damian-burke / danger-plugin-lint-report Goto Github PK

Extend the Violation interface, which currently looks like:

interface Violation {
  file: string
  line: number
  column: number
  /**
   * Possible severity values:
   * - info
   * - warning
   * - error
   * - fatal
   */
  severity: string
  message: string
}

With other fields (some should be optional) available in the checkstyle / lint reports.

Enable users to pass in an instance of a ViolationFormatter (or something else) into the configuration object, that allows formatting a Violation => string (which will be used in the danger reporting)

This should be optional, keeping the current behavior as fallback.

Hi, I would like to know when the following dependencies will be updated:

Seems like updating to AGP 7.0.0+ prints lint results in a new format 6 which is currently not supported.

Example report:

<?xml version="1.0" encoding="UTF-8"?>
<issues format="6" by="lint 7.0.0-alpha08">

    <issue
        id="CoroutinesStaticDispatcher"
        severity="Warning"
        message="Please inject a coroutine scope / context instead of referring to static Dispatchers."
        category="Testing"
        priority="6"
        summary="Do not use static Dispatchers, inject the requires ones"
        explanation="To give us more control over dispatchers and threading, we should inject a Coroutine context if required, &#xA;instead of using the static ones."
        errorLine1="        return withContext(Dispatchers.IO) {"
        errorLine2="                           ~~~~~~~~~~~~~~">
        <location
            file="/Users/damian.burke/StudioProjects/.../src/main/java/com/.../FirebaseDatabase.kt"
            line="21"
            column="28"/>
    </issue>


    <issue
        id="UnusedResources"
        severity="Warning"
        message="The resource `R.bool.isLightMode` appears to be unused"
        category="Performance"
        priority="3"
        summary="Unused resources"
        explanation="Unused resources make applications larger and slow down builds.&#xA;&#xA;The unused resource check can ignore tests. If you want to include resources that are only referenced from tests, consider packaging them in a test source set instead.&#xA;&#xA;You can include test sources in the unused resource check by setting the system property lint.unused-resources.include-tests=true, and to exclude them (usually for performance reasons), use lint.unused-resources.exclude-tests=true."
        errorLine1="    &lt;bool name=&quot;isLightMode&quot;>true&lt;/bool>"
        errorLine2="          ~~~~~~~~~~~~~~~~~~">
        <location
            file="/Users/damian.burke/StudioProjects/.../src/main/res/values/bool.xml"
            line="3"
            column="11"/>
        <location
            file="/Users/damian.burke/StudioProjects/.../src/main/res/values-night/bool.xml"
            line="3"
            column="11"/>
    </issue>
</issues>

When parsing multiple reports a prefix / identifier can help identify where the current issue originates from.

The identifier would be injected via the CheckstyleConfig.

Can the optional dependency on "esdoc" be removed?

This project doesn't seem to use it, as there is no .esdoc.json file anywhere.
Also esdoc is not actively maintained anymore (last commit in 2018) and causes security alerts in downstream projects because of outdated dependencies e.g. marked and nth-check

Should be something else as the plugin is not limited to checkstyle.

Ideas:

• ReporterConfig
• LintReportConfig (mirroring the plugin name)

Open to other ideas as well.

Add an option to post a summary comment. Comment could contain the number of reported issues and other information (files with violations, or else).

The scanXmlReport function is async so it needs to be awaited at the call-site.

https://github.com/damian-burke/danger-plugin-lint-report/blob/main/src/index.ts#L30

The project needs a couple of GitHub actions to automate some processes:

Each pull request should run:

• Tests
• Build

Additionally, a GitHub Action to deploy a new version is required.

When using multiple linters / scanning multiple reports with overlapping issues this can help reduce noise.

This should be an option passed in via CheckstyleConfig.

The current implementation assumes danger is running in the same machine that generated the lint report for Android. However, it is common in CI implementations to run different stages in different hosts (eg: docker containers).

Imagine this scenario:

• ./gradlew lint is run in a Gitlab stage in a docker container
• We then run danger in a next stage in a different docker container.
• The root in the 2nd container will be different than in the first one, so no matches will be found when adding comments.

One possible solution would be to not rely on the root of the current directory to replace the location in Lint files. Instead, try to find the Lint locations using the current root.

Hi, I would like to know when the following dependencies will be updated:

At the moment Promise.all is used to parallelize the file operations (read, parse, evaluate). This will schedule all operations at the same time.

As an improvement these should be scheduled in batches or on a pooled scheduler.

Reference: https://github.com/damian-burke/danger-plugin-lint-report/blob/main/src/index.ts#L26