hg-auto-semver - npm Package Compare versions

Comparing version 1.0.2 to 1.1.0

bin/cli.js

 #!/usr/bin/env node
 'use strict';
 
-const exec = require('child_process').exec;
-const npm = require('npm');
+const execSync = require('child_process').execSync;
 
@@ -13,26 +12,27 @@ const Version = {
 
-function getParentBranch(callback) {
-    exec('hg log --rev "p2(.)" --template "{branch}"', (error, stdout, stderr) => {
-        if (error) {
-            console.error(`exec error: ${error}`);
-            return;
-        }
-
-        callback(stdout);
-    });
+function getParentBranch() {
+    return execSync('hg log --rev "p2(.)" --template "{branch}"');
 }
 
 function bump(type) {
-    npm.load((error, npm) => {
-        console.log(error);
-        npm.commands.version([type], function(error) {
-            if (error) {
-                console.error(`npm version error: ${error}`);
-                return;
-            }
-        });
-    });
+    execSync(`npm version ${type}`);
 }
 
-getParentBranch((branch) => {
+function publish() {
+    const version = require('./package.json').version;
+
+    execSync(`hg commit --config ui.username=jenkins@coveo.com -m 'Release v${version}'`);
+    execSync(`hg tag --config ui.username=jenkins@coveo.com ${PACKAGE_VERSION} -f`);
+
+    execSync(`echo 'strict-ssl=false' > .npmrc`);
+    execSync(`echo '//npm.corp.coveo.com/:_authToken=${env.NPM_TOKEN}' >> .npmrc`);
+    execSync(`echo '@coveo:registry=https://npm.corp.coveo.com/' >> .npmrc`);
+
+    execSync(`npm publish`);
+
+    execSync(`hg --config auth.jenkins.prefix=* --config auth.jenkins.username=${process.env.HG_USR} --config auth.jenkins.password=${process.env.HG_PWD} --config 'auth.jenkins.schemes=http https' push`);
+}
+
+try {
+    const branch = getParentBranch();
     if (branch) {
@@ -44,8 +44,16 @@ const fixRegex = new RegExp('^fix\\-|[^a-z]fix\\-', 'gim');
             console.log('Branch name contains "fix-", bumping a PATCH version');
-            bump(Version.PATCH)
+            bump(Version.PATCH);
+            publish();
         } else if (featureRegex.test(branch)) {
             console.log('Branch name contains "feature-", bumping a MINOR version');
-            bump(Version.MINOR)
+            bump(Version.MINOR);
+            publish();
         }
+    } else {
+        console.log('No parent branch, exiting');
     }
-});
+} catch (err) {
+    // We don't want our CI to have an error, just log it.
+    console.log(err);
+}
+

package.json

 {
   "name": "hg-auto-semver",
-  "version": "1.0.2",
+  "version": "1.1.0",
   "description": "Automatically bump versions according to hg parent branch name.",
@@ -14,6 +14,3 @@ "main": "index.js",
   "author": "wfortin",
-  "license": "MIT",
-  "dependencies": {
-    "npm": "^3.10.7"
-  }
+  "license": "MIT"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

4287

increased by12.52%

Dependency count

0

decreased by-100%

Lines of code

45

increased by9.76%

Worsened metrics

Number of low supply chain risk alerts

2

increased byInfinity%

Dependency changes

• - Removednpm@^3.10.7

• - Removednpm@3.10.10(transitive)