# frozen_string_literal: true

##########################################################################
# THIS FILE IS OWNED BY SECURITY CHANGES TO THIS FILE ARE MADE CENTRALLY #
#          CONTACT SECURITY@BELVO.COM or SLACK #ASK-SECURITY             #
##########################################################################

# Provide a description
if github.pr_body.length < 10
  fail 'Please provide a short summary in the PR description :page_with_curl:'
end

# The title has to include a JIRA ticket unless is a dependabot PR or SNYK
if github.pr_labels.include?('dependencies')
  message 'PR autogenerated by dependabot'
elsif github.pr_title =~ /\[Snyk\]/
  message 'PR generated by Snyk'
elsif github.pr_title !~ /\[[A-Z]{1,10}-[0-9]{1,5}\]/
  fail 'Please provide a valid Jira ticket ID associated to this PR'\
   '(e.g. [BEL-XXXXX]'
end

if github.pr_title.include? '[WIP]'
  warn('PR is classed as Work in Progress', sticky: false)
end

message('One approval required for merging')