Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@julianlam/generate-changelog
Advanced tools
🚨 This is a fork
You probably want this original repo: https://github.com/lob/generate-changelog
This is a fork of JasonCust/generate-changelog, which contains fixes outlined here: https://github.com/lob/generate-changelog/pull/42
The fork further customizes the plugin by integrating the semver dependency instead of incrementing the version number on its own.
Generate Changelog
Generate a changelog from git commits. This is meant to be used so that for every patch, minor, or major version, you update the changelog prior to running npm version so that the git tag contains the commit that updated both the changelog and version.
Installation
You can either install it as a dev dependency to be referenced in your npm scripts, or you can install this module globally to be used for all of your repos on your local machine.
$ npm i generate-changelog -D # install it as a dev dependency
# OR
$ npm i generate-changelog -g # install it globally
Usage
To use this module, your commit messages have to be in this format:
type(category): description [flags]
Where type is one of the following:
breakingbuildcichoredocsfeatfixotherperfrefactorrevertstyletest
Where flags is an optional comma-separated list of one or more of the following (must be surrounded in square brackets):
breaking: alterstypeto be a breaking change
And category can be anything of your choice. If you use a type not found in the list (but it still follows the same format of the message), it'll be grouped under other.
You can either run this module as a CLI app that prepends the new logs to a file (recommended):
$ changelog -h
Usage: generate [options]
Generate a changelog from git commits.
Options:
-h, --help output usage information
-V, --version output the version number
-p, --patch create a patch changelog
-m, --minor create a minor changelog
-M, --major create a major changelog
-s, --semver [value] the version value (e.g. v1.2.3)
-t, --tag <range> generate from specific tag or range (e.g. v1.2.3 or v1.2.3..v1.2.4)
-x, --exclude <types> exclude selected commit types (comma separated)
-f, --file [file] file to write to, defaults to ./CHANGELOG.md, use - for stdout
-u, --repo-url [url] specify the repo URL for commit links, defaults to checking the package.json
Or you can write a script that calls the generate function and does whatever you want with the new logs:
var Changelog = require('generate-changelog');
var Fs = require('fs');
return Changelog.generate({ patch: true, repoUrl: 'https://github.com/lob/generate-changelog' })
.then(function (changelog) {
Fs.writeFileSync('./CHANGELOG.md', changelog);
});
Recommended
The way that I would recommend using this module would be the way it's being used in this module: as npm scripts. You should install it as a dev dependency and then add the following to the scripts object in your package.json:
"release:major": "changelog -M && git add CHANGELOG.md && git commit -m 'updated CHANGELOG.md' && npm version major && git push origin && git push origin --tags",
"release:minor": "changelog -m && git add CHANGELOG.md && git commit -m 'updated CHANGELOG.md' && npm version minor && git push origin && git push origin --tags",
"release:patch": "changelog -p && git add CHANGELOG.md && git commit -m 'updated CHANGELOG.md' && npm version patch && git push origin && git push origin --tags",
To use a specific version rather than a generated value, you can use -s VERSION or --semver VERSION rather than the major, minor or patch argument switches. For example, using npm's version scripts object in your package.json the previous release scripts could be condensed to:
"version": "changelog -s $npm_package_version && git add CHANGELOG.md && git commit -m 'updated CHANGELOG.md"
"postversion": "git push origin && git push origin --tags"
Testing
To run the test suite, just clone the repository and run the following:
$ npm i
$ npm test
Contributing
To contribute, please see the CONTRIBUTING.md file.
License
This project is released under the MIT license, which can be found in LICENSE.txt.
FAQs
Generate a changelog from git commits.
We found that @julianlam/generate-changelog demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Aug 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025