1.0.0 • Published 4 years ago

@seadub/danger-plugin-dependencies v1.0.0

Weekly downloads
374
License
MIT
Repository
github
Last release
4 years ago

danger-plugin-dependencies

npm version

Provides dependency information on dependency changes in a PR

Usage

Install:

npm install @seadub/danger-plugin-dependencies --save-dev
# or
yarn add @seadub/danger-plugin-dependencies --dev

At a glance:

// dangerfile.js
import dependencies from '@seadub/danger-plugin-dependencies'

schedule(dependencies())

Provides 4 separate rules:

  • checkForRelease - Provides a 🎉 when there's a package version bump.
  • checkForNewDependencies (async) - Provides npmjs.com (and yarn why, when type is "yarn") metadata about new dependencies.
  • checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a package-lock.json or yarn.lock change.
  • checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Note: async functions like the default one have be to schedule'd by Danger.

yarn vs npm usage

By default, the dependencies method will attempt to determine if you are using npm or yarn to manage your dependencies based on sniffing for the lockfiles on disk. If no lockfiles exist, or running on Peril it will fail without an explicitly stated manasger type in the options.

You may explicitly pass one in the options:

// dangerfile.js
import dependencies from '@seadub/danger-plugin-dependencies'

schedule(dependencies({ type: "npm" }))
// or for yarn
schedule(dependencies({ type: "yarn" }))

Private packages

If you want the plugin to find your private packages on npm, you need to provide an npm authentication token:

// dangerfile.js
import dependencies from 'danger-plugin-dependencies'

schedule(dependencies({ npmAuthToken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' }))

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.

What does this look like?

The rest of this README is the contents of what it looks like when you add this plugin to your Dangerfile:

New dependencies added: danger-plugin-yarn.

Build Status npm version semantic-release

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

schedule(yarn())

Provides 4 separate rules:

  • checkForRelease - Provides a 🎉 when there's a package version bump.
  • checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
  • checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
  • checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Note: async functions like the default one have be to schedule'd by Danger.

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.

dangerdanger-pluginnpmyarndependencies
date-fnslodash.flattenlodash.includesnode-fetchsemver
@infinitebrahmanuniverse/nolb-_sea@everything-registry/sub-chunk-815@yourguru/js-tools-config
1.0.0

4 years ago

0.1.0

5 years ago

0.0.1

5 years ago