Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
conventional-changelog-ember
Advanced tools
The conventional-changelog-ember npm package is a preset for the conventional-changelog tool, specifically tailored for Ember.js projects. It helps in generating changelogs based on conventional commit messages, ensuring that the changelog format adheres to Ember.js community standards.
Generate Changelog
This feature allows you to generate a changelog for your Ember.js project. The code sample demonstrates how to use the conventional-changelog library with the 'ember' preset to output the changelog to the console.
const conventionalChangelog = require('conventional-changelog');
conventionalChangelog({
preset: 'ember'
}).pipe(process.stdout);
Custom Configuration
This feature allows you to customize the changelog generation process. The code sample shows how to generate a changelog for only the most recent release by setting the releaseCount option.
const conventionalChangelog = require('conventional-changelog');
conventionalChangelog({
preset: 'ember',
releaseCount: 1
}).pipe(process.stdout);
The conventional-changelog-angular package is a preset for the conventional-changelog tool, tailored for Angular projects. It follows the Angular commit message conventions and generates changelogs accordingly. Compared to conventional-changelog-ember, it is more suited for Angular projects and their specific commit message guidelines.
The conventional-changelog-conventionalcommits package is a preset for the conventional-changelog tool that adheres to the Conventional Commits specification. It is a more generic preset compared to conventional-changelog-ember, making it suitable for a wide range of projects that follow the Conventional Commits guidelines.
The standard-version package is a tool for versioning and changelog generation based on conventional commit messages. It automates the entire release process, including bumping the version, generating the changelog, and committing the changes. While conventional-changelog-ember focuses on changelog generation for Ember.js projects, standard-version provides a more comprehensive solution for managing releases.
conventional-changelog ember preset.
Issues with the convention itself should be reported on the Ember issue tracker.
# yarn
yarn add -D conventional-changelog-ember
# pnpm
pnpm add -D conventional-changelog-ember
# npm
npm i -D conventional-changelog-ember
Please use an appropriate commit prefix. If your pull request fixes an issue specify it in the commit message. Some examples:
[DOC beta] Update CONTRIBUTING.md for commit prefixes
[FEATURE query-params-new] Message
[BUGFIX beta] Message
[SECURITY CVE-111-1111] Message
All commits should be tagged. Tags are denoted by square brackets ([]
) and come at the start of the commit message.
Tag
should not be confused with git tag.
Message
should not be confused with git commit message.
In general bug fixes are pulled into the beta branch. As such, the prefix is: [BUGFIX beta]
. If a bug fix is a serious regression that requires a new patch release, [BUGFIX release]
can be used instead.
For bugs related to canary features, follow the prefixing rules for features.
Cleanup commits are for removing deprecated functionality and should be tagged
as [CLEANUP beta]
.
All additions and fixes for features in canary should be tagged as [FEATURE name]
where name is the same as the flag for that feature.
Documentation commits are tagged as [DOC channel]
where channel is canary
,
beta
, or release
. If no release is provided canary
is assumed. The channel should be the most stable release that this documentation change applies to.
Security commits will be tagged as [SECURITY cve]
. Please do not submit security related PRs without coordinating with the security team. See the Security Policy for more information.
In general almost all commits should fall into one of these categories. In the cases where they don't please submit your PR untagged. An Ember contributor will let you know if tagging is required.
Based on https://github.com/emberjs/ember.js/blob/master/CONTRIBUTING.md
FAQs
Ember preset for conventional-changelog.
We found that conventional-changelog-ember demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.