1name: Danger
 2
 3on:
 4  pull_request:
 5    branches: [main]
 6    types:
 7      - opened
 8      - synchronize
 9      - reopened
10      - edited
11
12jobs:
13  danger:
14    runs-on: ubuntu-latest
15
16    steps:
17      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
18
19      - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
20        with:
21          version: 9
22
23      - name: Setup Node
24        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4
25        with:
26          node-version: "20"
27          cache: "pnpm"
28          cache-dependency-path: "script/danger/pnpm-lock.yaml"
29
30      - run: pnpm install --dir script/danger
31
32      - name: Run Danger
33        run: pnpm run --dir script/danger danger ci
34        env:
35          # This GitHub token is not used, but the value needs to be here to prevent
36          # Danger from throwing an error.
37          GITHUB_TOKEN: "not_a_real_token"
38          # All requests are instead proxied through an instance of
39          # https://github.com/maxdeviant/danger-proxy that allows Danger to securely
40          # authenticate with GitHub while still being able to run on PRs from forks.
41          DANGER_GITHUB_API_BASE_URL: "https://danger-proxy.fly.dev/github"