Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hiwelo/new-dependencies-action

GitHub Action adding a comment with information about new NPM dependencies detected in a pull request
https://github.com/hiwelo/new-dependencies-action

Last synced: 6 days ago
JSON representation

GitHub Action adding a comment with information about new NPM dependencies detected in a pull request

Host: GitHub
URL: https://github.com/hiwelo/new-dependencies-action
Owner: hiwelo
License: mit
Created: 2020-04-26T12:06:27.000Z (over 4 years ago)
Default Branch: stable
Last Pushed: 2023-01-06T04:26:50.000Z (almost 2 years ago)
Last Synced: 2024-10-26T11:32:30.834Z (13 days ago)
Language: TypeScript
Size: 818 KB
Stars: 27
Watchers: 1
Forks: 7
Open Issues: 17
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

awesome-actions - Highlight New NPM Dependencies - Comments on pull requests newly added NPM dependencies information. (Community Resources / Utility)
fucking-awesome-actions - Highlight New NPM Dependencies - Comments on pull requests newly added NPM dependencies information. (Community Resources / Utility)
awesome-ccamel - hiwelo/new-dependencies-action - GitHub Action adding a comment with information about new NPM dependencies detected in a pull request (TypeScript)
awesome-workflows - Highlight New NPM Dependencies - Comments on pull requests newly added NPM dependencies information. (Community Resources / Utility)

README

# Highlight new NPM dependencies in Pull Requests

In Pull Requests, this action highlight the addition of new NPM dependencies in
one of the `package.json` of your repository.

Adding new dependencies in a project should never be a small change, and often
it should trigger discussions between maintainers. This action can help you
making sure that you are not missing the addition of new package in your NPM
`dependencies` and `devDependencies`.

To highlight new packages, this action compares the list of dependencies
registered in the current branch with the ones registered in the base branch.
This check only occurs for each `package.json` file added or updated with the
current pull request.

This action is not only looking at the root-level `package.json` but potentially
any existing `package.json` in the project to be compatible with monorepo
projects.

## Usage

This _GitHub Action_ should run everytime a commit is pushed to the pull request
to check any potential addition or change in one of your `package.json`.

```yml
name: Inspect dependencies
on:
- pull_request

jobs:
check_new_dependencies:
runs-on: ubuntu-latest
steps:
- name: Check for new dependencies
uses: hiwelo/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}

```

## Example

![Message generated by the GitHub Action showing a list of new dependencies with a table showing some information like author, description and date of the last update for each dependency](https://raw.githubusercontent.com/hiwelo/new-dependencies-action/stable/docs/images/message.png)

## License

This project is released under the MIT License.