Improve readme

[glensc]

I was trying to test 1.5.1 release and was confused about why no messages were emitted on dependency upgrade.

The readme does not mention that it only emits messages on new dependencies, and if I read the summary "Provides dependency information on dependency changes in a PR", it does not leave me even thinking that only new dependencies are emitted.

I also find it confusing the readme saying "Provides 4 separate rules" are exported, as to how to use them is not documented at all. and inspecting source code reveals they are not intended to be used externally as they want very specific input parameters (and not documented).

this maybe is already in todo with this issue?

• https://github.com/orta/danger-plugin-yarn/issues/1#issuecomment-1081904910

[orta]

Yeah, giving info on upgrades was never the aim for me with this plugin - that just seems spammy in comparison to my original goal of making sure that any new dependency was thoroughly discussed. I'm open to you adding an exporter function to allow doing that but it's not going to be default behavior (aka in the export default).

Yeah, agree, does look like those exported functions are now much less ergonomic due to PRs since it was written - open to improvements there 👍🏻

[glensc]

What I proposed is in the other issue:

• https://github.com/orta/danger-plugin-yarn/issues/1#issuecomment-1081904910

[glensc]

I on the other hand not that interested in new dependencies, but when dependencies are updated, what their changelogs and versions were.

just top level dependencies, agreed that sub-dependencies can be very noisy. so just inspect package.json changes rather yarn.lock changes.

something like dependabot does, but user initiated dependency updates had having multiple dependencies in same merge request.

[orta]

Expanding the default export's options to have a value for 'checkOnModified' which includes that info is fine by me