Danger logo hero@2x

What is Danger JS?

Danger runs during your CI process, and gives teams the chance to automate common code review chores.

This provides another logical step in your build, through this Danger can help lint your rote tasks in daily code review.

You can use Danger to codify your teams norms. Leaving humans to think about harder problems.

This happens by Danger leaving messages inside your PRs based on rules that you create with JavaScript or TypeScript.

Over time, as rules are adhered to, the message is amended to reflect the current state of the code review.

How does it work?

Danger is a NPM module that evals a Dangerfile. You set up a Dangerfile per-project. The Dangerfile contains a collection of home-grown rules specific to your project as a dangerfile.js or dangerfile.ts.

Danger can be installed via NPM or Yarn.

Use yarn add danger -D to add it to your package.json.

You can integrate Danger into your own project using BuddyBuild, Buildkite, Circle, Codeship, DockerCloud, Drone, Jenkins, Semaphore, Surf, Travis, VSTS.

You would then need to generate a GitHub access token, and expose that as an ENV var. Then add `yarn danger` to your CI test run.

The Getting Started guide covers this in more detail.

 

// Import the feedback functions
import { message, warn, fail, markdown } from "danger"

// Add a message to the table
message("You have added 2 more modules to the app")

//  Adds a warning to the table
warn("You have not included a CHANGELOG entry.")

// Declares a blocking 
fail(`ESLint has failed with ${fails} fails.`)

// Show markdown under the table:
markdown("## New module Danger" + dangerYarnInfo)

What does this Look like?

// Add a CHANGELOG entry for app changes
const hasChangelog = includes(danger.git.modified_files, "changelog.md")
const isTrivial = contains((danger.github.pr.body + danger.github.pr.title), "#trivial")

if (!hasChangelog && !isTrivial) {
  warn("Please add a changelog entry for your changes.")
}
const packageChanged = includes(danger.git.modified_files, 'package.json');
const lockfileChanged = includes(danger.git.modified_files, 'yarn.lock');
if (packageChanged && !lockfileChanged) {
  const message = 'Changes were made to package.json, but not to yarn.lock';
  const idea = 'Perhaps you need to run `yarn install`?';
  warn(`${message} - <i>${idea}</i>`);
}
var bigPRThreshold = 600;
if (danger.github.pr.additions + danger.github.pr.deletions > bigPRThreshold) {
  warn(':exclamation: Big PR (' + ++errorCount + ')');
  markdown('> (' + errorCount + ') : Pull Request size seems relatively large. If Pull Request contains multiple changes, split each into separate PR will helps faster, easier review.');
}
// Always ensure we assign someone, so that our Slackbot can do its work correctly
if (pr.assignee === null) {
  fail("Please assign someone to merge this PR, and optionally include people who should review.")
}
// Check that every file touched has a corresponding test file
const correspondingTestsForAppFiles = touchedAppOnlyFiles.map(f => {
  const newPath = path.dirname(f)
  const name = path.basename(f).replace(".ts", "-tests.ts")
  return `${newPath}/__tests__/${name}`
})

// New app files should get new test files
// Allow warning instead of failing if you say "Skip New Tests" inside the body, make it explicit.
const testFilesThatDontExist = correspondingTestsForAppFiles.filter(f => fs.existsSync(f))
if (testFilesThatDontExist.length > 0) {
  const callout = acceptedNoTests ? warn : fail
  const output = `Missing Test Files:
    ${testFilesThatDontExist.map(f => `  - [] \`${f}\``).join("\n")}
    If these files are supposed to not exist, please update your PR body to include "Skip New Tests".
  `
  callout(output)
}

Lots of documentation

Danger in a Node App

An example where you work in a team on a node app, and some of the common Danger rules for working together.
Read more

Danger + Dependencies

An example of how can you use Danger to keep your dependencies in check.
Read more

Danger + TypeScript

Specifics on using Danger with TypeScript.
Read more

Danger + Node Library

An example where you work on an OSS node library, so you're trying to improve overall contributions from light contributors.
Read more

Cultural Changes

Discussing introducing Danger into a team, how you can use it to provide positive feedback and encourage adoption of new rules.
Read more

Extending Danger

How to take your rules, and make them accessible to more people by writing a Danger plugin.
Read more

About the Dangerfile

Step two on using Danger in your app, how to work with it locally and nuances around async code and working with files.
Read more

FAQ

Common questions that come up in our GitHub issues.
Read more

Getting Started with Danger JS

Step one on using Danger in your application. Start here.
Read more

Troubleshooting

Answers to common bugs.
Read more