Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@ottofeller/dangerules

Package Overview
Dependencies
Maintainers
6
Versions
45
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@ottofeller/dangerules

A set of Danger.js rules common applied in OttoFeller projects.

latest
npmnpm
Version
1.2.0
Version published
Maintainers
6
Created
Source

Intro

The set of Danger.js rules commonly applied in OttoFeller.

Rules

The following rules are included in the package:

General

bump-package-version

Checks all paths as input in includePaths parameter and in case of presence of created/edited files requires the version in package.json to be updated. Parameter restrictToBranches defines branches to run the check for.

PS. The rule is intended to be used with PRs to a main/master branch in order to keep the version up to date.

import {bumpPackageVersion} from '@ottofeller/dangerules'
import {danger, fail} from 'danger'

bumpPackageVersion.bumpPackageVersion({
  danger,
  fail,
  includePaths      : ['.'],
  restrictToBranches: ['main'],
})

common-code-dir

Requires common code to be located in the common/ dir:

  • Collect all imports from all files
  • Resolve them to absolute paths
  • Construct plain array of all imports
  • If an import paths count more than once and has no "/common/" string included, throw a fail().
import {commonCodeDir} from '@ottofeller/dangerules'
import {danger, fail} from 'danger'

commonCodeDir.commonCodeDir({
  baseImportPath     : `${process.cwd()}/src`,
  danger,
  extraCommonDirNames: ['/types'],
  fail,
  includePaths       : [`${process.cwd()}/src`],
})

Hasura

codegen-missing

Searches for Hasura migrations in edited files. If present, warns in case of no changes in codegen files and schema.json.

import {hasura} from '@ottofeller/dangerules'
import {danger, warn} from 'danger'

hasura.codegenMissing({
  codegenFileExtension: 'ts',
  codegenPaths        : ['generated'],
  danger,
  hasuraMigrationsPath: '../hasura/migrations',
  schemaPath          : 'schema.json',
  warn,
})

squash-migrations

Searches for Hasura migrations in edited files. If present, warns if the quantity of migration files is beyond specified limit.

import {hasura} from '@ottofeller/dangerules'
import {danger, warn} from 'danger'

hasura.squashMigrations({
  danger,
  hasuraMigrationsPath: '../hasura/migrations',
  maxMigrationsLimit  : 8,
  warn,
})

nextjs

disallow-extension-in-dirs

Disallows a file extension in the selected folders and shows a required extension for the files.

import {nextjs} from '@ottofeller/dangerules'
import {danger, fail} from 'danger'

nextjs.disallowExtensionInDirs({
  danger,
  excludePaths    : ['api/', 'types/'],
  extension       : 'ts',
  fail,
  includePaths    : ['src/'],
  requireExtension: 'tsx',
})

nextjs.disallowExtensionInDirs({
  danger,
  extension       : 'tsx',
  fail,
  includePaths    : ['api/', 'types/'],
  requireExtension: 'ts',
})

React

component-has-tests

Finds React components within a project (as an index.tsx file within a CamelCase typed folder) and checks them form minimum test coverage. A component shall have __tests__ folder with index.tsx file (or any other if input in testFile parameter). The test file is searched for the following statements:

  • component import in form import {ComponentName} from '../index'
  • describe('... block
import {react} from '@ottofeller/dangerules'
import {danger, fail} from 'danger'

react.componentHasTests({
  danger,
  fail,
  includePaths: ['src/'],
})

dir-name-restrictions

For all created/modified files traverses up through all containing folders and requires the following rules to apply:

  • a React Component dir name must have first letter capitalized;
  • a React Component dir name must be in camel case;
  • Non-component and Next.js route dir names should not be in camel case, but instead should be in dash case;
  • Non-component dir name must have first letter in lower case;
  • Use "-" (not "_") in non-component dir names.

Additional notes:

  • a React component is defined as a function expression wrapped with memo located in an index.tsx file;
  • files within __tests__ and __mocks__ folders are ignored.
import {react} from '@ottofeller/dangerules'
import {danger, fail} from 'danger'

react.dirNameRestrictions({
  danger,
  fail,
  includePaths: ['src/'],
  /*
   * The index page of a nextjs app does not follow the rule.
   * We cannot use excludePaths here, since the excludePaths would exclude all descendants of a path.
   */
  excludeComponents: ['src/pages'],
})

Local development and testing

  • Clone this repository to your local machine
git clone git@github.com:ottofeller/dangerules.git
  • Go to the repo folder and create global npm link
cd dangerules
npm link
  • Go to the project you want to test danger on
cd test-project
  • Link dangerules
test-project git(dev): npm link dangerules

  • In the test project, create a new branch, make changes and commit them

  • Run the danger to check the current branch relative to the dev branch

test-project git(test-branch): npx danger local --dangerfile=./dangerfile.ts -b dev

Now you can make changes in the dangerules, which will be available after running the npm run build. Run npm danger ... in the project again for tests.

FAQs

Package last updated on 11 Jan 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys

Research

Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys

Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.

By Kirill Boychenko  -  Sep 24, 2025