{"id":18226806,"url":"https://github.com/jpfulton/danger-js-action","last_synced_at":"2025-04-08T05:49:15.960Z","repository":{"id":197301412,"uuid":"698395703","full_name":"jpfulton/danger-js-action","owner":"jpfulton","description":"A GitHub Action for running Danger JS against pull requests with a collection of plugins. Language independent and hosted in a Docker container.","archived":false,"fork":false,"pushed_at":"2023-11-11T22:06:03.000Z","size":651,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-14T03:54:33.149Z","etag":null,"topics":["code-quality","code-review","danger-js"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jpfulton.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null}},"created_at":"2023-09-29T20:20:12.000Z","updated_at":"2024-01-14T12:51:22.000Z","dependencies_parsed_at":"2023-11-11T23:20:14.918Z","dependency_job_id":"afcbef71-39ab-4da0-ade8-265ad6d6779c","html_url":"https://github.com/jpfulton/danger-js-action","commit_stats":null,"previous_names":["jpfulton/danger-js-action"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jpfulton%2Fdanger-js-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jpfulton%2Fdanger-js-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jpfulton%2Fdanger-js-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jpfulton%2Fdanger-js-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jpfulton","download_url":"https://codeload.github.com/jpfulton/danger-js-action/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247785927,"owners_count":20995644,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-quality","code-review","danger-js"],"created_at":"2024-11-04T05:03:39.441Z","updated_at":"2025-04-08T05:49:15.941Z","avatar_url":"https://github.com/jpfulton.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# danger-js-action\n\n![License](https://img.shields.io/badge/License-MIT-blue)\n![Visitors](https://visitor-badge.laobi.icu/badge?page_id=jpfulton.danger-js-action)\n\nA GitHub Action for running [Danger JS](https://danger.systems/js/) against pull requests.\nIt will comment inline with the PR and can be configured to fail the build if the Danger run fails.\nIt is implemented inside a Docker container to allow DangerJS to be run without adding it as\na dependency to your project if your project is implemented in NodeJS or uses a NPM compatible\npackage manager. This implementation also allows the action to be used in projects implemented\nin any language as a result.\n\nThe Dangerfile can be stored locally or remotely. If stored remotely, it will be downloaded\nover HTTP or HTTPS. This implementation expects the Dangerfile to be implemented in\n[TypeScript](https://www.typescriptlang.org/) and end with the `.ts` extension.\n\n## Action Inputs\n\n| Name | Description | Required | Default |\n| --- | --- | --- | --- |\n| `dangerfile` | The path to the Dangerfile to run. This path may be local to the repository or a remote URL. | Yes | - |\n| `debug_mode` | Whether to run the action in debug mode. | No | `false` |\n| `github_token` | The GitHub token to use to authenticate with the GitHub API. | Yes | - |\n| `github_pat_token` | The GitHub personal access token to use to authenticate for a remote Dangerfile in a private repo. | No | - |\n\nFurther details on the inputs can be found in the [action.yml](action.yml) file.\n\n## Usage in a GitHub Actions Workflow\n\nThe job under which the action is run must have the following permissions:\n\n```yaml\npermissions:\n  checks: write\n  pull-requests: write\n  statuses: write\n```\n\nThe following example shows how to use the action in a GitHub Actions workflow:\n\n```yaml\n  - name: Run Local Action\n    uses: jpfulton/danger-js-action@main\n    with:\n      dangerfile: \"tests/dangerfile.ts\"\n      debug_mode: true\n      token: ${{ secrets.GITHUB_TOKEN }}\n```\n\nThe following example shows how to use the action with a remotely hosted Dangerfile:\n\n```yaml\n  - name: Run Remote Action\n    uses: jpfulton/danger-js-action@main\n    with:\n      dangerfile: \"https://raw.githubusercontent.com/jpfulton/danger-js-action/main/tests/dangerfile.ts\"\n      debug_mode: true\n      token: ${{ secrets.GITHUB_TOKEN }}\n```\n\n## Usage with a Personal Access Token\n\nThe action can be used with a personal access token instead of the default GitHub token.\nAlthough, this may not be preferable, it is possible to do so by setting the `token` input\nto a repository secret that contains the personal access token.\n\n## Usage of the NodeJS File System APIs in the Dangerfile\n\nThe action runs the Dangerfile in a Docker container. As a result, the NodeJS file system APIs\nmay be used to read files from the workflow file system. The working directory of the Docker\ncontainer is the root of the repository. The following example shows how to read the contents\nof a file in the repository:\n\n```typescript\nimport { readFileSync } from \"fs\";\n\nconst fileContents = readFileSync(\"./path/to/file.txt\", \"utf8\");\n```\n\nThe following example shows how to check for the existence of a file in the repository\nfile system:\n\n```typescript\nimport { existsSync } from \"fs\";\n\nif (existsSync(\"./path/to/file.txt\")) {\n  // Do something\n}\n```\n\nWorkflow steps that run before the action can be used to create files that can be read\nby the Dangerfile. For example, a previous step could be used to create a Jest test run\noutput file that can be read by the Dangerfile to report test results. Unless a step following\nthis action is used to create a commit to the repository, the file will not be persisted\nat the end of the workflow run.\n\n## Included Plugins\n\nA complete list of the plugins included in the Docker image can be found in the\n[package.json](./package.json) file in the root of the repository as devDependencies.\n\nKey plugins include:\n\n- [@jpfulton/node-license-auditor-cli](https://www.npmjs.com/package/@jpfulton/node-license-auditor-cli)\n- [@seadub/danger-plugin-eslint](https://www.npmjs.com/package/@seadub/danger-plugin-eslint)\n- [danger-plugin-jest](https://www.npmjs.com/package/danger-plugin-jest)\n- [danger-plugin-yarn](https://www.npmjs.com/package/danger-plugin-yarn)\n\n### Using the Node License Auditor Plugin within the Dangerfile\n\nThe Node License Auditor plugin is included in the Docker image. It can be used within the\nDangerfile to report on the licenses of the dependencies of the project. The following\nexample shows how to use the plugin within the Dangerfile:\n\n```typescript\nimport { licenseAuditor } from \"@jpfulton/node-license-auditor-cli\";\n\nexport default async () =\u003e {\n  await licenseAuditor({\n    failOnBlacklistedLicense: false,\n    projectPath: \".\",\n    remoteConfigurationUrl:\n      \"https://raw.githubusercontent.com/jpfulton/jpfulton-license-audits/main/.license-checker.json\",\n    showMarkdownSummary: true,\n    showMarkdownDetails: true,\n  });\n};\n```\n\nFurther details on the configuration options can be found in the host repository of the\n[plugin](https://github.com/jpfulton/node-license-auditor-cli).\n\n## The Docker Image and Repository Workflows\n\nThe Docker image is split into two parts. The first part is the base image that contains\nthe DangerJS package, the TypeScript compiler, associated plugins and NodeJS. The base\nimage is built and published by a workflow to the Github Container Registry to accelerate\nthe build of the action image in referencing workflows. The second part is the action\nimage that is derived from the base image and is referenced by the action. The action\nDockerfile is used by the [action.yml](./action.yml) file to build and execute the action.\n\n## Contributing\n\nContributions are welcome. Please see the [contributing](CONTRIBUTING.md) file for details.\n\n## Code of Conduct\n\nPlease see the [code of conduct](CODE_OF_CONDUCT.md) file for details.\n\n## Security\n\nPlease see the [security](SECURITY.md) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjpfulton%2Fdanger-js-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjpfulton%2Fdanger-js-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjpfulton%2Fdanger-js-action/lists"}