Summary:
Upgrades Danger to the latest available version to mitigate the jsonwebtoken security vulnerability.
Changelog:
[Internal] [Changed] - Upgrade Danger to 11.2.1 to mitigate jsonwebtoken security vulnerability
Reviewed By: cortinico
Differential Revision: D42505940
fbshipit-source-id: 740edc7316791e5afe894ecdd1e05e13d2ef1f2c
Summary:
allow-large-files
When working on https://github.com/facebook/react-native/pull/34614, danger is failing because it doesn't share `node_modules` with the root directory where `typescript` is installed as we added it as a parser in our eslint config.
By setting `bots` as a yarn workspace, dependencies are all installed under the root `node_modules` folder and in local testing (detailed in test section) we no longer have the `typescript module not found` error. However, danger will continue to fail on https://github.com/facebook/react-native/pull/34614 as the `danger_pr` Github action runs from what's defined on `main`.
Once these changes land, I can rebase https://github.com/facebook/react-native/pull/34614 on it and danger's eslint should pass.
## Changelog
<!-- Help reviewers and the release process by writing your own changelog entry. For an example, see:
https://reactnative.dev/contributing/changelogs-in-pull-requests
-->
[Internal][Fixed] - Add `bots` directory as a yarn workspace and update `danger_pr` Github action
Pull Request resolved: https://github.com/facebook/react-native/pull/34652
Test Plan:
To verify this fix I had to run:
```
react-native $ yarn && cd bots
react-native/bots$ yarn run danger pr https://github.com/facebook/react-native/pull/34614
```
which resulted in
```
❯ yarn run danger pr https://github.com/facebook/react-native/pull/34614
yarn run v1.22.19
$ lunaleaps/react-native/node_modules/.bin/danger pr https://github.com/facebook/react-native/pull/34614
Starting Danger PR on facebook/react-native#34614
Danger: ✓ found only warnings, not failing the build
## Warnings
🔒 package.json - <i>Changes were made to package.json. This will require a manual import by a Facebook employee.</i>
✨ Done in 12.78s.
```
Verified this also on another PR:
```
yarn run danger pr https://github.com/facebook/react-native/pull/34650
```
Reviewed By: NickGerleman
Differential Revision: D39435286
Pulled By: lunaleaps
fbshipit-source-id: 8c82f49facf162f4fc0918e3abd95eb7e4ad1e37