# danger-plugin-yarn
[](https://travis-ci.org/orta/danger-plugin-yarn)
[](https://badge.fury.io/js/danger-plugin-yarn)
[](https://github.com/semantic-release/semantic-release)
> Provides dependency information on dependency changes in a PR
## Usage
Install:
```sh
yarn add danger-plugin-yarn --dev
```
At a glance:
```js
// dangerfile.js
import yarn from 'danger-plugin-yarn'
yarn()
```
Provides 4 separate rules:
* `checkForRelease` - Provides a 🎉 when there's a package version bump.
* `checkForNewDependencies` (async) - Provides npmjs.com and `yarn why` metadata about new dependencies.
* `checkForLockfileDiff` - Will warn you when there are `dependencies` or `devDependencies` changes without a `yarn.lock` change.
* `checkForTypesInDeps` - Will fail the build if you add any `@types/[x]` to `dependencies` instead of `devDependencies`.
And exports a default function to handle all of them at once.
### Feature Flags
If you want to disable any combination of these particular rules, there is a matching `disable*` option flag:
```ts
disableCheckForRelease?: boolean
disableCheckForNewDependencies?: boolean
disableCheckForLockfileDiff?: boolean
disableCheckForTypesInDeps?: boolean
```
Which are used as follows:
```js
yarn({
disableCheckForTypesInDeps: true
})
```
## Private packages
If you want the plugin to find your private packages on npm, you need to provide an npm [authentication token](https://docs.npmjs.com/getting-started/working_with_tokens):
```js
// dangerfile.js
import yarn from 'danger-plugin-yarn'
yarn({ npmAuthToken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' })
```
## Specify registry URL
If you want the plugin to use different registry than `registry.npmjs.org`:
```js
// dangerfile.js
import yarn from 'danger-plugin-yarn'
yarn({ npmRegistryUrl: 'https://registry.yarnpkg.com' })
```
## What does this look like?
The rest of this README is the contents of what it looks like when you add this plugin to your Dangerfile:
---
|
Warnings |
| :warning: |
New dependencies added: danger-plugin-yarn.
|
Author: Orta Therox
Description: Provides dependency information on dependency changes in a PR
Homepage: https://github.com/orta/danger-plugin-yarn#readme
README
# danger-plugin-yarn
[](https://travis-ci.org/orta/danger-plugin-yarn)
[](https://badge.fury.io/js/danger-plugin-yarn)
[](https://github.com/semantic-release/semantic-release)
> Provides dependency information on dependency changes in a PR
## Usage
Install:
```sh
yarn add danger-plugin-yarn --dev
```
At a glance:
```js
// dangerfile.js
import yarn from 'danger-plugin-yarn'
yarn()
```
Provides 4 separate rules:
* `checkForRelease` - Provides a 🎉 when there's a package version bump.
* `checkForNewDependencies` (async) - Provides npmjs.com and `yarn why` metadata about new dependencies.
* `checkForLockfileDiff` - Will warn you when there are `dependencies` or `devDependencies` changes without a `yarn.lock` change.
* `checkForTypesInDeps` - Will fail the build if you add any `@types/[x]` to `dependencies` instead of `devDependencies`.
And exports a default function to handle all of them at once.
Note: async functions like the default one [have be to](http://danger.systems/js/guides/the_dangerfile.html#async) `schedule`'d by Danger.
## Changelog
See the GitHub [release history](https://github.com/orta/danger-plugin-yarn/releases).
## Contributing
See [CONTRIBUTING.md](contributing.md).
yarn why danger-plugin-yarn output
- Has been hoisted to "danger-plugin-yarn"
- This module exists because it's specified in "devDependencies".
- Disk size without dependencies: "80kB"
- Disk size with unique dependencies: "3.98MB"
- Disk size with transitive dependencies: "4.43MB"
- Number of shared dependencies: 7
Generated by :no_entry_sign: dangerJS