/bitbucket_pipelines.rb

@@ -2,6 +2,7 @@ module Danger
   # ### CI Setup
   #
   # Install dependencies and add a danger step to your `bitbucket-pipelines.yml`.
+  #
   # ```yaml
   #   script:
   #     - bundle exec danger --verbose

data/lib/danger/ci_source/buildkite.rb

@@ -9,7 +9,7 @@ module Danger
   # With BuildKite you run the server yourself, so you will want to run  it as a part of your build process.
   # It is common to have build steps, so we would recommend adding this to your scrip:
   #
-  #  ``` shell
+  #  ```shell
   #   echo "--- Running Danger"
   #   bundle exec danger
   #  ```

data/lib/danger/ci_source/circle.rb

@@ -19,7 +19,7 @@ module Danger
   #
   # e.g.
   #
-  #  ``` yaml
+  #  ```yaml
   #  - run: bundle exec danger --verbose
   #  ```
   #

data/lib/danger/ci_source/concourse.rb

@@ -0,0 +1,61 @@
+require "git"
+require "danger/request_sources/local_only"
+
+module Danger
+# Concourse CI Integration
+#
+# https://concourse-ci.org/
+#
+  # ### CI Setup
+  #
+  # With Concourse, you run the docker images yourself, so you will want to add `yarn danger ci` within one of your build jobs.
+  #
+  #   ```shell
+  #    build:
+  #      image: golang
+  #        commands:
+  #          - ...
+  #          - yarn danger ci
+  #   ```
+  #
+  # ### Environment Variable Setup
+  #
+  # As this is self-hosted, you will need to add the `CONCOURSE` environment variable `export CONCOURSE=true` to your build environment,
+  # as well as setting environment variables for `PULL_REQUEST_ID` and `REPO_SLUG`. Assuming you are using the github pull request resource
+  # https://github.com/jtarchie/github-pullrequest-resource the id of the PR can be accessed from `git config --get pullrequest.id`.
+  #
+  # ### Token Setup
+  #
+  # Once again as this is self-hosted, you will need to add `DANGER_GITHUB_API_TOKEN` environment variable to the build environment.
+  # The suggested method of storing the token is within the vault - https://concourse-ci.org/creds.html
+
+  class Concourse < CI
+    def self.validates_as_ci?(env)
+      env.key? "CONCOURSE"
+    end
+
+    def self.validates_as_pr?(env)
+      exists = ["PULL_REQUEST_ID", "REPO_SLUG"].all? { |x| env[x] && !env[x].empty? }
+      exists && env["PULL_REQUEST_ID"].to_i > 0
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [
+        Danger::RequestSources::GitHub,
+        Danger::RequestSources::GitLab,
+        Danger::RequestSources::BitbucketServer,
+        Danger::RequestSources::BitbucketCloud
+      ]
+    end
+
+    def initialize(env)
+      self.repo_slug = env["REPO_SLUG"]
+
+      if env["PULL_REQUEST_ID"].to_i > 0
+        self.pull_request_id = env["PULL_REQUEST_ID"]
+      end
+      self.repo_url = GitRepo.new.origins
+    end
+
+  end
+end

data/lib/danger/ci_source/drone.rb

@@ -8,7 +8,7 @@ module Danger
   # With Drone you run the docker images yourself, so you will want to add `bundle exec danger` at the end of
   # your `.drone.yml`.
   #
-  #  ``` shell
+  #  ```shell
   #   build:
   #     image: golang
   #     commands:
@@ -24,7 +24,7 @@ module Danger
   # Drone secrets: http://readme.drone.io/usage/secret-guide/
   # NOTE: This is a new syntax in DroneCI 0.6+
   #
-  # ```
+  # ```yml
   #   build:
   #     image: golang
   #     secrets:

data/lib/danger/ci_source/github_actions.rb

@@ -6,7 +6,7 @@ module Danger
   # You can use `danger/danger` Action in your `.github/workflows/xxx.yml`.
   # And so, you can use GITHUB_TOKEN secret as `DANGER_GITHUB_API_TOKEN` environment variable.
   #
-  #  ```
+  #  ```yml
   #  ...
   #    steps:
   #      - uses: actions/checkout@v1
@@ -21,7 +21,8 @@ module Danger
     end
 
     def self.validates_as_pr?(env)
-      env["GITHUB_EVENT_NAME"] == "pull_request"
+      value = env["GITHUB_EVENT_NAME"]
+      value == "pull_request" || value == "pull_request_target"
     end
 
     def supported_request_sources

data/lib/danger/ci_source/gitlab_ci.rb

@@ -7,6 +7,7 @@ module Danger
   # ### CI Setup
   #
   # Install dependencies and add a danger step to your .gitlab-ci.yml:
+  #
   # ```yml
   # before_script:
   #  - bundle install
@@ -14,6 +15,7 @@ module Danger
   #   script:
   #    - bundle exec danger
   # ```
+  #
   # ### Token Setup
   #
   # Add the `DANGER_GITLAB_API_TOKEN` to your pipeline env variables if you
@@ -44,10 +46,17 @@ module Danger
       base_commit = env["CI_COMMIT_SHA"]
       client = RequestSources::GitLab.new(nil, env).client
 
-      if (Gem::Version.new(client.version.version) >= Gem::Version.new("10.7"))
+      client_version = Gem::Version.new(client.version.version)
+      if (client_version >= Gem::Version.new("10.7"))
         #Use the 'list merge requests associated with a commit' API, for speeed
         # (GET /projects/:id/repository/commits/:sha/merge_requests) available for GitLab >= 10.7
         merge_request = client.commit_merge_requests(project_path, base_commit, state: :opened).first
+        if (client_version >= Gem::Version.new("13.8"))
+          # Gitlab 13.8.0 started returning merge requests for merge commits and squashed commits
+          # By checking for merge_request.state, we can ensure danger only comments on MRs which are open
+          return 0 if merge_request.nil?
+          return 0 unless merge_request.state == "opened"
+        end
       else
         merge_requests = client.merge_requests(project_path, state: :opened)
         merge_request = merge_requests.auto_paginate.find do |mr|

data/lib/danger/ci_source/screwdriver.rb

@@ -6,7 +6,8 @@ module Danger
   # ### CI Setup
   #
   # Install dependencies and add a danger step to your screwdriver.yaml:
-  # ``` yml
+  #
+  # ```yml
   # jobs:
   #   danger:
   #     requires: [~pr, ~commit]

data/lib/danger/ci_source/support/commits.rb

@@ -1,17 +1,19 @@
-class Commits
-  def initialize(base_head)
-    @base_head = base_head.strip.split(" ".freeze)
-  end
+module Danger
+  class Commits
+    def initialize(base_head)
+      @base_head = base_head.strip.split(" ".freeze)
+    end
 
-  def base
-    base_head.first
-  end
+    def base
+      base_head.first
+    end
 
-  def head
-    base_head.last
-  end
+    def head
+      base_head.last
+    end
 
-  private
+    private
 
-  attr_reader :base_head
+    attr_reader :base_head
+  end
 end

data/lib/danger/ci_source/teamcity.rb

@@ -27,6 +27,7 @@ module Danger
   # branch="%teamcity.build.branch%"
   # export GITHUB_PULL_REQUEST_ID=(${branch//\// })
   # ```
+  #
   # Or if you are using the pull request feature you can set an environment parameter called `GITHUB_PULL_REQUEST_ID`
   # to the value of: `%teamcity.pullRequest.number`
   #
@@ -59,6 +60,7 @@ module Danger
   #
   # You will also need to set the `BITBUCKET_BRANCH_NAME` environment variable.
   # TeamCity provides `%teamcity.build.branch%`, which you can use at the top of your Simple Command Runner:
+  #
   # ```sh
   # export BITBUCKET_BRANCH_NAME="%teamcity.build.branch%"
   # ```

data/lib/danger/commands/dangerfile/init.rb

@@ -4,7 +4,7 @@ require "danger/danger_core/dangerfile_generator"
 
 module Danger
   class DangerfileCommand < Runner
-    self.summary = "Easily create you Dangerfiles."
+    self.summary = "Easily create your Dangerfiles."
     self.command = "dangerfile"
 
     self.abstract_command = true

data/lib/danger/commands/dry_run.rb

@@ -22,7 +22,7 @@ module Danger
       super
 
       if argv.flag?("pry", false)
-        @dangerfile_path = PrySetup.new(cork).setup_pry(@dangerfile_path)
+        @dangerfile_path = PrySetup.new(cork).setup_pry(@dangerfile_path, DryRun.command)
       end
     end
 

data/lib/danger/commands/init.rb

@@ -277,7 +277,7 @@ module Danger
       ui.say "- You can look at the following Dangerfiles to get some more ideas:"
       ui.pause 0.6
       ui.link "https://github.com/danger/danger/blob/master/Dangerfile"
-      ui.link "https://github.com/artsy/eigen/blob/master/Dangerfile"
+      ui.link "https://github.com/artsy/eigen/blob/master/dangerfile.ts"
       ui.pause 1
     end
 

data/lib/danger/commands/local.rb

@@ -32,7 +32,7 @@ module Danger
       super
 
       if argv.flag?("pry", false)
-        @dangerfile_path = PrySetup.new(cork).setup_pry(@dangerfile_path)
+        @dangerfile_path = PrySetup.new(cork).setup_pry(@dangerfile_path, Local.command)
       end
     end
 

data/lib/danger/commands/local_helpers/pry_setup.rb

@@ -4,9 +4,9 @@ module Danger
       @cork = cork
     end
 
-    def setup_pry(dangerfile_path)
+    def setup_pry(dangerfile_path, command)
       return dangerfile_path if dangerfile_path.empty?
-      validate_pry_available
+      validate_pry_available(command)
       FileUtils.cp dangerfile_path, DANGERFILE_COPY
       File.open(DANGERFILE_COPY, "a") do |f|
         f.write("\nbinding.pry; File.delete(\"#{DANGERFILE_COPY}\")")
@@ -20,10 +20,10 @@ module Danger
 
     DANGERFILE_COPY = "_Dangerfile.tmp".freeze
 
-    def validate_pry_available
+    def validate_pry_available(command)
       Kernel.require "pry"
     rescue LoadError
-      cork.warn "Pry was not found, and is required for 'danger pr --pry'."
+      cork.warn "Pry was not found, and is required for 'danger #{command} --pry'."
       cork.print_warnings
       abort
     end

data/lib/danger/commands/pr.rb

@@ -37,7 +37,7 @@ module Danger
       @dangerfile_path = dangerfile if File.exist?(dangerfile)
 
       if argv.flag?("pry", false)
-        @dangerfile_path = PrySetup.new(cork).setup_pry(@dangerfile_path)
+        @dangerfile_path = PrySetup.new(cork).setup_pry(@dangerfile_path, PR.command)
       end
     end
 

data/lib/danger/commands/staging.rb

@@ -23,7 +23,7 @@ module Danger
       super
 
       if argv.flag?("pry", false)
-        @dangerfile_path = PrySetup.new(cork).setup_pry(@dangerfile_path)
+        @dangerfile_path = PrySetup.new(cork).setup_pry(@dangerfile_path, Staging.command)
       end
     end
 

data/lib/danger/danger_core/dangerfile.rb

@@ -49,22 +49,26 @@ module Danger
     # However, as we're using using them in the DSL, they won't
     # get method_missing called correctly without overriding them.
 
-    def warn(*args, &blk)
-      method_missing(:warn, *args, &blk)
+    def warn(*args, **kargs, &blk)
+      method_missing(:warn, *args, **kargs, &blk)
     end
 
-    def fail(*args, &blk)
-      method_missing(:fail, *args, &blk)
+    def fail(*args, **kargs, &blk)
+      method_missing(:fail, *args, **kargs, &blk)
     end
 
     # When an undefined method is called, we check to see if it's something
     # that the core DSLs have, then starts looking at plugins support.
 
     # rubocop:disable Style/MethodMissing
-    def method_missing(method_sym, *arguments, &_block)
+    def method_missing(method_sym, *arguments, **keyword_arguments, &_block)
       @core_plugins.each do |plugin|
         if plugin.public_methods(false).include?(method_sym)
-          return plugin.send(method_sym, *arguments)
+          if keyword_arguments.empty?
+            return plugin.send(method_sym, *arguments)
+          else
+            return plugin.send(method_sym, *arguments, **keyword_arguments)
+          end
         end
       end
       super

data/lib/danger/danger_core/environment_manager.rb

@@ -90,6 +90,8 @@ module Danger
         RequestSources::GitLab
       elsif repo_url =~ /bitbucket\.(org|com)/i
         RequestSources::BitbucketCloud
+      elsif repo_url =~ /dev\.azure\.com/i
+        RequestSources::VSTS
       end
     end
 

data/lib/danger/danger_core/plugins/dangerfile_bitbucket_cloud_plugin.rb

@@ -97,7 +97,7 @@ module Danger
     # @return [String]
     #
     def pr_author
-      @bs.pr_json[:author][:username]
+      @bs.pr_json[:author][:nickname]
     end
 
     # @!group PR Commit Metadata

data/lib/danger/danger_core/plugins/dangerfile_danger_plugin.rb

@@ -33,6 +33,11 @@ module Danger
   #
   #          danger.import_dangerfile(github: "ruby-grape/danger", branch: "custom", path: "path/to/Dangerfile")
   #
+  # @example Import a plugin available over HTTP
+  #
+  #          custom_url = "https://custom.bitbucket.com/project-name/Dangerfile?raw"
+  #          danger.import_dangerfile(url: custom_url)
+  #
   # @see  danger/danger
   # @tags core, plugins
 
@@ -84,8 +89,10 @@ module Danger
           import_dangerfile_from_path(opts[:path])
         elsif opts.key?(:gem)
           import_dangerfile_from_gem(opts[:gem])
+        elsif opts.key?(:url)
+          import_dangerfile_from_url(opts[:url])
         else
-          raise "`import` requires a Hash with either :github, :gitlab, :gem, or :path"
+          raise "`import` requires a Hash with either :github, :gitlab, :gem, :path or :url"
         end
       else
         raise "`import` requires a Hash"
@@ -180,6 +187,19 @@ module Danger
       @dangerfile.parse(Pathname.new(local_path))
     end
 
+    # @!group Danger
+    # Download and execute a remote Dangerfile.
+    #
+    # @param    [String] url
+    #           A https url where the Dangerfile is.
+    # @return   [void]
+    #
+    def import_dangerfile_from_url(url)
+      raise "`import_dangerfile_from_url` requires a string" unless url.kind_of?(String)
+      local_path = download(url)
+      @dangerfile.parse(Pathname.new(local_path))
+    end
+
     # @!group Plugins
     # Download a local or remote plugin or Dangerfile.
     # This method will not import the file for you, use plugin.import instead

data/lib/danger/plugin_support/plugin.rb

@@ -19,8 +19,12 @@ module Danger
     # We need to redirect the self calls to the Dangerfile
 
     # rubocop:disable Style/MethodMissing
-    def method_missing(method_sym, *arguments, &block)
-      @dangerfile.send(method_sym, *arguments, &block)
+    def method_missing(method_sym, *arguments, **keyword_arguments, &block)
+      if keyword_arguments.empty?
+        @dangerfile.send(method_sym, *arguments, &block)
+      else
+        @dangerfile.send(method_sym, *arguments, **keyword_arguments, &block)
+      end
     end
 
     def self.all_plugins

data/lib/danger/request_sources/bitbucket_cloud_api.rb

@@ -57,7 +57,8 @@ module Danger
       def fetch_comments
         values = []
         # TODO: use a url parts encoder to encode the query
-        uri = "#{pr_api_endpoint}/comments?pagelen=100&q=deleted+%7E+false+AND+user.username+%7E+%22#{@username}%22"
+        corrected_uuid = @my_uuid[1...-1] if !@my_uuid.nil? # Endpoint doesnt support curly brackets for this, so remove them for this
+        uri = "#{pr_api_endpoint}/comments?pagelen=100&q=deleted+%7E+false+AND+user.uuid+%7E+%22#{corrected_uuid}%22"
 
         while uri
           json = fetch_json(URI(uri))
@@ -94,12 +95,13 @@ module Danger
         "#{base_url(2)}/#{pull_request_id}"
       end
 
-      def prs_api_endpoint(branch_name)
-        "#{base_url(2)}?q=source.branch.name=\"#{branch_name}\""
+      def prs_api_url(branch_name)
+        encoded_branch_name = URI.encode_www_form_component(branch_name)
+        "#{base_url(2)}?q=source.branch.name=\"#{encoded_branch_name}\""
       end
 
       def fetch_pr_from_branch(branch_name)
-        uri = URI(URI.escape(prs_api_endpoint(branch_name)))
+        uri = URI(prs_api_url(branch_name))
         fetch_json(uri)[:values][0][:id]
       end
 

data/lib/danger/request_sources/bitbucket_server.rb

@@ -2,6 +2,8 @@
 
 require "danger/helpers/comments_helper"
 require "danger/request_sources/bitbucket_server_api"
+require "danger/request_sources/code_insights_api"
+require_relative "request_source"
 
 module Danger
   module RequestSources
@@ -17,12 +19,21 @@ module Danger
         ]
       end
 
+      def self.optional_env_vars
+        ["DANGER_BITBUCKETSERVER_CODE_INSIGHTS_REPORT_KEY",
+         "DANGER_BITBUCKETSERVER_CODE_INSIGHTS_REPORT_TITLE",
+         "DANGER_BITBUCKETSERVER_CODE_INSIGHTS_REPORT_DESCRIPTION",
+         "DANGER_BITBUCKETSERVER_CODE_INSIGHTS_REPORT_LOGO_URL"
+        ]
+      end
+
       def initialize(ci_source, environment)
         self.ci_source = ci_source
         self.environment = environment
 
         project, slug = ci_source.repo_slug.split("/")
         @api = BitbucketServerAPI.new(project, slug, ci_source.pull_request_id, environment)
+        @code_insights = CodeInsightsAPI.new(project, slug, environment)
       end
 
       def validates_as_ci?
@@ -73,16 +84,42 @@ module Danger
       def update_pull_request!(warnings: [], errors: [], messages: [], markdowns: [], danger_id: "danger", new_comment: false, remove_previous_comments: false)
         delete_old_comments(danger_id: danger_id) if !new_comment || remove_previous_comments
 
-        comment = generate_description(warnings: warnings, errors: errors)
+        # If configured, send a Code Insights API to provide the PR with a quality report
+        # which includes inline code violations found by Danger as Annotations.
+        # If no inline violations occurred, an empty, successful (green) report will be sent.
+        if @code_insights.ready?
+          inline_violations = inline_violations_group(warnings: warnings, errors: errors, messages: messages)
+          inline_warnings = inline_violations[:warnings] || []
+          inline_errors = inline_violations[:errors] || []
+          inline_messages = inline_violations[:messages] || []
+
+          head_commit = self.pr_json[:fromRef][:latestCommit]
+          @code_insights.send_report(head_commit,
+                                     inline_warnings,
+                                     inline_errors,
+                                     inline_messages)
+        end
+
+        # If we're sending inline comments separately via Code Insights,
+        # the main body comment should contain only generic, non-file specific messages.
+        if @code_insights.ready?
+          main_violations = main_violations_group(warnings: warnings, errors: errors, messages: messages)
+          warnings = main_violations[:warnings] || []
+          errors = main_violations[:errors] || []
+          messages = main_violations[:messages] || []
+          markdowns = main_violations[:markdowns] || []
+        end
+
+        comment = generate_description(warnings: warnings,
+                                       errors: errors)
         comment += "\n\n"
         comment += generate_comment(warnings: warnings,
-                                     errors: errors,
-                                   messages: messages,
-                                  markdowns: markdowns,
-                        previous_violations: {},
-                                  danger_id: danger_id,
-                                   template: "bitbucket_server")
-
+                                    errors: errors,
+                                    messages: messages,
+                                    markdowns: markdowns,
+                                    previous_violations: {},
+                                    danger_id: danger_id,
+                                    template: "bitbucket_server")
         @api.post_comment(comment)
       end
 
@@ -91,7 +128,34 @@ module Danger
           @api.delete_comment(c[:id], c[:version]) if c[:text] =~ /generated_by_#{danger_id}/
         end
       end
-        
+
+      def main_violations_group(warnings: [], errors: [], messages: [], markdowns: [])
+        {
+          warnings: warnings.reject(&:inline?),
+          errors: errors.reject(&:inline?),
+          messages: messages.reject(&:inline?),
+          markdowns: markdowns.reject(&:inline?)
+        }
+      end
+
+      def inline_violations_group(warnings: [], errors: [], messages: [], markdowns: [])
+        cmp = proc do |a, b|
+          next -1 unless a.file && a.line
+          next 1 unless b.file && b.line
+
+          next a.line <=> b.line if a.file == b.file
+          next a.file <=> b.file
+        end
+
+        # Sort to group inline comments by file
+        {
+          warnings: warnings.select(&:inline?).sort(&cmp),
+          errors: errors.select(&:inline?).sort(&cmp),
+          messages: messages.select(&:inline?).sort(&cmp),
+          markdowns: markdowns.select(&:inline?).sort(&cmp)
+        }
+      end
+
       def update_pr_build_status(status, build_job_link, description)
         changeset = self.pr_json[:fromRef][:latestCommit]
         # Support for older versions of Bitbucket Server

data/lib/danger/request_sources/code_insights_api.rb

@@ -0,0 +1,147 @@
+# coding: utf-8
+
+module Danger
+  module RequestSources
+    #
+    # Provides ability for Danger to interact with Atlassian's Code Insights API in order to provide code quality
+    # reports along with inline comments for specific lines in specific files.
+    #  See https://developer.atlassian.com/server/bitbucket/how-tos/code-insights/ for more details.
+    #
+    # Currently this functionality is implemented only for Bitbucket Server request source.
+    class CodeInsightsAPI
+      attr_accessor :username, :password, :host, :report_key, :report_title, :report_description, :logo_url
+
+      def initialize(project, slug, environment)
+        @username = environment["DANGER_BITBUCKETSERVER_USERNAME"] || ""
+        @password = environment["DANGER_BITBUCKETSERVER_PASSWORD"] || ""
+        @host = environment["DANGER_BITBUCKETSERVER_HOST"] || ""
+        @report_key = environment["DANGER_BITBUCKETSERVER_CODE_INSIGHTS_REPORT_KEY"] || ""
+        @report_title = environment["DANGER_BITBUCKETSERVER_CODE_INSIGHTS_REPORT_TITLE"] || ""
+        @report_description = environment["DANGER_BITBUCKETSERVER_CODE_INSIGHTS_REPORT_DESCRIPTION"] || ""
+        @logo_url = environment["DANGER_BITBUCKETSERVER_CODE_INSIGHTS_REPORT_LOGO_URL"] || ""
+        @project = project
+        @slug = slug
+      end
+
+      def inspect
+        inspected = super
+
+        if @password
+          inspected = inspected.sub! @password, "********".freeze
+        end
+
+        inspected
+      end
+
+      def ready?
+        !(@report_key.empty? || @report_title.empty? || @report_description.empty? || @username.empty? || @password.empty? || @host.empty?)
+      end
+
+      def delete_report(commit)
+        uri = URI(report_endpoint_at_commit(commit))
+        request = Net::HTTP::Delete.new(uri.request_uri, {"Content-Type" => "application/json"})
+        request.basic_auth @username, @password
+        response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: use_ssl) do |http|
+          http.request(request)
+        end
+
+        # show failure when server returns an error
+        case response
+        when Net::HTTPClientError, Net::HTTPServerError
+          # HTTP 4xx - 5xx
+          abort "\nError deleting report from Code Insights API: #{response.code} (#{response.message}) - #{response.body}\n\n"
+        end
+
+      end
+
+      def send_report(commit, inline_warnings, inline_errors, inline_messages)
+        delete_report(commit)
+        put_report(commit, inline_errors.count)
+        should_post_annotations = !(inline_warnings + inline_errors + inline_messages).empty?
+        if should_post_annotations
+          post_annotations(commit, inline_warnings, inline_errors, inline_messages)
+        end
+      end
+
+      def put_report(commit, inline_errors_count)
+        uri = URI(report_endpoint_at_commit(commit))
+        request = Net::HTTP::Put.new(uri.request_uri, {"Content-Type" => "application/json"})
+        request.basic_auth @username, @password
+        request.body = {"title": @report_title,
+                        "details": @report_description,
+                        "result": (inline_errors_count > 0) ? "FAIL" : "PASS",
+                        "reporter": @username,
+                        "link": "https://github.com/danger/danger",
+                        "logoURL": @logo_url
+        }.to_json
+
+        response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: use_ssl) do |http|
+          http.request(request)
+        end
+
+        # show failure when server returns an error
+        case response
+        when Net::HTTPClientError, Net::HTTPServerError
+          # HTTP 4xx - 5xx
+          abort "\nError putting report to Code Insights API: #{response.code} (#{response.message}) - #{response.body}\n\n"
+        end
+      end
+
+      def post_annotations(commit, inline_warnings, inline_errors, inline_messages)
+        uri = URI(annotation_endpoint_at_commit(commit))
+
+        annotations = []
+
+        inline_messages.each do |violation|
+          annotations << violation_hash_with_severity(violation, "LOW")
+        end
+
+        inline_warnings.each do |violation|
+          annotations << violation_hash_with_severity(violation, "MEDIUM")
+        end
+
+        inline_errors.each do |violation|
+          annotations << violation_hash_with_severity(violation, "HIGH")
+        end
+
+        body = {annotations: annotations}.to_json
+        request = Net::HTTP::Post.new(uri.request_uri, {"Content-Type" => "application/json"})
+        request.basic_auth @username, @password
+        request.body = body
+
+        response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: use_ssl) do |http|
+          http.request(request)
+        end
+
+        # show failure when server returns an error
+        case response
+        when Net::HTTPClientError, Net::HTTPServerError
+          # HTTP 4xx - 5xx
+          abort "\nError posting comment to Code Insights API: #{response.code} (#{response.message}) - #{response.body}\n\n"
+        end
+      end
+
+      def violation_hash_with_severity(violation, severity)
+        annotation = {}
+        annotation["message"] = violation.message
+        annotation["severity"] = severity
+        annotation["path"] = violation.file
+        annotation["line"] = violation.line.to_i
+        return annotation
+      end
+
+      def report_endpoint_at_commit(commit)
+        "#{@host}/rest/insights/1.0/projects/#{@project}/repos/#{@slug}/commits/#{commit}/reports/#{@report_key}"
+      end
+
+      def annotation_endpoint_at_commit(commit)
+        report_endpoint_at_commit(commit) + "/annotations"
+      end
+
+      def use_ssl
+        @host.include? "https://"
+      end
+
+    end
+  end
+end

data/lib/danger/request_sources/github/github.rb

@@ -171,10 +171,10 @@ module Danger
           markdowns: markdowns
         )
 
-        rest_inline_violations = submit_inline_comments!({
+        rest_inline_violations = submit_inline_comments!(**{
           danger_id: danger_id,
           previous_violations: previous_violations
-        }.merge(**inline_violations))
+        }.merge(inline_violations))
 
         main_violations = merge_violations(
           regular_violations, rest_inline_violations
@@ -189,11 +189,11 @@ module Danger
 
         # If there are still violations to show
         if main_violations_sum.any?
-          body = generate_comment({
+          body = generate_comment(**{
             template: "github",
             danger_id: danger_id,
             previous_violations: previous_violations
-          }.merge(**main_violations))
+          }.merge(main_violations))
 
           comment_result =
             if should_create_new_comment

data/lib/danger/request_sources/gitlab.rb

@@ -85,7 +85,7 @@ module Danger
           if supports_inline_comments
             @raw_comments = mr_discussions
               .auto_paginate
-              .flat_map { |discussion| discussion.notes.map { |note| note.merge({"discussion_id" => discussion.id}) } }
+              .flat_map { |discussion| discussion.notes.map { |note| note.to_h.merge({"discussion_id" => discussion.id}) } }
             @raw_comments
               .map { |comment| Comment.from_gitlab(comment) }
           else
@@ -206,10 +206,10 @@ module Danger
           markdowns: markdowns
         )
 
-        rest_inline_violations = submit_inline_comments!({
+        rest_inline_violations = submit_inline_comments!(**{
           danger_id: danger_id,
           previous_violations: previous_violations
-        }.merge(**inline_violations))
+        }.merge(inline_violations))
 
         main_violations = merge_violations(
           regular_violations, rest_inline_violations
@@ -224,11 +224,11 @@ module Danger
 
         # If there are still violations to show
         if main_violations_sum.any?
-          body = generate_comment({
+          body = generate_comment(**{
             template: "gitlab",
             danger_id: danger_id,
             previous_violations: previous_violations
-          }.merge(**main_violations))
+          }.merge(main_violations))
 
           comment_result =
             if should_create_new_comment
@@ -359,7 +359,7 @@ module Danger
       def submit_inline_comments!(warnings: [], errors: [], messages: [], markdowns: [], previous_violations: [], danger_id: "danger")
         comments = mr_discussions
           .auto_paginate
-          .flat_map { |discussion| discussion.notes.map { |note| note.merge({"discussion_id" => discussion.id}) } }
+          .flat_map { |discussion| discussion.notes.map { |note| note.to_h.merge({"discussion_id" => discussion.id}) } }
           .select { |comment| Comment.from_gitlab(comment).inline? }
 
         danger_comments = comments.select { |comment| Comment.from_gitlab(comment).generated_by_danger?(danger_id) }
@@ -410,7 +410,7 @@ module Danger
           next false unless m.file && m.line
           # Reject if it's out of range and in dismiss mode
           next true if dismiss_out_of_range_messages_for(kind) && is_out_of_range(mr_changes.changes, m)
-          
+
           # Once we know we're gonna submit it, we format it
           if is_markdown_content
             body = generate_inline_markdown_body(m, danger_id: danger_id, template: "gitlab")
@@ -531,10 +531,10 @@ module Danger
       end
 
       def is_out_of_range(changes, message)
-        change = changes.find { |c| c["new_path"] == message.file }  
+        change = changes.find { |c| c["new_path"] == message.file }
         # If there is no changes or rename only or deleted, return out of range.
         return true if change.nil? || change["diff"].empty? || change["deleted_file"]
-        
+
         # If new file then return in range
         return false if change["new_file"]
 
@@ -544,7 +544,7 @@ module Danger
         return true
       end
 
-      def generate_addition_lines(diff) 
+      def generate_addition_lines(diff)
         range_header_regexp = /@@ -(?<old>[0-9]+)(,([0-9]+))? \+(?<new>[0-9]+)(,([0-9]+))? @@.*/
         addition_lines = []
         line_number = 0

data/lib/danger/version.rb

@@ -1,4 +1,4 @@
 module Danger
-  VERSION = "8.0.6".freeze
+  VERSION = "8.2.3".freeze
   DESCRIPTION = "Like Unit Tests, but for your Team Culture.".freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: danger
 version: !ruby/object:Gem::Version
-  version: 8.0.6
+  version: 8.2.3
 platform: ruby
 authors:
 - Orta Therox
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-10-05 00:00:00.000000000 Z
+date: 2021-03-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: claide
@@ -147,16 +147,22 @@ dependencies:
   name: terminal-table
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4'
 - !ruby/object:Gem::Dependency
   name: cork
   requirement: !ruby/object:Gem::Requirement
@@ -214,6 +220,7 @@ files:
 - lib/danger/ci_source/code_build.rb
 - lib/danger/ci_source/codefresh.rb
 - lib/danger/ci_source/codeship.rb
+- lib/danger/ci_source/concourse.rb
 - lib/danger/ci_source/dotci.rb
 - lib/danger/ci_source/drone.rb
 - lib/danger/ci_source/github_actions.rb
@@ -301,6 +308,7 @@ files:
 - lib/danger/request_sources/bitbucket_cloud_api.rb
 - lib/danger/request_sources/bitbucket_server.rb
 - lib/danger/request_sources/bitbucket_server_api.rb
+- lib/danger/request_sources/code_insights_api.rb
 - lib/danger/request_sources/github/github.rb
 - lib/danger/request_sources/github/github_review.rb
 - lib/danger/request_sources/github/github_review_resolver.rb