Hi.

I'm finding it hard to understand what this actually does.
The readme says In CI run bundle exec danger. This will look at your Dangerfile and provide some feedback based on that.

Can you define some feedback in a more clearer way :)

README should recommend:

• Making Gemfile

    gem 'danger'

• Doing a bundle install
• Starting the Wizard via bundle exec danger init

Then the steps will guide you through the process of

1. make new account for the repo
2. Talking you through the access settings and what it means
3. setting up a new access token for repo ( Note, differentiate between OSS / Closed Source )
4. creating a default Dangerfile
5. Offering some ideas for further expansion
6. Talk about how to add Danger to your CI

Currently when running danger on an open source project with a key set up to not have write access I run into

Found 2 error(s) and I don't have write access to the PR set a PR status. bundle exec danger returned exit code 1

As far as I remember we had a way to not set the return status for this situation. What's the best way to solve this? I'll submit a PR to both the setup and the docs to make this easier, just wanted to check what's your thoughts @orta 👍

E.g., don’t allow a bundle display name of ‘Artsy β’ to be checked-in.

As of the latest build messages look like:

      | 3 Errors
    ------------- | -----------------------------------------------------------------------------------------------------
        :no_entry_sign: | fdescribe left in tests
        :no_entry_sign: | fit left in tests
        :no_entry_sign: | Developer Specific file shouldn't be changed

This leads to ugly jagged edges on when there's errors/fails/messages. However, with some sneaky HTML skills, we can do this:

<table>
  <thead>
    <tr>
      <th width="50">&nbsp;</th>
      <th width="900">3 Errors</th>
     </tr>
  </thead>
  <tbody>
    <tr>
      <td>:no_entry_sign:</td>
      <td>fdescribe left in tests</td>
    </tr>
    <tr>
      <td>:no_entry_sign:</td>
      <td>fit left in tests</td>
    </tr>
    <tr>
      <td>:no_entry_sign:</td>
      <td>Developer Specific file shouldn't be changed</td>
    </tr>
  </tbody>
</table>

The numbers, once larger than the width of the parent become relative sizes, so if github change the size of their pages, then this will handle it.

Because we can 👯

Before I've done something like this in the Dangerfile:

message "Insertions: #{insertions}"
message "Added: #{files_added}"
message "LOC: #{lines_of_code}"
message "Mod: #{files_modified}"

Which isn't great. Instead I should be able to add something like message_all_attributes or something. It would show all of the information in a nice table.

unless has_org_access? "Artsy"
  protect_files(path: "**/*.gemspec", message: "Submit an issue instead of changing dependencies via PRs")
end

Define files that can only be modified by developers with write access to the repo.

Could be something I can pull off as a MVP with a few weekends I've been wanting to try rails 5

• A bit like the Facebook mention bot
• Pay £5 per user account (e.g. pay once for ORStackView and ARAnalytics) or an org (Eigen, Eidolon, Energy etc ) to allow it to do PR messages / status updates.
• Runs danger in a sandbox only allowing access to the folder it's currently in.
• Would make it easier to set up for orgs, just tick a box and add a Dangerfile.
• Could make a Dangerfile for a collection of repos.

It’s expecting a Dangerfile to exist.

Silence is golden?

I have a PR with 5 additions and 6 deletions. - the lines of code is classed as bigger than 50 in my Dangerfile

Relates to #105

I think we should have this information in the GitHub Repo / PR status? or maybe in an environment var?

Printing warning 'Tests were not updated'
Raising error 'Please include a CHANGELOG entry'
Danger has failed this build. 
Found 1 error(s) and I don't have write access to the PR set a PR status.

Want to clean-up this: I don't have write access to the PR set a PR status. so that it doesn't show when it is't needed.

Experiment: if instead of putting pr.body - we chucked in pr.body.lines we might get it working in the terminal. We could also run it through the markdown parser.

Might work?

Today, danger only runs on PRs against master (at least the README says so).

It'd be awesome to be able to customize the merge branch. We, for example, keep a shipped version on master and all the development goes on a development branch.

I can try to take a look at this, but it seems it should be easy. Unless I'm missing something, only two places uses master hardcoded (https://github.com/danger/danger/blob/master/lib/danger/ci_source/buildkite.rb#L20 and

I think one important question is where this branch would be specified: on the Dangerfile (if so, this probably would be harder because it seems that the file actually is run) or as a command line parameter.

The <p> tags make the text not centered on each cell, as seen in artsy/eigen#1185 (comment)

This was a side effect of #65

I wonder if in this PR Danger has paged off at 5 comments, and now continues to re-post

vs

Replace it with Faraday, given that github uses that.

I will comment the HTML for one after this

Mine is really not a good one. Recommendations have been the terminal-table gem. I'm interested in also getting Cork up and running, so we can test it outside of CP.

Printing warning 'Tests were not updated'
Raising error 'Please include a CHANGELOG entry'
Danger has failed this build. 
Found 1 error(s) and I don't have write access to the PR set a PR status.

Perhaps move to a markdown checklist:

Warnings:
 - [ ] Tests were not updated

Errors:
  - [ ] Please include a CHANGELOG entry 

Danger will finish with a failure build code because of 1 error. 

This was the diff for this PR git diff f12ea82b719a 9d9fece70aac - see build

We need to find the first commit which in that PR could be either 608f2d71a0ac3c88d7681c464ec0cbe9fa5e319d or it's parent c1af413

the env vars from Circle are:

  CIRCLE_ARTIFACTS=/tmp/circle-artifacts.oihhrPZ
  CIRCLE_BRANCH=orta-deploy
  CIRCLE_BUILD_NUM=1476
  CIRCLE_COMPARE_URL=https://github.com/artsy/eigen/compare/f12ea82b719a...9d9fece70aac
  CIRCLE_NODE_INDEX=0
  CIRCLE_NODE_TOTAL=1
  CIRCLE_PREVIOUS_BUILD_NUM=1471
  CIRCLE_PROJECT_REPONAME=eigen
  CIRCLE_PROJECT_USERNAME=artsy
  CIRCLE_SHA1=9d9fece70aacd8e01f9b316664e4180629910f5f
  CIRCLE_TEST_REPORTS=/tmp/circle-junit.R5MI8iJ
  CIRCLE_USERNAME=orta

Looking a real example: artsy/eigen#1236

In this case I definitely know that this will fail the build, but I want this to be correct. What about if inside the message for the PR I wrote:

Danger: Ignore "Developer Specific file shouldn't be changed"

Wherein it won't fail the build if a fail is found with the same string.

Ideas / Opinions?

It should be possible to run ./bin/danger locally to setup the initial Dangerfile

Say I had three commits.

• I wrote some app code
• I git pull origin master
• I wrote some more app code

but I never added a changelog entry.

If the pull contained a changelog entry, it would show up as a file in Danger, but not in the GH UI.

Currently it won't write a message. You can see it in #47

What about:

• Fails: 1 Error. 1 Warning. Everything is fixable. (which is Danger's motto) (don't show warning/errors if no warnings or errors )
• Success: Everything is okay.

I'm going to ask her about the wording now ;)

We should have templates that adapt to the repo that init was run in:

• A Gem
  • Warns when Gemspec is changed? We talked about this for Fastlane/Danger
  • There isn't a linter, but we could try eval the gemspec?
• An npm module
• Ruby
  • Look for puts, pry inside app
  • Note if the LOC in an old Gemfile.lock is greater than the new Gemfile.lock
• Rails apps (inherit ruby)
  • Changes to config files without mentioning "config" in the description
• Sinatra projects (inherit ruby)
• Node apps
• React specific apps
• A Pod / SPM module
  • Lint the pod?
  • Note if the LOC in an old Podfile.lock is greater than the new Podfile.lock
• iOS App
• Go projects?

Note: This is a living document and I'll keep updating with ideas here.

Instead of

Generated by danger on 2016-01-08

What about just: [:no_entry_sign:anger](https://github.com/KrauseFx/danger/) (right aligned)

The date is already on the issue, and it's cool that a bot generated the copy, but this can be snappy

🚫anger

POSIX-compatible systems typically use a convention of zero for success and non zero for error

Looks like convention is here - perhaps
78? - EX_CONFIG (78) Something was found in an unconfigured or miscon-figured state.

This CI build https://circleci.com/gh/artsy/eigen/1501 - is attached to this PR: artsy/eigen#1130

it shows that at the top, but the ENV vars don't reflect that that:

Setting build environment variables
  CIRCLE_ARTIFACTS=/tmp/circle-artifacts.gyNRoD5
  CIRCLE_BRANCH=orta-dm_pilot
  CIRCLE_BUILD_NUM=1501
  CIRCLE_COMPARE_URL=https://github.com/artsy/eigen/commit/1b064fe71ac7
  CIRCLE_NODE_INDEX=0
  CIRCLE_NODE_TOTAL=1
  CIRCLE_PREVIOUS_BUILD_NUM=1500
  CIRCLE_PROJECT_REPONAME=eigen
  CIRCLE_PROJECT_USERNAME=artsy
  CIRCLE_SHA1=1b064fe71ac7ec073223221889d96dcecb292000
  CIRCLE_TEST_REPORTS=/tmp/circle-junit.X2xv4ph
  CIRCLE_USERNAME=orta

our validation:

def self.validates?(env)
  return !env["CIRCLE_BUILD_NUM"].nil? && !env["CI_PULL_REQUEST"].nil?
end

Similar to how RxSwiftCommunity works

Should be a few minor points to change.

• add support for setting a custom GH host
• make sure that host is passed into the Octokit config

Hey @orta could you please list out the CIs that are supported in the README.md! thx!

Benno

Haven't had time to look into this yet, I get the following error:

~/Developer/fastlane/danger/bin/danger local --verbose

Danger local requires a repository hosted on github.
Not a Pull Request - skipping `danger` run
/Users/fkrause/Developer/fastlane/danger/lib/danger/commands/local.rb:25:in `run': undefined method `repo_slug' for nil:NilClass (NoMethodError)
    from /Users/fkrause/.rbenv/versions/2.2.1/lib/ruby/gems/2.2.0/gems/claide-1.0.0.beta.1/lib/claide/command.rb:312:in `run'
    from /Users/fkrause/Developer/fastlane/danger/bin/danger:5:in `<main>'

You get an email for every commit that runs tests in a PR, which isn't optimal.

a commit build should not run danger, but it shouldn't raise

Look at artsy/elan#5

WATCHED_FILES = [
  '/components/lib/variables/colors.json',
  '/components/lib/variables/typography.json',
  '/components/lib/variables/widths.json'
]

message("@orta something changed in elan!") if (modified_files & WATCHED_FILES).any?

It would be much nicer to do either:

message("@orta something changed in elan!") if modified_files["/components/lib/variables/*"]

or

message("@orta something changed in elan!") if modified_files.include? "/components/lib/variables/*"

E.g. we could use a special array subclass that has a different include? here.

For example:

compare_file "Podfile.lock" do |before, after|
  reduced_deps =  ":tada: - Great work on reducing our incidental complexity"
  message(reduced_deps) if before.lines_of_code < after.lines_of_code
end

I wonder what attributes could be available?

This is noted in the README: https://github.com/libgit2/rugged#install

For private repos

Cork isn't ready for usage as a full dependency.

On this build, I got the following output:

Danger v0.3.0
DSL Attributes:
------------------
| lines_of_code  | 4
| files_modified | ["Artsy/View_Controllers/Auction/AuctionInformationViewController.swift"]
| files_removed  | []
| files_added    | []
| deletions      | 4
| insertions     | 0
| pr_title       | Adds Swift abstraction for Navigation Buttons
| pr_body        | This abstracts the messiness of working with the `ARNavigationButton` stuff with Swift into one place.

Despite the large-ish patch

I'd be nice to have a custom variable in DSL to get the PR labels. Probably not super important, since you should be able to get that from env.request_source.pr_json.