pronto 0.11.2 → 0.11.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc92d09f9dae20d0ddfb42faca81ab52258623f2014a5c0a736466f443996b00
-  data.tar.gz: 1d1c524e047a717e33d11f993d3e6fa6fc5b4103e9b75b1ae8c1275d7404394b
+  metadata.gz: c3bbbe22cb922619189ce37661c76be91e362d75bbbffb913cb494d6c3140903
+  data.tar.gz: 49fc04be6c7af5d7912b32304204b441c434101f91da691019d288330dc2be14
 SHA512:
-  metadata.gz: 73d534c7929826919482802d0630f73a566e4525a2ffef4fe3a8f9ff1acce051b7dfbe77a01835ba483e6a5d977ddb39b18f455b832773e6e3e32ac9358b9f5a
-  data.tar.gz: 7c9f9c8ecaa21d3d1860c9da8ddebcfcf61d88deff3717b599c3fd65a0623c33ec76f99f34bd773f0f5d3832129295531c8d7e10ccb205b4714f809a6fc906d8
+  metadata.gz: 02dd78392d6285a7eb16789d1e6ec0e1724a6646ea11ea8514f4fade5720ad041f45db1ab7a79eb298a98ada17ce25b9d8e2b620a01ad4523872ffa346936cba
+  data.tar.gz: 335eea939fc59917c3abc7a8aa76aee864a8869e5da3cf28035bf8226ce0b67e1e02f1b8ae4e0323fdd3915877985c8276899ce69a52d84ced7c92cf06c0c858

data/.github/dependabot.yml

@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'weekly'

data/.github/workflows/pronto.yml

@@ -6,9 +6,9 @@ on:
 
 jobs:
   pronto:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - name: Set up Ruby

data/.github/workflows/push_gem.yml

@@ -0,0 +1,32 @@
+name: Publish gem to rubygems.org
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+permissions:
+  contents: read
+
+jobs:
+  push:
+    if: github.repository == 'prontolabs/pronto'
+    runs-on: ubuntu-24.04
+
+    permissions:
+      contents: write
+      id-token: write
+
+    steps:
+      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - uses: ruby/setup-ruby@4a9ddd6f338a97768b8006bf671dfbad383215f4 # v1.207.0
+        with:
+          bundler-cache: true
+          ruby-version: '3.4'
+
+      - uses: rubygems/release-gem@1c162a739e8b4cb21a676e97b087e8268d8fc40b # v1.1.2

data/.github/workflows/specs.yml

@@ -8,34 +8,21 @@ on:
 
 jobs:
   test:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-24.04
     strategy:
       matrix:
-        ruby-version:
-          - "2.3"
-          - "2.4"
-          - "2.5"
-          - "2.6"
-          - "2.7"
-          - "3.0"
-          - "3.1"
-          - "3.2"
+        ruby: ['2.3', '2.4', '2.5', '2.6', '2.7', '3.0', '3.1', '3.2', '3.3', '3.4']
         exclude:
-          - ruby-version: "2.3" # Rugged uses the wrong openssl version on CI and segfaults (similar to https://github.com/libgit2/rugged/issues/718)
+          - ruby: "2.3" # Rugged uses the wrong openssl version on CI and segfaults (similar to https://github.com/libgit2/rugged/issues/718)
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v6
       - name: Use specific gitlab gem version (if required)
-        if: matrix.ruby-version == '2.4'
+        if: matrix.ruby == '2.4'
         run: echo "gem 'gitlab', '< 4.14.1'" >> Gemfile.local
       - name: Set up Ruby
         uses: ruby/setup-ruby@v1
         with:
-          ruby-version: ${{ matrix.ruby-version }}
+          ruby-version: ${{ matrix.ruby }}
           bundler-cache: true
-      - name: Test & publish code coverage
-        uses: paambaati/codeclimate-action@7bcf9e73c0ee77d178e72c0ec69f1a99c1afc1f3 # v2.7.5
-        env:
-          CC_TEST_REPORTER_ID: 3d676246ffa66d3fdef6253a9870431b1a2da04e9ecb25486c08a38823c37b6a
-          COVERAGE: true
-        with:
-          coverageCommand: bundle exec rspec
+      - name: Test
+        run: bundle exec rspec

data/CHANGELOG.md

@@ -1,5 +1,30 @@
 # Changelog
 
+## Unreleased
+
+## 0.11.5
+
+### Changes
+
+* [#481](https://github.com/prontolabs/pronto/pull/481) add "ostruct" as dependency for Ruby 4.0 compatibility
+* [#493](https://github.com/prontolabs/pronto/pull/493) docs: document setting an alternate default branch
+
+## 0.11.4
+
+### Changes
+
+* [#477](https://github.com/prontolabs/pronto/pull/477) fix uninitialized constant error with BitBucket integration
+* [#479](https://github.com/prontolabs/pronto/pull/479) relax octokit dependency to allow 10.x releases
+
+## 0.11.3
+
+### Changes
+
+* [#455](https://github.com/prontolabs/pronto/pull/455) compatibility fixes for supporting octokit 8.x
+* [#460](https://github.com/prontolabs/pronto/pull/460) improve documentation for Gitlab CI integration
+* [#462](https://github.com/prontolabs/pronto/pull/462) more doc improvements for Gitlab CI integration
+* [#466](https://github.com/prontolabs/pronto/pull/466) relax octokit dependency to allow 9.x releases
+
 ## 0.11.2
 
 ### Changes

data/README.md

@@ -1,10 +1,7 @@
 # Pronto
 
-[![Build Status](https://secure.travis-ci.org/prontolabs/pronto.svg)](http://travis-ci.org/prontolabs/pronto)
-[![Coverage Status](https://img.shields.io/codeclimate/coverage/prontolabs/pronto.svg)](https://codeclimate.com/github/prontolabs/pronto)
-[![Code Climate](https://codeclimate.com/github/prontolabs/pronto.svg)](https://codeclimate.com/github/prontolabs/pronto)
 [![Gem Version](https://badge.fury.io/rb/pronto.svg)](http://badge.fury.io/rb/pronto)
-[![Inline docs](http://inch-ci.org/github/prontolabs/pronto.svg)](http://inch-ci.org/github/prontolabs/pronto)
+[![Build Status](https://github.com/prontolabs/pronto/actions/workflows/specs.yml/badge.svg)](https://github.com/prontolabs/pronto/actions/workflows/specs.yml)
 
 **Pronto** runs analysis quickly by checking only the relevant changes. Created to
 be used on [GitHub pull requests](#github-integration), but also works [locally](#local-changes) and integrates with [GitLab](#gitlab-integration) and [Bitbucket](#bitbucket-integration).
@@ -13,7 +10,7 @@ to your [styleguide](https://github.com/prontolabs/pronto-rubocop), [are DRY](ht
 
 ![Pronto demo](pronto.gif "")
 
-_This README might be ahead of the latest release. Find the README for v0.9.2 [here](https://github.com/prontolabs/pronto/blob/v0.9.2/README.md)._
+_This README might be ahead of the latest release. Find the README for v0.11.5 [here](https://github.com/prontolabs/pronto/blob/v0.11.5/README.md)._
 
 * [Installation](#installation)
 * [Usage](#usage)
@@ -55,6 +52,9 @@ gem 'pronto-flay', require: false
 
 Pronto runs the checks on a diff between the current HEAD and the provided commit-ish (default is master).
 
+> [!NOTE]
+> If the default branch is NOT `master`, invoke `pronto run -c=<branch>` OR set the `default_commit` config value.
+
 ### Local Changes
 
 Navigate to the repository you want to run Pronto on, and:
@@ -226,17 +226,26 @@ On GitLabCI, make sure to run Pronto in a [merge request pipeline](https://docs.
 
 ```yml
 lint:
-  image: ruby
+  image: ruby:3.3.0 # change to your app's ruby version
   variables:
-    PRONTO_GITLAB_API_ENDPOINT: "https://gitlab.com/api/v4"
-    PRONTO_GITLAB_API_PRIVATE_TOKEN: token
+    PRONTO_GITLAB_API_ENDPOINT: "$CI_API_V4_URL" # this already contains the correct url for your GitLab instance
+    PRONTO_GITLAB_API_PRIVATE_TOKEN: $ACCESS_TOKEN # configure as a variable in Gitlab CI settings; you might use a "Project Access Token" with api scope instead of your private one
+
+    # Without this variable, GitLab only fetches with git depth set to a fixed amount (by default 20 on newer projects, 50 on older ones).
+    # This would make pronto fail with the errror "revspec 'origin/{target_branch}", because it would not know of the target Branch.
+    # It would also make pronto unable to compare changes with more than that amount of commits. E.g. running on 25 new commits would just return all problems, instead of only the ones in your changes.
+    GIT_DEPTH: 0
   only:
     - merge_requests
   script:
+    - apt-get update && apt-get install -y cmake # Install cmake required for rugged gem (Pronto depends on it)
     - bundle install
+    # Run pronto on branch of current merge request, comparing to the merge requests target branch
     - bundle exec pronto run -f gitlab_mr -c origin/$CI_MERGE_REQUEST_TARGET_BRANCH_NAME
 ```
 
+
+
 ### Bitbucket Integration
 
 You can run Pronto as a step of your CI builds and get the results as comments
@@ -280,6 +289,7 @@ all:
 eslint:
   exclude:
     - 'app/assets/**/*'
+default_commit: 'main' # set this if your repo differs from master
 github:
   slug: prontolabs/pronto
   access_token: B26354
@@ -313,6 +323,7 @@ will always take precedence over values in configuration file.
 | `skip_runners`        | All, except listed runners will be executed. Runs everything if option is skipped.   |
 | `verbose`             | Outputs more information when set to `true`.                                         |
 | `warnings_per_review` | Limits the amount of warnings per review. Returns all warnings if option is skipped. |
+| `default_commit`      | Commit-ish `pronto run` will execute runners against.                                |
 
 ### Message format
 
@@ -433,6 +444,7 @@ Articles to help you to get started:
 * [Make Code Reviews A Little Bit Better With Automation](https://medium.com/jimmy-farrell/make-codes-reviews-a-little-bit-better-with-automation-35640df08a62)
 * [Stop shipping untested Ruby code with undercover](https://medium.com/futuredev/stop-shipping-untested-ruby-code-with-undercover-1edc963be4a6)
 * [Automatic code review with Pronto and GitHub Actions](https://everydayrails.com/2021/05/29/pronto-github-actions-code-quality.html)
+* [Integrate Pronto with Gitlab CI for Rails App](https://prabinpoudel.com.np/articles/integrate-pronto-with-gitlab-ci-for-rails-app/)
 
 Make a Pull Request to add something you wrote or found useful.
 
@@ -442,4 +454,4 @@ Make a Pull Request to add something you wrote or found useful.
 
 ## Copyright
 
-Copyright (c) 2013-2018 Mindaugas Mozūras. See [LICENSE](LICENSE) for further details.
+Copyright (c) 2013-2025 Mindaugas Mozūras. See [LICENSE](LICENSE) for further details.

data/lib/pronto/clients/bitbucket_client.rb

@@ -1,3 +1,7 @@
+# frozen_string_literal: true
+
+require 'ostruct'
+
 class BitbucketClient
   include HTTParty
   base_uri 'https://api.bitbucket.org/2.0/repositories'

data/lib/pronto/clients/bitbucket_server_client.rb

@@ -1,3 +1,7 @@
+# frozen_string_literal: true
+
+require 'ostruct'
+
 class BitbucketServerClient
   include HTTParty
 

data/lib/pronto/formatter/github_pull_request_formatter.rb

@@ -13,9 +13,8 @@ module Pronto
         'GitHub'
       end
 
-      def line_number(message, patches)
-        line = patches.find_line(message.full_path, message.line.new_lineno)
-        line.position
+      def line_number(message, _)
+        message.line&.new_lineno
       end
     end
   end

data/lib/pronto/formatter/github_pull_request_review_formatter.rb

@@ -19,9 +19,8 @@ module Pronto
         $stderr.puts "Failed to post: #{e.message}"
       end
 
-      def line_number(message, patches)
-        line = patches.find_line(message.full_path, message.line.new_lineno)
-        line.position
+      def line_number(message, _)
+        message.line&.new_lineno
       end
     end
   end

data/lib/pronto/github.rb

@@ -10,8 +10,9 @@ module Pronto
     def pull_comments(sha)
       @comment_cache["#{pull_id}/#{sha}"] ||= begin
         client.pull_comments(slug, pull_id).map do |comment|
-          Comment.new(sha, comment.body, comment.path,
-                      comment.position || comment.original_position)
+          Comment.new(
+            sha, comment.body, comment.path, comment.line || comment.original_line
+          )
         end
       end
     rescue Octokit::NotFound => e
@@ -23,7 +24,7 @@ module Pronto
     def commit_comments(sha)
       @comment_cache[sha.to_s] ||= begin
         client.commit_comments(slug, sha).map do |comment|
-          Comment.new(sha, comment.body, comment.path, comment.position)
+          Comment.new(sha, comment.body, comment.path, comment.line)
         end
       end
     end
@@ -37,9 +38,13 @@ module Pronto
     def create_pull_comment(comment)
       if comment.path && comment.position
         @config.logger.log("Creating pull request comment on #{pull_id}")
-        client.create_pull_comment(slug, pull_id, comment.body,
-                                   pull_sha || comment.sha,
-                                   comment.path, comment.position)
+        client.create_pull_comment(
+          # Depending on the Octokit version the 6th argument can be either postion or line. We'll
+          # provide the `line` as this argument and also provide the line in the options argument.
+          # The API uses `line` and ignores position when `line` is provided.
+          slug, pull_id, comment.body, pull_sha || comment.sha,
+          comment.path, comment.position, { line: comment.position }
+        )
       else
         create_commit_comment(comment)
       end
@@ -66,12 +71,11 @@ module Pronto
     def create_pull_request_review(comments)
       options = {
         event: @config.github_review_type,
-        accept: 'application/vnd.github.v3.diff+json', # https://developer.github.com/v3/pulls/reviews/#create-a-pull-request-review
         comments: comments.map do |comment|
           {
-            path:     comment.path,
-            position: comment.position,
-            body:     comment.body
+            path: comment.path,
+            line: comment.position,
+            body: comment.body
           }
         end
       }

data/lib/pronto/version.rb

@@ -1,6 +1,6 @@
 module Pronto
   module Version
-    STRING = '0.11.2'.freeze
+    STRING = '0.11.5'.freeze
 
     MSG = '%s (running on %s %s %s)'.freeze
 

data/pronto.gemspec

@@ -21,7 +21,6 @@ Gem::Specification.new do |s|
 
   s.licenses = ['MIT']
   s.required_ruby_version = '>= 2.3.0'
-  s.rubygems_version = '1.8.23'
 
   s.files = `git ls-files`.split($RS).reject do |file|
     file =~ %r{^(?:
@@ -42,11 +41,13 @@ Gem::Specification.new do |s|
 
   s.add_runtime_dependency('gitlab', '>= 4.4.0', '< 5.0')
   s.add_runtime_dependency('httparty', '>= 0.13.7', '< 1.0')
-  s.add_runtime_dependency('octokit', '>= 4.7.0', '< 8.0')
+  s.add_runtime_dependency('octokit', '>= 4.7.0', '< 11.0')
+  s.add_runtime_dependency('ostruct')
   s.add_runtime_dependency('rainbow', '>= 2.2', '< 4.0')
   s.add_runtime_dependency('rexml', '>= 3.2.5', '< 4.0')
   s.add_runtime_dependency('rugged', '>= 0.23.0', '< 2.0')
   s.add_runtime_dependency('thor', '>= 0.20.3', '< 2.0')
+  s.add_development_dependency('base64', '~> 0.1.2')
   s.add_development_dependency('bundler', '>= 1.15')
   s.add_development_dependency('pronto-rubocop', '~> 0.10.0')
   s.add_development_dependency('rake', '~> 12.0')

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: pronto
 version: !ruby/object:Gem::Version
-  version: 0.11.2
+  version: 0.11.5
 platform: ruby
 authors:
 - Mindaugas Mozūras
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-30 00:00:00.000000000 Z
+date: 2025-12-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gitlab
@@ -59,7 +58,7 @@ dependencies:
         version: 4.7.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.0'
+        version: '11.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -69,7 +68,21 @@ dependencies:
         version: 4.7.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.0'
+        version: '11.0'
+- !ruby/object:Gem::Dependency
+  name: ostruct
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rainbow
   requirement: !ruby/object:Gem::Requirement
@@ -150,6 +163,20 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: base64
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.2
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -324,7 +351,9 @@ extra_rdoc_files:
 - README.md
 files:
 - ".github/CODEOWNERS"
+- ".github/dependabot.yml"
 - ".github/workflows/pronto.yml"
+- ".github/workflows/push_gem.yml"
 - ".github/workflows/specs.yml"
 - CHANGELOG.md
 - CONTRIBUTING.md
@@ -386,7 +415,6 @@ homepage: https://github.com/prontolabs/pronto
 licenses:
 - MIT
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -401,8 +429,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.15
-signing_key:
+rubygems_version: 3.6.2
 specification_version: 4
 summary: Pronto runs analysis by checking only the introduced changes
 test_files: []