Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@companynamespace/npm-package-template

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@companynamespace/npm-package-template

  • 1.0.1
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

npm-package-template

Description

Version Build Status CodeQL Analysis semver: semantic-release License

TLDR;

  1. Create new repo from this Template Template repo
  2. Update Readme
    • replace @companynamespace/npm-package-template with new package_name
  3. Update package.json
    • replace "name" @companynamespace/npm-package-template with new package_name
    • replace "repo" companynamespace/npm-package-template with new package_name repo
    • Add description, and other fields if needed
  4. Update LICENSE
    • Update [COMPANY name
    • Update year [yyyy]
  5. Update docs/CODE_OF_CONDUCT.md
    • Update <COMPANY> name
  6. Activate automatic release
    • Add NPM_TOKEN secret to the repo
    • disable dry_run in Release step in .github/workflows/release.yml.

Content

Docs

  • LICENSE
  • docs/CODE_OF_CONDUCT.md
  • docs/CONTRIBUTING.md
  • docs/CHANGELOG.md --> dynamically updated

Issue template

  • .github/ISSUE_TEMPLATE.md

PR template

  • .github/PULL_REQUEST_TEMPLATE.md --> automatically closes connected issue

Workflows

  • CI --> npm ci, test and build
  • CodeQL --> Perform CodeQL Analysis (Security, etc.)
  • Release --> semantic-release:
    • Creates release notes
    • Updates CHANGELOG
    • Updates package.json version
    • Creates Git tag/release
    • Publish package to NPM
  • Manual Release --> same as Release, but can be triggered manually in Actions tab

Release

Commit message Convention

<type>(<scope>): <short summary>
│       │             │
│       │             └─⫸ Summary in present tense. Not capitalized. No period at the end.
│       │
│       └─⫸ Commit Scope (optional): project|based|list
│
└─⫸ Commit Type: build|ci|docs|feat|fix|perf|refactor|test

Keywords

FAQs

Package last updated on 12 May 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc