Initial commit

This commit is contained in:
Pedro Pombeiro 2019-01-21 13:29:30 +01:00
commit 87762259ec
No known key found for this signature in database
GPG Key ID: A65DEB11E4BBC647
20 changed files with 5915 additions and 0 deletions

9
.env.example Normal file
View File

@ -0,0 +1,9 @@
# The ID of your GitHub App
APP_ID=
WEBHOOK_SECRET=development
# Use `trace` to get verbose logging or `info` to show less
LOG_LEVEL=debug
# Go to https://smee.io/new set this to the URL that you are redirected to.
WEBHOOK_PROXY_URL=

8
.gitignore vendored Normal file
View File

@ -0,0 +1,8 @@
node_modules
npm-debug.log
*.pem
.env
package-lock.json
coverage
lib
/yarn-error.log

6
.travis.yml Normal file
View File

@ -0,0 +1,6 @@
sudo: false
language: node_js
node_js:
- "8.3"
notifications:
disabled: true

16
.vscode/launch.json vendored Normal file
View File

@ -0,0 +1,16 @@
{
// Use IntelliSense to learn about possible attributes.
// Hover to view descriptions of existing attributes.
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"type": "node",
"request": "attach",
"name": "Attach to Process",
"restart": true,
"protocol": "inspector",
"port": 9229
}
]
}

3
.vscode/settings.json vendored Normal file
View File

@ -0,0 +1,3 @@
{
"typescript.tsdk": "node_modules/typescript/lib"
}

74
CODE_OF_CONDUCT.md Normal file
View File

@ -0,0 +1,74 @@
# Contributor Covenant Code of Conduct
## Our Pledge
In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to making participation in our project and
our community a harassment-free experience for everyone, regardless of age, body
size, disability, ethnicity, gender identity and expression, level of experience,
education, socio-economic status, nationality, personal appearance, race,
religion, or sexual identity and orientation.
## Our Standards
Examples of behavior that contributes to creating a positive environment
include:
* Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
* Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery and unwelcome sexual attention or
advances
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or electronic
address, without explicit permission
* Other conduct which could reasonably be considered inappropriate in a
professional setting
## Our Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or
reject comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct, or to ban temporarily or
permanently any contributor for other behaviors that they deem inappropriate,
threatening, offensive, or harmful.
## Scope
This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an appointed
representative at an online or offline event. Representation of a project may be
further defined and clarified by project maintainers.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported by contacting the project team at pombeirp@users.noreply.github.com. All
complaints will be reviewed and investigated and will result in a response that
is deemed necessary and appropriate to the circumstances. The project team is
obligated to maintain confidentiality with regard to the reporter of an incident.
Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good
faith may face temporary or permanent repercussions as determined by other
members of the project's leadership.
## Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
[homepage]: https://www.contributor-covenant.org

41
CONTRIBUTING.md Normal file
View File

@ -0,0 +1,41 @@
## Contributing
[fork]: /fork
[pr]: /compare
[style]: https://standardjs.com/
[code-of-conduct]: CODE_OF_CONDUCT.md
Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great.
Please note that this project is released with a [Contributor Code of Conduct][code-of-conduct]. By participating in this project you agree to abide by its terms.
## Issues and PRs
If you have suggestions for how this project could be improved, or want to report a bug, open an issue! We'd love all and any contributions. If you have questions, too, we'd love to hear them.
We'd also love PRs. If you're thinking of a large PR, we advise opening up an issue first to talk about it, though! Look at the links below if you're not sure how to open a PR.
## Submitting a pull request
1. [Fork][fork] and clone the repository.
1. Configure and install the dependencies: `yarn install`.
1. Make sure the tests pass on your machine: `yarn test`, note: these tests also apply the linter, so there's no need to lint separately.
1. Create a new branch: `git checkout -b my-branch-name`.
1. Make your change, add tests, and make sure the tests still pass.
1. Push to your fork and [submit a pull request][pr].
1. Pat your self on the back and wait for your pull request to be reviewed and merged.
Here are a few things you can do that will increase the likelihood of your pull request being accepted:
- Follow the [style guide][style] which is using standard. Any linting errors should be shown when running `yarn test`.
- Write and update tests.
- Keep your changes as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
- Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
Work in Progress pull requests are also welcome to get feedback early on, or if there is something blocked you.
## Resources
- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
- [Using Pull Requests](https://help.github.com/articles/about-pull-requests/)
- [GitHub Help](https://help.github.com)

15
LICENSE Normal file
View File

@ -0,0 +1,15 @@
ISC License
Copyright (c) 2019, Pedro Pombeiro <pombeirp@users.noreply.github.com> (https://github.com/status-im/deps-lock-snitch-bot)
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

26
README.md Normal file
View File

@ -0,0 +1,26 @@
# deps-lock-snitch-bot
> A GitHub App built with [Probot](https://github.com/probot/probot) that pings collaborators every time there are changes to a dependency lock file (package-lock.json, yarn.lock, etc)
## Setup
```sh
# Install dependencies
yarn install
# Run typescript
yarn build
# Run the bot
yarn start
```
## Contributing
If you have suggestions for how deps-lock-snitch-bot could be improved, or want to report a bug, open an issue! We'd love all and any contributions.
For more, check out the [Contributing Guide](CONTRIBUTING.md).
## License
[ISC](LICENSE) © 2019 Pedro Pombeiro <pombeirp@users.noreply.github.com> (https://github.com/status-im/deps-lock-snitch-bot)

139
app.yml Normal file
View File

@ -0,0 +1,139 @@
# This is a GitHub App Manifest. These settings will be used by default when
# initially configuring your GitHub App.
#
# NOTE: changing this file will not update your GitHub App settings.
# You must visit github.com/settings/apps/your-app-name to edit them.
#
# Read more about configuring your GitHub App:
# https://probot.github.io/docs/development/#configuring-a-github-app
#
# Read more about GitHub App Manifests:
# https://developer.github.com/apps/building-github-apps/creating-github-apps-from-a-manifest/
# The list of events the GitHub App subscribes to.
# Uncomment the event names below to enable them.
default_events:
# - check_run
# - check_suite
# - commit_comment
# - create
# - delete
# - deployment
# - deployment_status
# - fork
# - gollum
# - issue_comment
# - issues
# - label
# - milestone
# - member
# - membership
# - org_block
# - organization
# - page_build
# - project
# - project_card
# - project_column
# - public
- pull_request
# - pull_request_review
# - pull_request_review_comment
# - push
# - release
# - repository
# - repository_import
# - status
# - team
# - team_add
# - watch
# The set of permissions needed by the GitHub App. The format of the object uses
# the permission name for the key (for example, issues) and the access type for
# the value (for example, write).
# Valid values are `read`, `write`, and `none`
default_permissions:
# Repository creation, deletion, settings, teams, and collaborators.
# https://developer.github.com/v3/apps/permissions/#permission-on-administration
# administration: read
# Checks on code.
# https://developer.github.com/v3/apps/permissions/#permission-on-checks
# checks: read
# Repository contents, commits, branches, downloads, releases, and merges.
# https://developer.github.com/v3/apps/permissions/#permission-on-contents
# contents: read
# Deployments and deployment statuses.
# https://developer.github.com/v3/apps/permissions/#permission-on-deployments
# deployments: read
# Issues and related comments, assignees, labels, and milestones.
# https://developer.github.com/v3/apps/permissions/#permission-on-issues
# issues: read
# Search repositories, list collaborators, and access repository metadata.
# https://developer.github.com/v3/apps/permissions/#metadata-permissions
metadata: read
# Retrieve Pages statuses, configuration, and builds, as well as create new builds.
# https://developer.github.com/v3/apps/permissions/#permission-on-pages
# pages: read
# Pull requests and related comments, assignees, labels, milestones, and merges.
# https://developer.github.com/v3/apps/permissions/#permission-on-pull-requests
pull_requests: write
# Manage the post-receive hooks for a repository.
# https://developer.github.com/v3/apps/permissions/#permission-on-repository-hooks
# repository_hooks: read
# Manage repository projects, columns, and cards.
# https://developer.github.com/v3/apps/permissions/#permission-on-repository-projects
# repository_projects: read
# Retrieve security vulnerability alerts.
# https://developer.github.com/v4/object/repositoryvulnerabilityalert/
# vulnerability_alerts: read
# Commit statuses.
# https://developer.github.com/v3/apps/permissions/#permission-on-statuses
# statuses: read
# Organization members and teams.
# https://developer.github.com/v3/apps/permissions/#permission-on-members
# members: read
# View and manage users blocked by the organization.
# https://developer.github.com/v3/apps/permissions/#permission-on-organization-user-blocking
# organization_user_blocking: read
# Manage organization projects, columns, and cards.
# https://developer.github.com/v3/apps/permissions/#permission-on-organization-projects
# organization_projects: read
# Manage team discussions and related comments.
# https://developer.github.com/v3/apps/permissions/#permission-on-team-discussions
# team_discussions: read
# Manage the post-receive hooks for an organization.
# https://developer.github.com/v3/apps/permissions/#permission-on-organization-hooks
# organization_hooks: read
# Get notified of, and update, content references.
# https://developer.github.com/v3/apps/permissions/
# organization_administration: read
# The name of the GitHub App. Defaults to the name specified in package.json
# name: My Probot App
# The homepage of your GitHub App.
# url: https://example.com/
# A description of the GitHub App.
# description: A description of my awesome app
# Set to true when your GitHub App is available to the public or false when it is only accessible to the owner of the app.
# Default: true
# public: false

8
jest.config.js Normal file
View File

@ -0,0 +1,8 @@
module.exports = {
roots: ['<rootDir>/src/', '<rootDir>/test/'],
transform: {
'^.+\\.tsx?$': 'ts-jest'
},
testRegex: '(/__tests__/.*|\\.(test|spec))\\.[tj]sx?$',
moduleFileExtensions: ['ts', 'tsx', 'js', 'jsx', 'json', 'node']
}

6
nodemon.json Normal file
View File

@ -0,0 +1,6 @@
{
"ignore": ["**/*.test.ts", "**/*.spec.ts", ".git", "node_modules"],
"watch": ["src"],
"exec": "yarn _start-dev",
"ext": "ts"
}

59
package.json Normal file
View File

@ -0,0 +1,59 @@
{
"author": "Pedro Pombeiro <pombeirp@users.noreply.github.com> (https://github.com/status-im/deps-lock-snitch-bot)",
"bugs": "https://github.com/status-im/deps-lock-snitch-bot/issues",
"dependencies": {
"@types/humanize-plus": "^1.8.0",
"@types/nock": "^9.3.0",
"humanize-plus": "^1.8.2",
"nock": "^10.0.0",
"probot": "^7.2.0"
},
"description": "pings collaborators every time there are changes to a dependency lock file (package-lock.json, yarn.lock, etc)",
"devDependencies": {
"@types/jest": "^23.1.5",
"@types/node": "^10.12.18",
"eslint-plugin-typescript": "^0.12.0",
"jest": "^23.4.0",
"nodemon": "^1.18.9",
"smee-client": "^1.0.2",
"ts-jest": "^23.0.0",
"tslint": "^5.12.1",
"typescript": "3.2.1",
"typescript-eslint-parser": "^18.0.0",
"typescript-tslint-plugin": "^0.2.1"
},
"engines": {
"node": ">= 10.3.0",
"yarn": "1.13.x"
},
"homepage": "https://github.com/status-im/deps-lock-snitch-bot",
"jest": {
"testEnvironment": "node"
},
"keywords": [
"probot",
"github",
"probot-app"
],
"license": "ISC",
"name": "deps-lock-snitch-bot",
"nodemonConfig": {
"exec": "yarn start",
"watch": [
".env",
"./lib"
]
},
"repository": "https://github.com/status-im/deps-lock-snitch-bot.git",
"scripts": {
"_start-dev": "./scripts/predebug.sh; yarn build && node --inspect ./node_modules/probot/bin/probot-run.js ./lib/index.js",
"build": "tsc -p tsconfig.json",
"dev": "./node_modules/nodemon/bin/nodemon.js",
"lint": "tslint -c tslint.json --fix 'src/**/*.ts' --fix 'test/**/*.ts'",
"postinstall": "yarn build",
"start": "probot run ./lib/index.js",
"test": "jest && tsc -p tsconfig.json",
"test:watch": "jest --watch --notify --notifyMode=change --coverage"
},
"version": "1.0.0"
}

7
scripts/predebug.sh Executable file
View File

@ -0,0 +1,7 @@
#!/bin/bash
APP_PORT=3000
APP_PID="$(lsof -i :${APP_PORT} | awk 'NR!=1 {print $2}' | sort -u | tr '\r\n' ' ')"
if [ ! -z "$APP_PID" ]; then
kill $APP_PID
fi

60
src/index.ts Normal file
View File

@ -0,0 +1,60 @@
import Octokit from '@octokit/rest'
import Humanize from 'humanize-plus'
import { Application, Context } from 'probot' // eslint-disable-line no-unused-vars
interface Config {
recipients: string[]
}
export = (app: Application) => {
app.on(['pull_request.opened', 'pull_request.edited'], (context: Context) => {
return handlePullRequest(context)
})
// For more information on building apps:
// https://probot.github.io/docs/
// To get your app running against GitHub, see:
// https://probot.github.io/docs/development/
}
async function handlePullRequest(context: Context) {
const { github, payload } = context
const { pull_request } = payload
const lockFiles: string[] = []
await github.paginate(
github.pullRequests.listFiles(context.issue({ per_page: 100 })),
(res) => {
const typedResData: Octokit.PullRequestsListFilesResponse = res.data
for (const file of typedResData) {
const parts = file.filename.split('/')
switch (parts[parts.length - 1]) {
case 'package-lock.json':
case 'yarn.lock':
case 'Gopkg.lock':
lockFiles.push(file.filename)
break
}
}
},
)
if (lockFiles.length !== 0) {
const configFilename = 'package-lock-snitch.config.json'
const config: Config = await context.config(configFilename, { recipients: [] } as Config)
const filesChanged = Humanize.oxford(lockFiles.map((f) => `\`${f}\``), 5)
if (config.recipients.length !== 0) {
const pingTargets = Humanize.oxford(config.recipients.map((u) => `@${u}`))
const issueComment = context.issue({ body: `${filesChanged} changed. Pinging ${pingTargets}` })
context.log.info(`Creating comment on ${pull_request.html_url} pinging ${pingTargets}`)
await context.github.issues.createComment(issueComment)
} else {
context.log.debug(
`No recipients configured in ${payload.repository.html_url}/.github/${configFilename}, ignoring`)
}
} else {
context.log.debug(`No lock files changed in ${pull_request.html_url}`)
}
}

15
test/fixtures/issues.opened.json vendored Normal file
View File

@ -0,0 +1,15 @@
{
"action": "opened",
"issue": {
"number": 1,
"user": {
"login": "hiimbex"
}
},
"repository": {
"name": "testing-things",
"owner": {
"login": "hiimbex"
}
}
}

52
test/index.test.ts Normal file
View File

@ -0,0 +1,52 @@
// You can import your modules
// import index from '../src/index'
import nock from 'nock'
import { Probot } from 'probot'
// Requiring our app implementation
import myProbotApp from '../src'
// Requiring our fixtures
import payload from './fixtures/issues.opened.json'
const issueCreatedBody = { body: 'Thanks for opening this issue!' }
nock.disableNetConnect()
describe('My Probot app', () => {
let probot: any
beforeEach(() => {
probot = new Probot({ id: 123, cert: 'test' })
// Load our app into probot
const app = probot.load(myProbotApp)
// just return a test token
app.app = () => 'test'
})
test('creates a comment when an issue is opened', async (done) => {
// Test that we correctly return a test token
nock('https://api.github.com')
.post('/app/installations/2/access_tokens')
.reply(200, { token: 'test' })
// Test that a comment is posted
nock('https://api.github.com')
.post('/repos/hiimbex/testing-things/issues/1/comments', (body: any) => {
done(expect(body).toMatchObject(issueCreatedBody))
return true
})
.reply(200)
// Receive a webhook event
await probot.receive({ name: 'issues', payload })
})
})
// For more information about testing with Jest see:
// https://facebook.github.io/jest/
// For more information about using TypeScript in your tests, Jest recommends:
// https://github.com/kulshekhar/ts-jest
// For more information about testing with Nock see:
// https://github.com/nock/nock

32
tsconfig.json Normal file
View File

@ -0,0 +1,32 @@
{
"compilerOptions": {
"allowJs": false,
"lib": ["es2015", "es2017", "es2018"],
"module": "commonjs",
"moduleResolution": "node",
"target": "es5",
"noImplicitReturns": true,
"noFallthroughCasesInSwitch": true,
"noUnusedLocals": false,
"strictNullChecks": true /* Enable strict null checks. */,
"pretty": true,
"strict": true,
"sourceMap": true,
"outDir": "./lib",
"skipLibCheck": true,
"noImplicitAny": true,
"esModuleInterop": true,
"declaration": true,
"resolveJsonModule": true,
"downlevelIteration": true,
"plugins": [
{
"name": "typescript-tslint-plugin"
}
]
},
"include": [
"src/**/*"
],
"compileOnSave": false
}

34
tslint.json Normal file
View File

@ -0,0 +1,34 @@
{
"defaultSeverity": "error",
"extends": [
"tslint:recommended"
],
"jsRules": {},
"rules": {
"interface-name": false,
"no-console": false,
"quotemark": [
true,
"single"
],
"prefer-const": true,
"semicolon": [
true,
"never"
],
"eofline": true,
"no-return-await": true
},
"compilerOptions": {
"plugins": [
{
"name": "typescript-tslint-plugin",
"alwaysShowRuleFailuresAsWarnings": false,
"ignoreDefinitionFiles": true,
"configFile": "./tslint.json",
"suppressWhileTypeErrorsPresent": false,
"mockTypeScriptVersion": false
}
]
}
}

5305
yarn.lock Normal file

File diff suppressed because it is too large Load Diff