Skip to content

Provides dependency information on dependency changes in a PR *

License

Notifications You must be signed in to change notification settings

orta/danger-plugin-yarn

Repository files navigation

danger-plugin-yarn

Build Status npm version semantic-release

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn()

Provides 4 separate rules:

  • checkForRelease - Provides a 🎉 when there's a package version bump.
  • checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
  • checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
  • checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Feature Flags

If you want to disable any combination of these particular rules, there is a matching disable* option flag:

  disableCheckForRelease?: boolean
  disableCheckForNewDependencies?: boolean
  disableCheckForLockfileDiff?: boolean
  disableCheckForTypesInDeps?: boolean

Which are used as follows:

yarn({
  disableCheckForTypesInDeps: true
})

Private packages

If you want the plugin to find your private packages on npm, you need to provide an npm authentication token:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn({ npmAuthToken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' })

Specify registry URL

If you want the plugin to use different registry than registry.npmjs.org:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn({ npmRegistryUrl: 'https://registry.yarnpkg.com' })

What does this look like?

The rest of this README is the contents of what it looks like when you add this plugin to your Dangerfile:


Warnings
⚠️

New dependencies added: danger-plugin-yarn.

Author: Orta Therox

Description: Provides dependency information on dependency changes in a PR

Homepage: https://github.com/orta/danger-plugin-yarn#readme

Created24 days ago
Last Updated3 minutes ago
LicenseMIT
Maintainers1
Releases14
Direct Dependenciesdate-fns, lodash.flatten, lodash.includes, node-fetch and esdoc
Keywordsdanger, danger-plugin and yarn
README # danger-plugin-yarn

Build Status npm version semantic-release

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn()

Provides 4 separate rules:

  • checkForRelease - Provides a 🎉 when there's a package version bump.
  • checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
  • checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
  • checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Note: async functions like the default one have be to schedule'd by Danger.

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.

yarn why danger-plugin-yarn output

  • Has been hoisted to "danger-plugin-yarn"
  • This module exists because it's specified in "devDependencies".
  • Disk size without dependencies: "80kB"
  • Disk size with unique dependencies: "3.98MB"
  • Disk size with transitive dependencies: "4.43MB"
  • Number of shared dependencies: 7

Generated by 🚫 dangerJS

About

Provides dependency information on dependency changes in a PR *

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published