
Security News
Suno Breached via Shai-Hulud Worm, Leaked Code Exposes AI Music Scraping
A Shai-Hulud infection exposed Suno's source code, which shows the AI music startup stream-ripped tracks to train its models.
git-semver-tagger
Advanced tools
 
An opinionated program for automatic semantic versioning via git tags and information in commits.
You can install the tool using any NPM-like system.
npm i -D git-semver-tagger # this will install it into a project as a dev dependency
npx tagger calculate-version # You can use npx to run a project's programs easily
npm i -g git-semver-tagger # this will install it globally into npm
tagger calculate-version # Now it should be available via NPM's path on your shell.
The calculate-version command will generate a new version number based on all of the commits since the last tag, and output as a string.
Basic usage:
tagger calculate-version
Output: 1.2.3-SNAPSHOT
The tag command will create a tag with the given version and push it back to the repository.
We recommend this command only is run after the build is validated. Use discernment to decide if it should happen before publication of artifacts, or afterward.
Basic usage:
tagger tag --version 1.2.3 --release-branch main
Both commands support machine-readable JSON output for CI/CD pipelines and automation scripts via the --format flag.
--format=text (default): Human-readable text output--format=json: Structured JSON outputExample command:
tagger calculate-version --format=json
Success response:
{
"status": "success",
"data": {
"version": "1.2.3-SNAPSHOT",
"snapshot": true,
"snapshotReasons": [
"DIRTY",
"AHEAD"
]
}
}
Error response:
{
"status": "error",
"error": "HEAD is detached (not pointing at any branch)",
"code": "CONFIGURATION_ERROR"
}
Fields:
status: "success" or "error"data.version: Calculated semantic version stringdata.snapshot: Boolean indicating if this is a snapshot versiondata.snapshotReasons: Array of reasons why this is a snapshot (e.g., "DIRTY", "AHEAD")error: Human-readable error message (only in error responses)code: Machine-readable error code (only in error responses)Example command:
tagger tag --version 1.2.3 --release-branch main --format=json
Success response:
{
"status": "success",
"data": {
"tag": "1.2.3"
}
}
Error response:
{
"status": "error",
"error": "Failed to create tag",
"code": "TAG_ERROR"
}
Fields:
status: "success" or "error"data.tag: The tag name that was createderror: Human-readable error message (only in error responses)code: Machine-readable error code (only in error responses)CONFIGURATION_ERROR: Invalid configuration or repository state (e.g., detached HEAD)TAG_ERROR: Failed to create or push tagExtract version in GitHub Actions:
- name: Calculate version
id: version
run: |
VERSION=$(tagger calculate-version --format=json | jq -r '.data.version')
echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: Use version
run: echo "Building version ${{ steps.version.outputs.version }}"
Extract version in bash:
# Get version
VERSION=$(tagger calculate-version --format=json 2>/dev/null | jq -r '.data.version')
# Check if snapshot
IS_SNAPSHOT=$(tagger calculate-version --format=json 2>/dev/null | jq -r '.data.snapshot')
if [ "$IS_SNAPSHOT" = "true" ]; then
echo "This is a snapshot build"
fi
Error handling:
OUTPUT=$(tagger calculate-version --format=json 2>&1)
STATUS=$(echo "$OUTPUT" | jq -r '.status')
if [ "$STATUS" = "error" ]; then
ERROR_MSG=$(echo "$OUTPUT" | jq -r '.error')
ERROR_CODE=$(echo "$OUTPUT" | jq -r '.code')
echo "Error ($ERROR_CODE): $ERROR_MSG"
exit 1
fi
Error: found N tag(s) (...) but it is/they are lightweight.
Cause: Tagger requires annotated tags (created with git tag -a) because they store metadata like tagger name, email, and timestamp. Lightweight tags (created with git tag <name>) don't include this information.
Solution: Recreate the tag(s) as annotated tags. The error message will provide exact commands, for example:
git tag -d 1.0.0
git tag -a 1.0.0 <sha> -m "1.0.0"
git push --force origin 1.0.0
Replace <sha> with the commit hash where the tag should point (often the same commit the lightweight tag pointed to).
Error: Command failed: git push --tags (exit code 128) or exit code 403
Common causes:
Solutions:
For Azure DevOps:
<Project Name> Build Service)Contribute and Create tag permissions- checkout: self
persistCredentials: true
For GitHub Actions:
jobs:
build:
permissions:
contents: write # Required for pushing tags
GITHUB_TOKENFor GitLab CI:
variables:
GIT_STRATEGY: clone
before_script:
- git config --global user.email "ci@example.com"
- git config --global user.name "CI Bot"
Error: repository has no tags.
Cause: This is a new repository or no tags have been created yet.
Solution: Create an initial tag manually to establish the version baseline:
git tag -a 0.1.0 -m "Initial version"
git push origin 0.1.0
After this, tagger can calculate subsequent versions automatically.
For a full listing of the available options in the program, please use the built-in help command.
tagger --help
FAQs
 
The npm package git-semver-tagger receives a total of 285 weekly downloads. As such, git-semver-tagger popularity was classified as not popular.
We found that git-semver-tagger demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
A Shai-Hulud infection exposed Suno's source code, which shows the AI music startup stream-ripped tracks to train its models.

Security News
Vercel is formalizing a monthly release program for Next.js. The change follows React2Shell and a sharp rise in AI-assisted vulnerability discovery.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.