bumper - npm Package Compare versions
Comparing version 1.0.0 to 1.1.0
| { | ||
| "name": "bumper", | ||
| "version": "1.0.0", | ||
| "description": "There is something coming", | ||
| "main": "index.js", | ||
| "version": "1.1.0", | ||
| "bin": "./bin/index.js", | ||
| "description": "Work better with libraries that follow semver", | ||
| "main": "./lib/index.js", | ||
| "scripts": { | ||
| "test": "echo \"Error: no test specified\" && exit 1" | ||
| "test": "release-to-github-with-changelog-pre-release-checks && npm run lint && npm run check-format && jest", | ||
| "check-format": "prettier-eslint \"{bin,lib}/**/*.js\" --list-different", | ||
| "lint": "eslint bin lib", | ||
| "release": "release-to-github-with-changelog && npm publish --access=public", | ||
| "format": "prettier-eslint \"{bin,lib}/**/*.js\" --write", | ||
| "test:watch": "jest --watch" | ||
| }, | ||
| "author": "Michael J. Zoidl <npm@michaelzoidl.com> (http://michaelzoidl.com)", | ||
| "license": "ISC" | ||
| } | ||
| "files": [ | ||
| "bin/", | ||
| "lib/" | ||
| ], | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/tankenstein/bumper.git" | ||
| }, | ||
| "keywords": [ | ||
| "npm", | ||
| "bump", | ||
| "version", | ||
| "semver" | ||
| ], | ||
| "author": "Uku Markus Tammet <ukutammet@gmail.com>", | ||
| "license": "MIT", | ||
| "lint-staged": { | ||
| "*.js": [ | ||
| "prettier-eslint \"{src,docs}/**/*.js\" --write", | ||
| "git add" | ||
| ] | ||
| }, | ||
| "dependencies": { | ||
| "chalk": "^2.4.1", | ||
| "get-stdin": "^6.0.0", | ||
| "semver": "^5.5.1", | ||
| "yargs": "^12.0.5" | ||
| }, | ||
| "devDependencies": { | ||
| "eslint": "^5.6.1", | ||
| "eslint-config-airbnb-base": "^13.1.0", | ||
| "eslint-config-prettier": "^3.1.0", | ||
| "eslint-plugin-import": "^2.14.0", | ||
| "eslint-plugin-prettier": "^3.0.0", | ||
| "husky": "^1.1.0", | ||
| "jest": "^23.6.0", | ||
| "lint-staged": "^7.3.0", | ||
| "prettier": "^1.14.3", | ||
| "prettier-eslint-cli": "^4.7.1", | ||
| "release-to-github-with-changelog": "^1.2.1" | ||
| } | ||
| } |
@@ -1,4 +0,35 @@ | ||
| # Brace yourself... | ||
|  | ||
| bumper | ||
| ====== | ||
| spoiler: it has something todo with changelogs and stuff... | ||
| Bumper helps you work with libraries. | ||
| ## Usage | ||
| To install bumper, run: | ||
| ```shell | ||
| npm install --global bumper | ||
| ``` | ||
| ### Bump | ||
| Usage: | ||
| ```shell | ||
| bumper bump <increment> | ||
| The bump command will bump the version in your package.json, package-lock.json and add a CHANGELOG.md entry if those files exist in your current directory. | ||
| Positionals: | ||
| increment Whether to bump the major, minor or patch version | ||
| Options for projects with a CHANGELOG.md file: | ||
| --title, -t Title of release | ||
| --description, -d Description of release, can be piped from stdin instead | ||
| Options: | ||
| -h, --help Show help | ||
| -v, --version Show version number | ||
| ``` | ||
| ## Future | ||
| Bumper will house a mechanism to bump the version of your library inside other repos. |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3612.91%
15817
- Number of package files
- increased by450%
11
- Lines of code
- increased byInfinity%
353
- Number of low quality alerts
- decreased by-50%
1
- Number of lines in readme file
- increased by620%
36
Worsened metrics
- Dependency count
- increased byInfinity%
4
- Dev dependency count
- increased byInfinity%
11
- Number of low supply chain risk alerts
- increased by100%
2
- Number of medium supply chain risk alerts
- increased by100%
2
Dependency changes
+ Addedchalk@^2.4.1
+ Addedget-stdin@^6.0.0
+ Addedsemver@^5.5.1
+ Addedyargs@^12.0.5
+ Addedansi-regex@2.1.13.0.1(transitive)
+ Addedansi-styles@3.2.1(transitive)
+ Addedcamelcase@5.3.1(transitive)
+ Addedchalk@2.4.2(transitive)
+ Addedcliui@4.1.0(transitive)
+ Addedcode-point-at@1.1.0(transitive)
+ Addedcolor-convert@1.9.3(transitive)
+ Addedcolor-name@1.1.3(transitive)
+ Addedcross-spawn@6.0.6(transitive)
+ Addeddecamelize@1.2.0(transitive)
+ Addedend-of-stream@1.4.4(transitive)
+ Addedescape-string-regexp@1.0.5(transitive)
+ Addedexeca@1.0.0(transitive)
+ Addedfind-up@3.0.0(transitive)
+ Addedget-caller-file@1.0.3(transitive)
+ Addedget-stdin@6.0.0(transitive)
+ Addedget-stream@4.1.0(transitive)
+ Addedhas-flag@3.0.0(transitive)
+ Addedinvert-kv@2.0.0(transitive)
+ Addedis-fullwidth-code-point@1.0.02.0.0(transitive)
+ Addedis-stream@1.1.0(transitive)
+ Addedisexe@2.0.0(transitive)
+ Addedlcid@2.0.0(transitive)
+ Addedlocate-path@3.0.0(transitive)
+ Addedmap-age-cleaner@0.1.3(transitive)
+ Addedmem@4.3.0(transitive)
+ Addedmimic-fn@2.1.0(transitive)
+ Addednice-try@1.0.5(transitive)
+ Addednpm-run-path@2.0.2(transitive)
+ Addednumber-is-nan@1.0.1(transitive)
+ Addedonce@1.4.0(transitive)
+ Addedos-locale@3.1.0(transitive)
+ Addedp-defer@1.0.0(transitive)
+ Addedp-finally@1.0.0(transitive)
+ Addedp-is-promise@2.1.0(transitive)
+ Addedp-limit@2.3.0(transitive)
+ Addedp-locate@3.0.0(transitive)
+ Addedp-try@2.2.0(transitive)
+ Addedpath-exists@3.0.0(transitive)
+ Addedpath-key@2.0.1(transitive)
+ Addedpump@3.0.2(transitive)
+ Addedrequire-directory@2.1.1(transitive)
+ Addedrequire-main-filename@1.0.1(transitive)
+ Addedsemver@5.7.2(transitive)
+ Addedset-blocking@2.0.0(transitive)
+ Addedshebang-command@1.2.0(transitive)
+ Addedshebang-regex@1.0.0(transitive)
+ Addedsignal-exit@3.0.7(transitive)
+ Addedstring-width@1.0.22.1.1(transitive)
+ Addedstrip-ansi@3.0.14.0.0(transitive)
+ Addedstrip-eof@1.0.0(transitive)
+ Addedsupports-color@5.5.0(transitive)
+ Addedwhich@1.3.1(transitive)
+ Addedwhich-module@2.0.1(transitive)
+ Addedwrap-ansi@2.1.0(transitive)
+ Addedwrappy@1.0.2(transitive)
+ Addedy18n@4.0.3(transitive)
+ Addedyargs@12.0.5(transitive)
+ Addedyargs-parser@11.1.1(transitive)