danger 9.4.2 → 9.5.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 159f9e62814cd8724e55f7f8584d936e87baec3b6ebb554a37e7990b60a911c1
-  data.tar.gz: cff0e62eb89fc5893521f8116a0c97c084fa460c7702508565914b719f872d3b
+  metadata.gz: c1a29ac64cb5013e28a0e137ba85672f035a3116508c15815ff34e2e4c2efe71
+  data.tar.gz: ccd8f3bf454de07224648c91fcff6f4e63d8173b50215d769de44230b4621e16
 SHA512:
-  metadata.gz: e6ea6863e7becfab88b477d72ee6c0c077db24db33773d0fb9948b641e2ee088be8086340091adfb4c85933458ae5c51f1f075babc49009bd0d2f6544b8f011f
-  data.tar.gz: 5b3288475743c4156a12edbb2e68666622fedc16726714243572f29740b686c54050f01e9bf042b2a9bbba45c646a8933a5cfcd22b3b4b431aaa56edb8dbfe8f
+  metadata.gz: 11a8ad39bcfbddb55c4683e7a7852d79ac17f74f5da55dcfabc796ac4b83a5f4b45d2ad5de53cc8bfdb47034c0572d546ff225b021c4420a751c3d9e0cd9962e
+  data.tar.gz: 6dd015355fb17c8bf4a4f79eec81e4e755b1e6eb94268d55809f4146b41367ed474969ce08358e8ef2deb05998af89ec04414ae0caed6407ff28ef24c374452d

data/README.md

@@ -19,11 +19,11 @@ Formalize your Pull Request etiquette.
 
 ## What is Danger?
 
-Danger runs after your CI, automating your team's conventions surrounding code review.
+Danger runs during your CI process, and gives teams the chance to automate common code review chores.
 
 This provides another logical step in your process, through this Danger can help lint your rote tasks in daily code review.
 
-You can use Danger to codify your team's norms, leaving humans to think about harder problems.
+You can use Danger to codify your teams norms. Leaving humans to think about harder problems.
 
 ## For example?
 

data/lib/danger/ci_source/azure_pipelines.rb

@@ -19,7 +19,7 @@ module Danger
   # #### GitHub
   #
   # You need to add the `DANGER_GITHUB_API_TOKEN` environment variable, to do this, go to your build definition's variables tab.
-  #  #
+  #
   # #### Azure Git
   #
   # You need to add the `DANGER_VSTS_API_TOKEN` and `DANGER_VSTS_HOST` environment variable, to do this,

data/lib/danger/ci_source/bitbucket_pipelines.rb

@@ -10,10 +10,31 @@ module Danger
   #
   # ### Token Setup
   #
-  # Add `DANGER_BITBUCKETCLOUD_USERNAME` and `DANGER_BITBUCKETCLOUD_PASSWORD` to your pipeline repository variable
-  # or instead using `DANGER_BITBUCKETCLOUD_OAUTH_KEY` and `DANGER_BITBUCKETCLOUD_OAUTH_SECRET`.
+  # For username and password, you need to set.
   #
-  # You can find them in Settings > Pipelines > Repository Variables
+  # - `DANGER_BITBUCKETCLOUD_USERNAME` = The username for the account used to comment, as shown on
+  #   https://bitbucket.org/account/
+  # - `DANGER_BITBUCKETCLOUD_PASSWORD` = The password for the account used to comment, you could use
+  #   [App passwords](https://confluence.atlassian.com/bitbucket/app-passwords-828781300.html#Apppasswords-Aboutapppasswords)
+  #   with Read Pull Requests and Read Account Permissions.
+  #
+  # For OAuth key and OAuth secret, you can get them from.
+  #
+  # - Open [BitBucket Cloud Website](https://bitbucket.org)
+  # - Navigate to Settings > OAuth > Add consumer
+  # - Put `https://bitbucket.org/site/oauth2/authorize` for `Callback URL`, and enable Read Pull requests, and Read Account
+  #   Permission.
+  #
+  # - `DANGER_BITBUCKETCLOUD_OAUTH_KEY` = The consumer key for the account used to comment, as show as `Key` on the website.
+  # - `DANGER_BITBUCKETCLOUD_OAUTH_SECRET` = The consumer secret for the account used to comment, as show as `Secret` on the
+  #   website.
+  #
+  # For [repository access token](https://support.atlassian.com/bitbucket-cloud/docs/repository-access-tokens/), what you
+  # need to create one is:
+  #
+  # - Open your repository URL
+  # - Navigate to Settings > Security > Access Tokens > Create Repository Access Token
+  # - Give it a name and set Pull requests write scope
 
   class BitbucketPipelines < CI
     def self.validates_as_ci?(env)

data/lib/danger/ci_source/bitrise.rb

@@ -19,13 +19,13 @@ module Danger
   #
   # Add the `DANGER_GITHUB_API_TOKEN` to your workflow's [Secret App Env Vars](https://blog.bitrise.io/anyone-even-prs-can-have-secrets).
   #
-  # ### bitbucket server and bitrise
+  # ### Bitbucket Server and Bitrise
   #
-  # Danger will read the environment variable GIT_REPOSITORY_URL to construct the Bitbucket Server API URL
-  # finding the project and repo slug in the GIT_REPOSITORY_URL variable. This GIT_REPOSITORY_URL variable
+  # Danger will read the environment variable `GIT_REPOSITORY_URL` to construct the Bitbucket Server API URL
+  # finding the project and repo slug in the `GIT_REPOSITORY_URL` variable. This `GIT_REPOSITORY_URL` variable
   # comes from the App Settings tab for your Bitrise App. If you are manually setting a repo URL in the
   # Git Clone Repo step, you may need to set adjust this property in the settings tab, maybe even fake it.
-  # The patterns used are `(%r{\.com/(.*)})` and `(%r{\.com:(.*)})` and .split(/\.git$|$/) to remove ".git" if the URL contains it.
+  # The patterns used are `(%r{\.com/(.*)})` and `(%r{\.com:(.*)})` and `.split(/\.git$|$/)` to remove ".git" if the URL contains it.
   #
   class Bitrise < CI
     def self.validates_as_ci?(env)

data/lib/danger/ci_source/buildkite.rb

@@ -7,7 +7,7 @@ module Danger
   # ### CI Setup
   #
   # With BuildKite you run the server yourself, so you will want to run  it as a part of your build process.
-  # It is common to have build steps, so we would recommend adding this to your scrip:
+  # It is common to have build steps, so we would recommend adding this to your script:
   #
   #  ```shell
   #   echo "--- Running Danger"

data/lib/danger/ci_source/code_build.rb

@@ -4,8 +4,8 @@ require "danger/request_sources/github/github"
 module Danger
   # ### CI Setup
   #
-  # In CodeBuild, make sure to correctly forward CODEBUILD_BUILD_ID, CODEBUILD_SOURCE_VERSION, CODEBUILD_SOURCE_REPO_URL and DANGER_GITHUB_API_TOKEN.
-  # In CodeBuild with batch builds, make sure to correctly forward CODEBUILD_BUILD_ID, CODEBUILD_WEBHOOK_TRIGGER, CODEBUILD_SOURCE_REPO_URL, CODEBUILD_BATCH_BUILD_IDENTIFIER and DANGER_GITHUB_API_TOKEN.
+  # In CodeBuild, make sure to correctly forward `CODEBUILD_BUILD_ID`, `CODEBUILD_SOURCE_VERSION`, `CODEBUILD_SOURCE_REPO_URL` and `DANGER_GITHUB_API_TOKEN`.
+  # In CodeBuild with batch builds, make sure to correctly forward `CODEBUILD_BUILD_ID`, `CODEBUILD_WEBHOOK_TRIGGER`, `CODEBUILD_SOURCE_REPO_URL`, `CODEBUILD_BATCH_BUILD_IDENTIFIER` and `DANGER_GITHUB_API_TOKEN`.
   #
   # ### Token Setup
   #

data/lib/danger/ci_source/local_git_repo.rb

@@ -14,7 +14,6 @@ require "danger/ci_source/support/pull_request_finder"
 require "danger/ci_source/support/commits"
 
 module Danger
-  # ignore
   class LocalGitRepo < CI
     attr_accessor :base_commit, :head_commit
 

data/lib/danger/commands/pr.rb

@@ -4,7 +4,6 @@ require "faraday/http_cache"
 require "fileutils"
 require "octokit"
 require "tmpdir"
-require "no_proxy_fix"
 
 module Danger
   class PR < Runner

data/lib/danger/danger_core/environment_manager.rb

@@ -7,6 +7,8 @@ module Danger
 
     # Finds a Danger::CI class based on the ENV
     def self.local_ci_source(env)
+      return Danger::LocalOnlyGitRepo if LocalOnlyGitRepo.validates_as_ci? env
+
       CI.available_ci_sources.find { |ci| ci.validates_as_ci? env }
     end
 
@@ -106,7 +108,7 @@ module Danger
         title = "For Danger to run on this project, you need to expose a set of following the ENV vars:\n#{RequestSources::RequestSource.available_source_names_and_envs.join("\n")}"
       end
 
-      [title, (subtitle || "")]
+      [title, subtitle || ""]
     end
 
     def ui_display_no_request_source_error_message(ui, env, title, subtitle)

data/lib/danger/danger_core/message_aggregator.rb

@@ -5,8 +5,8 @@ require "danger/helpers/message_groups_array_helper"
 
 module Danger
   class MessageAggregator
-    def self.aggregate(*args)
-      new(*args).aggregate
+    def self.aggregate(*args, **kwargs)
+      new(*args, **kwargs).aggregate
     end
 
     def initialize(warnings: [],

data/lib/danger/danger_core/plugins/dangerfile_github_plugin.rb

@@ -237,7 +237,7 @@ module Danger
     # @!group GitHub Misc
     # Use to ignore inline messages which lay outside a diff's range, thereby not posting them in the main comment.
     # You can set hash to change behavior per each kinds. (ex. `{warning: true, error: false}`)
-    # @param    [Bool] or [Hash<Symbol, Bool>] dismiss
+    # @param    [Bool or Hash<Symbol, Bool>] dismiss
     #           Ignore out of range inline messages, defaults to `true`
     #
     # @return   [void]

data/lib/danger/danger_core/plugins/dangerfile_gitlab_plugin.rb

@@ -248,7 +248,7 @@ module Danger
     # @!group Gitlab Misc
     # Use to ignore inline messages which lay outside a diff's range, thereby not posting the comment.
     # You can set hash to change behavior per each kinds. (ex. `{warning: true, error: false}`)
-    # @param    [Bool] or [Hash<Symbol, Bool>] dismiss
+    # @param    [Bool or Hash<Symbol, Bool>] dismiss
     #           Ignore out of range inline messages, defaults to `true`
     #
     # @return   [void]

data/lib/danger/danger_core/plugins/dangerfile_messaging_plugin.rb

@@ -13,12 +13,13 @@ module Danger
   # If it's not called again on subsequent runs.
   #
   # Each of `message`, `warn`, `fail` and `markdown` support multiple passed arguments
-  # @example
   #
-  # message 'Hello', 'World', file: "Dangerfile", line: 1
-  # warn ['This', 'is', 'warning'], file: "Dangerfile", line: 1
-  # failure 'Ooops', 'bad bad error', sticky: false
-  # markdown '# And', '# Even', '# Markdown', file: "Dangerfile", line: 1
+  # @example Multiple passed arguments
+  #
+  #   message 'Hello', 'World', file: "Dangerfile", line: 1
+  #   warn ['This', 'is', 'warning'], file: "Dangerfile", line: 1
+  #   failure 'Ooops', 'bad bad error', sticky: false
+  #   markdown '# And', '# Even', '# Markdown', file: "Dangerfile", line: 1
   #
   # By default, using `failure` would fail the corresponding build. Either via an API call, or
   # via the return value for the danger command. Older code examples use `fail` which is an alias
@@ -87,11 +88,12 @@ module Danger
     # @!group Core
     # Print markdown to below the table
     #
-    # @param    [String, Array<String>] message
+    # @param    [Hash] options
+    # @option   [String, Array<String>] markdowns
     #           The markdown based message to be printed below the table
-    # @param    [String] file
+    # @option   [String] file
     #           Optional. Path to the file that the message is for.
-    # @param    [String] line
+    # @option   [String] line
     #           Optional. The line in the file to present the message in.
     # @return   [void]
     #
@@ -107,14 +109,15 @@ module Danger
     # @!group Core
     # Print out a generate message on the PR
     #
-    # @param    [String, Array<String>] message
+    # @param    [String, Array<String>] messages
     #           The message to present to the user
-    # @param    [Boolean] sticky
+    # @param    [Hash] options
+    # @option   [Boolean] sticky
     #           Whether the message should be kept after it was fixed,
     #           defaults to `false`.
-    # @param    [String] file
+    # @option   [String] file
     #           Optional. Path to the file that the message is for.
-    # @param    [String] line
+    # @option   [String] line
     #           Optional. The line in the file to present the message in.
     # @return   [void]
     #
@@ -131,14 +134,15 @@ module Danger
     # @!group Core
     # Specifies a problem, but not critical
     #
-    # @param    [String, Array<String>] message
+    # @param    [String, Array<String>] warnings
     #           The message to present to the user
-    # @param    [Boolean] sticky
+    # @param    options
+    # @option   [Boolean] sticky
     #           Whether the message should be kept after it was fixed,
     #           defaults to `false`.
-    # @param    [String] file
+    # @option   [String] file
     #           Optional. Path to the file that the message is for.
-    # @param    [String] line
+    # @option   [String] line
     #           Optional. The line in the file to present the message in.
     # @return   [void]
     #
@@ -157,14 +161,15 @@ module Danger
     # @!group Core
     # Declares a CI blocking error
     #
-    # @param    [String, Array<String>] message
+    # @param    [String, Array<String>] failures
     #           The message to present to the user
-    # @param    [Boolean] sticky
+    # @param    options
+    # @option   [Boolean] sticky
     #           Whether the message should be kept after it was fixed,
     #           defaults to `false`.
-    # @param    [String] file
+    # @option   [String] file
     #           Optional. Path to the file that the message is for.
-    # @param    [String] line
+    # @option   [String] line
     #           Optional. The line in the file to present the message in.
     # @return   [void]
     #

data/lib/danger/helpers/comments_helper.rb

@@ -14,14 +14,14 @@ module Danger
         Kramdown::Document.new(text, input: "GFM", smart_quotes: %w(apos apos quot quot))
       end
 
-      # !@group Extension points
+      # @!group Extension points
       # Produces a markdown link to the file the message points to
       #
       # request_source implementations are invited to override this method with their
       # vendor specific link.
       #
       # @param [Violation or Markdown] message
-      # @param [Bool] Should hide any generated link created
+      # @param [Bool] hide_link Should hide any generated link created
       #
       # @return [String] The Markdown compatible link
       def markdown_link_to_message(message, hide_link)
@@ -30,12 +30,12 @@ module Danger
         "#{message.file}#L#{message.line}"
       end
 
-      # !@group Extension points
+      # @!group Extension points
       # Determine whether two messages are equivalent
       #
       # request_source implementations are invited to override this method.
       # This is mostly here to enable sources to detect when inlines change only in their
-      # commit hash and not in content per-se. since the link is implementation dependant
+      # commit hash and not in content per-se. since the link is implementation dependent
       # so should be the comparison.
       #
       # @param [Violation or Markdown] m1
@@ -46,6 +46,8 @@ module Danger
         m1 == m2
       end
 
+      # @endgroup
+
       def process_markdown(violation, hide_link = false)
         message = violation.message
         message = "#{markdown_link_to_message(violation, hide_link)}#{message}" if violation.file && violation.line

data/lib/danger/helpers/comments_parsing_helper.rb

@@ -1,7 +1,7 @@
 module Danger
   module Helpers
     module CommentsParsingHelper
-      # !@group Extension points
+      # @!group Extension points
       # Produces a message-like from a row in a comment table
       #
       # @param [String] row
@@ -12,6 +12,8 @@ module Danger
         Violation.new(row, true)
       end
 
+      # @endgroup
+
       def parse_tables_from_comment(comment)
         comment.split("</table>")
       end

data/lib/danger/request_sources/bitbucket_cloud.rb

@@ -9,17 +9,24 @@ module Danger
       attr_accessor :pr_json
 
       def self.env_vars
+        ["DANGER_BITBUCKETCLOUD_UUID"]
+      end
+
+      # While it says "optional", one of these is required to run Danger on Bitbucket Cloud.
+      #
+      # - Both `DANGER_BITBUCKETCLOUD_OAUTH_KEY` and `DANGER_BITBUCKETCLOUD_OAUTH_SECRET`
+      # - Both `DANGER_BITBUCKETCLOUD_USERNAME` and `DANGER_BITBUCKETCLOUD_PASSWORD`
+      # - `DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN`
+      def self.optional_env_vars
         [
+          "DANGER_BITBUCKETCLOUD_OAUTH_KEY",
+          "DANGER_BITBUCKETCLOUD_OAUTH_SECRET",
+          "DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN",
           "DANGER_BITBUCKETCLOUD_USERNAME",
-          "DANGER_BITBUCKETCLOUD_UUID",
           "DANGER_BITBUCKETCLOUD_PASSWORD"
         ]
       end
 
-      def self.optional_env_vars
-        ["DANGER_BITBUCKETCLOUD_OAUTH_KEY", "DANGER_BITBUCKETCLOUD_OAUTH_SECRET"]
-      end
-
       def initialize(ci_source, environment)
         self.ci_source = ci_source
 
@@ -75,7 +82,7 @@ module Danger
         messages = update_inline_comments_for_kind!(:messages, messages, danger_id: danger_id)
         markdowns = update_inline_comments_for_kind!(:markdowns, markdowns, danger_id: danger_id)
 
-        has_comments = (warnings.count.positive? || errors.count.positive? || messages.count.positive? || markdowns.count.positive?)
+        has_comments = warnings.count.positive? || errors.count.positive? || messages.count.positive? || markdowns.count.positive?
         if has_comments
           comment = generate_description(warnings: warnings, errors: errors, template: "bitbucket_server")
           comment += "\n\n"

data/lib/danger/request_sources/bitbucket_cloud_api.rb

@@ -39,6 +39,8 @@ module Danger
       end
 
       def credentials_given?
+        return true if @access_token
+
         @my_uuid && !@my_uuid.empty? &&
           @username && !@username.empty? &&
           @password && !@password.empty?
@@ -105,6 +107,12 @@ module Danger
       end
 
       def fetch_access_token(environment)
+        access_token = environment["DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN"]
+        if access_token
+          @access_token = access_token
+          return access_token
+        end
+
         oauth_key = environment["DANGER_BITBUCKETCLOUD_OAUTH_KEY"]
         oauth_secret = environment["DANGER_BITBUCKETCLOUD_OAUTH_SECRET"]
         return nil if oauth_key.nil?

data/lib/danger/request_sources/bitbucket_server.rb

@@ -115,7 +115,7 @@ module Danger
           markdowns = main_violations[:markdowns] || []
         end
 
-        has_comments = (warnings.count > 0 || errors.count > 0 || messages.count > 0 || markdowns.count > 0)
+        has_comments = warnings.count > 0 || errors.count > 0 || messages.count > 0 || markdowns.count > 0
         if has_comments
           comment = generate_description(warnings: warnings,
                                          errors: errors)

data/lib/danger/request_sources/github/github.rb

@@ -77,7 +77,24 @@ module Danger
       end
 
       def pr_diff
-        @pr_diff ||= client.pull_request(ci_source.repo_slug, ci_source.pull_request_id, accept: "application/vnd.github.v3.diff")
+        # This is a hack to get the file patch into a format that parse-diff accepts
+        # as the GitHub API for listing pull request files is missing file names in the patch.
+        prefixed_patch = lambda do |file:|
+          <<~PATCH
+          diff --git a/#{file['filename']} b/#{file['filename']}
+          --- a/#{file['filename']}
+          +++ b/#{file['filename']}
+          #{file['patch']}
+          PATCH
+        end
+
+        files = client.pull_request_files(
+          ci_source.repo_slug,
+          ci_source.pull_request_id,
+          accept: "application/vnd.github.v3.diff"
+        )
+
+        @pr_diff ||= files.map { |file| prefixed_patch.call(file: file) }.join("\n")
       end
 
       def review
@@ -252,14 +269,16 @@ module Danger
       end
 
       def submit_inline_comments!(warnings: [], errors: [], messages: [], markdowns: [], previous_violations: [], danger_id: "danger")
-        # Avoid doing any fetchs if there's no inline comments
-        return {} if (warnings + errors + messages + markdowns).select(&:inline?).empty?
-
-        diff_lines = self.pr_diff.lines
         pr_comments = client.pull_request_comments(ci_source.repo_slug, ci_source.pull_request_id)
         danger_comments = pr_comments.select { |comment| Comment.from_github(comment).generated_by_danger?(danger_id) }
         non_danger_comments = pr_comments - danger_comments
 
+        if (warnings + errors + messages + markdowns).select(&:inline?).empty?
+          delete_old_inline_violations(danger_comments: danger_comments, non_danger_comments: non_danger_comments)
+          return {}
+        end
+
+        diff_lines = self.pr_diff.lines
         warnings = submit_inline_comments_for_kind!(:warning, warnings, diff_lines, danger_comments, previous_violations["warning"], danger_id: danger_id)
         errors = submit_inline_comments_for_kind!(:error, errors, diff_lines, danger_comments, previous_violations["error"], danger_id: danger_id)
         messages = submit_inline_comments_for_kind!(:message, messages, diff_lines, danger_comments, previous_violations["message"], danger_id: danger_id)
@@ -267,6 +286,17 @@ module Danger
 
         # submit removes from the array all comments that are still in force
         # so we strike out all remaining ones
+        delete_old_inline_violations(danger_comments: danger_comments, non_danger_comments: non_danger_comments)
+
+        {
+          warnings: warnings,
+          errors: errors,
+          messages: messages,
+          markdowns: markdowns
+        }
+      end
+
+      def delete_old_inline_violations(danger_comments: [], non_danger_comments: [])
         danger_comments.each do |comment|
           violation = violations_from_table(comment["body"]).first
           if !violation.nil? && violation.sticky
@@ -285,13 +315,6 @@ module Danger
             client.delete_pull_request_comment(ci_source.repo_slug, comment["id"]) if replies.empty?
           end
         end
-
-        {
-          warnings: warnings,
-          errors: errors,
-          messages: messages,
-          markdowns: markdowns
-        }
       end
 
       def messages_are_equivalent(m1, m2)
@@ -306,7 +329,7 @@ module Danger
         is_markdown_content = kind == :markdown
         emoji = { warning: "warning", error: "no_entry_sign", message: "book" }[kind]
 
-        messages.reject do |m|
+        messages.reject do |m| # rubocop:todo Metrics/BlockLength
           next false unless m.file && m.line
 
           position = find_position_in_diff diff_lines, m, kind
@@ -343,8 +366,10 @@ module Danger
 
           if matching_comments.empty?
             begin
+              # Since Octokit v8, the signature of create_pull_request_comment has been changed.
+              # See https://github.com/danger/danger/issues/1475 for detailed information.
               client.create_pull_request_comment(ci_source.repo_slug, ci_source.pull_request_id,
-                                                 body, head_ref, m.file, position)
+                                                 body, head_ref, m.file, (Octokit::MAJOR >= 8 ? m.line : position))
             rescue Octokit::UnprocessableEntity => e
               # Show more detail for UnprocessableEntity error
               message = [e, "body: #{body}", "head_ref: #{head_ref}", "filename: #{m.file}", "position: #{position}"].join("\n")

data/lib/danger/request_sources/gitlab.rb

@@ -304,7 +304,7 @@ module Danger
 
       # @return [String] A URL to the specific file, ready to be downloaded
       def file_url(organisation: nil, repository: nil, ref: nil, branch: nil, path: nil)
-        ref ||= (branch || "master")
+        ref ||= branch || "master"
         # According to GitLab Repositories API docs path and id(slug) should be encoded.
         path = URI.encode_www_form_component(path)
         repository = URI.encode_www_form_component(repository)
@@ -395,7 +395,7 @@ module Danger
         is_markdown_content = kind == :markdown
         emoji = { warning: "warning", error: "no_entry_sign", message: "book" }[kind]
 
-        messages.reject do |m|
+        messages.reject do |m| # rubocop:todo Metrics/BlockLength
           next false unless m.file && m.line
           # Reject if it's out of range and in dismiss mode
           next true if dismiss_out_of_range_messages_for(kind) && is_out_of_range(mr_changes.changes, m)

data/lib/danger/request_sources/vsts.rb

@@ -139,7 +139,7 @@ module Danger
       end
 
       def submit_inline_comments!(warnings: [], errors: [], messages: [], markdowns: [], previous_violations: [], danger_id: "danger")
-        # Avoid doing any fetchs if there's no inline comments
+        # Avoid doing any fetches if there's no inline comments
         return {} if (warnings + errors + messages + markdowns).select(&:inline?).empty?
 
         pr_threads = @api.fetch_last_comments
@@ -185,7 +185,7 @@ module Danger
         is_markdown_content = kind == :markdown
         emoji = { warning: "warning", error: "no_entry_sign", message: "book" }[kind]
 
-        messages.reject do |m|
+        messages.reject do |m| # rubocop:todo Metrics/BlockLength
           next false unless m.file && m.line
 
           # Once we know we're gonna submit it, we format it

data/lib/danger/scm_source/git_repo.rb

@@ -144,13 +144,16 @@ module Danger
       return unless from_is_ref || to_is_ref
 
       depth = 0
-      (3..6).any? do |factor|
+      (3..6).each do |factor|
         depth += Math.exp(factor).to_i
 
         git_fetch_branch_to_depth(from, depth) if from_is_ref
         git_fetch_branch_to_depth(to, depth) if to_is_ref
-        possible_merge_base(repo, from, to)
+        merge_base = possible_merge_base(repo, from, to)
+        return merge_base if merge_base
       end
+
+      nil
     end
 
     def possible_merge_base(repo, from, to)

data/lib/danger/version.rb

@@ -1,4 +1,4 @@
 module Danger
-  VERSION = "9.4.2".freeze
+  VERSION = "9.5.3".freeze
   DESCRIPTION = "Like Unit Tests, but for your Team Culture.".freeze
 end

metadata

@@ -1,16 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: danger
 version: !ruby/object:Gem::Version
-  version: 9.4.2
+  version: 9.5.3
 platform: ruby
 authors:
 - Orta Therox
 - Juanito Fatas
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-12-13 00:00:00.000000000 Z
+date: 2025-07-04 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: base64
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
 - !ruby/object:Gem::Dependency
   name: claide
   requirement: !ruby/object:Gem::Requirement
@@ -43,16 +56,22 @@ dependencies:
   name: colored2
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '3.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '3.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5'
 - !ruby/object:Gem::Dependency
   name: cork
   requirement: !ruby/object:Gem::Requirement
@@ -105,30 +124,42 @@ dependencies:
   name: git
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.13'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.13'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: kramdown
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.5.1
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: 2.5.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: kramdown-parser-gfm
   requirement: !ruby/object:Gem::Requirement
@@ -144,33 +175,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
-  name: no_proxy_fix
+  name: octokit
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
-  name: octokit
+  name: pstore
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: terminal-table
   requirement: !ruby/object:Gem::Requirement
@@ -180,7 +211,7 @@ dependencies:
         version: '1'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '4'
+        version: '5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -190,7 +221,7 @@ dependencies:
         version: '1'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '4'
+        version: '5'
 description: Stop Saying 'You Forgot To…' in Code Review
 email:
 - orta.therox@gmail.com
@@ -329,7 +360,6 @@ homepage: https://github.com/danger/danger
 licenses:
 - MIT
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -344,8 +374,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
-signing_key:
+rubygems_version: 3.6.2
 specification_version: 4
 summary: Like Unit Tests, but for your Team Culture.
 test_files: []