changelog-view - npm Package Compare versions

Comparing version 1.0.3 to 1.1.0

package.json

 {
   "name": "changelog-view",
-  "version": "1.0.3",
+  "version": "1.1.0",
   "description": "Tool to view changelog of package in console",
@@ -5,0 +5,0 @@ "bin": {

README.md

@@ -19,3 +19,3 @@ Changelog view
 
-or you can use `npx` to automatically run the program
+~~or you can use `npx` to automatically run the program~~ npx does not seems to work with it, maybe an issue with the `@`
 
@@ -26,8 +26,3 @@ ## Usage
 changelog-view <package@currentVersion> [<package@currentVersion> ...]
-
 ```
-With npx:
-```sh
-npx changelog-view <package@currentVersion> [<package@currentVersion> ...]
-```
 
@@ -39,2 +34,31 @@ Example
 
+### In a npm / yarn project ?
+`changelog-view` tries to detect automatically the current version of your lock npm / yarn dependencies, so you can just do:
+
+Imagine you have this package.json:
+```json
+{
+  "dependencies": {
+    "rest-client-sdk": "^1.0.0"
+  }
+}
+```
+
+The following command:
+```sh
+changelog-view rest-client-sdk
+```
+
+Will ouput:
+```md
+... other version
+## [1.0.1] - 2017-07-03 - [YANKED]
+
+### Changed
+
+    * Make urijs implementation work again but might be breaking
+    * Url constructor passed with noTransform = true for better perf and avoid potential bugs
+```
+
+
 ### Features
@@ -49,3 +73,6 @@ The package checks on github if a file named `CHANGELOG.md` or `HISTORY.md` is present.
 
-  * [] read yarn / npm / composer lockfiles to guess the package url
-  * [] read yarn / npm / composer lockfiles to guess the current version
+  * [x] read npm / yarn lockfiles to guess the package url
+  * [x] read npm / yarn lockfiles to guess the current version
+  * [ ] read composer lockfiles to guess the package url
+  * [ ] read composer lockfiles to guess the current version
+  * [ ] make `npx` work

src/index.js

 import marked from 'marked';
 import TerminalRenderer from 'marked-terminal';
 import { getVersionListForPackage } from './file';
+import getPackageInfo from './packageInfo';
 
 function changelogView(packageString) {
-  const matches = packageString.match(/(.*)@(\d+\.\d+\.\d+)/);
+  const packageInfo = getPackageInfo(packageString);
 
-  if (!matches) {
+  if (!packageInfo) {
     console.error(`package "${packageString}" version is not well formatted`);
@@ -13,3 +14,3 @@ process.exit(1);
 
-  const [match, packageName, version] = matches;
+  const { packageName, version } = packageInfo;
 
@@ -16,0 +17,0 @@ getVersionListForPackage(packageName, version)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1327150

increased by0.34%

Number of package files

25

increased by8.7%

Lines of code

1823

increased by5.8%

Number of lines in readme file

75

increased by56.25%

Worsened metrics

Number of low supply chain risk alerts

3

increased by50%

No dependency changes