conventional-changelog-core
Advanced tools
conventional-changelog-core - npm Package Compare versions
+30
-35
| 'use strict' | ||
| const fs = require('fs/promises') | ||
| const { exec } = require('child_process') | ||
| const hostedGitInfo = require('hosted-git-info') | ||
@@ -7,8 +8,3 @@ const parseRepositoryUrl = require('@hutson/parse-repository-url') | ||
| const normalizePackageData = require('normalize-package-data') | ||
| let gitRemoteOriginUrl | ||
| try { | ||
| gitRemoteOriginUrl = require('git-remote-origin-url') | ||
| } catch (err) { | ||
| gitRemoteOriginUrl = () => Promise.reject(err) | ||
| } | ||
| const { URL } = require('url') | ||
@@ -22,20 +18,2 @@ | ||
| function semverTagsPromise (options) { | ||
| return new Promise((resolve, reject) => { | ||
| gitSemverTags({ | ||
| lernaTags: !!options.lernaPackage, | ||
| package: options.lernaPackage, | ||
| tagPrefix: options.tagPrefix, | ||
| skipUnstable: options.skipUnstable, | ||
| cwd: options.cwd | ||
| }, (err, result) => { | ||
| if (err) { | ||
| reject(err) | ||
| } else { | ||
| resolve(result) | ||
| } | ||
| }) | ||
| }) | ||
| } | ||
| function guessNextTag (previousTag, version) { | ||
@@ -77,2 +55,14 @@ if (previousTag) { | ||
| function getRemoteOriginUrl (cwd) { | ||
| return new Promise((resolve, reject) => { | ||
| exec('git config --get remote.origin.url', { cwd }, (err, stdout) => { | ||
| if (err) { | ||
| reject(err) | ||
| } else { | ||
| resolve(stdout.trim()) | ||
| } | ||
| }) | ||
| }) | ||
| } | ||
| async function mergeConfig (options, context, gitRawCommitsOpts, parserOpts, writerOpts, gitRawExecOpts) { | ||
@@ -141,3 +131,2 @@ let pkgPromise | ||
| const presetConfig = typeof options.config === 'function' ? options.config() : options.config | ||
| const gitRemoteOriginUrlPromise = Promise.resolve(gitRemoteOriginUrl(options.cwd)) | ||
| const [ | ||
@@ -151,4 +140,10 @@ configObj, | ||
| pkgPromise, | ||
| semverTagsPromise(options), | ||
| gitRemoteOriginUrlPromise | ||
| gitSemverTags({ | ||
| lernaTags: !!options.lernaPackage, | ||
| package: options.lernaPackage, | ||
| tagPrefix: options.tagPrefix, | ||
| skipUnstable: options.skipUnstable, | ||
| cwd: options.cwd | ||
| }), | ||
| getRemoteOriginUrl(options.cwd) | ||
| ]) | ||
@@ -162,3 +157,3 @@ let config | ||
| let gitSemverTags = [] | ||
| let semverTags = [] | ||
@@ -239,5 +234,5 @@ if (options.config) { | ||
| if (tagsObj.status === 'fulfilled') { | ||
| gitSemverTags = context.gitSemverTags = tagsObj.value | ||
| fromTag = gitSemverTags[options.releaseCount - 1] | ||
| const lastTag = gitSemverTags[0] | ||
| semverTags = context.gitSemverTags = tagsObj.value | ||
| fromTag = semverTags[options.releaseCount - 1] | ||
| const lastTag = semverTags[0] | ||
@@ -327,3 +322,3 @@ if (lastTag === context.version || lastTag === 'v' + context.version) { | ||
| context.currentTag = currentTag || match ? match[1] : null | ||
| const index = gitSemverTags.indexOf(context.currentTag) | ||
| const index = semverTags.indexOf(context.currentTag) | ||
@@ -334,3 +329,3 @@ // if `keyCommit.gitTags` is not a semver | ||
| } else { | ||
| const previousTag = context.previousTag = gitSemverTags[index + 1] | ||
| const previousTag = context.previousTag = semverTags[index + 1] | ||
@@ -346,3 +341,3 @@ if (!previousTag) { | ||
| } else { | ||
| context.previousTag = context.previousTag || gitSemverTags[0] | ||
| context.previousTag = context.previousTag || semverTags[0] | ||
@@ -361,3 +356,3 @@ if (context.version === 'Unreleased') { | ||
| } else { | ||
| context.currentTag = guessNextTag(gitSemverTags[0], context.version) | ||
| context.currentTag = guessNextTag(semverTags[0], context.version) | ||
| } | ||
@@ -364,0 +359,0 @@ } |
+2
-3
| { | ||
| "name": "conventional-changelog-core", | ||
| "version": "6.0.0", | ||
| "version": "7.0.0", | ||
| "description": "conventional-changelog core", | ||
@@ -31,3 +31,2 @@ "repository": { | ||
| "add-stream": "^1.0.0", | ||
| "git-remote-origin-url": "^2.0.0", | ||
| "hosted-git-info": "^7.0.0", | ||
@@ -40,3 +39,3 @@ "normalize-package-data": "^6.0.0", | ||
| "git-raw-commits": "^4.0.0", | ||
| "git-semver-tags": "^6.0.0" | ||
| "git-semver-tags": "^7.0.0" | ||
| }, | ||
@@ -43,0 +42,0 @@ "devDependencies": { |
New alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Dependency count
10
-9.09%Worsened metrics
- Total package byte prevSize
26225
-0.84%- Lines of code
511
-1.16%- Number of medium supply chain risk alerts
2
100%Dependency changes
+ Added
git-semver-tags@7.0.1(transitive)- Removed
git-remote-origin-url@^2.0.0- Removed
git-remote-origin-url@2.0.0(transitive)- Removed
git-semver-tags@6.0.0(transitive)- Removed
gitconfiglocal@1.0.0(transitive)- Removed
ini@1.3.8(transitive)- Removed
pify@2.3.0(transitive)Updated
git-semver-tags@^7.0.0