243bd56f9d
This danger check utilises `yarn-deduplicate` in order to show duplicate dependencies in the yarn.lock dependency tree. Often when introducing new dependencies or updating existing ones, yarn does not seem to build the most optimal dependency tree. In order to prevent those unnecessary dependency updates we are nudging developers and maintainers to resolve these issues in MRs. Automating this with danger especially helps, as yarn.lock files are not that easy to review.
27 lines
711 B
Ruby
27 lines
711 B
Ruby
# frozen_string_literal: true
|
|
|
|
return unless helper.all_changed_files.include? 'yarn.lock'
|
|
|
|
duplicate = `node_modules/.bin/yarn-deduplicate --list --strategy fewer yarn.lock`
|
|
.split(/$/)
|
|
.map(&:strip)
|
|
.reject(&:empty?)
|
|
|
|
return if duplicate.empty?
|
|
|
|
warn 'This merge request has introduced duplicated yarn dependencies.'
|
|
|
|
markdown(<<~MARKDOWN)
|
|
## Duplicate yarn dependencies
|
|
|
|
The following dependencies should be de-duplicated:
|
|
|
|
* #{duplicate.map { |path| "`#{path}`" }.join("\n* ")}
|
|
|
|
Please run the following command and commit the changes to `yarn.lock`:
|
|
|
|
```
|
|
node_modules/.bin/yarn-deduplicate --strategy fewer yarn.lock \\
|
|
&& yarn install
|
|
```
|
|
MARKDOWN
|