tessl/npm-danger
TypeScript-based CLI tool for code review automation that enforces team conventions in pull requests
—
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Danger.js
Danger.js is a TypeScript-based CLI tool that automates code review tasks and enforces team conventions in pull requests. It runs after CI builds and provides a comprehensive system for codifying team norms, including enforcing changelogs, checking PR descriptions, validating labels, detecting anti-patterns, and highlighting build artifacts. The tool integrates with multiple CI platforms and code hosting services to provide automated feedback during code review.
Package Information
- Package Name: danger
- Package Type: npm
- Language: TypeScript
- Installation:
npm install dangeroryarn add danger - CLI Usage: Available as global commands after installation
Core Imports
For programmatic usage (when building custom tools):
import { DangerDSLType, GitDSL, GitHubDSL } from "danger";Note: Danger.js has a unique execution model. In Dangerfiles, you don't import Danger directly. Instead, global objects (danger, fail, warn, etc.) are injected into the runtime. Attempting to import danger in a Dangerfile will result in an error.
Basic Usage
CLI Usage
# Run Danger on CI
danger ci
# Run Danger locally against a PR
danger pr https://github.com/owner/repo/pull/123
# Run Danger locally with git hooks
danger local
# Initialize Danger in a new project
danger initDangerfile Example
Create a dangerfile.ts or dangerfile.js in your project root:
// Basic PR validation
if (danger.github.pr.title.includes("WIP")) {
warn("This PR is marked as Work in Progress")
}
// Ensure changelog is updated
const hasChangelog = danger.git.modified_files.includes("CHANGELOG.md")
if (!hasChangelog) {
warn("Please add a changelog entry for your changes")
}
// Check for large PRs
if (danger.github.pr.additions > 500) {
warn("This PR is quite large. Consider breaking it into smaller PRs.")
}
// Require tests for new features
const hasAppChanges = danger.git.modified_files.some(f => f.includes("src/"))
const hasTestChanges = danger.git.modified_files.some(f => f.includes("test/"))
if (hasAppChanges && !hasTestChanges) {
fail("Please add tests for your changes")
}Architecture
Danger.js is built around several key components:
- CLI Commands: Eight different commands for various execution contexts (CI, local, PR analysis)
- Platform DSLs: Rich data structures for GitHub, GitLab, Bitbucket Server/Cloud
- Git Analysis: Comprehensive diff analysis, file pattern matching, and change detection
- Global Functions: Simple API for reporting issues (
fail,warn,message,markdown) - Plugin System: Extensible architecture for sharing common rules across teams
- Type Safety: Full TypeScript definitions for all APIs and data structures
Capabilities
CLI Commands
Complete command-line interface for running Danger in various contexts, from CI systems to local development workflows.
// Primary commands
danger ci // Run on CI systems
danger pr <url> // Analyze existing PR locally
danger local // Run against local git changes
danger init // Interactive project setupDangerfile API
Core functions and DSL objects available in Dangerfiles for creating custom rules and automations.
// Global messaging functions
declare function fail(message: string, file?: string, line?: number): void;
declare function warn(message: string, file?: string, line?: number): void;
declare function message(message: string, file?: string, line?: number): void;
declare function markdown(message: string, file?: string, line?: number): void;
// Core DSL object
declare const danger: DangerDSLType;
interface DangerDSLType {
readonly git: GitDSL;
readonly github: GitHubDSL;
readonly gitlab: GitLabDSL;
readonly bitbucket_server: BitBucketServerDSL;
readonly bitbucket_cloud: BitBucketCloudDSL;
readonly utils: DangerUtilsDSL;
}GitHub Integration
Comprehensive GitHub integration with full API access, utilities for common tasks, and GitHub Actions support.
interface GitHubDSL {
readonly pr: GitHubPRDSL;
readonly issue: GitHubIssue;
readonly commits: GitHubCommit[];
readonly reviews: GitHubReview[];
readonly api: GitHub; // Full Octokit REST API
readonly utils: GitHubUtilsDSL;
setSummaryMarkdown: (markdown: string) => void;
}Git Analysis & Utilities
Advanced git diff analysis, file pattern matching, and change detection capabilities.
interface GitDSL {
readonly modified_files: string[];
readonly created_files: string[];
readonly deleted_files: string[];
readonly commits: GitCommit[];
fileMatch: (pattern: string) => GitMatchResult;
diffForFile: (filename: string) => Promise<TextDiff | null>;
JSONDiffForFile: (filename: string) => Promise<JSONDiff>;
linesOfCode: (pattern?: string) => Promise<number | null>;
}Platform Integrations
Support for multiple code hosting platforms including GitLab, Bitbucket Server, and Bitbucket Cloud with platform-specific APIs and utilities.
// GitLab integration
interface GitLabDSL {
readonly mr: Types.ExpandedMergeRequestSchema;
readonly commits: Types.CommitSchema[];
readonly api: InstanceType<typeof Types.Gitlab>;
readonly utils: {
fileContents: (path: string) => Promise<string>;
addLabels: (...labels: string[]) => Promise<boolean>;
removeLabels: (...labels: string[]) => Promise<boolean>;
};
}Types
Core Types
type MarkdownString = string;
interface Violation {
message: string;
file?: string;
line?: number;
icon?: string;
}
interface DangerResults {
fails: Violation[];
warnings: Violation[];
messages: Violation[];
markdowns: Violation[];
}Scheduleable Functions
type Scheduleable = Promise<any> | Promise<void> | CallbackableFn;
type CallbackableFn = (callback: (done: any) => void) => void;
declare function schedule(asyncFunction: Scheduleable): void;Install with Tessl CLI
npx tessl i tessl/npm-danger- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
- Describes
- Publish Source
- CLI
- Badge
