Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Command line tool (and Node module) that generates a changelog in color output, markdown, or json for modules in npmjs.org's registry as well as any public github.com repo.
Command line tool (and Node module) that generates a changelog in color output, markdown, or json for modules in npmjs.org's registry as well as any public github.com repo.
Modules do not need to be installed to generate changelog but they must define their repository url
in their package.json.
$ changelog {npm module name} [release] [options]
npm module
: The module name, such as express
, npm
, grunt
, etc.
Changelog also works on any public Github repo.
$ changelog {Github.com repo} [options]
Github.com repo url
: Urls can be any format, such as https://github.com/dylang/changelog
or git@github.com:dylang/changelog.git
or even just dylang/changelog
.
changelog --help
Usage:
changelog <npm module name> [versions] [options]
changelog <github repo url> [versions] [options]
Module name:
$ changelog npm
Github repo:
$ changelog github.com/isaacs/npm
$ changelog isaacs/npm
Versions:
latest Default: Show only the latest versions. ex: $ changelog npm latest
all Show all versions. ex: $ changelog npm all
number Show that many recent versions. ex: $ changelog npm 3
n.n.n Show changes for a specific version. ex: $ changelog npm 1.3.11
Options:
-c, --color Output as Color (terminal default)
-m, --markdown Output as Github-flavored Markdown (file default)
-j, --json Output as JSON
-d, --debug Enable debugging
-h, --help Display help and usage details
Changelog can be easily integrated into other tools.
name
string, required NPM module name from registry.versions
integer or semver, optional Number of versions, or the semver version to show.var changelog = require('changelog');
changelog.generate(NpmPackageName, countOrVersions)
.then(changelog.markdown);
var changelog = require('changelog');
changelog.generate('grunt')
.then(showChanges);
function showChanges(data) {
//With npm each "version" corresponds to all changes for that build pushed on npm
//With github each "version" is one GMT day of changes
data.versions.forEach(function(version) {
console.log(version.version); //currently npm projects only
console.log(version.date); //JS Date
//version.changes is an array of commit messages for that version
version.changes.forEach(function(change) {
console.log(' * ' + change);
});
});
//Information about the project
console.log(data.project);
}
npm
with the commit history from the Github's API.Dylan Greene built this because he was always curious what was changed when doing npm update
.
This module's name is inspired by listening to TheChangelog Podcast on the way to work.
Hello fellow developer! My name is Dylan Greene. When not overwhelmed with my two kids I enjoy contributing to the open source community. I'm a tech lead at Opower. I lead a team using Grunt and Angular to build software that successfully helps people like us use less power. Not too long ago I co-created Doodle or Die, a hilarious web game with millions of doodles that won us Node Knockout for the "most fun" category. I'm dylang on Twitter and other places.
Some of my other Node projects:
Name | Description | Github Stars | Npm Installs |
---|---|---|---|
grunt-notify | Automatic desktop notifications for Grunt errors and warnings using Growl for OS X or Windows, Mountain Lion and Mavericks Notification Center, and Notify-Send. | 798 | 36,294 |
grunt-prompt | Interactive prompt for your Grunt config using console checkboxes, text input with filtering, password fields. | 244 | 5,804 |
shortid | Amazingly short non-sequential url-friendly unique id generator. | 262 | 8,357 |
rss | RSS feed generator. A really simple API to add RSS feeds to any project. | 243 | 15,147 |
npm-check | Check for outdated, incorrect, and unused dependencies. | New! | 1,164 |
xml | Fast and simple xml generator. Supports attributes, CDATA, etc. Includes tests and examples. | 56 | 21,139 |
logging | Super sexy color console logging with cluster support. | 24 | 541 |
grunt-attention | Display attention-grabbing messages in the terminal | New! | 6,253 |
observatory | Beautiful UI for showing tasks running on the command line. | 31 | 3,516 |
flowdock-refined | Flowdock desktop app custom UI | New! | 59 |
anthology | Module information and stats for any @npmjs user | New! | 216 |
grunt-cat | Echo a file to the terminal. Works with text, figlets, ascii art, and full-color ansi. | New! | 102 |
This list was generated using anthology.
Copyright (c) 2014 undefined, contributors.
Released under the MIT license.
Screenshots are CC BY-SA (Attribution-ShareAlike).
Generated using grunt-readme with grunt-templates-dylang on Monday, October 6, 2014.
FAQs
Command line tool (and Node module) that generates a changelog in color output, markdown, or json for modules in npmjs.org's registry as well as any public github.com repo.
The npm package changelog receives a total of 217 weekly downloads. As such, changelog popularity was classified as not popular.
We found that changelog demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.