Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
57 lines (40 sloc) 1.89 KB

Why Bother?

Hosted Danger means being able to think about GitHub's webhook system as something trivial to build upon to make your own workflows.

Hosted Danger comes with a few interesting aspects:

  • Installation can literally be a single click on the website.

  • Because Peril is not running Danger on CI, Danger can run against any webhook.

  • Simpler security model:

    • no need to consider scope for tokens
    • no need to ensure bot has access to repo
    • no need to ensure token isn't leaked

I've wanted to do this for a long, long time and the re-write aspect of Danger JS means that I could apply the constraints necessary for running hosted from day-1.

Minimum Viable Peril

Peril started in 2016, and hopefully with launch in 2018. I have to eventually make a line in the sand and say, this is what we ship with. This is effectively the launch checklist.


  • Runs a Dangerfile with the Danger DSL on a PR event
  • Runs a Dangerfile with webhook issue on other events
  • Supports running async Dangerfiles easily
  • Supports safely evaluating code


  • Allows regular scheduling of a task
  • Allows scheduling of tasks in the future
  • Allows deciding what events you're interested in running code from
  • Allows storing ENV vars in a non-public way
  • Keeps the database representation up-to-date with the repo


  • Can see orgs I need to set up
  • Can see all the settings and keys for any orgs I'm in
  • Can trigger a dev mode to record webhooks
  • Can see the results of Danger runs inside the dashboard
  • Can run any task from the admin to verify


  • Can understand Peril in a single page
  • Can describe pricing
  • Can sign up for Peril
  • Can get to guides
  • Can get to tutorials
  • Can get set up simply