Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
conventional-github-releaser
Advanced tools
Make a new GitHub release from git metadata
Note You don't have to use the angular commit convention. For the best result of the tool to tokenize you commit and produce flexible output, it's recommended to use a commit convention.
$ npm install -g conventional-github-releaser
$ cd my-project
$ conventional-github-releaser -p angular
The above generates a GitHub Release based on commits since the last semver tag that match the pattern of a "Feature", "Fix", "Performance Improvement" or "Breaking Changes".
If you first time use this tool and want to generate all previous releases, you could do
$ conventional-github-releaser -p angular -r 0
This will not overwrite the releases you have already made. Read "Regenerate all the releases" section if you want to.
All available command line parameters can be listed using CLI : conventional-github-releaser --help
.
Hint: You can alias your command or add it to your package.json. EG: "github-release": "conventional-github-releaser -p angular -r 0"
.
Or use one of the plugins if you are already using the tool: grunt/atom
package.json
package.json
filesconventionalGithubReleaser
You have to have a tag on GitHub to make a release. hence gitRawCommitsOpts.to
defaults to the latest semver tag.
Please use this gist to make a release or change it to your needs.
$ npm install --save conventional-github-releaser
var conventionalGithubReleaser = require('conventional-github-releaser');
var AUTH = {
type: "oauth",
token: '0126af95c0e2d9b0a7c78738c4c00a860b04acc8'// change this to your own GitHub token or use an environment variable
};
conventionalGithubReleaser(AUTH, {
preset: 'angular'
}, callback);
An auth object passed to node-github.
Type: array
An array of responses returned by github.releases.createRelease
calls.
Please check conventional-changelog for other arguments.
There are some changes:
Default: grab the whole tag for the version (including a leading v) and format date.
Default: 1
How many releases of changelog you want to generate. It counts from the latest semver tag. Useful when you forgot to generate any previous releases. Set to 0
to regenerate all.
Default: same as version tag
Name that should be applied to the release on GitHub.
Default: undefined
(uses the tag to determine commit)
Specific target_commitish
in GitHub release
Default: based on options.releaseCount
.
Default: latest semver tag
It is always true
.
Default: ''
Default header contains the version and date which are already in the release.
$ npm install --global conventional-github-releaser
$ conventional-github-releaser --help # for more details
You can supply your auth token by a flag -t
or --token
. You can also set up an environment variable CONVENTIONAL_GITHUB_RELEASER_TOKEN
to avoid typing your token every time.
You can also submit your release as a draft version via the '--draft' flag. This allows you to review the and edit the release notes before an official release.
Note: If all results error, it will print the error messages to stderr and exit with code 1
.
Use github-remove-all-releases to remove all releases and set changelogOpts.releaseCount
to 0
to regenerate.
Create a new token and set your environment variable CONVENTIONAL_GITHUB_RELEASER_TOKEN
to the token you just created. You can google How to set environment variable. The scopes for the token you need is public_repo
or repo
(if you need to access private repos). More details.
conventional-github-releaser
, but makes a GitLab release.MIT © Steve Mao
FAQs
Make a new GitHub release from git metadata.
The npm package conventional-github-releaser receives a total of 4,553 weekly downloads. As such, conventional-github-releaser popularity was classified as popular.
We found that conventional-github-releaser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.