[Opinion] What should we test for?

[felipesabino]

What are most common problems we can automate and test for using Danger?

(More info on what is this repo, what does Taqtile danger implementation is and to add your suggestion on the implementation, go to issue #2)

General

• Warn for increase in code duplication detection - #1
• Warn if some files/folders to be changed/committed like .gitignore
• Lint issues
• >>> strings to make sure rebase was successful (inspired by this commit to develop)

Platform Specific

Node.js

• Warn if some files/folders to be changed/committed like package.json, yarn.lock, etc

iOS

• Warn if some files/folders to be changed/committed like workspace and project file, Info.plists, Cakefile, etc
• Warn if commit has any word that suggests provisioning profiles configuration were changed
• All frontend pre-commit scripts for quality check - look for forbidden words on .xib (exclude, misplaced), search for hardcoded fonts, colors on code and .xib

Android

• Warn if some files/folders to be changed/committed like build.gradle or manifests

Windows

😢 As we do not have any CI for Windows yet, everything related to Windows will be considered only for future releases

Web

• Warn if CSS files were changed

[askmon]

Node Braindump:

Warnings

.env
.nvmrc
docker-compose.yml
tasks/options/env.coffee (grunt config)
node_modules
npm-shrinkwrap.json
package.json
yarn.lock
Procfile

Look for Amazon Secret keys: ?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]

[filipemp]

Is there any way to warn if one file changed and some other file related to the first didn't? Such as: Podfile changed and no Podfile.lock was commited

[ghashi]

iOS (to be implemented)

• Search for typos on .strings file
• Search for redundant strings on .strings file
• Searcj not used code/colors/fonts/styles/images/strings

[AndreFRSales]

Could implement this regex pattern for hungarian notation :

https://bugzilla.mozilla.org/show_bug.cgi?id=1275096

[felipesabino]

Some stuff taken from the latest 2 CRs on iOS projects

• warn if Info.plist contains ATS Exceptions
• warn if Info.plist contains Landscape mode
• warn if Podfile has pods should not using fixed versions
• warn if Podfile has pods being loaded from external git repos (specially or only if they are not indigotech)
• warn if any TODO or print("") were added
• warn if fatalError is added, most likely it should use the error handlers or throw exceptions

Not sure how we would check for it, but it would be nice to have

• warn if Info.plist has hardcoded data (like facebook IDs of bundle identifiers)
• warn if forced unwrapping was found

cc @filipemp @ghashi @marcelorisse

[felipesabino]

Stuff taken from Node project CR

• warn if npm install -g is found
• warn if console.log (or console.*?) was added
• warn if package.json file was modified but there were no changes onyarn.lock or shrinkwrap

Not sure how we would check for it, but it would be nice to have

• warn if node version is different between .travis.yml, .nvmrc, package.json and README (or just warn if node version has change just in one of these locations)

cc @askmon @fabiothiroki @marcelorisse @adrianshiokawa

[fabiothiroki]

@felipesabino

• Shouldn't at least console.error be acceptable? This way we can debug using papertrail or another similar tool
• At packages.json every package should have its version fixed (do not use ^ or ~), or explicitly set the major and minor versions (ie.: 1.2.x)

[felipesabino]

@fabiothiroki

Shouldn't at least console.error be acceptable?

👍

At packages.json every package should have its version fixed, or at least the tilde (~) so we don't experience incompatibility issues

👍

[melloflavio]

@felipesabino @fabiothiroki

At packages.json every package should have its version fixed, or at least the tilde (~) so we don't experience incompatibility issues

Ok for development stages. But once we go live, I feel we should restrict to fixed versions only.

[eiditakahashi]

Added to a sample file

Common

• [x] Warn if some files/folders to be changed/committed like .gitignore, Gemfile, Gemfile.lock, .travis.yml
• [x] >>> Strings to make sure rebase was successful
• [x] Big PRs
• [x] Warn when Gemfile was modified and Gemfile.lock was not
• [x] Fail when no description is provided
• [ ] Warn for increase in code duplication detection
• [ ] Lint issues
• [ ] Implement this regex pattern for hungarian notation

Node

• [x] Warn if some files/folders to be changed/committed like yarn.lock, docker-compose.yml, Procfile, npm-shrinkwrap.json, node_modules, env.coffee
• [x] Warn when Amazon Secret Key is hardcoded
• [x] Warn when npm install -g is used
• [x] Warn when .env or .nvmrc files are modified
• [x] Warn when console.log is added
• [x] Warn when package.json was modified and yarn.lock or shrinkwrap was not
• [x] Warn if node version is different between .travis.yml, .nvmrc, package.json and README (or just warn if node version has change just in one of these locations)
• [x] At packages.json every package should have its version fixed (do not use ^ or ~), or explicitly set the major and minor versions (ie.: 1.2.x)

iOS

• [x] Warn if some files/folders to be changed/committed like Cakefile, settings.yml.erb, Fastfile
• [x] Warn when Podfile was modified and Podfile.lock was not
• [x] Warn if changes made in Cakefile may 'break' provisionings and sign certificates configurations
• [x] Warn when ATS Exception is set in plist
• [x] Warn when Landscape orientation is set in plist
• [x] Warn when Facebook ID is hardcoded in plist
• [x] Warn when pod is being loaded from external git repos
• [x] Warn when TODO is added
• [x] Warn when print(“”) is added
• [x] Warn when fatalError is added
• [x] Warn if Podfile has pods should not using fixed versions
• [x] Warn if forced unwrapping was found
• [ ] All frontend pre-commit scripts for quality check - look for forbidden words on .xib (exclude, misplaced), search for hardcoded fonts, colors on code and .xib
• [ ] Search for typos on .strings file
• [ ] Search for redundant strings on .strings file
• [ ] Search not used code/colors/fonts/styles/images/strings

Android

• [x] Warn when .gradle or Manifest.xml files are modified

Web

• [x] Warn if CSS files were changed

[melloflavio]

@eiditakahashi I have just one suggestion. One of the node checks is:

At packages.json every package should have its version fixed (do not use ^ or ~), or explicitly set the major and minor versions (ie.: 1.2.x)

I believe that we should enforce all 3 digits to be set, not just major and minor. Specially since we are checking for ~ which is analogous to 1.2.x.

[ghashi]

iOS: (problema visto na aprovação da Raia iOS)

Barba:

FYI, ontem vimos que o app crashava caso o ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES estivesse setado pra NO então add as strings das permissões na plist. O que passou batido, pelo menos para mim, é que o problema também era a inclusão de todos aqueles pacotes binários em uma versão que a Apple não curtiu. Logo, ontem no fim do dia tornamos a receber uma mensagem da Apple, dessa vez somente com o texto referente aos tais binários. Hoje, depois de pesquisar pelo nosso querido stackoverflow cheguei nisso: https://github.com/indigotech/br-raia-app-ios/pull/1460 Estamos testanto :pray:

Inspirado por esse problema e dado que iremos buscar por palavras proibidas, talvez seja fácil de verificar se no arquivo do Cakefile exista tal config. Além disso, vcs tbm saibam de configurações indesejadas que poderíamos testar tanto no Android e iOS. Eu conversei com o Feijão e ele disse que tal problema não é recorrente e não precisaria ser corrigido assim ou pelo menos não agora (não é urgente). Acho que a solução é barata e vou deixar registrado aqui para dar visibilidade a todos e quem sabe algo a ser atacado no futuro

[felipesabino]

I am closing this in favor of 1.0.0 release and the remaining items were added to #8, #9, #10, #11 and #12

[felipesabino]

Please create new issues (or even PR 🎉 ) if you need extra checks to be added