danger-plugin-dependencies
Provides dependency information on dependency changes in a PR
Usage
Install:
npm install @seadub/danger-plugin-dependencies --save-dev
# or
yarn add @seadub/danger-plugin-dependencies --devAt a glance:
// dangerfile.js
import dependencies from '@seadub/danger-plugin-dependencies'
schedule(dependencies())Provides 4 separate rules:
-
checkForRelease- Provides a🎉 when there's a package version bump. -
checkForNewDependencies(async) - Provides npmjs.com (andyarn why, when type is"yarn") metadata about new dependencies. -
checkForLockfileDiff- Will warn you when there aredependenciesordevDependencieschanges without apackage-lock.jsonoryarn.lockchange. -
checkForTypesInDeps- Will fail the build if you add any@types/[x]todependenciesinstead ofdevDependencies.
And exports a default function to handle all of them at once.
Note: async functions like the default one have be to schedule'd by Danger.
yarn vs npm usage
By default, the dependencies method will attempt to determine if you are using npm or yarn to manage your dependencies based on sniffing for the lockfiles on disk. If no lockfiles exist, or running on Peril it will fail without an explicitly stated manasger type in the options.
You may explicitly pass one in the options:
// dangerfile.js
import dependencies from '@seadub/danger-plugin-dependencies'
schedule(dependencies({ type: "npm" }))
// or for yarn
schedule(dependencies({ type: "yarn" }))Private packages
If you want the plugin to find your private packages on npm, you need to provide an npm authentication token:
// dangerfile.js
import dependencies from 'danger-plugin-dependencies'
schedule(dependencies({ npmAuthToken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' }))Changelog
See the GitHub release history.
Contributing
See CONTRIBUTING.md.
What does this look like?
The rest of this README is the contents of what it looks like when you add this plugin to your Dangerfile:
| Warnings | |
|---|---|
|
New dependencies added: danger-plugin-yarn. |
danger-plugin-yarn
Author: Orta Therox
Description: Provides dependency information on dependency changes in a PR
Homepage: https://github.com/orta/danger-plugin-yarn#readme
| Created | 24 days ago |
| Last Updated | 3 minutes ago |
| License | MIT |
| Maintainers | 1 |
| Releases | 14 |
| Direct Dependencies | date-fns, lodash.flatten, lodash.includes, node-fetch and esdoc |
| Keywords | danger, danger-plugin and yarn |
README
# danger-plugin-yarn
Provides dependency information on dependency changes in a PR
Usage
Install:
yarn add danger-plugin-yarn --devAt a glance:
// dangerfile.js
import yarn from 'danger-plugin-yarn'
schedule(yarn())Provides 4 separate rules:
-
checkForRelease- Provides a🎉 when there's a package version bump. -
checkForNewDependencies(async) - Provides npmjs.com andyarn whymetadata about new dependencies. -
checkForLockfileDiff- Will warn you when there aredependenciesordevDependencieschanges without ayarn.lockchange. -
checkForTypesInDeps- Will fail the build if you add any@types/[x]todependenciesinstead ofdevDependencies.
And exports a default function to handle all of them at once.
Note: async functions like the default one have be to schedule'd by Danger.
Changelog
See the GitHub release history.
Contributing
See CONTRIBUTING.md.
yarn why danger-plugin-yarn output
Generated by