It could be interesting to have a danger check to identify when new public API is exposed. At Gusto, we only use the "public" folder. A first iteration could be to just check if any new files are added to the public folder, and perhaps if there are modifications to files in the public folder. Packwerk permits configurable public folders, which we could choose to support (and intelligently identify by reading package.ymlpublic_path) to start, or we could have the first iteration only support the default public folder.
Note this would likely not work with per-constant privacy since with that approach, privacy is opt-in rather than opt-out. We'd likely want a different danger check for that.
The idea behind this check is that exposing public API is a great moment to pop in and provide thoughts on the ideal shape of boundaries between packs. A less desirable way to deal with privacy violations is by simply making everything public – this danger check could help ensure that we're making the right things public.
It could be interesting to have a danger check to identify when new public API is exposed. At Gusto, we only use the "public" folder. A first iteration could be to just check if any new files are added to the public folder, and perhaps if there are modifications to files in the public folder. Packwerk permits configurable public folders, which we could choose to support (and intelligently identify by reading
package.yml
public_path
) to start, or we could have the first iteration only support the default public folder.Note this would likely not work with per-constant privacy since with that approach, privacy is opt-in rather than opt-out. We'd likely want a different danger check for that.
The idea behind this check is that exposing public API is a great moment to pop in and provide thoughts on the ideal shape of boundaries between packs. A less desirable way to deal with privacy violations is by simply making everything public – this danger check could help ensure that we're making the right things public.