Add Swift Build Tool Plugin for automatic dependency validation#3
Merged
tonyarnold merged 20 commits intomainfrom Jul 18, 2025
Merged
Add Swift Build Tool Plugin for automatic dependency validation#3tonyarnold merged 20 commits intomainfrom
tonyarnold merged 20 commits intomainfrom
Conversation
Owner
tonyarnold
commented
Jul 17, 2025
tonyarnold
commented
- Implement DependencyAuditPlugin conforming to BuildToolPlugin protocol
- Plugin runs prebuild commands with target-specific analysis and Xcode output
- Update Package.swift with plugin target definition and capability
- Add documentation and examples for plugin usage
- Implement DependencyAuditPlugin conforming to BuildToolPlugin protocol - Plugin runs prebuild commands with target-specific analysis and Xcode output - Update Package.swift with plugin target definition and capability - Add documentation and examples for plugin usage
There was a problem hiding this comment.
Pull Request Overview
This PR adds a Swift Package Manager build tool plugin to automate dependency validation during package and Xcode builds.
- Implements
DependencyAuditPluginconforming toBuildToolPluginto run the audit prebuild - Updates
Package.swiftto declare the plugin product and target - Adds documentation in
README.mdand notes inCHANGELOG.mdfor plugin usage
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| README.md | Added Build Tool Plugin integration documentation |
| Plugins/DependencyAuditPlugin/DependencyAuditPlugin.swift | Implemented plugin that runs a prebuild dependency audit |
| Package.swift | Added plugin product and target definitions |
| CHANGELOG.md | Updated changelog with plugin features and architecture |
| cd "\(context.package.directoryURL.path)" | ||
|
|
||
| # Run dependency audit for specific target | ||
| swift run swift-dependency-audit \\ |
There was a problem hiding this comment.
[nitpick] Invoking the audit tool via swift run can be slower and less robust; consider using the PackagePlugin API (context.tool(named:)) to locate and execute the swift-dependency-audit executable directly.
Suggested change
| swift run swift-dependency-audit \\ | |
| "\(try context.tool(named: "swift-dependency-audit").path)" \\ |
Comment on lines
+35
to
+36
| // Check if target name contains "Test" to identify test targets | ||
| if !target.name.lowercased().contains("test") { |
There was a problem hiding this comment.
[nitpick] Detecting test targets by checking the name substring is brittle; use the target’s type (e.g., TestTarget) or another metadata property to differentiate test and non-test targets.
Suggested change
| // Check if target name contains "Test" to identify test targets | |
| if !target.name.lowercased().contains("test") { | |
| // Check if the target is not a TestTarget to identify non-test targets | |
| if !(target is TestTarget) { |
Comment on lines
+65
to
+67
| // For now, analyze all targets and let the tool itself filter appropriately | ||
| // The tool will skip targets that don't have source directories | ||
| return true |
There was a problem hiding this comment.
[nitpick] Analyzing all targets can lead to unnecessary executions on non-source modules; consider filtering to SourceModuleTarget instances within shouldAnalyzeTarget to reduce overhead.
Suggested change
| // For now, analyze all targets and let the tool itself filter appropriately | |
| // The tool will skip targets that don't have source directories | |
| return true | |
| // Only analyze source-based targets | |
| return target is SourceModuleTarget |
tonyarnold
force-pushed
the
build-plugins
branch
2 times, most recently
from
50dc49a to
3c91619
Compare
tonyarnold
force-pushed
the
build-plugins
branch
from
3c91619 to
3f166c0
Compare
tonyarnold
force-pushed
the
build-plugins
branch
from
3c783a7 to
ee23c93
Compare
CFAbsoluteTimeGetCurrent is not available on Linux - use Date instead
I think that Claude has gone off on a tangent here
tonyarnold
force-pushed
the
build-plugins
branch
from
d436010 to
8bba0c9
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.