Skip to content

Provides dependency information on dependency changes in a PR *

License

Notifications You must be signed in to change notification settings

ovos/danger-plugin-yarn

 
 

Repository files navigation

danger-plugin-yarn

Build Status npm version semantic-release

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn()

Provides 4 separate rules:

  • checkForRelease - Provides a 🎉 when there's a package version bump.
  • checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
  • checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
  • checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Feature Flags

If you want to disable any combination of these particular rules, there is a matching disable* option flag:

  disableCheckForRelease?: boolean
  disableCheckForNewDependencies?: boolean
  disableCheckForLockfileDiff?: boolean
  disableCheckForTypesInDeps?: boolean

Which are used as follows:

yarn({
  disableCheckForTypesInDeps: true
})

Private packages

If you want the plugin to find your private packages on npm, you need to provide an npm authentication token:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn({ npmAuthToken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' })

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.

What does this look like?

The rest of this README is the contents of what it looks like when you add this plugin to your Dangerfile:


Warnings
⚠️

New dependencies added: danger-plugin-yarn.

Author: Orta Therox

Description: Provides dependency information on dependency changes in a PR

Homepage: https://github.com/orta/danger-plugin-yarn#readme

Created24 days ago
Last Updated3 minutes ago
LicenseMIT
Maintainers1
Releases14
Direct Dependenciesdate-fns, lodash.flatten, lodash.includes, node-fetch and esdoc
Keywordsdanger, danger-plugin and yarn
README # danger-plugin-yarn

Build Status npm version semantic-release

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn()

Provides 4 separate rules:

  • checkForRelease - Provides a 🎉 when there's a package version bump.
  • checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
  • checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
  • checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Note: async functions like the default one have be to schedule'd by Danger.

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.

yarn why danger-plugin-yarn output

  • Has been hoisted to "danger-plugin-yarn"
  • This module exists because it's specified in "devDependencies".
  • Disk size without dependencies: "80kB"
  • Disk size with unique dependencies: "3.98MB"
  • Disk size with transitive dependencies: "4.43MB"
  • Number of shared dependencies: 7

Generated by 🚫 dangerJS

About

Provides dependency information on dependency changes in a PR *

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • TypeScript 100.0%