Init Danger/Endanger with Backbone/package.json versions rules

2022-09-16 11:32:28 -07:00 · 2022-09-16 11:32:28 -07:00 · bbf4e74239
commit bbf4e74239
parent c6819a5438
13 changed files with 2431 additions and 131 deletions
--- a/.github/workflows/danger.yml
+++ b/.github/workflows/danger.yml
@ -0,0 +1,32 @@
+# Copyright 2020-2022 Signal Messenger, LLC
+# SPDX-License-Identifier: AGPL-3.0-only
+
+name: CI
+on:
+  pull_request:
+
+jobs:
+  danger:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # fetch all history
+      - uses: actions/setup-node@v3
+        with:
+          node-version: '16.15.0'
+      - run: npm install -g yarn@1.22.10
+      - name: Cache danger node_modules
+        id: cache-desktop-modules
+        uses: actions/cache@v3
+        with:
+          path: danger/node_modules
+          key: danger-${{ runner.os }}-${{ hashFiles('danger/package.json', 'danger/yarn.lock') }}
+      - name: Install danger node_modules
+        if: steps.cache-desktop-modules.outputs.cache-hit != 'true'
+        run: cd danger && yarn install --frozen-lockfile
+      - name: Run DangerJS
+        run: yarn danger:ci
+        env:
+          DANGER_GITHUB_API_TOKEN: ${{ secrets.AUTOMATED_GITHUB_PAT }}
--- a/.gitignore
+++ b/.gitignore
@ -1,4 +1,5 @@
 node_modules
+node_modules_bkp
 .sass-cache
 coverage/*
 build/curve25519_compiled.js
--- a/danger/danger.sh
+++ b/danger/danger.sh
@ -0,0 +1,14 @@
+#!/bin/sh
+# Copyright 2022 Signal Messenger, LLC
+# SPDX-License-Identifier: AGPL-3.0-only
+
+if [ -f ./node_modules/.bin/danger ]; then
+  echo "Running with ./node_modules/.bin/danger"
+  ./node_modules/.bin/danger $@
+elif [ -f ./danger/node_modules/.bin/danger ]; then
+  echo "Running with ./danger/node_modules/.bin/danger"
+  ./danger/node_modules/.bin/danger $@
+else
+  echo "Danger not found, did you run yarn in either the root or danger/ dir?"
+  exit 1
+fi
--- a/danger/package.json
+++ b/danger/package.json
@ -0,0 +1,7 @@
+{
+  "dependencies": {
+    "danger": "11.1.2",
+    "endanger": "7.0.4",
+    "typescript": "4.6.2"
+  }
+}
--- a/danger/rules.ts
+++ b/danger/rules.ts
@ -0,0 +1,9 @@
+// Copyright 2022 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+
+import { run } from 'endanger';
+
+import migrateBackboneToRedux from './rules/migrateBackboneToRedux';
+import packageJsonVersionsShouldBePinned from './rules/packageJsonVersionsShouldBePinned';
+
+run(migrateBackboneToRedux(), packageJsonVersionsShouldBePinned());
--- a/danger/rules/migrateBackboneToRedux.ts
+++ b/danger/rules/migrateBackboneToRedux.ts
@ -0,0 +1,54 @@
+// Copyright 2022 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+
+import { Line, Rule } from 'endanger';
+
+export default function migrateBackboneToRedux() {
+  return new Rule({
+    match: {
+      files: ['**/*.{js,jsx,ts,tsx}'],
+    },
+    messages: {
+      foundNewBackboneFile: `
+				**Prefer Redux**
+				Don't create new Backbone files, use Redux
+			`,
+      foundBackboneFileWithManyChanges: `
+				**Prefer Redux**
+				Migrate Backbone files to Redux when making major changes
+			`,
+    },
+    async run({ files, context }) {
+      for (let file of files.touched) {
+        let lines = await file.lines();
+        let matchedLine: Line | null = null;
+
+        for (let line of lines) {
+          // Check for the most stable part of the backbone `import`
+          if (
+            (await line.contains("from 'backbone'")) ||
+            (await line.contains('window.Backbone'))
+          ) {
+            matchedLine = line;
+            break;
+          }
+        }
+
+        if (!matchedLine) {
+          continue;
+        }
+
+        if (file.created) {
+          context.warn('foundNewBackboneFile', { file, line: matchedLine });
+        } else if (file.modifiedOnly) {
+          if (await file.diff().changedBy({ added: 0.1 })) {
+            context.warn('foundBackboneFileWithManyChanges', {
+              file,
+              line: matchedLine,
+            });
+          }
+        }
+      }
+    },
+  });
+}
--- a/danger/rules/packageJsonVersionsShouldBePinned.ts
+++ b/danger/rules/packageJsonVersionsShouldBePinned.ts
@ -0,0 +1,77 @@
+// Copyright 2022 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+
+import { File, Rule } from 'endanger';
+import semver from 'semver';
+
+function isPinnedVersion(version: string): boolean {
+  if (version.startsWith('https:')) {
+    return version.includes('#');
+  }
+  return semver.valid(version) !== null;
+}
+
+async function getLineContaining(file: File, text: string) {
+  let lines = await file.lines();
+  for (let line of lines) {
+    if (await line.contains(text)) {
+      return line;
+    }
+  }
+  return null;
+}
+
+let dependencyTypes = [
+  'dependencies',
+  'devDependencies',
+  'peerDependencies',
+  'optionalDependencies',
+];
+
+export default function packageJsonVersionsShouldBePinned() {
+  return new Rule({
+    match: {
+      files: ['**/package.json', '!**/node_modules/**'],
+    },
+    messages: {
+      packageJsonVersionsShouldBePinned: `
+				**Pin package.json versions**
+				All package.json versions should be pinned to a specific version.
+        See {depName}@{depVersion} in {filePath}#{dependencyType}.
+			`,
+    },
+    async run({ files, context }) {
+      for (let file of files.modifiedOrCreated) {
+        let pkg = await file.json();
+        for (let dependencyType of dependencyTypes) {
+          let deps = pkg[dependencyType];
+          if (deps == null) {
+            continue;
+          }
+          for (let depName of Object.keys(deps)) {
+            let depVersion = deps[depName];
+            if (!isPinnedVersion(depVersion)) {
+              let line = await getLineContaining(
+                file,
+                `"${depName}": "${depVersion}"`
+              );
+              context.warn(
+                'packageJsonVersionsShouldBePinned',
+                {
+                  file,
+                  line: line ?? undefined,
+                },
+                {
+                  depName,
+                  depVersion,
+                  filePath: file.path,
+                  dependencyType,
+                }
+              );
+            }
+          }
+        }
+      }
+    },
+  });
+}
--- a/danger/yarn.lock
+++ b/danger/yarn.lock
--- a/dangerfile.js
+++ b/dangerfile.js
@ -0,0 +1,8 @@
+// Copyright 2022 Signal Messenger, LLC
+// SPDX-License-Identifier: AGPL-3.0-only
+
+// Ensuring that the root directory is the same as this file before we load any
+// danger code. This is needed so we can run danger with the danger/package.json
+// file in CI
+process.chdir(__dirname);
+require('./danger/rules.ts');
--- a/package.json
+++ b/package.json
@ -44,6 +44,8 @@
    "lint-deps": "node ts/util/lint/linter.js",
    "lint-license-comments": "ts-node ts/util/lint/license_comments.ts",
    "lint-prettier": "pprettier --check '**/*.{ts,tsx,d.ts,js,json,html,scss,md,yml,yaml}' '!node_modules/**'",
+    "danger:local": "./danger/danger.sh local --base main",
+    "danger:ci": "./danger/danger.sh ci --base origin/main",
    "format": "pprettier --write '**/*.{ts,tsx,d.ts,js,json,html,scss,md,yml,yaml}' '!node_modules/**'",
    "transpile": "run-p check:types build:esbuild",
    "check:types": "tsc --noEmit",
@ -271,11 +273,13 @@
    "core-js": "2.6.9",
    "cross-env": "5.2.0",
    "css-loader": "3.2.0",
+    "danger": "11.1.2",
    "debug": "4.3.3",
    "electron": "20.1.4",
    "electron-builder": "23.0.8",
    "electron-mocha": "11.0.2",
    "electron-notarize": "1.2.1",
+    "endanger": "7.0.4",
    "esbuild": "0.14.28",
    "eslint": "7.7.0",
    "eslint-config-airbnb-typescript-prettier": "4.2.0",
--- a/ts/util/lint/exceptions.json
+++ b/ts/util/lint/exceptions.json
@ -1794,27 +1794,6 @@
    "reasonCategory": "falseMatch",
    "updated": "2019-12-11T01:10:06.091Z"
  },
-  {
-    "rule": "thenify-multiArgs",
-    "path": "node_modules/cpy/node_modules/path-type/node_modules/pify/index.js",
-    "line": "\t\t\t\tif (opts.multiArgs) {",
-    "reasonCategory": "falseMatch",
-    "updated": "2022-06-04T00:50:49.405Z"
-  },
-  {
-    "rule": "thenify-multiArgs",
-    "path": "node_modules/cpy/node_modules/path-type/node_modules/pify/index.js",
-    "line": "\t\t\t\tif (opts.multiArgs) {",
-    "reasonCategory": "falseMatch",
-    "updated": "2022-06-04T00:50:49.405Z"
-  },
-  {
-    "rule": "thenify-multiArgs",
-    "path": "node_modules/cpy/node_modules/pify/index.js",
-    "line": "\t\tif (options.multiArgs) {",
-    "reasonCategory": "falseMatch",
-    "updated": "2022-06-04T00:50:49.405Z"
-  },
  {
    "rule": "jQuery-load(",
    "path": "node_modules/debug/src/browser.js",
@ -2237,34 +2216,6 @@
    "reasonCategory": "falseMatch",
    "updated": "2018-09-19T18:13:29.628Z"
  },
-  {
-    "rule": "jQuery-load(",
-    "path": "node_modules/extglob/node_modules/debug/src/browser.js",
-    "line": "function load() {",
-    "reasonCategory": "falseMatch|",
-    "updated": "2020-04-30T22:35:27.860Z"
-  },
-  {
-    "rule": "jQuery-load(",
-    "path": "node_modules/extglob/node_modules/debug/src/browser.js",
-    "line": "exports.enable(load());",
-    "reasonCategory": "falseMatch|",
-    "updated": "2020-04-30T22:35:27.860Z"
-  },
-  {
-    "rule": "jQuery-load(",
-    "path": "node_modules/extglob/node_modules/debug/src/node.js",
-    "line": "function load() {",
-    "reasonCategory": "falseMatch|",
-    "updated": "2020-04-30T22:35:27.860Z"
-  },
-  {
-    "rule": "jQuery-load(",
-    "path": "node_modules/extglob/node_modules/debug/src/node.js",
-    "line": "exports.enable(load());",
-    "reasonCategory": "falseMatch|",
-    "updated": "2020-04-30T22:35:27.860Z"
-  },
  {
    "rule": "jQuery-load(",
    "path": "node_modules/extract-zip/node_modules/debug/src/browser.js",
@ -8340,69 +8291,6 @@
    "reasonCategory": "falseMatch",
    "updated": "2022-03-22T19:29:46.099Z"
  },
-  {
-    "rule": "jQuery-after(",
-    "path": "node_modules/test-exclude/node_modules/braces/index.js",
-    "line": "      arr.push(es6 ? tokens.after(val) : val);",
-    "reasonCategory": "falseMatch",
-    "updated": "2019-07-31T00:19:18.696Z"
-  },
-  {
-    "rule": "jQuery-before(",
-    "path": "node_modules/test-exclude/node_modules/braces/index.js",
-    "line": "        str = tokens.before(str, es6Regex());",
-    "reasonCategory": "falseMatch",
-    "updated": "2019-07-31T00:19:18.696Z"
-  },
-  {
-    "rule": "jQuery-wrap(",
-    "path": "node_modules/test-exclude/node_modules/braces/index.js",
-    "line": "      return braces(str.replace(outter, wrap(segs, '|')), opts);",
-    "reasonCategory": "falseMatch",
-    "updated": "2019-07-31T00:19:18.696Z"
-  },
-  {
-    "rule": "jQuery-wrap(",
-    "path": "node_modules/test-exclude/node_modules/braces/index.js",
-    "line": "      segs[0] = wrap(segs[0], '\\\\');",
-    "reasonCategory": "falseMatch",
-    "updated": "2019-07-31T00:19:18.696Z"
-  },
-  {
-    "rule": "jQuery-wrap(",
-    "path": "node_modules/test-exclude/node_modules/braces/index.js",
-    "line": "function wrap(val, ch) {",
-    "reasonCategory": "falseMatch",
-    "updated": "2019-07-31T00:19:18.696Z"
-  },
-  {
-    "rule": "jQuery-wrap(",
-    "path": "node_modules/test-exclude/node_modules/extglob/index.js",
-    "line": "    o[id] = wrap(inner, prefix, opts.escape);",
-    "reasonCategory": "falseMatch",
-    "updated": "2019-07-31T00:19:18.696Z"
-  },
-  {
-    "rule": "jQuery-wrap(",
-    "path": "node_modules/test-exclude/node_modules/extglob/index.js",
-    "line": "function wrap(inner, prefix, esc) {",
-    "reasonCategory": "falseMatch",
-    "updated": "2019-07-31T00:19:18.696Z"
-  },
-  {
-    "rule": "jQuery-append(",
-    "path": "node_modules/test-exclude/node_modules/parse-json/index.js",
-    "line": "\tfileName: errorEx.append('in %s')",
-    "reasonCategory": "falseMatch",
-    "updated": "2022-06-04T00:50:49.405Z"
-  },
-  {
-    "rule": "thenify-multiArgs",
-    "path": "node_modules/test-exclude/node_modules/pify/index.js",
-    "line": "\t\t\t\t} else if (opts.multiArgs) {",
-    "reasonCategory": "falseMatch",
-    "updated": "2021-12-07T23:11:11.870Z"
-  },
  {
    "rule": "jQuery-$(",
    "path": "node_modules/type-check/lib/parse-type.js",
--- a/ts/util/lint/linter.ts
+++ b/ts/util/lint/linter.ts
@ -147,6 +147,7 @@ const excludedFilesRegexp = RegExp(
    '^node_modules/css-selector-tokenizer/.+',
    '^node_modules/css-tree/.+',
    '^node_modules/csso/.+',
+    '^node_modules/danger/.+',
    '^node_modules/default-gateway/.+',
    '^node_modules/degenerator/.+',
    '^node_modules/detect-port-alt/.+',
@ -267,6 +268,25 @@ const excludedFilesRegexp = RegExp(
    '^node_modules/update-notifier/.+',
    '^node_modules/windows-release/.+',

+    // used by danger
+    '^danger/node_modules/.+',
+    '^node_modules/@octokit/.+',
+    '^node_modules/test-exclude/.+',
+    '^node_modules/micromark/.+',
+    '^node_modules/micromark-extension-gfm-task-list-item/.+',
+    '^node_modules/micromark-extension-gfm-autolink-literal/.+',
+    '^node_modules/memfs-or-file-map-to-github-branch/.+',
+    '^node_modules/mdast-util-to-markdown/.+',
+    '^node_modules/mdast-util-from-markdown/.+',
+    '^node_modules/lodash.once/.+',
+    '^node_modules/gitlab/.+',
+    '^node_modules/es6-promisify/.+',
+    '^node_modules/endanger/.+',
+    '^node_modules/cpy/.+',
+    '^node_modules/buffer-equal-constant-time/.+',
+    '^node_modules/universal-url/.+',
+    '^node_modules/extglob/.+',
+
    // Used by Storybook
    '^node_modules/@emotion/.+',
    '^node_modules/@storybook/.+',
--- a/yarn.lock
+++ b/yarn.lock