// the find
danger/danger-js
⚠️ Stop saying "you forgot to …" in code review
Danger JS is a CI tool that runs after your tests and automates the boring parts of code review — things like enforcing CHANGELOG entries, checking PR descriptions, or flagging large diffs. You write a `dangerfile.ts` in JavaScript or TypeScript, and it posts warnings and failures as PR comments. Teams use it to stop repeating the same review nags on every PR.
The platform coverage is genuinely impressive — 20+ CI providers and GitHub, GitLab, BitBucket Cloud, and BitBucket Server all work, which means you can actually adopt it in enterprise environments that aren't GitHub Actions. The DSL is well-thought-out: `danger.git.modified_files`, `danger.github.pr`, etc. are real objects, not string-parsed hacks. The plugin ecosystem is substantial — there are community plugins for everything from bundle size checks to coverage reporting. The `danger-process` escape hatch lets you write the evaluation logic in any language if TypeScript isn't your thing.
The Travis CI badge in the README is broken (Travis has been effectively dead for open-source projects for years), which is a bad look for a project that exists to enforce PR hygiene. The documentation lives on an external site (danger.systems) that isn't in the repo, so when that goes down you're reading stale cached versions. Active maintenance is slow — the core team is small and issues pile up. There's also a real learning curve: the initial setup requires a bot account, token setup, and per-CI-provider configuration that the getting-started guide glosses over.