https://github.com/hiwelo/new-dependencies-action

GitHub Action adding a comment with information about new NPM dependencies detected in a pull request
https://github.com/hiwelo/new-dependencies-action

Last synced: 15 days ago
JSON representation

GitHub Action adding a comment with information about new NPM dependencies detected in a pull request

• Host: GitHub
• URL: https://github.com/hiwelo/new-dependencies-action
• Owner: hiwelo
• License: mit
• Created: 2020-04-26T12:06:27.000Z (almost 5 years ago)
• Default Branch: stable
• Last Pushed: 2023-01-06T04:26:50.000Z (over 2 years ago)
• Last Synced: 2025-03-24T09:39:52.326Z (22 days ago)
• Language: TypeScript
• Size: 818 KB
• Stars: 27
• Watchers: 0
• Forks: 7
• Open Issues: 17
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

• awesome-actions - Highlight New NPM Dependencies - Comments on pull requests newly added NPM dependencies information. (Community Resources / Utility)
• fucking-awesome-actions - Highlight New NPM Dependencies - Comments on pull requests newly added NPM dependencies information. (Community Resources / Utility)
• awesome-ccamel - hiwelo/new-dependencies-action - GitHub Action adding a comment with information about new NPM dependencies detected in a pull request (TypeScript)
• awesome-workflows - Highlight New NPM Dependencies - Comments on pull requests newly added NPM dependencies information. (Community Resources / Utility)
• awesome-actions - 链接
• awesome-actions - 链接

README

        
# Highlight new NPM dependencies in Pull Requests

In Pull Requests, this action highlight the addition of new NPM dependencies in

one of the `package.json` of your repository.

Adding new dependencies in a project should never be a small change, and often

it should trigger discussions between maintainers. This action can help you

making sure that you are not missing the addition of new package in your NPM

`dependencies` and `devDependencies`.

To highlight new packages, this action compares the list of dependencies 

registered in the current branch with the ones registered in the base branch.

This check only occurs for each `package.json` file added or updated with the

current pull request.

This action is not only looking at the root-level `package.json` but potentially

any existing `package.json` in the project to be compatible with monorepo 

projects.

## Usage

This _GitHub Action_ should run everytime a commit is pushed to the pull request

to check any potential addition or change in one of your `package.json`.

```yml

name: Inspect dependencies

on:

  - pull_request

jobs:

  check_new_dependencies:

    runs-on: ubuntu-latest

    steps:

      - name: Check for new dependencies

        uses: hiwelo/[email protected]

        with:

          token: ${{ secrets.GITHUB_TOKEN }}

```

## Example

![Message generated by the GitHub Action showing a list of new dependencies with a table showing some information like author, description and date of the last update for each dependency](https://raw.githubusercontent.com/hiwelo/new-dependencies-action/stable/docs/images/message.png)

## License

This project is released under the MIT License.