danger 9.4.3 → 9.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 235adb876d4329ef24664c6139ed7266298db3f672415e83cf78d1b9dfb87af9
-  data.tar.gz: 359771a09da8778f29d3d6d0fa26d803474813ae8d4a154fdef66489f7b3919b
+  metadata.gz: 67fd79bdc597c9e9f26f590ad3ca50c045cbd9a543225ac53d66ba174ba20ff5
+  data.tar.gz: 1ba194d96a1eb7a0b430270e2d129df3de3989e904833bba703e672f27973c91
 SHA512:
-  metadata.gz: ee8c64ffa617f2dc8e4c9dd00861dfac8243c6898cd4b10f2185358b95bbe3278ab6d3265db375cd6cb7fc33d1b5e6c7499db879a735f8e22e46737e5fc8a2da
-  data.tar.gz: 82bc4ac05e20fda0f0fc0936ed14eeadb8446effd43f65c673edbdcb6af364c3c0c22106bf8e3d667e1efba1e11ee9e9d9d83b7f13818b85779159f9bcbed9ad
+  metadata.gz: 4cd4fdc164a74ffd74b20cf9cbe1b0472d515f848ea6e0da9cfad60587d1aef1c09fe0bda83bbfa6d666fba51213f1c6613774597b9c1624b43facae2ff57200
+  data.tar.gz: f35871a565daf2296a1493ced5b9536d2b0aa385ac8acdfeff0301f247628424ba645c2c51b7ac2d2026307d07c7ae4da11ef6239a889175a85be21c0807ec6b

data/README.md

@@ -19,11 +19,11 @@ Formalize your Pull Request etiquette.
 
 ## What is Danger?
 
-Danger runs after your CI, automating your team's conventions surrounding code review.
+Danger runs during your CI process, and gives teams the chance to automate common code review chores.
 
 This provides another logical step in your process, through this Danger can help lint your rote tasks in daily code review.
 
-You can use Danger to codify your team's norms, leaving humans to think about harder problems.
+You can use Danger to codify your teams norms. Leaving humans to think about harder problems.
 
 ## For example?
 

data/lib/danger/ci_source/azure_pipelines.rb

@@ -19,7 +19,7 @@ module Danger
   # #### GitHub
   #
   # You need to add the `DANGER_GITHUB_API_TOKEN` environment variable, to do this, go to your build definition's variables tab.
-  #  #
+  #
   # #### Azure Git
   #
   # You need to add the `DANGER_VSTS_API_TOKEN` and `DANGER_VSTS_HOST` environment variable, to do this,

data/lib/danger/ci_source/bitbucket_pipelines.rb

@@ -10,10 +10,31 @@ module Danger
   #
   # ### Token Setup
   #
-  # Add `DANGER_BITBUCKETCLOUD_USERNAME` and `DANGER_BITBUCKETCLOUD_PASSWORD` to your pipeline repository variable
-  # or instead using `DANGER_BITBUCKETCLOUD_OAUTH_KEY` and `DANGER_BITBUCKETCLOUD_OAUTH_SECRET`.
+  # For username and password, you need to set.
   #
-  # You can find them in Settings > Pipelines > Repository Variables
+  # - `DANGER_BITBUCKETCLOUD_USERNAME` = The username for the account used to comment, as shown on
+  #   https://bitbucket.org/account/
+  # - `DANGER_BITBUCKETCLOUD_PASSWORD` = The password for the account used to comment, you could use
+  #   [App passwords](https://confluence.atlassian.com/bitbucket/app-passwords-828781300.html#Apppasswords-Aboutapppasswords)
+  #   with Read Pull Requests and Read Account Permissions.
+  #
+  # For OAuth key and OAuth secret, you can get them from.
+  #
+  # - Open [BitBucket Cloud Website](https://bitbucket.org)
+  # - Navigate to Settings > OAuth > Add consumer
+  # - Put `https://bitbucket.org/site/oauth2/authorize` for `Callback URL`, and enable Read Pull requests, and Read Account
+  #   Permission.
+  #
+  # - `DANGER_BITBUCKETCLOUD_OAUTH_KEY` = The consumer key for the account used to comment, as show as `Key` on the website.
+  # - `DANGER_BITBUCKETCLOUD_OAUTH_SECRET` = The consumer secret for the account used to comment, as show as `Secret` on the
+  #   website.
+  #
+  # For [repository access token](https://support.atlassian.com/bitbucket-cloud/docs/repository-access-tokens/), what you
+  # need to create one is:
+  #
+  # - Open your repository URL
+  # - Navigate to Settings > Security > Access Tokens > Create Repository Access Token
+  # - Give it a name and set Pull requests write scope
 
   class BitbucketPipelines < CI
     def self.validates_as_ci?(env)

data/lib/danger/ci_source/bitrise.rb

@@ -19,13 +19,13 @@ module Danger
   #
   # Add the `DANGER_GITHUB_API_TOKEN` to your workflow's [Secret App Env Vars](https://blog.bitrise.io/anyone-even-prs-can-have-secrets).
   #
-  # ### bitbucket server and bitrise
+  # ### Bitbucket Server and Bitrise
   #
-  # Danger will read the environment variable GIT_REPOSITORY_URL to construct the Bitbucket Server API URL
-  # finding the project and repo slug in the GIT_REPOSITORY_URL variable. This GIT_REPOSITORY_URL variable
+  # Danger will read the environment variable `GIT_REPOSITORY_URL` to construct the Bitbucket Server API URL
+  # finding the project and repo slug in the `GIT_REPOSITORY_URL` variable. This `GIT_REPOSITORY_URL` variable
   # comes from the App Settings tab for your Bitrise App. If you are manually setting a repo URL in the
   # Git Clone Repo step, you may need to set adjust this property in the settings tab, maybe even fake it.
-  # The patterns used are `(%r{\.com/(.*)})` and `(%r{\.com:(.*)})` and .split(/\.git$|$/) to remove ".git" if the URL contains it.
+  # The patterns used are `(%r{\.com/(.*)})` and `(%r{\.com:(.*)})` and `.split(/\.git$|$/)` to remove ".git" if the URL contains it.
   #
   class Bitrise < CI
     def self.validates_as_ci?(env)

data/lib/danger/ci_source/buildkite.rb

@@ -7,7 +7,7 @@ module Danger
   # ### CI Setup
   #
   # With BuildKite you run the server yourself, so you will want to run  it as a part of your build process.
-  # It is common to have build steps, so we would recommend adding this to your scrip:
+  # It is common to have build steps, so we would recommend adding this to your script:
   #
   #  ```shell
   #   echo "--- Running Danger"

data/lib/danger/ci_source/code_build.rb

@@ -4,8 +4,8 @@ require "danger/request_sources/github/github"
 module Danger
   # ### CI Setup
   #
-  # In CodeBuild, make sure to correctly forward CODEBUILD_BUILD_ID, CODEBUILD_SOURCE_VERSION, CODEBUILD_SOURCE_REPO_URL and DANGER_GITHUB_API_TOKEN.
-  # In CodeBuild with batch builds, make sure to correctly forward CODEBUILD_BUILD_ID, CODEBUILD_WEBHOOK_TRIGGER, CODEBUILD_SOURCE_REPO_URL, CODEBUILD_BATCH_BUILD_IDENTIFIER and DANGER_GITHUB_API_TOKEN.
+  # In CodeBuild, make sure to correctly forward `CODEBUILD_BUILD_ID`, `CODEBUILD_SOURCE_VERSION`, `CODEBUILD_SOURCE_REPO_URL` and `DANGER_GITHUB_API_TOKEN`.
+  # In CodeBuild with batch builds, make sure to correctly forward `CODEBUILD_BUILD_ID`, `CODEBUILD_WEBHOOK_TRIGGER`, `CODEBUILD_SOURCE_REPO_URL`, `CODEBUILD_BATCH_BUILD_IDENTIFIER` and `DANGER_GITHUB_API_TOKEN`.
   #
   # ### Token Setup
   #

data/lib/danger/ci_source/local_git_repo.rb

@@ -14,7 +14,6 @@ require "danger/ci_source/support/pull_request_finder"
 require "danger/ci_source/support/commits"
 
 module Danger
-  # ignore
   class LocalGitRepo < CI
     attr_accessor :base_commit, :head_commit
 

data/lib/danger/commands/pr.rb

@@ -4,7 +4,6 @@ require "faraday/http_cache"
 require "fileutils"
 require "octokit"
 require "tmpdir"
-require "no_proxy_fix"
 
 module Danger
   class PR < Runner

data/lib/danger/danger_core/environment_manager.rb

@@ -7,6 +7,8 @@ module Danger
 
     # Finds a Danger::CI class based on the ENV
     def self.local_ci_source(env)
+      return Danger::LocalOnlyGitRepo if LocalOnlyGitRepo.validates_as_ci? env
+
       CI.available_ci_sources.find { |ci| ci.validates_as_ci? env }
     end
 
@@ -106,7 +108,7 @@ module Danger
         title = "For Danger to run on this project, you need to expose a set of following the ENV vars:\n#{RequestSources::RequestSource.available_source_names_and_envs.join("\n")}"
       end
 
-      [title, (subtitle || "")]
+      [title, subtitle || ""]
     end
 
     def ui_display_no_request_source_error_message(ui, env, title, subtitle)

data/lib/danger/danger_core/plugins/dangerfile_github_plugin.rb

@@ -237,7 +237,7 @@ module Danger
     # @!group GitHub Misc
     # Use to ignore inline messages which lay outside a diff's range, thereby not posting them in the main comment.
     # You can set hash to change behavior per each kinds. (ex. `{warning: true, error: false}`)
-    # @param    [Bool] or [Hash<Symbol, Bool>] dismiss
+    # @param    [Bool or Hash<Symbol, Bool>] dismiss
     #           Ignore out of range inline messages, defaults to `true`
     #
     # @return   [void]

data/lib/danger/danger_core/plugins/dangerfile_gitlab_plugin.rb

@@ -248,7 +248,7 @@ module Danger
     # @!group Gitlab Misc
     # Use to ignore inline messages which lay outside a diff's range, thereby not posting the comment.
     # You can set hash to change behavior per each kinds. (ex. `{warning: true, error: false}`)
-    # @param    [Bool] or [Hash<Symbol, Bool>] dismiss
+    # @param    [Bool or Hash<Symbol, Bool>] dismiss
     #           Ignore out of range inline messages, defaults to `true`
     #
     # @return   [void]

data/lib/danger/danger_core/plugins/dangerfile_messaging_plugin.rb

@@ -13,12 +13,13 @@ module Danger
   # If it's not called again on subsequent runs.
   #
   # Each of `message`, `warn`, `fail` and `markdown` support multiple passed arguments
-  # @example
   #
-  # message 'Hello', 'World', file: "Dangerfile", line: 1
-  # warn ['This', 'is', 'warning'], file: "Dangerfile", line: 1
-  # failure 'Ooops', 'bad bad error', sticky: false
-  # markdown '# And', '# Even', '# Markdown', file: "Dangerfile", line: 1
+  # @example Multiple passed arguments
+  #
+  #   message 'Hello', 'World', file: "Dangerfile", line: 1
+  #   warn ['This', 'is', 'warning'], file: "Dangerfile", line: 1
+  #   failure 'Ooops', 'bad bad error', sticky: false
+  #   markdown '# And', '# Even', '# Markdown', file: "Dangerfile", line: 1
   #
   # By default, using `failure` would fail the corresponding build. Either via an API call, or
   # via the return value for the danger command. Older code examples use `fail` which is an alias
@@ -87,11 +88,12 @@ module Danger
     # @!group Core
     # Print markdown to below the table
     #
-    # @param    [String, Array<String>] message
+    # @param    [Hash] options
+    # @option   [String, Array<String>] markdowns
     #           The markdown based message to be printed below the table
-    # @param    [String] file
+    # @option   [String] file
     #           Optional. Path to the file that the message is for.
-    # @param    [String] line
+    # @option   [String] line
     #           Optional. The line in the file to present the message in.
     # @return   [void]
     #
@@ -107,14 +109,15 @@ module Danger
     # @!group Core
     # Print out a generate message on the PR
     #
-    # @param    [String, Array<String>] message
+    # @param    [String, Array<String>] messages
     #           The message to present to the user
-    # @param    [Boolean] sticky
+    # @param    [Hash] options
+    # @option   [Boolean] sticky
     #           Whether the message should be kept after it was fixed,
     #           defaults to `false`.
-    # @param    [String] file
+    # @option   [String] file
     #           Optional. Path to the file that the message is for.
-    # @param    [String] line
+    # @option   [String] line
     #           Optional. The line in the file to present the message in.
     # @return   [void]
     #
@@ -131,14 +134,15 @@ module Danger
     # @!group Core
     # Specifies a problem, but not critical
     #
-    # @param    [String, Array<String>] message
+    # @param    [String, Array<String>] warnings
     #           The message to present to the user
-    # @param    [Boolean] sticky
+    # @param    options
+    # @option   [Boolean] sticky
     #           Whether the message should be kept after it was fixed,
     #           defaults to `false`.
-    # @param    [String] file
+    # @option   [String] file
     #           Optional. Path to the file that the message is for.
-    # @param    [String] line
+    # @option   [String] line
     #           Optional. The line in the file to present the message in.
     # @return   [void]
     #
@@ -157,14 +161,15 @@ module Danger
     # @!group Core
     # Declares a CI blocking error
     #
-    # @param    [String, Array<String>] message
+    # @param    [String, Array<String>] failures
     #           The message to present to the user
-    # @param    [Boolean] sticky
+    # @param    options
+    # @option   [Boolean] sticky
     #           Whether the message should be kept after it was fixed,
     #           defaults to `false`.
-    # @param    [String] file
+    # @option   [String] file
     #           Optional. Path to the file that the message is for.
-    # @param    [String] line
+    # @option   [String] line
     #           Optional. The line in the file to present the message in.
     # @return   [void]
     #

data/lib/danger/helpers/comments_helper.rb

@@ -14,14 +14,14 @@ module Danger
         Kramdown::Document.new(text, input: "GFM", smart_quotes: %w(apos apos quot quot))
       end
 
-      # !@group Extension points
+      # @!group Extension points
       # Produces a markdown link to the file the message points to
       #
       # request_source implementations are invited to override this method with their
       # vendor specific link.
       #
       # @param [Violation or Markdown] message
-      # @param [Bool] Should hide any generated link created
+      # @param [Bool] hide_link Should hide any generated link created
       #
       # @return [String] The Markdown compatible link
       def markdown_link_to_message(message, hide_link)
@@ -30,12 +30,12 @@ module Danger
         "#{message.file}#L#{message.line}"
       end
 
-      # !@group Extension points
+      # @!group Extension points
       # Determine whether two messages are equivalent
       #
       # request_source implementations are invited to override this method.
       # This is mostly here to enable sources to detect when inlines change only in their
-      # commit hash and not in content per-se. since the link is implementation dependant
+      # commit hash and not in content per-se. since the link is implementation dependent
       # so should be the comparison.
       #
       # @param [Violation or Markdown] m1
@@ -46,6 +46,8 @@ module Danger
         m1 == m2
       end
 
+      # @endgroup
+
       def process_markdown(violation, hide_link = false)
         message = violation.message
         message = "#{markdown_link_to_message(violation, hide_link)}#{message}" if violation.file && violation.line

data/lib/danger/helpers/comments_parsing_helper.rb

@@ -1,7 +1,7 @@
 module Danger
   module Helpers
     module CommentsParsingHelper
-      # !@group Extension points
+      # @!group Extension points
       # Produces a message-like from a row in a comment table
       #
       # @param [String] row
@@ -12,6 +12,8 @@ module Danger
         Violation.new(row, true)
       end
 
+      # @endgroup
+
       def parse_tables_from_comment(comment)
         comment.split("</table>")
       end

data/lib/danger/request_sources/bitbucket_cloud.rb

@@ -9,17 +9,24 @@ module Danger
       attr_accessor :pr_json
 
       def self.env_vars
+        ["DANGER_BITBUCKETCLOUD_UUID"]
+      end
+
+      # While it says "optional", one of these is required to run Danger on Bitbucket Cloud.
+      #
+      # - Both `DANGER_BITBUCKETCLOUD_OAUTH_KEY` and `DANGER_BITBUCKETCLOUD_OAUTH_SECRET`
+      # - Both `DANGER_BITBUCKETCLOUD_USERNAME` and `DANGER_BITBUCKETCLOUD_PASSWORD`
+      # - `DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN`
+      def self.optional_env_vars
         [
+          "DANGER_BITBUCKETCLOUD_OAUTH_KEY",
+          "DANGER_BITBUCKETCLOUD_OAUTH_SECRET",
+          "DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN",
           "DANGER_BITBUCKETCLOUD_USERNAME",
-          "DANGER_BITBUCKETCLOUD_UUID",
           "DANGER_BITBUCKETCLOUD_PASSWORD"
         ]
       end
 
-      def self.optional_env_vars
-        ["DANGER_BITBUCKETCLOUD_OAUTH_KEY", "DANGER_BITBUCKETCLOUD_OAUTH_SECRET"]
-      end
-
       def initialize(ci_source, environment)
         self.ci_source = ci_source
 
@@ -75,7 +82,7 @@ module Danger
         messages = update_inline_comments_for_kind!(:messages, messages, danger_id: danger_id)
         markdowns = update_inline_comments_for_kind!(:markdowns, markdowns, danger_id: danger_id)
 
-        has_comments = (warnings.count.positive? || errors.count.positive? || messages.count.positive? || markdowns.count.positive?)
+        has_comments = warnings.count.positive? || errors.count.positive? || messages.count.positive? || markdowns.count.positive?
         if has_comments
           comment = generate_description(warnings: warnings, errors: errors, template: "bitbucket_server")
           comment += "\n\n"

data/lib/danger/request_sources/bitbucket_cloud_api.rb

@@ -39,6 +39,8 @@ module Danger
       end
 
       def credentials_given?
+        return true if @access_token
+
         @my_uuid && !@my_uuid.empty? &&
           @username && !@username.empty? &&
           @password && !@password.empty?
@@ -105,6 +107,12 @@ module Danger
       end
 
       def fetch_access_token(environment)
+        access_token = environment["DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN"]
+        if access_token
+          @access_token = access_token
+          return access_token
+        end
+
         oauth_key = environment["DANGER_BITBUCKETCLOUD_OAUTH_KEY"]
         oauth_secret = environment["DANGER_BITBUCKETCLOUD_OAUTH_SECRET"]
         return nil if oauth_key.nil?

data/lib/danger/request_sources/bitbucket_server.rb

@@ -115,7 +115,7 @@ module Danger
           markdowns = main_violations[:markdowns] || []
         end
 
-        has_comments = (warnings.count > 0 || errors.count > 0 || messages.count > 0 || markdowns.count > 0)
+        has_comments = warnings.count > 0 || errors.count > 0 || messages.count > 0 || markdowns.count > 0
         if has_comments
           comment = generate_description(warnings: warnings,
                                          errors: errors)

data/lib/danger/request_sources/github/github.rb

@@ -77,7 +77,24 @@ module Danger
       end
 
       def pr_diff
-        @pr_diff ||= client.pull_request(ci_source.repo_slug, ci_source.pull_request_id, accept: "application/vnd.github.v3.diff")
+        # This is a hack to get the file patch into a format that parse-diff accepts
+        # as the GitHub API for listing pull request files is missing file names in the patch.
+        prefixed_patch = lambda do |file:|
+          <<~PATCH
+          diff --git a/#{file['filename']} b/#{file['filename']}
+          --- a/#{file['filename']}
+          +++ b/#{file['filename']}
+          #{file['patch']}
+          PATCH
+        end
+
+        files = client.pull_request_files(
+          ci_source.repo_slug,
+          ci_source.pull_request_id,
+          accept: "application/vnd.github.v3.diff"
+        )
+
+        @pr_diff ||= files.map { |file| prefixed_patch.call(file: file) }.join("\n")
       end
 
       def review

data/lib/danger/request_sources/gitlab.rb

@@ -304,7 +304,7 @@ module Danger
 
       # @return [String] A URL to the specific file, ready to be downloaded
       def file_url(organisation: nil, repository: nil, ref: nil, branch: nil, path: nil)
-        ref ||= (branch || "master")
+        ref ||= branch || "master"
         # According to GitLab Repositories API docs path and id(slug) should be encoded.
         path = URI.encode_www_form_component(path)
         repository = URI.encode_www_form_component(repository)

data/lib/danger/request_sources/vsts.rb

@@ -139,7 +139,7 @@ module Danger
       end
 
       def submit_inline_comments!(warnings: [], errors: [], messages: [], markdowns: [], previous_violations: [], danger_id: "danger")
-        # Avoid doing any fetchs if there's no inline comments
+        # Avoid doing any fetches if there's no inline comments
         return {} if (warnings + errors + messages + markdowns).select(&:inline?).empty?
 
         pr_threads = @api.fetch_last_comments

data/lib/danger/version.rb

@@ -1,4 +1,4 @@
 module Danger
-  VERSION = "9.4.3".freeze
+  VERSION = "9.5.0".freeze
   DESCRIPTION = "Like Unit Tests, but for your Team Culture.".freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: danger
 version: !ruby/object:Gem::Version
-  version: 9.4.3
+  version: 9.5.0
 platform: ruby
 authors:
 - Orta Therox
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-04 00:00:00.000000000 Z
+date: 2024-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: claide
@@ -143,20 +143,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: no_proxy_fix
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: octokit
   requirement: !ruby/object:Gem::Requirement
@@ -344,7 +330,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.5.14
 signing_key:
 specification_version: 4
 summary: Like Unit Tests, but for your Team Culture.