netsoft-danger 0.4.0 → 0.4.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 456103b5d2e1de2010b9b7872ad35e05dd9280ccf2895626362750a5024abaa6
-  data.tar.gz: c57c9638ae3d747d64dfeb492ca75e68b6380d63b7f4bef38d2d90d6af9a37c8
+  metadata.gz: 9ede65dccfd27b5f5b819632ce51c02c2263f20f6b62c4e046cb6a314f3d6011
+  data.tar.gz: 84dbd8f9915149af1a24a9341daacb2397533c6c88b9cfb04e3cb903508649b3
 SHA512:
-  metadata.gz: 12e7f27cd942a9bb9d9c425fc1ecbdca8a443076dabdb51a9770577ff67441bd2612b16a16d700bfd6f3e18e7ff2273b7a7105af1b56a0356b67bf5374451c65
-  data.tar.gz: 992cc446f38681c82f12b8d1191df42872717c84512c9185939f1ee5671d9099d0871592d936214e797e0e9f09cf6cc0f08eb2208b97946006ad20e2e78e8f1f
+  metadata.gz: 8d4ebf3f9558fb7e1f5851cf3768a9a7f7a1f6b4913833ff0cab5b35ce30e7272032f7af0e990a506e2a2c351d71c26a06503194da442fcb0a6aeca3ab7c94c7
+  data.tar.gz: 1d70671f77a7693cf240974029ff0e7fec4501f8cef0e5ef9e1d2ddf2029ea09089a31e614f213d39743cf93e39f5bb8e1aa4df1c0176672c093f405a6eb5cd2

data/.circleci/config.yml

@@ -3,11 +3,11 @@ version: 2
 defaults: &defaults
   docker: &ruby_image
     - &ruby_image
-      image: circleci/ruby:2.4.4-stretch
+      image: circleci/ruby:2.5.5-stretch
       environment:
         RUBYOPT: '-KU -E utf-8:utf-8'
         BUNDLE_PATH: vendor/bundle
-        BUNDLE_VERSION: 1.15.2
+        BUNDLE_VERSION: 1.17.3
         BUNDLE_JOBS: 4
         BUNDLE_RETRY: 3
 
@@ -82,7 +82,7 @@ jobs:
 
       - restore_cache:
           keys:
-            - netsoft-danger-bundle-v2-{{ checksum "Gemfile" }}-{{ checksum "netsoft-danger.gemspec" }}
+            - netsoft-danger-bundle-v3-{{ checksum "Gemfile" }}-{{ checksum "netsoft-danger.gemspec" }}
       - run:
           name: Install bundler
           command: gem install bundler --version=$BUNDLE_VERSION
@@ -91,7 +91,7 @@ jobs:
           command: |-
             bundle _${BUNDLE_VERSION}_ check || bundle _${BUNDLE_VERSION}_ install --retry=$BUNDLE_RETRY
       - save_cache:
-          key: netsoft-danger-bundle-v2-{{ checksum "Gemfile" }}-{{ checksum "netsoft-danger.gemspec" }}
+          key: netsoft-danger-bundle-v3-{{ checksum "Gemfile" }}-{{ checksum "netsoft-danger.gemspec" }}
           paths:
             - vendor/bundle
             - Gemfile.lock
@@ -130,7 +130,5 @@ jobs:
             ./bin/tag_check.sh
             ./bin/setup-rubygems.sh
             rm -rf pkg
-            gem install geminabox
             rake build
-            gem inabox -g ${HUBSTAFF_GEM_SERVER} pkg/*
             gem push pkg/*.gem

data/.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,24 @@
+## Change description
+
+> Please include a summary of the change and which issue is fixed. Please also include
+  relevant motivation and context. List any dependencies that are required for this change.
+
+## Related issues
+
+- Source: <Issue link or Spec Link>
+- UAT: <UAT Link>
+- QA: <QA Task Link here>
+- Review app: <Link to Heroku>
+
+## Checklists
+
+### Development
+
+- [ ] The commit message follows our [guidelines](https://docs.hubstaff.com/hubstaff-docs/latest/great_commit_messages.html)
+- [ ] I have performed a self-review of my own code
+- [ ] I have thoroughly tested the changes
+- [ ] I have added tests that prove my fix is effective or that my feature works
+
+### Security
+
+- [ ] Security impact of change has been considered

data/.github/PULL_REQUEST_TEMPLATE.txt

@@ -0,0 +1,25 @@
+## Change description
+
+> Please include a summary of the change and which issue is fixed. Please also include
+  relevant motivation and context. List any dependencies that are required for this change.
+
+## Related issues
+
+- Source: <Issue link or Spec Link>
+- UAT: <UAT Link>
+- QA: <QA Task Link here>
+- Review app: <Link to Heroku>
+
+## Checklists
+
+### Development
+
+- [ ] The commit message follows our guidelines
+- [ ] I have performed a self-review of my own code
+- [ ] I have thoroughly tested the changes
+- [ ] I have added tests that prove my fix is effective or that my feature works
+
+### Security
+
+- [ ] Security impact of change has been considered
+

data/.rubocop.yml

@@ -1,6 +1,9 @@
 inherit_gem:
   netsoft-rubocop:
-    - default.yml
+    - config/default.yml
+
+AllCops:
+  TargetRubyVersion: 2.4
 
 Style/SignalException:
   Exclude:
@@ -10,6 +13,19 @@ Style/IfUnlessModifier:
   Exclude:
     - Dangerfile
 
+Style/SoleNestedConditional:
+  Exclude:
+    - Dangerfile
+
 Layout/EmptyLineAfterGuardClause:
   Exclude:
-    - Dangerfile
+    - Dangerfile
+
+Layout/LineLength:
+  Exclude:
+    - Dangerfile
+
+Performance/StringInclude:
+  Exclude:
+    - Dangerfile
+

data/CHANGELOG.md

@@ -9,6 +9,27 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 ### Fixed
 
+## [0.4.4]
+### Changed
+- stop pushing to private gem server
+
+## [0.4.3]
+### Added
+- add brakeman artifact extraction
+### Changed
+- updated netsoft-rubocop and rubocop config
+- remove old commit message style from checks
+- update PR template
+
+## [0.4.2]
+### Fixed
+- restrict simplecov version
+
+## [0.4.1]
+### Changed
+- exclude binary files in the grep calls
+- make PR base ~= master a hard error
+
 ## [0.4.0]
 ### Fixed
 - correct simplecov merge on newer simplecov release
@@ -39,4 +60,3 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - package.json checks
 ### Fixed
 - requie older version of faraday until octokit is fixed (https://github.com/octokit/octokit.rb/pull/1154)
-

data/Dangerfile

@@ -14,11 +14,11 @@ end
 
 # Don't let testing shortcuts get into master by accident
 if Dir.exist?('spec')
-  fail('fdescribe left in tests') if `grep -r -e '\\bfdescribe\\b' spec/ |grep -v 'danger ok' `.length > 1
-  fail('fcontext left in tests') if `grep -r -e '\\bfcontext\\b' spec/ |grep -v 'danger ok' `.length > 1
-  fail('fit left in tests') if `grep -r -e '\\bfit\\b' spec/ | grep -v 'danger ok' `.length > 1
-  fail('ap left in tests') if `grep -r -e '\\bap\\b' spec/ | grep -v 'danger ok' `.length > 1
-  fail('puts left in tests') if `grep -r -e '\\bputs\\b' spec/ | grep -v 'danger ok' `.length > 1
+  fail('fdescribe left in tests') if `grep -r -I -e '\\bfdescribe\\b' spec/ |grep -v 'danger ok' `.length > 1
+  fail('fcontext left in tests') if `grep -r -I -e '\\bfcontext\\b' spec/ |grep -v 'danger ok' `.length > 1
+  fail('fit left in tests') if `grep -r -I -e '\\bfit\\b' spec/ | grep -v 'danger ok' `.length > 1
+  fail('ap left in tests') if `grep -r -I -e '\\bap\\b' spec/ | grep -v 'danger ok' `.length > 1
+  fail('puts left in tests') if `grep -r -I -e '\\bputs\\b' spec/ | grep -v 'danger ok' `.length > 1
 end
 
 if File.exist?('Gemfile')
@@ -43,16 +43,12 @@ git.commits.each do |c|
   short              = " ( #{c.sha[0..7]} )"
   has_migrations     = c.diff_parent.any? { |f| f.path =~ %r{db/migrate/} }
   has_schema_changes = c.diff_parent.any? { |f| f.path =~ %r{db/schema\.rb} }
-  old_migration_msg  = c.message.start_with?('[migration]')
-  has_migration_msg  = old_migration_msg || c.message.match?(/\Amigration(\([A-Za-z]+\))?:/)
+  has_migration_msg  = c.message.match?(/\Amigration(\([A-Za-z]+\))?:/)
   no_schema_ok       = ENV['DANGER_NO_SCHEMA_OK'] || false
   if has_migrations || has_schema_changes
     unless has_migration_msg
       fail 'migration: Schema migration commits needs to be tagged with (migration). e.g. migration(Module): ' + short
     end
-    if old_migration_msg
-      warn 'migration: Please switch to the new conventional commit format.'
-    end
     if has_migrations && !has_schema_changes && !no_schema_ok
       fail 'migration: Please checkin your schema.rb changes with your migration' + short
     end
@@ -76,15 +72,11 @@ git.commits.each do |c|
   end
 
   has_gemfile_changes = c.diff_parent.any? { |f| f.path =~ /Gemfile|gemspec/ }
-  old_gemfile_msg     = c.message.start_with?('[gemfile]')
-  has_gemfile_msg     = old_gemfile_msg || c.message.match?(/\Agemfile(\([A-Za-z]+\))?:/)
+  has_gemfile_msg     = c.message.match?(/\Agemfile(\([A-Za-z]+\))?:/)
   if has_gemfile_changes
     unless has_gemfile_msg
       fail 'gemfile: Gemfile commits needs to be tagged with (gemfile). e.g. gemfile(Module): ' + short
     end
-    if old_migration_msg
-      warn 'gemfile: Please switch to the new conventional commit format.'
-    end
     if c.diff_parent.any? { |f| f.path !~ /Gemfile|gemspec/ }
       fail 'gemfile: Gemfile commit contains non-gemfile changes' + short
     end
@@ -98,15 +90,11 @@ git.commits.each do |c|
   end
 
   has_package_changes = c.diff_parent.any? { |f| f.path =~ /package\.json|yarn\.lock/ }
-  old_package_msg     = c.message.start_with?('[package.json]')
-  has_package_msg     = old_package_msg || c.message.match?(/\Apackage(\([A-Za-z]+\))?:/)
+  has_package_msg     = c.message.match?(/\Apackage(\([A-Za-z]+\))?:/)
   if has_package_changes
     unless has_package_msg
       fail 'package: Package.json commits needs to be tagged with package. e.g package(Module): ' + short
     end
-    if old_package_msg
-      warn 'package: Please switch to the new conventional commit format.'
-    end
     if c.diff_parent.any? { |f| f.path !~ /package\.json|yarn\.lock/ }
       fail 'package: Package.json commit contains non-package changes' + short
     end
@@ -127,6 +115,7 @@ if ENV['CIRCLE_TOKEN']
   coverage    = artifacts.find { |artifact| artifact.end_with?('coverage/index.html') }
   rubocop     = artifacts.find { |artifact| artifact.end_with?('rubocop/report.html') }
   eslint      = artifacts.find { |artifact| artifact.end_with?('eslint/report.html') }
+  brakeman    = artifacts.find { |artifact| artifact.end_with?('brakeman/report.html') }
   rspec_files = artifacts.select { |artifact| artifact =~ /rspec-(.+)\.html$/ }
 
   {}.tap do |hash|
@@ -135,6 +124,7 @@ if ENV['CIRCLE_TOKEN']
     hash['RuboCop inspection report'] = rubocop if rubocop
     hash['ESLint inspection report']  = eslint if eslint
     hash['Jest coverage report']      = jest if jest
+    hash['Brakeman issues report']    = brakeman if brakeman
   end.each do |msg, links|
     links = [*links]
     if links.size == 1

data/bin/netsoft-circle

@@ -34,7 +34,9 @@ class NetsoftCircle < Thor # :nodoc:
   end
 
   desc 'merge', 'Merges several simplecov json result files'
-  option :output, type: :string, aliases: '-o', desc: 'Specify an alternate output directory for the produced coverage data'
+  option :output, type: :string, aliases: '-o',
+         desc:          'Specify an alternate output directory for the produced coverage data'
+
   def merge(*files)
     require 'simplecov'
     return if files.empty?
@@ -81,6 +83,15 @@ class NetsoftCircle < Thor # :nodoc:
     exit(1) unless $CHILD_STATUS.success?
   end
 
+  desc 'brakeman', 'Run brakeman'
+  def brakeman
+    system <<~COMMAND
+      bundle _${BUNDLE_VERSION}_ exec brakeman \
+        -o $CIRCLE_ARTIFACTS/brakeman/report.html
+    COMMAND
+    exit(1) unless $CHILD_STATUS.success?
+  end
+
   def self.exit_on_failure?
     true
   end

data/dangerfiles/pr.js

@@ -28,7 +28,7 @@ if (!labels.includes('QA passed')) {
 }
 
 if (!danger.github.pr.base.ref.includes('master')) {
-  warn("PR base is not set to master!");
+  fail("PR base is not set to master!");
 }
 
 // Warn when there is a big PR

data/lib/netsoft-danger/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module NetsoftDanger
-  VERSION = '0.4.0'
+  VERSION = '0.4.4'
 end

data/netsoft-danger.gemspec

@@ -16,15 +16,14 @@ Gem::Specification.new do |s|
   s.files         = `git ls-files`.split("\n")
   s.require_paths = ['lib']
 
+  s.required_ruby_version = '>= 2.4'
+
   s.add_runtime_dependency 'danger', '~> 5.0'
   s.add_runtime_dependency 'faraday'
+  s.add_runtime_dependency 'simplecov', '~> 0.20.0'
   s.add_runtime_dependency 'thor'
 
   s.add_development_dependency 'rake'
 
-  s.add_development_dependency 'netsoft-rubocop', '= 1.0.1'
-  s.add_development_dependency 'rubocop', '= 0.74.0'
-  s.add_development_dependency 'rubocop-performance', '= 1.5.2'
-  s.add_development_dependency 'rubocop-rails', '= 2.4.2'
-  s.add_development_dependency 'rubocop-rspec', '= 1.38.1'
+  s.add_development_dependency 'netsoft-rubocop', '= 1.1.2'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: netsoft-danger
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.4.4
 platform: ruby
 authors:
 - urkle
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-18 00:00:00.000000000 Z
+date: 2021-09-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: danger
@@ -39,27 +39,27 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: thor
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.20.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.20.0
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: thor
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  type: :development
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -67,75 +67,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: netsoft-rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.0.1
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.0.1
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.74.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.74.0
-- !ruby/object:Gem::Dependency
-  name: rubocop-performance
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.5.2
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.5.2
-- !ruby/object:Gem::Dependency
-  name: rubocop-rails
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.2
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.2
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rspec
+  name: netsoft-rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.38.1
+        version: 1.1.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.38.1
+        version: 1.1.2
 description: Packages a Dangerfile to be used with Danger.
 email: []
 executables:
@@ -144,6 +102,8 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".circleci/config.yml"
+- ".github/PULL_REQUEST_TEMPLATE.md"
+- ".github/PULL_REQUEST_TEMPLATE.txt"
 - ".gitignore"
 - ".rubocop.yml"
 - CHANGELOG.md
@@ -172,15 +132,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.7
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Danger.systems conventions for Netsoft projects.