Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
aron-conventional-commits
Advanced tools
A human-readable set of conventional commits, with version rules and changelog groupings
The header has a particular format that includes a Type
, a Target
, and a Summary
:
Type(Target): Summary
┊ ┊
┊ └─⫸ Target: Workspace, Package or Role
┊
└─⫸ Type: Bump, Feat, New, Perf, Add, Update, Improve, Fix, Depreciate, Drop, Docs, Upgrade, Revert, Example, Test, Refactor, Chore, Misc
Type
Target
Summary
Such commits result in version bumps.
Perf
Add
Update
Improve
Fix
Depreciate
Drop
Upgrade
Revert
Bump(Patch)
Docs(README)
Changelog
+0.0.1
A change to a system or product designed to handle a programming bug/glitch.
Fix: <Summary>
Fix(Target): <Summary>
🟢 Good for a monorepo
Fix(CSS): HEX codes were incorrectly parsed as selectors
┊ ┊
┊ └─⫸ A brief description of the specific error
┊
└─⫸ CSS is a workspace package
🔴 Bad for a monorepo
Fix: Fix issues by extracting hex codes with strict rules
┊ ┊ ┊
┊ ┊ └─⫸ Describe the problem rather than the solution
┊ ┊
┊ └─⫸ Don't repeat the word `Fix` in Summary
┊
└─⫸ Without a `(Target)`, the viewer cannot identify the participating workspace
Changelog
+0.0.1
Perf: <Summary>
Perf(Target): <Summary>
Example
Perf: Refresh cache when configuration changes
Changelog
+0.0.1
Add: <Summary>
Add(Target): <Summary>
Example
Add(CSS): Option `.preference` for default theme
Changelog
+0.0.1
Improve: <Summary>
Improve(Target): <Summary>
Example
Improve(Home): Swap the order of **Feature** and **Pricing**
Changelog
+0.0.1
Static content updates such as articles, news, about, profile, etc.
Update: <Summary>
Update(Target): <Summary>
Example
Update(Team): The member's job title changed
Changelog
+0.0.1
Upgrade environment, system, dependencies, etc.
Upgrade: <Summary>
Upgrade(Target): <Summary>
Example
Upgrade(Compiler): Dependency `@master/css@^2.0.0`
Changelog
+0.0.1
Alias: Drop
Deprecate features, options, parameters, units, pages, etc.
Depreciate: <Summary>
Depreciate(Target): <Summary>
Example
Drop(Normal CSS): `--font-mono` `--font-sans` `--font-serif` CSS variables
Changelog
+0.0.1
Revert: "<Reverted Commit Header>"
This reverts commit <Reverted Commit Hash>.
If you are using Git Graph extension for VSCode, Clicking Revert
will automatically generate the following format:
Revert "<Reverted Commit Header>"
This reverts commit <Reverted Commit Hash>.
Example
Revert "Fix(Repo): PeerDependencies -> Dependencies"
This reverts commit 779347237eef77e9137f88095e1fb813e5101c2b.
+0.0.1
The README.md
of the NPM package can only be updated by releasing a new version. At this time, it's very convenient to trigger the patch through:
Docs(README): <Summary>
Docs(README): Features section
It's reasonable to update README.md
by bumping to the patch version because the documentation is part of this version.
+0.0.1
Manually bump a patch version due to special reasons.
Bump(Patch): <Summary>
Example
git commit --allow-empty -m 'Bump(Patch): `+0.0.1`'
Feat
New
Bump(Minor)
Changelog
+0.1.0
Alias: New
Feat: <Summary>
Feat(Target): <Summary>
Example
New(Syntax): A new shorthand `WxH` for `width:` and `height:`
+0.1.0
Manually bump a minor version due to special reasons.
Bump(Minor): <Summary>
Example
git commit --allow-empty -m 'Bump(Minor): `+0.1.0`'
Bumping to the next major version should be triggered manually by the manager rather than relying on a flag in a given commit.
Format
Bump(Major): <Summary>
No clear motivation for <Summary>
yet? Hit Version
or the next version, like v2.0.0
.
🟢 Good for a monorepo
git commit --allow-empty -m 'Bump(Major): Master CSS v2.0'
This is just a commit used to trigger version analysis, don't be obsessed with changes in files, so add --allow-empty
Trivial routine commits include test cases, examples, and environment configurations.
Docs
Tests
Example
Chore
Misc
Docs: <Summary>
Docs(Target): <Summary>
Example
Docs(CSS): Initialize Master CSS with custom configuration
Test: <Summary>
Test(Target): <Summary>
Example
Test(Syntax): Check CSS rules for `WxH` output
Example: <Summary>
Example(Target): <Summary>
Example
Example(Next.js 13): Update to layouts RFC
Chore
or no prefixMisc: <Summary>
Misc(Target): <Summary>
<Summary>
Example
Chore: Update README.md
I prefer no prefix; having to keep prefixing every frequent trivial item is annoying, and marking trivial items doesn't make much sense.
🟢 Better day-to-day development experience
Update README.md
FAQs
A human-readable set of conventional commits, with version rules and changelog groupings
The npm package aron-conventional-commits receives a total of 31 weekly downloads. As such, aron-conventional-commits popularity was classified as not popular.
We found that aron-conventional-commits demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.