Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
conventional-github-releaser
Advanced tools
Make a new GitHub release from git metadata
$ npm install -g conventional-github-releaser
$ cd my-project
$ conventional-github-releaser -p angular
The above generates a GitHub Release based on commits since the last semver tag that match the pattern of a "Feature", "Fix", "Performance Improvement" or "Breaking Changes".
If you first time use this tool and want to generate all previous releases, you could do
$ conventional-github-releaser -p angular -r 0
This will not overwrite the releases you have already made. Read "Regenerate all the releases" section if you want to.
All available command line parameters can be listed using CLI : conventional-github-releaser --help
.
Hint: You can alias your command or add it to your package.json. EG: "github-release": "conventional-github-releaser -p angular -r 0"
.
Or use one of the plugins if you are already using the tool: grunt/atom
package.json
package.json
filesconventionalGithubReleaser
You have to have a tag on GitHub to make a release. hence gitRawCommitsOpts.to
defaults to the latest semver tag.
Please use this gist to make a release or change it to your needs.
$ npm install --save conventional-github-releaser
var conventionalGithubReleaser = require('conventional-github-releaser');
var AUTH = {
type: "oauth",
token: '0126af95c0e2d9b0a7c78738c4c00a860b04acc8'// change this to your own GitHub token or use an environment variable
};
conventionalGithubReleaser(AUTH, {
preset: 'angular'
}, callback);
An auth object passed to node-github.
Type: array
An array of responses returned by github.releases.createRelease
calls.
Please check conventional-changelog for other arguments.
There are some changes:
Default: grab the whole tag for the version (including a leading v) and format date.
Default: 1
How many releases of changelog you want to generate. It counts from the latest semver tag. Useful when you forgot to generate any previous releases. Set to 0
to regenerate all.
Default: based on options.releaseCount
.
Default: latest semver tag
It is always true
.
If there is any preset, this defaults to ''
because header in presets usually contains the version and date which are already in the release.
$ npm install --global conventional-github-releaser
$ conventional-github-releaser --help # for more details
You can supply your auth token by a flag -t
or --token
. You can also set up an environment variable CONVENTIONAL_GITHUB_RELEASER_TOKEN
to avoid typing your token every time.
Note: If all results error, it will print the error messages to stderr and exit with code 1
.
Use github-remove-all-releases to remove all releases and set changelogOpts.releaseCount
to 0
to regenerate.
Create a new token and set your environment variable CONVENTIONAL_GITHUB_RELEASER_TOKEN
to the token you just created. You can google How to set environment variable. The scopes for the token you need is public_repo
or repo
(if you need to access private repos). More details.
MIT © Steve Mao
FAQs
Make a new GitHub release from git metadata.
The npm package conventional-github-releaser receives a total of 3,720 weekly downloads. As such, conventional-github-releaser popularity was classified as popular.
We found that conventional-github-releaser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.