RubyGems - packwerk - Versions diffs - 3.0.0 → 3.0.1 - Mend

packwerk 3.0.0 → 3.0.1

Files changed (11) hide show

checksums.yaml +4 -4
data/Gemfile.lock +2 -2
data/RESOLVING_VIOLATIONS.md +3 -8
data/TROUBLESHOOT.md +2 -3
data/UPGRADING.md +12 -0
data/USAGE.md +5 -13
data/exe/packwerk +4 -1
data/lib/packwerk/package_todo.rb +4 -11
data/lib/packwerk/spring_command.rb +0 -2
data/lib/packwerk/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11206a06e6ac99c1fb8ef4cdefbe334133317d0599fce6480d4dfe10f694c747
-  data.tar.gz: 606778530b8a872d331e5f331b9c6e14cb37ff6e0a5e13247bb0aebe1ca9e0cc
+  metadata.gz: 9af43a5e2d624ca5d6b38bfa3c9e65d1d12b1b9cc148a153563ebd55d3b6c82a
+  data.tar.gz: 6dee0dac16640632fb272c72ebe024a36c6a85ba23748b2ab5886279cccd863c
 SHA512:
-  metadata.gz: 66166a9c683483fda99341adc79c807c40f8190c349c8650b8646810e06d11f9b4728e2e938ef0abf640967d0764d78b66e956aba3bdaef830c4a15253711542
-  data.tar.gz: c1cce5df16246f1561cd0954abca4685e21adcaf52d3f6d164acd776f9466a0ad276a65b9a2f5cc9e358b058fcdc2cef265c2b3948043f9f3e35b1d4798ec5e9
+  metadata.gz: 197f933a60a46aba470ee66a2c04bbabcf1ff3c3386665551dbb7b8241b9357d73e7576de7edd7c322249b8d45cfc0b282616e0f9a5a665d4560964632a66806
+  data.tar.gz: ec903a206f47df277d6187afc5c17a9cfa1591446afb249f2ba62171f7c56ba8687ce403041db451eb8ea0dba842feb26cc7c32e9ff600b93e60e49eafb4584f

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    packwerk (3.0.0)
+    packwerk (3.0.1)
       activesupport (>= 6.0)
       ast
       better_html
@@ -198,4 +198,4 @@ DEPENDENCIES
   zeitwerk
 BUNDLED WITH
-   2.4.7
+   2.4.8

data/RESOLVING_VIOLATIONS.md CHANGED Viewed

@@ -3,7 +3,7 @@
 Violations can be [recorded as a deprecation](#recording-violations) or (better!) [eliminated](#eliminating-violations).
 ## Recording Violations
-💡 New privacy and dependency violations are never hard-blocked. There are many very valid reasons to run `bin/packwerk update-todo`, adding new violations to `package_todo.yml` files. Even if you feel your reason might not be "valid," if your judgement says adding the violation and shipping your change will produce positive impact, trust your gut.
+💡 New dependency violations are never hard-blocked. There are many very valid reasons to run `bin/packwerk update-todo`, adding new violations to `package_todo.yml` files. Even if you feel your reason might not be "valid," if your judgement says adding the violation and shipping your change will produce positive impact, trust your gut.
 ### Emergency Fixes
 ❔ Is it a revert or is there a lot of urgency because you are fixing a production bug impacting customers?
@@ -31,7 +31,7 @@ Violations can be [recorded as a deprecation](#recording-violations) or (better!
 ➡️ Stay strong. Eliminate the violation. It is important to build a sustainable business that optimizes for the long-term. Look for advocates such as from mentors or within your team who can help you justify improving system design.
 ## Eliminating Violations
-💡 Dependency and privacy violations are Packwerk's signal that what we've stated about the desired system design (what
+💡 Dependency violations are Packwerk's signal that what we've stated about the desired system design (what
 packages exist and what lives in them, the dependencies in a package.yml, and the public interface in the package's public folder) doesn't match the reality of our system.
 If what we've stated about our system design doesn't feel right, then the violations won't make sense either! Make sure to think through system design before addressing a violation.
@@ -40,12 +40,7 @@ If what we've stated about our system design doesn't feel right, then the violat
 If not, find a better place for it to live.
-Otherwise, follow the guide for eliminating [Privacy Violations](#privacy-violations) or [Dependency Violations](#dependency-violations).
-### Privacy Violations
-💡  Packwerk thinks something is a privacy violation if you're referencing a constant, class, or module defined in the private implementation (i.e. not the public folder) of another package. We care about these because we want to make sure we only use parts of a package that have been exposed as public API.
-An explicit and implementation-hiding public API is a cornerstone of well-modularized code.
+Otherwise, follow the guide for eliminating [Dependency Violations](#dependency-violations).
 #### Use Existing Public Interface
 ❔ Does the package you're using expose public API in its public folder that supports your use case?

data/TROUBLESHOOT.md CHANGED Viewed

@@ -14,9 +14,8 @@ You can specify folders or packages in Packwerk commands for a shorter run time:
      bin/packwerk check components/your_package
-     bin/packwerk update-todo components/your_package
-_Note: You cannot specify folders or packages for `bin/packwerk validate` because the command runs for the entire application._
+_Note: You cannot specify folders or packages for `bin/packwerk validate` and `bin/packwerk update-todo` because the
+command runs for the entire application._
 ![](static/packwerk_check_violation.gif)

data/UPGRADING.md CHANGED Viewed

@@ -1,3 +1,15 @@
+# Upgrading from 2.x to 3.0
+In Packwerk 3.0, we've made two notable changes:
+## Renaming deprecated_references to package_todo
+The `update-deprecations` subcommand has been renamed to `update-todo`. Old `deprecated_references.yml` files will be automatically deleted and replaced with `package_todo.yml` files when you run `update-todo`. This behaviour has been in Packwerk [since 2.3.0](https://github.com/Shopify/packwerk/releases/tag/v2.3.0), and automatic deletion will be removed in the next release.
+### Removal of privacy checking
+Privacy checking via `enforce_privacy` has been removed. Developers are encouraged to focus on leveraging Packwerk for dependency checking. For those who still need privacy checks, please use [Gusto's extension gem](https://github.com/rubyatscale/packwerk-extensions).
 # Upgrading from 1.x to 2.0
 With Packwerk 2.0, we made a few changes to simplify the setup. Updating will require removing some previously necessary files and configuration.

data/USAGE.md CHANGED Viewed

@@ -144,7 +144,7 @@ Example:
 ## Types of boundary checks
-Packwerk ships with dependency boundary checking only. See [`packwerk-extensions`](https://github.com/rubyatscale/packwerk-extensions) to incorporate privacy checks into your use of `packwerk`.
+Packwerk ships with dependency boundary checking only. Other checking support may be added by extension gems.
 #### Enforcing dependency boundary
@@ -198,7 +198,7 @@ See: [TROUBLESHOOT.md - Sample violations](TROUBLESHOOT.md#Sample-violations)
 ### Understanding how to respond to new violations
-When you have a new dependency or privacy violation, what do you do?
+When you have a new dependency violation, what do you do?
 See: [RESOLVING_VIOLATIONS.md](RESOLVING_VIOLATIONS.md)
@@ -235,10 +235,10 @@ Above is an example of a constant violation entry in `package_todo.yml`.
 * `components/merchant` - package where the constant violation is found
 * `::Checkouts::Core::CheckoutId` - violated constant in question
-* `dependency` - type of violation, either dependency or privacy
+* `dependency` - type of violation, typically dependency
 * `components/merchant/app/public/merchant/generate_order.rb` - path to the file containing the violated constant
-Violations exist within the package that makes a violating reference. This means privacy violations of your package can be found listed in `package_todo.yml` files in the packages with the reference to a private constant.
+Violations exist within the package that makes a violating reference.
 # Loading Extensions
@@ -284,7 +284,7 @@ bin/packwerk check --offenses-formatter=my_offenses_formatter
 ### Custom Checkers
-Packwerk ships with a way to analyze dependencies and also supports custom checkers, such as the privacy checker listed below.
+Packwerk ships with a way to analyze dependencies and also supports custom checkers from extension gems.
 Custom checkers will allow references to constants to be analyzed in new ways, and for those invalid references to show up as violations in `package_todo.yml`.
@@ -327,14 +327,6 @@ require:
   - ./path/to/file.rb
 ```
-#### Privacy Checker
-[`packwerk-extensions`](https://github.com/rubyatscale/packwerk-extensions) (originally extracted from `packwerk`) can be used to help define and enforce public API boundaries of a package. See the README.md for more details. To use this, add it to your `Gemfile` and then require it via `packwerk.yml`:
-```yml
-require:
-  - packwerk-extensions
-```
 ### Custom Validators
 Similar to checkers, you can define your own validator to be executed when `bin/packwerk validate` is invoked. This can be used to support your custom checker (by specifying permitted keys) or to provide any other validations you want to impose on packages.

data/exe/packwerk CHANGED Viewed

@@ -1,7 +1,10 @@
 #!/usr/bin/env ruby
 # frozen_string_literal: true
-require "packwerk/disable_sorbet"
+unless defined?(Spring)
+  require "packwerk/disable_sorbet"
+end
 require "packwerk"
 # Needs to be run in test environment in order to have test helper paths available in the autoload paths

data/lib/packwerk/package_todo.rb CHANGED Viewed

@@ -91,19 +91,18 @@ module Packwerk
     sig { void }
     def dump
-      delete_old_deprecated_references
       if @new_entries.empty?
         delete_if_exists
       else
         prepare_entries_for_dump
         message = <<~MESSAGE
-          # This file contains a list of dependencies that are not part of the long term plan for #{@package.name}.
-          # We should generally work to reduce this list, but not at the expense of actually getting work done.
+          # This file contains a list of dependencies that are not part of the long term plan for the
+          # '#{@package.name}' package.
+          # We should generally work to reduce this list over time.
           #
           # You can regenerate this file using the following command:
           #
-          # bin/packwerk update-todo #{@package.name}
+          # bin/packwerk update-todo
         MESSAGE
         File.open(@filepath, "w") do |f|
           f.write(message)
@@ -119,12 +118,6 @@ module Packwerk
     private
-    sig { void }
-    def delete_old_deprecated_references
-      deprecated_references_filepath = File.join(File.dirname(@filepath), "deprecated_references.yml")
-      File.delete(deprecated_references_filepath) if File.exist?(deprecated_references_filepath)
-    end
     sig { returns(EntriesType) }
     def prepare_entries_for_dump
       @new_entries.each do |package_name, package_violations|

data/lib/packwerk/spring_command.rb CHANGED Viewed

@@ -33,5 +33,3 @@ module Packwerk
   Spring.register_command("packwerk", SpringCommand.new)
 end
-require "packwerk/disable_sorbet"

data/lib/packwerk/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # frozen_string_literal: true
 module Packwerk
-  VERSION = "3.0.0"
+  VERSION = "3.0.1"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: packwerk
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 3.0.1
 platform: ruby
 authors:
 - Shopify Inc.
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-03-01 00:00:00.000000000 Z
+date: 2023-03-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport