INterface Diffing and Inspection Assistant
diff a module's interface between 2 commits
semver is pretty cool. in theory, it should lead to stable software that gets the latest updates as soon as they are available.
in practice, many packages don't follow semver (angular <2, coffeescript, nodejs <4).
for the packages that do, tagging a build with a new version is a manual process, which makes it prone to human errors (ie. many types of false negatives and false positives).
so let's try to automate the process. run india as part of your build to automate new version tagging.
npm install -g india
# diff between 2 commits
india hash1 hash2 -- file.js
# diff between a commit and HEAD
india hash1 -- file.js
example:
$ india f66bf74 -- ./demo/demo.js
✔ A method can't be removed
✘ A method's arity can't decrease
Method "bar" has arity of 3 at f66bf74, but arity has decreased to 2 at HEAD
✘ A method's parameters can't be removed
Method "bar" accepts a parameter "baz" at f66bf74, but was removed at HEAD
✔ A method's parameters can't be reordered
✔ A parameter's type can't become more restrictive
✘ A method's return type can't change
Method "foo" has a return type of "Object" at f66bf74, but the return type has changed to "Array" at HEAD
✔ A method's return type can't become less restrictive
✘ A method can't be added
HEAD contains method "baz", which is not defined at f66bf74
✔ A method's arity can't increase
✔ A parameter's type can't become less restrictive
✔ A method's return type can't become more restrictive
Found 3 backwards-incompatible API changes.
Found 1 backwards-compatible API change.
Recommend minor version bump (0.0.0 => 0.1.0).
INDIA looks at your file's exports, and parses the jsdoc for each exported method. It then diffs the jsdocs at the given git commits, and runs the resultant diff through its validation rules. Based on the result, INDIA suggests an appropriate next version for your file.
npm install
npm test
FAQs
INterface Diffing and Inspection Assistant
We found that india demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.
Security News
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.
Security News
Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.