Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@changesets/get-release-plan
Advanced tools
Reads changesets and adds information on dependents that need bumping
@changesets/get-release-plan is a utility package that helps you generate a release plan for your project. It is part of the Changesets ecosystem, which is designed to manage versioning and changelogs for multi-package repositories. This package specifically focuses on reading changeset files and generating a release plan based on the changes described in those files.
Generate Release Plan
This feature allows you to generate a release plan by reading changeset files in the current working directory. The `getReleasePlan` function returns an object that includes information about the releases that need to be made, including the packages to be released and their new versions.
const { getReleasePlan } = require('@changesets/get-release-plan');
async function generateReleasePlan() {
const cwd = process.cwd();
const releasePlan = await getReleasePlan(cwd);
console.log(releasePlan);
}
generateReleasePlan();
Custom Directory
This feature allows you to specify a custom directory from which to read changeset files. This is useful if your changeset files are not located in the current working directory.
const { getReleasePlan } = require('@changesets/get-release-plan');
async function generateReleasePlan(customDir) {
const releasePlan = await getReleasePlan(customDir);
console.log(releasePlan);
}
generateReleasePlan('/path/to/your/project');
Lerna is a popular tool for managing JavaScript projects with multiple packages. It offers functionalities for versioning, publishing, and managing dependencies across multiple packages. Unlike @changesets/get-release-plan, Lerna provides a more comprehensive suite of tools for monorepo management, including bootstrapping and linking local dependencies.
semantic-release automates the versioning and package publishing process based on the commit messages. It ensures that the package is always released with the correct version and changelog. While @changesets/get-release-plan focuses on generating a release plan from changeset files, semantic-release automates the entire release process based on commit history.
standard-version is a tool for versioning and changelog generation based on conventional commits. It is simpler than semantic-release and focuses on generating changelogs and bumping versions. Unlike @changesets/get-release-plan, which reads changeset files, standard-version relies on commit messages to determine the next version.
A function that reads information about the current repository
import getReleasePlan from "@changesets/get-release-plan";
const releasePLan = await getReleasePlan(cwd, sinceMaster, passedConfig);
The directory to run getReleasePlan
in - most often process.cwd()
Sets whether to use all changests present, or only those changesets that are new since the branch diverged from master.
The changeset config options as defined in @changesets/types
. This is optional, and can be used to overrwrite any written config options.
FAQs
Reads changesets and adds information on dependents that need bumping
The npm package @changesets/get-release-plan receives a total of 1,125,384 weekly downloads. As such, @changesets/get-release-plan popularity was classified as popular.
We found that @changesets/get-release-plan demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.