DEV Community

Stefanni Brasil
Stefanni Brasil

Posted on

DangerJS with Github Actions

Have you ever had to comment on a PR 'Hey, you forgot to...' before? If so, DangerJS might be a good tool to add to your PR checks. I decided to give it a try at work after doing that myself a couple of times.

Note: Danger has plugins for Ruby, Python and Swift that you can use. But if you don't trust on using external images for your projects, you can follow this approach.

I really struggled with this part and the documentation wasn't so great. That's why I decided to share my experience. Hope you enjoy it!


First, you will need to create a Github action build file. Github Actions need to be placed in a workflow folder. Click here for more info about that.

name: Danger checks 🚧

on: [push, pull_request]

    runs-on: ubuntu-latest
      - uses: actions/checkout@v2
      - name: Use Node.js
        uses: actions/setup-node@v1
          node-version: "12.x"
      - name: Install yarn dependencies
        run: |
          yarn add danger --dev
          yarn danger init
          yarn danger ci --dangerfile ..your-repository/dangerfile.js
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Enter fullscreen mode Exit fullscreen mode
  • I am using a node Docker image to install yarn. Then I use yarn to run Danger.
  • Keep in mind that you need to add the GITHUB_TOKEN here, otherwise Danger won't comment your PR's.
  • It also won't comment if you just use push action to trigger this build. Danger is designed to only comment on a pull_request.

Now you just need to create your dangerfile.js in your directory. This is where you will add your checks. To test it, you can just comment a nice message:

import { danger, message, warn, fail } from "danger";

const your_file = danger.git.fileMatch("your_file_path")

if (your_file.edited) {
  message("Please write a data migration to run the changes")
Enter fullscreen mode Exit fullscreen mode

And that's it! You should have a new check on your Github Pull requests and a nice message on your PR.

Click here for more examples on how Dangerfile works.


  • Use just pull request action. Ideally this build would just need pull_request to detect new changes automatically?
  • Danger wasn't getting my dangerfile automatically so I had to pass my file path in the yarn danger run command. Maybe I was having another error and this is now working, but that's for later!

After putting some puzzles together, I have Danger setup now and hopefully you too. Let me know if you have any tips or feedback!

Top comments (0)