{"id":15427,"library":"endanger","title":"Dangerfile Rule Builder","description":"Endanger is a JavaScript/TypeScript library designed to streamline the creation and management of Dangerfiles within a project. Currently at version 7.0.4, it provides a structured approach to defining 'rules' that automate code review processes. Endanger differentiates itself by enabling developers to break down complex checks into modular, reusable rules, which can be configured to execute only when relevant files or commit messages change, improving performance and developer experience. It integrates seamlessly with Danger.js, leveraging its reporting capabilities while abstracting away much of the boilerplate. The library simplifies the process of adding new checks, making automated feedback more accessible, even for team members less familiar with JavaScript. Endanger is actively maintained and ships with TypeScript types for enhanced developer tooling.","status":"active","version":"7.0.4","language":"javascript","source_language":"en","source_url":null,"tags":["javascript","typescript"],"install":[{"cmd":"npm install endanger","lang":"bash","label":"npm"},{"cmd":"yarn add endanger","lang":"bash","label":"yarn"},{"cmd":"pnpm add endanger","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Required peer dependency for runtime execution of Dangerfiles. Endanger builds on top of Danger's core functionality.","package":"danger","optional":false}],"imports":[{"note":"Endanger is primarily designed for ESM. CommonJS `require` can lead to `TypeError` if not handled with interop.","wrong":"const { run } = require('endanger')","symbol":"run","correct":"import { run } from 'endanger'"},{"note":"The `Rule` class is a named export, not a default export. Ensure curly braces are used for destructuring.","wrong":"import Rule from 'endanger'","symbol":"Rule","correct":"import { Rule } from 'endanger'"},{"note":"Import types separately for clarity and bundler optimization when not in TypeScript-only environments.","symbol":"RuleContext","correct":"import type { RuleContext } from 'endanger'"}],"quickstart":{"code":"import { run, Rule } from 'endanger';\n\n// dangerfile.ts\n// This file is typically located at the root of your repository.\nimport myFirstRule from './danger/myFirstRule';\n\n// Execute the defined rules. You can pass multiple rule instances.\nrun(\n  myFirstRule()\n);\n\n// danger/myFirstRule.ts\n// Create this file inside a 'danger/' directory.\nexport default function myFirstRule() {\n  return new Rule({\n    match: {\n      // This rule will only run if files matching this glob pattern are created or modified.\n      files: [\"src/critical-system/**\", \"docs/security/**\"],\n      // You can also match commits by regex: commit: [/^fix\\(security\\):/]\n    },\n    messages: {\n      criticalFileChangeWarning: `\n        🚨 Warning: Changes detected in critical system or security documentation files.\n        Please ensure thorough review and necessary approvals.\n      `,\n      missingSecurityDocs: `\n        🚫 A new file was added to 'src/critical-system/' without corresponding security documentation.\n      `\n    },\n    async run({ files, context }) {\n      // Iterate over newly created files that match the glob\n      for (let file of files.created) {\n        context.warn(\"criticalFileChangeWarning\", { file });\n        // Example: Check for companion security documentation\n        const docPath = file.filePath.replace('src/critical-system/', 'docs/security/');\n        if (!(await context.git.fileMatch(docPath).createdOrModified())) {\n          context.fail(\"missingSecurityDocs\", { file });\n        }\n      }\n      // Iterate over modified files\n      for (let file of files.modified) {\n        context.message(\"criticalFileChangeWarning\", { file });\n      }\n    }\n  });\n}\n\n// To run this example:\n// 1. Install dependencies: npm install --save-dev danger endanger typescript\n// 2. Set up a simple git repository and make a commit.\n// 3. Create or modify a file within 'src/critical-system/' (e.g., 'src/critical-system/new-feature.ts').\n// 4. Run Danger locally: npx danger local --dangerfile dangerfile.ts\n//    (Ensure your package.json has `\"type\": \"module\"` if you face module resolution issues.)","lang":"typescript","description":"Demonstrates setting up a Dangerfile with `endanger` using a modular rule to warn about changes in critical system files and ensure corresponding security documentation exists."},"warnings":[{"fix":"Update your `danger` dependency to at least `10.5.3` (e.g., `npm install danger@^10.5.3`).","message":"Endanger v7.x requires Danger.js version `^10.5.3` or newer as a peer dependency. Using older versions of `danger` may lead to runtime errors or unexpected behavior due to API changes in Danger's core.","severity":"breaking","affected_versions":">=7.0.0"},{"fix":"Always use `await` when interacting with asynchronous methods provided in the `files` or `context` objects within your `run` method, for example: `if (await file.contains('pattern'))`.","message":"The `run` method within an Endanger `Rule` is `async`. Forgetting to `await` calls to `file.contains()`, `file.before()`, or other asynchronous Git/Danger APIs can lead to unresolved Promises and incorrect rule evaluation.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Test your glob patterns using online tools or a dedicated library like `minimatch` before deploying your rules. Use `console.log(files.created, files.modified)` in development to verify matched files.","message":"When defining file matching patterns with `match.files`, ensure your glob patterns are correct and specific enough to avoid unintended rule execution or missed files. Debugging glob issues can be challenging.","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-21T00:00:00.000Z","next_check":"2026-07-20T00:00:00.000Z","problems":[{"fix":"Run `npm install --save-dev endanger` or `yarn add --dev endanger` to add the package to your project dependencies.","cause":"The `endanger` package has not been installed or is not resolvable in the current environment.","error":"Error: Cannot find module 'endanger' from '/path/to/project'"},{"fix":"Ensure your `dangerfile.ts` (or `.js`) is treated as an ESM module. Add `\"type\": \"module\"` to your `package.json`, or rename your Dangerfile to `.mts` or `.mjs`. Always use `import { run } from 'endanger';`.","cause":"This error typically occurs when trying to `require` Endanger in a CommonJS context or when module resolution is incorrect for ESM imports, leading to `run` not being correctly imported.","error":"TypeError: (0, endanger_1.run) is not a function"},{"fix":"Update your `danger` package to a compatible version: `npm install danger@^10.5.3 --save-dev` or `yarn upgrade danger@^10.5.3`.","cause":"The installed version of `danger` does not meet the peer dependency requirement of `endanger`.","error":"Endanger requires `danger@10.5.3` and above"}],"ecosystem":"npm"}