danger-plugin-yarn

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn()

Provides 4 separate rules:

• checkForRelease - Provides a 🎉 when there's a package version bump.
• checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
• checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
• checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Feature Flags

If you want to disable any combination of these particular rules, there is a matching disable* option flag:

disableCheckForRelease?: boolean
disableCheckForNewDependencies?: boolean
disableCheckForLockfileDiff?: boolean
disableCheckForTypesInDeps?: boolean

Which are used as follows:

yarn({
  disableCheckForTypesInDeps: true
})

Private packages

If you want the plugin to find your private packages on npm, you need to provide an npm authentication token:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn({ npmAuthToken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' })

Specify registry URL

If you want the plugin to use different registry than registry.npmjs.org:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn({ npmRegistryUrl: 'https://registry.yarnpkg.com' })

What does this look like?

The rest of this README is the contents of what it looks like when you add this plugin to your Dangerfile:

---

<tr>
  <th width="50"></th>
  <th width="100%" data-danger-table="true">Warnings</th>
</tr>

<td>:warning:</td>
<td>

New dependencies added: danger-plugin-yarn.

</tr>

danger-plugin-yarn

Author: Orta Therox

Description: Provides dependency information on dependency changes in a PR

Homepage: https://github.com/orta/danger-plugin-yarn#readme

Created	24 days ago
Last Updated	3 minutes ago
License	MIT
Maintainers	1
Releases	14
Direct Dependencies	date-fns, lodash.flatten, lodash.includes, node-fetch and esdoc
Keywords	danger, danger-plugin and yarn

README

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn()

Provides 4 separate rules:

• checkForRelease - Provides a 🎉 when there's a package version bump.
• checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
• checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
• checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.
Note: async functions like the default one have be to schedule'd by Danger.

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.

<summary><code>yarn why danger-plugin-yarn</code> output</summary>
<p><code><ul><li>Has been hoisted to "danger-plugin-yarn"</li><li>This module exists because it's specified in "devDependencies".</li><li>Disk size without dependencies: "80kB"</li><li>Disk size with unique dependencies: "3.98MB"</li><li>Disk size with transitive dependencies: "4.43MB"</li><li>Number of shared dependencies: 7
</li></ul></code></p>

Generated by :noentrysign: dangerJS