danger-plugin-yarn v1.6.0

danger-plugin-yarn

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn()

Provides 4 separate rules:

• checkForRelease - Provides a 🎉 when there's a package version bump.
• checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
• checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
• checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Feature Flags

If you want to disable any combination of these particular rules, there is a matching disable* option flag:

  disableCheckForRelease?: boolean
  disableCheckForNewDependencies?: boolean
  disableCheckForLockfileDiff?: boolean
  disableCheckForTypesInDeps?: boolean

Which are used as follows:

yarn({
  disableCheckForTypesInDeps: true
})

Private packages

If you want the plugin to find your private packages on npm, you need to provide an npm authentication token:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn({ npmAuthToken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' })

Specify registry URL

If you want the plugin to use different registry than registry.npmjs.org:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn({ npmRegistryUrl: 'https://registry.yarnpkg.com' })

What does this look like?

The rest of this README is the contents of what it looks like when you add this plugin to your Dangerfile:

New dependencies added: danger-plugin-yarn.

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

yarn()

Provides 4 separate rules:

• checkForRelease - Provides a 🎉 when there's a package version bump.
• checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
• checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
• checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Note: async functions like the default one have be to schedule'd by Danger.

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.