threat 1.0.3 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: acf5d5350c0b8e527c2347910603a1079129f1451f9f8e540aff7dd8e291980a
-  data.tar.gz: dba33d9ebcd83085bc21d4d1909d359283bf282f040c9a8a839e7fb780b3afd7
+  metadata.gz: 336fc3bbb30c8e9701d462989aa9bcdd9d5eba680b95e39d95b07d030cb04acf
+  data.tar.gz: a7e6878b4251494be015c66bbbffaa910ee9d9c1d2155ba4068e5491e17b9e50
 SHA512:
-  metadata.gz: bbf4f9909099e32bf249c1d028856f530befa866cfb700afbb083c0d8f340686092207f03cc71aae0a40a3fe0b5c2bce64afa8c3ec159ff2ccdde66e7d757eac
-  data.tar.gz: 9da87b474d3c6fd24d0c066a847adc175c63ea70a52ee4ae5a0599c184e4cbb94703eb700401d7aaae472397d3ce14c464daffb2412d9778f3aea3702f42411d
+  metadata.gz: 4cd286f8ce2f0ba952ccc23c3824aacc863cfb7ac4b12aefb200b4e2389d3e857601a81301341f6950005c42b9ff16e24a2d58daca4d17e95906443e08337104
+  data.tar.gz: 7305af20c0f9aee1c0f444aca69a575a0ad7ac9fdc9da02ae352d96cc01488a08eccc1b8103c5260050193d0002bc058ff20e2588cdd94c77c6292045d00d1cf

data/Dangerfile

@@ -2,4 +2,35 @@
 
 require 'threat'
 
+# This way we're autoloading all defined plugins for Danger to register
+Threat.loader.eager_load_namespace(Threat::Plugins)
+
 refresh_plugins
+
+ENVIRONMENT_MAPPING = {
+  Danger::RequestSources::LocalOnly => 'local',
+  Danger::RequestSources::GitHub => 'github'
+}.freeze
+
+# This is a simple way to run a plugins only when the Dangerfile is executed in a specific environment
+#
+# P.S This method is added to the top-level scope of your Dangerfile
+def on(environment_name)
+  return unless ENVIRONMENT_MAPPING[env.request_source.class] == environment_name.to_s
+
+  yield
+end
+
+# This is a simple way to run only a part of your Dangerfile
+#
+# P.S This method is added to the top-level scope of your Dangerfile
+def workflow(workflow_name)
+  return if (current_workflow = ENV['DANGER_WORKFLOW']) &&
+            (workflow_name.to_s != current_workflow)
+
+  yield
+end
+
+def rake(*tasks)
+  system("bundle exec rake #{tasks.join(' ')}")
+end

data/README.md

@@ -1 +1,120 @@
-# Threat - Collection of useful Danger plugins
+# Threat
+
+Collection of useful Danger plugins which intends to help you get up and running with Danger faster
+
+Danger itself - https://danger.systems
+
+## Usage
+
+All you need to do to start using Threat is:
+
+1. Add it to your Gemfile
+
+```ruby
+group :development, :test do
+  gem 'threat', require: false
+end
+```
+
+2. Bundle
+
+```sh
+bundle install
+```
+
+3. Import it into your Dangerfile
+
+```ruby
+danger.import_dangerfile(gem: 'threat')
+```
+
+4. Create a GitHub workflow which will run your Dangerfile when the PR is opened/updated
+
+```yaml
+# .github/workflows/ci.yml
+
+name: CI
+
+on:
+  pull_request:
+    branches:
+      - master
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
+permissions:
+  actions: write
+  checks: write
+  contents: read
+  statuses: write
+  pull-requests: write
+
+jobs:
+  danger:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.3.1
+          bundler-cache: true
+
+      - name: Run Danger
+        env:
+          DANGER_GITHUB_API_TOKEN: ${{ github.token }}
+        run: bundle exec danger
+
+```
+
+## Available plugins
+
+1. PR Title
+
+Validates that the Pull Request title is in correct format, containing JIRA ticket number and a meaningful short description. This works best when combined with "use pr title" + squash and merge strategy in GitHub
+
+```ruby
+# Dangerfile
+
+danger.import_dangerfile(gem: 'threat')
+
+pr_title.run!
+```
+
+2. TODO
+
+Checks if there are TODOs in PR diff. Can be improved by adding logic that will check if TODO was introduced in the PR itself, in this case warning message could be rephrased
+
+```ruby
+# Dangerfile
+
+danger.import_dangerfile(gem: 'threat')
+
+todo.run!
+```
+
+3. Confetti 🎉
+
+Just add the following line at the bottom of your Dangerfile to celebrate a good run!
+
+```ruby
+# Dangerfile
+
+danger.import_dangerfile(gem: 'threat')
+
+# The rest of your Dangerfile goes here...
+
+confetti.run! unless failed?
+```
+
+P.S [Raycast](https://www.raycast.com/) and macOS is required (not a paid promotion) (sorry @dhh)
+
+## Contributing
+
+Yes, please 🥺

data/lib/threat/plugins/confetti.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+# macOS and Raycast (https://www.raycast.com/) are required to celebrate a good run with confetti
+#
+# Usage:
+#
+# Dangerfile
+#
+# ```ruby
+# danger.import_dangerfile(gem: 'threat')
+#
+# # The rest of your Dangerfile goes here...
+#
+# confetti.run! unless failed?
+# ```
+#
+class Threat::Plugins::Confetti < Danger::Plugin
+  DEEPLINK = 'raycast://confetti'
+
+  def run!
+    return unless RUBY_PLATFORM =~ /darwin/
+
+    system("open #{DEEPLINK}", err: File::NULL)
+  end
+end

data/lib/threat/plugins/plugin_set.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class Threat::Plugins::PluginSet < Danger::Plugin
+  def rails_lint
+    rubocop.run!
+    todo.run!
+  end
+end

data/lib/threat/plugins/pr_title.rb

@@ -17,8 +17,9 @@ class Threat::Plugins::PrTitle < Danger::Plugin
   PR_TITLE_REGEX = /\[#{JIRA_TICKET_NUMBER_FORMAT}\] [A-Z|0-9].*\S/ # [KEY-123] An amazing feature
 
   def run!
-    # This check is available for pull requests only
-    return unless env.pr?
+    # This check is available for GitHub pull requests only
+    return unless env.request_source.instance_of?(Danger::RequestSources::GitHub) &&
+                  env.pr?
 
     failure('Invalid format of PR title') unless github.pr_title.strip.match?(PR_TITLE_REGEX)
   end

data/lib/threat/plugins/rspec.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require 'English'
+
+# This plugin runs RSpec and reports failing examples
+#
+# Usage:
+#
+# Dangerfile
+#
+# ```ruby
+# danger.import_dangerfile(gem: 'threat')
+#
+# rspec.run!
+# ```
+#
+class Threat::Plugins::Rspec < Danger::Plugin
+  FAILING_SPECS_LOG = 'tmp/failing_specs.log'
+  SEPARATOR = ':'
+
+  def run!
+    `bundle exec rspec -f failures --out #{FAILING_SPECS_LOG}`
+    return if $CHILD_STATUS.exitstatus.zero?
+
+    File.readlines(FAILING_SPECS_LOG).each do |line|
+      file_path, line_number, example = line.split(SEPARATOR)
+
+      failure("Example #{example.strip} failed at #{file_path.delete_prefix('./')}:#{line_number}")
+    end
+  end
+end

data/lib/threat/plugins/rubocop.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+# This plugin runs Ribocop and warns about found violations
+#
+# Usage:
+#
+# Dangerfile
+#
+# ```ruby
+# danger.import_dangerfile(gem: 'threat')
+#
+# rspec.run!
+# ```
+#
+class Threat::Plugins::Rubocop < Danger::Plugin
+  def run!
+    files_to_lint = git.modified_files + git.added_files
+
+    result = `bundle exec rubocop --force-exclusion --format json #{files_to_lint.join(' ')}`
+    return if $CHILD_STATUS.exitstatus.zero?
+
+    json_result = JSON.parse(result)
+
+    json_result['files'].each do |file|
+      file_path = file['path']
+
+      file['offenses'].each do |offence|
+        line = offence.dig('location', 'line')
+
+        warn("Rubocop: #{offence['message']} at #{file_path}:#{line}")
+      end
+    end
+  end
+end

data/lib/threat/plugins/todo.rb

@@ -1,5 +1,20 @@
 # frozen_string_literal: true
 
+# This plugin searches for TODO comments in the codebase
+#
+# TODO: May be improved by posting different messages for cases when TODO was just introduced in current diff and when
+# contributor just touched a file with existing TODO
+#
+# Usage:
+#
+# Dangerfile
+#
+# ```ruby
+# danger.import_dangerfile(gem: 'threat')
+#
+# todo.run!
+# ```
+#
 class Threat::Plugins::Todo < Danger::Plugin
   SUPPORTED_COMMENTS = [
     '#', # e.g Ruby/YAML/Dockerfile and so on

data/lib/threat/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Threat
-  VERSION = '1.0.3'
+  VERSION = '1.2.0'
 end

data/lib/threat.rb

@@ -4,8 +4,11 @@ require 'zeitwerk'
 require 'danger'
 
 module Threat
+  module_function
+
+  def loader
+    @loader ||= Zeitwerk::Loader.for_gem
+  end
 end
 
-loader = Zeitwerk::Loader.for_gem
-loader.setup
-loader.eager_load_namespace(Threat::Plugins) # This way we're autoloading all defined plugins for Danger to register
+Threat.loader.setup

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: threat
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.2.0
 platform: ruby
 authors:
 - Egor Iskrenkov
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-09 00:00:00.000000000 Z
+date: 2024-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: zeitwerk
@@ -48,7 +48,11 @@ files:
 - Dangerfile
 - README.md
 - lib/threat.rb
+- lib/threat/plugins/confetti.rb
+- lib/threat/plugins/plugin_set.rb
 - lib/threat/plugins/pr_title.rb
+- lib/threat/plugins/rspec.rb
+- lib/threat/plugins/rubocop.rb
 - lib/threat/plugins/todo.rb
 - lib/threat/version.rb
 homepage: https://github.com/eiskrenkov/threat