Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

ci-npm-update

Package Overview
Dependencies
Maintainers
1
Versions
20
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

ci-npm-update

Keep NPM dependencies up-to-date with CI, providing version-to-version diff for each library

  • 2.0.0
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

ci-npm-update CircleCI

This command keeps npm dependencies up-to-date by making pull-requests from CI.

For example: https://github.com/gfx/ci-npm-update/pull/13

This is inspired by circleci-bundle-update-pr.

Install

npm install --save-dev ci-npm-update

Usage

Configuration

This command is designed to be executed by CI nightly builds.

Set GITHUB_ACCESS_TOKEN environment to make a pull-request to github repositories, and set SSH keys to push to the repos from CI.

If the CI environment has no git configuration, also set GIT_USER_NAME and GIT_USER_EMAIL to commit patches in CI.

export GITHUB_ACCESS_TOKEN=...
export GIT_USER_NAME=gfx
export GIT_USER_EMAIL=gfx@users.noreply.github.com

Execution

By default, ci-npm-update runs in dry-run mode. Set --execute to make pull-requests.

ci-npm-update --execute

Local Tests

If you only run it in dry-run mode, no configuration is required:

# run in dry-run mode:
ci-npm-update

If you want to make pull-requests in your local machine, use GITHUB_ACCESS_TOKEN:

# envchain is recommended
envchain --set github GITHUB_ACCESS_TOKEN
# run:
envchain github ci-npm-update --execute

In addition, --list is provided to list dependencies with short descriptions, intended for sanity check in development.

ci-npm-update --list

Development

Setup:

npm run setup

Easy test command in dry-run mode:

npm run build && envchain github node bin/ci-npm-update

Heroku Scheduler

If you want to setup heroku schedulers, there's a template for it:

Deploy

To test it, run the following command:

heroku run './build-circleci'

License

Copyright (c) 2016 Bit Journey, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Keywords

FAQs

Package last updated on 11 Jul 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc