Ever felt like you are repeating the same comment over and over in many PR’s during the code review? Then this post is for you.
Even though this can’t be avoided 100%, you can automate some of these by offloading to dangerjs.
Introduction
If you never heard about dangerjs before, it’s a small tool which can run tasks against the changed files in a PR and add comment the problems. Comments can be of type warning, failure or message.
You can use this to automate the common code issues like
- new package added to
package.jsonbut changes forpackage-lock.jsonoryarn.lockis missing - missing
@flowin the new files console.logwhich forgot to remove.
dangerjs can look for these kind of issues and alert the author of PR by a comment.
Installing
You can get started by installing dangerjs from npm.
npm install -D danger
setup
Once we have dangerjs installed we can setup by adding dangerfile.js to the root directory of the project.
// dangerfile.js
import {danger, warn} from "danger"
const changes = danger.git.modified_files.reduce((prev, filePath) => {
if(!prev.package) {
prev.package = filePath.includes("package.json");
}
if(!prev.lock) {
prev.lock = filePath.includes("package-lock.json")
}
return prev;
}, {});
if (changes.package && !changes.lock) {
const message = 'Changes were made to package.json, but not to package-lock.json';
const idea = 'Perhaps you need to run `npm install`?';
warn(`${message} - <i>${idea}</i>`);
}
The above dangerfile will look for the lock file changes when package.json is changed. if it find the lock changes are missing. it will add the warning.
locally testing the setup
To verify our danger setup is working you can run
npx danger local
danger local command have limitations when working with danger.github DSL. danger.github will be null when running danger local hence you should add necessary condition.
Setup CI
All these won’t benefit your team unless you add this into your CI. For that, first Goto Github Settings and generate new Github Access Token. Make sure you gave repo scope to while creating.
if your organization already have a bot account you can generate token for that account and use it.
once the token is generated copy and add it to your CI you as environment varibable named DANGER_GITHUB_API_TOKEN.
then add npx danger ci to the steps to execute. You can optionally add danger ci to the npm scripts as well.
Now when is PR is open and your CI is triggered danger js will verify the changes first and if there is any issue it will leave a comment there.
Plugins
To make it easier to configure, dangerjs support plugins and there are already some plugins available for some common tasks. You can search for plugins on NPM using the keyword: danger-plugin