threat 1.0.2 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Dangerfile +31 -0
- data/README.md +120 -1
- data/lib/threat/plugins/confetti.rb +25 -0
- data/lib/threat/plugins/pr_title.rb +3 -2
- data/lib/threat/plugins/rspec.rb +31 -0
- data/lib/threat/plugins/rubocop.rb +34 -0
- data/lib/threat/plugins/todo.rb +15 -0
- data/lib/threat/version.rb +1 -1
- data/lib/threat.rb +6 -3
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1b9db22514eb00f2047d24ebd91d42c01961d8a07f255c37914cce95be8c2b1f
|
4
|
+
data.tar.gz: 648a280647ca63fdb052390847595afcb90d666056bbbfbc414e8942d146445e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e9e75a175bb4f59f126ed108c58929f89c432daa8662e5045dc5f0f64bdc3300ee4b1b967a6917bc417ddb79f8ff8ab736cf73c665788d27682f8e00b786060c
|
7
|
+
data.tar.gz: 263064eb0699013c4256c25be9146d45622d88c9f26001d1048dc6a1f2637e50cdafc0d44b4f13517de87e9f920ccfb6bcc2a4a01d90be8b01f2951a7fe9e27f
|
data/Dangerfile
CHANGED
@@ -2,4 +2,35 @@
|
|
2
2
|
|
3
3
|
require 'threat'
|
4
4
|
|
5
|
+
# This way we're autoloading all defined plugins for Danger to register
|
6
|
+
Threat.loader.eager_load_namespace(Threat::Plugins)
|
7
|
+
|
5
8
|
refresh_plugins
|
9
|
+
|
10
|
+
ENVIRONMENT_MAPPING = {
|
11
|
+
Danger::RequestSources::LocalOnly => 'local',
|
12
|
+
Danger::RequestSources::GitHub => 'github'
|
13
|
+
}.freeze
|
14
|
+
|
15
|
+
# This is a simple way to run a plugins only when the Dangerfile is executed in a specific environment
|
16
|
+
#
|
17
|
+
# P.S This method is added to the top-level scope of your Dangerfile
|
18
|
+
def on(environment_name)
|
19
|
+
return unless ENVIRONMENT_MAPPING[env.request_source.class] == environment_name.to_s
|
20
|
+
|
21
|
+
yield
|
22
|
+
end
|
23
|
+
|
24
|
+
# This is a simple way to run only a part of your Dangerfile
|
25
|
+
#
|
26
|
+
# P.S This method is added to the top-level scope of your Dangerfile
|
27
|
+
def workflow(workflow_name)
|
28
|
+
return if (current_workflow = ENV['DANGER_WORKFLOW']) &&
|
29
|
+
(workflow_name.to_s != current_workflow)
|
30
|
+
|
31
|
+
yield
|
32
|
+
end
|
33
|
+
|
34
|
+
def rake(*tasks)
|
35
|
+
system("bundle exec rake #{tasks.join(' ')}")
|
36
|
+
end
|
data/README.md
CHANGED
@@ -1 +1,120 @@
|
|
1
|
-
# Threat
|
1
|
+
# Threat
|
2
|
+
|
3
|
+
Collection of useful Danger plugins which intends to help you get up and running with Danger faster
|
4
|
+
|
5
|
+
Danger itself - https://danger.systems
|
6
|
+
|
7
|
+
## Usage
|
8
|
+
|
9
|
+
All you need to do to start using Threat is:
|
10
|
+
|
11
|
+
1. Add it to your Gemfile
|
12
|
+
|
13
|
+
```ruby
|
14
|
+
group :development, :test do
|
15
|
+
gem 'threat', require: false
|
16
|
+
end
|
17
|
+
```
|
18
|
+
|
19
|
+
2. Bundle
|
20
|
+
|
21
|
+
```sh
|
22
|
+
bundle install
|
23
|
+
```
|
24
|
+
|
25
|
+
3. Import it into your Dangerfile
|
26
|
+
|
27
|
+
```ruby
|
28
|
+
danger.import_dangerfile(gem: 'threat')
|
29
|
+
```
|
30
|
+
|
31
|
+
4. Create a GitHub workflow which will run your Dangerfile when the PR is opened/updated
|
32
|
+
|
33
|
+
```yaml
|
34
|
+
# .github/workflows/ci.yml
|
35
|
+
|
36
|
+
name: CI
|
37
|
+
|
38
|
+
on:
|
39
|
+
pull_request:
|
40
|
+
branches:
|
41
|
+
- master
|
42
|
+
|
43
|
+
concurrency:
|
44
|
+
group: ${{ github.workflow }}-${{ github.ref }}
|
45
|
+
cancel-in-progress: true
|
46
|
+
|
47
|
+
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
|
48
|
+
permissions:
|
49
|
+
actions: write
|
50
|
+
checks: write
|
51
|
+
contents: read
|
52
|
+
statuses: write
|
53
|
+
pull-requests: write
|
54
|
+
|
55
|
+
jobs:
|
56
|
+
danger:
|
57
|
+
runs-on: ubuntu-latest
|
58
|
+
steps:
|
59
|
+
- uses: actions/checkout@v4
|
60
|
+
with:
|
61
|
+
fetch-depth: 0
|
62
|
+
|
63
|
+
- name: Set up Ruby
|
64
|
+
uses: ruby/setup-ruby@v1
|
65
|
+
with:
|
66
|
+
ruby-version: 3.3.1
|
67
|
+
bundler-cache: true
|
68
|
+
|
69
|
+
- name: Run Danger
|
70
|
+
env:
|
71
|
+
DANGER_GITHUB_API_TOKEN: ${{ github.token }}
|
72
|
+
run: bundle exec danger
|
73
|
+
|
74
|
+
```
|
75
|
+
|
76
|
+
## Available plugins
|
77
|
+
|
78
|
+
1. PR Title
|
79
|
+
|
80
|
+
Validates that the Pull Request title is in correct format, containing JIRA ticket number and a meaningful short description. This works best when combined with "use pr title" + squash and merge strategy in GitHub
|
81
|
+
|
82
|
+
```ruby
|
83
|
+
# Dangerfile
|
84
|
+
|
85
|
+
danger.import_dangerfile(gem: 'threat')
|
86
|
+
|
87
|
+
pr_title.run!
|
88
|
+
```
|
89
|
+
|
90
|
+
2. TODO
|
91
|
+
|
92
|
+
Checks if there are TODOs in PR diff. Can be improved by adding logic that will check if TODO was introduced in the PR itself, in this case warning message could be rephrased
|
93
|
+
|
94
|
+
```ruby
|
95
|
+
# Dangerfile
|
96
|
+
|
97
|
+
danger.import_dangerfile(gem: 'threat')
|
98
|
+
|
99
|
+
todo.run!
|
100
|
+
```
|
101
|
+
|
102
|
+
3. Confetti 🎉
|
103
|
+
|
104
|
+
Just add the following line at the bottom of your Dangerfile to celebrate a good run!
|
105
|
+
|
106
|
+
```ruby
|
107
|
+
# Dangerfile
|
108
|
+
|
109
|
+
danger.import_dangerfile(gem: 'threat')
|
110
|
+
|
111
|
+
# The rest of your Dangerfile goes here...
|
112
|
+
|
113
|
+
confetti.run! unless failed?
|
114
|
+
```
|
115
|
+
|
116
|
+
P.S [Raycast](https://www.raycast.com/) and macOS is required (not a paid promotion) (sorry @dhh)
|
117
|
+
|
118
|
+
## Contributing
|
119
|
+
|
120
|
+
Yes, please 🥺
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# macOS and Raycast (https://www.raycast.com/) are required to celebrate a good run with confetti
|
4
|
+
#
|
5
|
+
# Usage:
|
6
|
+
#
|
7
|
+
# Dangerfile
|
8
|
+
#
|
9
|
+
# ```ruby
|
10
|
+
# danger.import_dangerfile(gem: 'threat')
|
11
|
+
#
|
12
|
+
# # The rest of your Dangerfile goes here...
|
13
|
+
#
|
14
|
+
# confetti.run! unless failed?
|
15
|
+
# ```
|
16
|
+
#
|
17
|
+
class Threat::Plugins::Confetti < Danger::Plugin
|
18
|
+
DEEPLINK = 'raycast://confetti'
|
19
|
+
|
20
|
+
def run!
|
21
|
+
return unless RUBY_PLATFORM =~ /darwin/
|
22
|
+
|
23
|
+
system("open #{DEEPLINK}", err: File::NULL)
|
24
|
+
end
|
25
|
+
end
|
@@ -17,8 +17,9 @@ class Threat::Plugins::PrTitle < Danger::Plugin
|
|
17
17
|
PR_TITLE_REGEX = /\[#{JIRA_TICKET_NUMBER_FORMAT}\] [A-Z|0-9].*\S/ # [KEY-123] An amazing feature
|
18
18
|
|
19
19
|
def run!
|
20
|
-
#
|
21
|
-
return unless
|
20
|
+
# This check is available for GitHub pull requests only
|
21
|
+
return unless env.request_source.instance_of?(Danger::RequestSources::GitHub) &&
|
22
|
+
env.pr?
|
22
23
|
|
23
24
|
failure('Invalid format of PR title') unless github.pr_title.strip.match?(PR_TITLE_REGEX)
|
24
25
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'English'
|
4
|
+
|
5
|
+
# This plugin runs RSpec and reports failing examples
|
6
|
+
#
|
7
|
+
# Usage:
|
8
|
+
#
|
9
|
+
# Dangerfile
|
10
|
+
#
|
11
|
+
# ```ruby
|
12
|
+
# danger.import_dangerfile(gem: 'threat')
|
13
|
+
#
|
14
|
+
# rspec.run!
|
15
|
+
# ```
|
16
|
+
#
|
17
|
+
class Threat::Plugins::Rspec < Danger::Plugin
|
18
|
+
FAILING_SPECS_LOG = 'tmp/failing_specs.log'
|
19
|
+
SEPARATOR = ':'
|
20
|
+
|
21
|
+
def run!
|
22
|
+
`bundle exec rspec -f failures --out #{FAILING_SPECS_LOG}`
|
23
|
+
return if $CHILD_STATUS.exitstatus.zero?
|
24
|
+
|
25
|
+
File.readlines(FAILING_SPECS_LOG).each do |line|
|
26
|
+
file_path, line_number, example = line.split(SEPARATOR)
|
27
|
+
|
28
|
+
failure("Example #{example.strip} failed at #{file_path.delete_prefix('./')}:#{line_number}")
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# This plugin runs Ribocop and warns about found violations
|
4
|
+
#
|
5
|
+
# Usage:
|
6
|
+
#
|
7
|
+
# Dangerfile
|
8
|
+
#
|
9
|
+
# ```ruby
|
10
|
+
# danger.import_dangerfile(gem: 'threat')
|
11
|
+
#
|
12
|
+
# rspec.run!
|
13
|
+
# ```
|
14
|
+
#
|
15
|
+
class Threat::Plugins::Rubocop < Danger::Plugin
|
16
|
+
def run!
|
17
|
+
files_to_lint = git.modified_files + git.added_files
|
18
|
+
|
19
|
+
result = `bundle exec rubocop --force-exclusion --format json #{files_to_lint.join(' ')}`
|
20
|
+
return if $CHILD_STATUS.exitstatus.zero?
|
21
|
+
|
22
|
+
json_result = JSON.parse(result)
|
23
|
+
|
24
|
+
json_result['files'].each do |file|
|
25
|
+
file_path = file['path']
|
26
|
+
|
27
|
+
file['offenses'].each do |offence|
|
28
|
+
line = offence.dig('location', 'line')
|
29
|
+
|
30
|
+
warn("Rubocop: #{offence['message']} at #{file_path}:#{line}")
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
data/lib/threat/plugins/todo.rb
CHANGED
@@ -1,5 +1,20 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
# This plugin searches for TODO comments in the codebase
|
4
|
+
#
|
5
|
+
# TODO: May be improved by posting different messages for cases when TODO was just introduced in current diff and when
|
6
|
+
# contributor just touched a file with existing TODO
|
7
|
+
#
|
8
|
+
# Usage:
|
9
|
+
#
|
10
|
+
# Dangerfile
|
11
|
+
#
|
12
|
+
# ```ruby
|
13
|
+
# danger.import_dangerfile(gem: 'threat')
|
14
|
+
#
|
15
|
+
# todo.run!
|
16
|
+
# ```
|
17
|
+
#
|
3
18
|
class Threat::Plugins::Todo < Danger::Plugin
|
4
19
|
SUPPORTED_COMMENTS = [
|
5
20
|
'#', # e.g Ruby/YAML/Dockerfile and so on
|
data/lib/threat/version.rb
CHANGED
data/lib/threat.rb
CHANGED
@@ -4,8 +4,11 @@ require 'zeitwerk'
|
|
4
4
|
require 'danger'
|
5
5
|
|
6
6
|
module Threat
|
7
|
+
module_function
|
8
|
+
|
9
|
+
def loader
|
10
|
+
@loader ||= Zeitwerk::Loader.for_gem
|
11
|
+
end
|
7
12
|
end
|
8
13
|
|
9
|
-
loader
|
10
|
-
loader.setup
|
11
|
-
loader.eager_load_namespace(Threat::Plugins) # This way we're autoloading all defined plugins for Danger to register
|
14
|
+
Threat.loader.setup
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: threat
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Egor Iskrenkov
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-06-
|
11
|
+
date: 2024-06-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: zeitwerk
|
@@ -48,7 +48,10 @@ files:
|
|
48
48
|
- Dangerfile
|
49
49
|
- README.md
|
50
50
|
- lib/threat.rb
|
51
|
+
- lib/threat/plugins/confetti.rb
|
51
52
|
- lib/threat/plugins/pr_title.rb
|
53
|
+
- lib/threat/plugins/rspec.rb
|
54
|
+
- lib/threat/plugins/rubocop.rb
|
52
55
|
- lib/threat/plugins/todo.rb
|
53
56
|
- lib/threat/version.rb
|
54
57
|
homepage: https://github.com/eiskrenkov/threat
|