validator

[thumbrise]

Summary by CodeRabbit

Release Notes

• New Features

  • Added commit validation that detects "outsider" file changes within a specified git range and generates violation reports.

• Chores

  • Updated code formatting and linting configurations for consistent project standards.
  • Enhanced testing infrastructure with mock generation and unit test coverage for the validation system.

[coderabbitai]

Warning

Review limit reached

@thumbrise, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 44 minutes and 15 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 40fba74e-26fa-460b-bb80-00a499b687d5

📥 Commits

Reviewing files that changed from the base of the PR and between 9d54522 and 53413c6.

📒 Files selected for processing (4)

• .github/workflows/ci.yml
• .golangci.yaml
• Taskfile.yaml
• pkg/validator/validator.go

📝 Walkthrough

Walkthrough

This PR introduces a Validator module in pkg/validator for detecting outsider file changes across git commits. It defines domain types (Violation, Git, ScopeParser, OutsiderFinder), implements a Validator that orchestrates these dependencies to analyze commit ranges, and includes comprehensive tests with generated mocks. Supporting configuration files enable linting, formatting, and mock generation tooling.

Changes

Validator for outsider file detection

Layer / File(s)	Summary
Development environment and tooling setup .editorconfig, .golangci.yaml, .mockery.yml, go.mod	EditorConfig enforces consistent formatting (2-space indent globally, tabs for Go). golangci adds funlen to generated-code exclusions. .mockery.yml configures Mockery to generate testify-based mocks for the validator package. go.mod adds github.com/stretchr/testify and indirect dependencies.
Validator domain types and interfaces pkg/validator/types.go	Introduces Violation struct (SHA, Header, Outsiders) and three interfaces: Git (commit/file operations), ScopeParser (message parsing), OutsiderFinder (file classification).
Validator implementation and orchestration pkg/validator/validator.go	Validator struct with dependency injection; NewValidator constructor enforces shaLength >= 1; Validate method iterates commits, retrieves messages, parses scopes, fetches changed files, detects outsiders, and builds violation records.
Test infrastructure with mocks and test scenarios pkg/validator/mocks_test.go, pkg/validator/validator_test.go	Generated mocks for Git, ScopeParser, OutsiderFinder with EXPECT() fluent APIs. Tests verify single violations, scope/file skipping, and error propagation via table-driven scenarios and a SetupExpectations helper.

Sequence Diagram

sequenceDiagram
  participant Caller
  participant Validator
  participant Git
  participant ScopeParser
  participant OutsiderFinder
  Caller->>Validator: Validate(ctx, from, to)
  Validator->>Git: SHA(ctx, from, to)
  Git-->>Validator: []string (commit SHAs)
  loop For each commit SHA
    Validator->>Git: Message(ctx, sha)
    Git-->>Validator: string (commit message)
    Validator->>ScopeParser: Parse(message)
    ScopeParser-->>Validator: string, bool (scope, ok)
    Validator->>Git: FilesChanged(ctx, sha)
    Git-->>Validator: []string (changed files)
    Validator->>OutsiderFinder: Find(scope, files)
    OutsiderFinder-->>Validator: []string (outsiders)
    Validator->>Validator: Build Violation
  end
  Validator-->>Caller: []Violation, error

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Poem

🐰 A validator hops through commits with flair,
Parsing scopes and finding files out there,
Mocks and tests in perfect harmony,
Outsider detection, clean and free!

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 42.86% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title 'validator' is too vague and generic—it does not meaningfully describe the specific changes or functionality added in this pull request.	Use a more descriptive title that highlights the main change, such as 'Add validator package with outsider file detection' or 'Implement commit validator for outsider detection'.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch validator

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@pkg/validator/validator_test.go`:
- Around line 90-97: Define a single string constant (e.g., handlerFile :=
"api/handler.go" or const handlerFile = "api/handler.go") and replace all
duplicate literal occurrences of "api/handler.go" in the test case data (the
TestableCommit instances used in the "TestableCommit with outsider file" test,
including the commits' files and outsiders slices) with that constant so the
goconst duplication linter is satisfied.

In `@pkg/validator/validator.go`:
- Around line 23-40: The NewValidator constructor currently allows nil for
logger and interface dependencies which leads to nil dereference when methods on
Validator call v.logger.Info or other injected interfaces; update NewValidator
to validate inputs (logger, git, outsiderFinder, scopeParser) and either return
an error or panic with clear messages when any required dependency is nil, or
provide sensible defaults (e.g., set logger to slog.New(...) or a no-op logger)
for logger specifically; ensure the Validator struct initialization in
NewValidator uses these validated/defaulted values so methods like
(Validator).Validate and any calls to v.logger.Info, v.git, v.outsiderFinder,
and v.scopeParser are safe.
- Around line 83-85: Guard the SHA slicing to avoid panic by checking the length
of the sha before using sha[:v.shaLength]; in the block that appends to
violations (the Violation struct assignment where SHA: sha[:v.shaLength]),
compute a safe length like n := v.shaLength; if len(sha) < n { n = len(sha) }
and then use sha[:n] (or otherwise clamp v.shaLength) so short/abbreviated SHAs
won’t cause a runtime panic.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 391364f7-76c8-4bfd-8f04-f7f7cdea7eb1

📥 Commits

Reviewing files that changed from the base of the PR and between c72ee8d and 9d54522.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (8)

• .editorconfig
• .golangci.yaml
• .mockery.yml
• go.mod
• pkg/validator/mocks_test.go
• pkg/validator/types.go
• pkg/validator/validator.go
• pkg/validator/validator_test.go

[github-actions]

🎉 This PR is included in version 0.3.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀