Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@commitlint/is-ignored
Advanced tools
The @commitlint/is-ignored npm package is designed to check if a given commit message should be ignored based on the rules defined in commitlint. This is particularly useful in automating the process of commit message validation, allowing developers to filter out commit messages that do not require validation according to the specified criteria.
Check if a commit message is ignored
This feature allows you to check if a specific commit message should be ignored based on the commitlint configuration. It's useful for integrating with tools that automate commit message validation, enabling you to skip certain types of commits, such as those starting with 'chore:', 'docs:', or any other patterns you define in your commitlint configuration.
const isIgnored = require('@commitlint/is-ignored').default;
const commitMessage = 'chore: update dependencies';
const shouldIgnore = isIgnored(commitMessage);
console.log(shouldIgnore); // Output: true or false depending on the rules
commitlint is a broader package that includes the functionality of @commitlint/is-ignored as part of its suite for linting commit messages. It provides a CLI and configurable rules for validating commit messages, whereas @commitlint/is-ignored focuses solely on determining if a commit message should be ignored.
conventional-changelog is a set of tools for parsing and generating changelogs from git metadata, based on the conventions used in commit messages. While it focuses more on changelog generation from commit messages, it shares the concept of analyzing commit messages, similar to what @commitlint/is-ignored does for determining if a commit should be ignored.
FAQs
Lint your commit messages
We found that @commitlint/is-ignored demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.