
Security News
Next.js Patches Critical Middleware Vulnerability (CVE-2025-29927)
Next.js has patched a critical vulnerability (CVE-2025-29927) that allowed attackers to bypass middleware-based authorization checks in self-hosted apps.
detect-next-version
Advanced tools
Calculates next version, based on given commit message and following Conventional Commits
Calculates next version, based on given commit message and following Conventional Commits
Please consider following this project's author, Charlike Mike Reagent, and :star: the project to show your :heart: and support.
If you have any how-to kind of questions, please read the Contributing Guide and Code of Conduct documents.
For bugs reports and feature requests, please create an issue or ping
@tunnckoCore at Twitter.
Project is semantically & automatically released on CircleCI with new-release and its New Release GitHub App.
(TOC generated by verb using markdown-toc)
This project requires Node.js ^8.10.0 || >=10.13.0. Install it using
yarn or npm.
We highly recommend to use Yarn when you think to contribute to this project.
$ yarn add detect-next-version
For making it work on monorepo setups, you should pass options.packages
- an array
of package names that are changes and a options.cwd
- the root of the monorepo.
Usually this can be extracted from commit message or the response of lerna changed
.
import detectNextVersion from 'detect-next-version';
async function main() {
// e.g. /home/charlike/develop/some-monorepo
const cwd = process.cwd();
// try using `git-commits-since` for getting all commits
// it returns an object with `rawCommits` property
const commits = ['feat: foo bar', 'chore(ok): qux okey'];
const packages = ['@tunnckocore/qq5', 'foo-bar-baz-qux'];
const results = await detectNextVersion(commits, { packages, cwd });
console.log(results);
const [itemOne, itemTwo] = results;
console.log(itemOne.name); // => '@tunnckocore/qq5'
console.log(itemOne.path); // => '@tunnckocore/qq5'
console.log(itemOne.increment); // => 'minor'
console.log(itemOne.lastVersion); // => '0.1.0'
console.log(itemOne.nextVersion); // => '0.2.0'
console.log(itemOne.cwd); // => /home/charlike/develop/some-monorepo
console.log(itemTwo.name); // => 'foo-bar-baz-qux'
console.log(itemTwo.path); // => 'packages/foo-bar-baz-qux'
console.log(itemTwo.increment); // => 'minor'
console.log(itemTwo.lastVersion); // => '1.0.4'
console.log(itemTwo.nextVersion); // => '1.1.0'
console.log(itemTwo.cwd); // => /home/charlike/develop/some-monorepo
}
main().catch(console.error);
Generated using docks.
Calculates next version of given package with name
,
based given commitMessages
which should follow
the Conventional Commits Specification.
Options are passed directly to @tunnckocore/package-json and
recommended-bump packages. Also because the recommended-bump, you can
pass options.plugins
which will be passed to parse-commit-message
commit message parser. So follow their docs and see the tests here for
example usage. If all commit messages are of type that is not patch|fix|minor|feat|major
or containing BREAKING CHANGE:
label (e.g. the chore
type), then the
returned result won't have nextVersion
and increment
will be false
.
ProTip: See parse-commit-message types documentation!
Params
commits
{string|} directly passed to recommended-bump
May be one of string
, Array<string>
or Array<Commit>
[options]
{object} optional, passed to above mentioned packages.Returns
Array<object>
an array of objects where each is basically the return of recommended-bump
plus { pkg, name, cwd, path, lastVersion, nextVersion? }
.Examples
type Commit = {
header: Header;
body?: string | null;
footer?: string | null;
increment?: string | boolean;
isBreaking?: boolean;
mentions?: Array<Mention>;
};
import detector from 'detect-next-version';
async function main() {
const commits = ['chore(ci): some build tweaks', 'fix(cli): foo bar'];
// consider `my-npm-package` is version 0.1.0
const [result] = await detector(commits, { name: 'my-npm-package' });
console.log(result.increment); // => 'patch'
console.log(result.pkg); // => package's latest package.json metadata
console.log(result.lastVersion); // => '0.1.0'
console.log(result.nextVersion); // => '0.1.1'
console.log(result.patch[0].header.type); // => 'fix'
console.log(result.patch[0].header.scope); // => 'cli'
console.log(result.patch[0].header.subject); // => 'foobar'
console.log(result.patch[0].header.toString()); // => 'fix(cli): foobar'
}
main().catch(console.error);
import { parse } from 'parse-commit-message';
import detector from 'detect-next-version';
async function main() {
const commitOne = parse('fix: foo bar');
const commitTwo = parse('feat: some feature subject');
// always an array, but we can destruct it here,
// because we know that it has only one item
const [result] = await detector([commitOne, commitTwo], {
name: '@my-org/my-awesomepkg',
});
console.log(result.increment); // => 'minor'
}
main().catch(console.error);
Some of these projects are used here or were inspiration for this one, others are just related. So, thanks for your existance!
git commit
replacement. Conventional Commits compliant. | homepagePlease read the Contributing Guide and Code of Conduct documents for advices.
For bugs reports and feature requests, please create an issue or ping
@tunnckoCore at Twitter.
Become a Partner or Sponsor? :dollar: Check the Partner, Sponsor or Omega-level tiers! :tada: You can get your company logo, link & name on this file. It's also rendered on package page in npmjs.com and yarnpkg.com sites too! :rocket:
Not financial support? Okey! Pull requests, stars and all kind of contributions are always welcome. :sparkles:
This project is following OPEN Open Source model
Individuals making significant and valuable contributions are given commit-access to the project to contribute as they see fit. This project is built on collective efforts and it's not strongly guarded by its founders.
There are a few basic ground-rules for its contributors
Thanks to the hard work of these wonderful people this project is alive! It follows the
all-contributors specification.
Don't hesitate to add yourself to that list if you have made any contribution! ;) See how,
here.
Charlike Mike Reagent 💻 📖 💬 👀 🔍 |
---|
Consider showing your support to them. :sparkling_heart:
Copyright (c) 2017-present, Charlike Mike Reagent <mameto2011@gmail.com>
& contributors.
Released under the Apache-2.0 License.
FAQs
Calculates next version, based on given commit message and following Conventional Commits
The npm package detect-next-version receives a total of 51 weekly downloads. As such, detect-next-version popularity was classified as not popular.
We found that detect-next-version demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Next.js has patched a critical vulnerability (CVE-2025-29927) that allowed attackers to bypass middleware-based authorization checks in self-hosted apps.
Security News
A survey of 500 cybersecurity pros reveals high pay isn't enough—lack of growth and flexibility is driving attrition and risking organizational security.
Product
Socket, the leader in open source security, is now available on Google Cloud Marketplace for simplified procurement and enhanced protection against supply chain attacks.