Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

danger-plugin-yarn

Package Overview
Dependencies
Maintainers
1
Versions
32
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

danger-plugin-yarn

Provides dependency information on dependency changes in a PR

  • 1.3.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
38K
increased by6.3%
Maintainers
1
Weekly downloads
 
Created
Source

danger-plugin-yarn

Build Status npm version semantic-release

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

schedule(yarn())

Provides 4 separate rules:

  • checkForRelease - Provides a 🎉 when there's a package version bump.
  • checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
  • checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
  • checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Note: async functions like the default one have be to schedule'd by Danger.

Private packages

If you want the plugin to find your private packages on npm, you need to provide an npm authentication token:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

schedule(yarn({ npmAuthToken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' }))

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.

What does this look like?

The rest of this README is the contents of what it looks like when you add this plugin to your Dangerfile:


Warnings
:warning:

New dependencies added: danger-plugin-yarn.

danger-plugin-yarn

Author: Orta Therox

Description: Provides dependency information on dependency changes in a PR

Homepage: https://github.com/orta/danger-plugin-yarn#readme

Created24 days ago
Last Updated3 minutes ago
LicenseMIT
Maintainers1
Releases14
Direct Dependenciesdate-fns, lodash.flatten, lodash.includes, node-fetch and esdoc
Keywordsdanger, danger-plugin and yarn
README # danger-plugin-yarn

Build Status npm version semantic-release

Provides dependency information on dependency changes in a PR

Usage

Install:

yarn add danger-plugin-yarn --dev

At a glance:

// dangerfile.js
import yarn from 'danger-plugin-yarn'

schedule(yarn())

Provides 4 separate rules:

  • checkForRelease - Provides a 🎉 when there's a package version bump.
  • checkForNewDependencies (async) - Provides npmjs.com and yarn why metadata about new dependencies.
  • checkForLockfileDiff - Will warn you when there are dependencies or devDependencies changes without a yarn.lock change.
  • checkForTypesInDeps - Will fail the build if you add any @types/[x] to dependencies instead of devDependencies.

And exports a default function to handle all of them at once.

Note: async functions like the default one have be to schedule'd by Danger.

Changelog

See the GitHub release history.

Contributing

See CONTRIBUTING.md.

yarn why danger-plugin-yarn output

  • Has been hoisted to "danger-plugin-yarn"
  • This module exists because it's specified in "devDependencies".
  • Disk size without dependencies: "80kB"
  • Disk size with unique dependencies: "3.98MB"
  • Disk size with transitive dependencies: "4.43MB"
  • Number of shared dependencies: 7

Generated by :no_entry_sign: dangerJS

Keywords

FAQs

Package last updated on 20 Oct 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc