Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
keep-a-changelog
Advanced tools
Node package to parse and generate changelogs following the [keepachangelog](http://keepachangelog.com/en/1.0.0/) format.
Keep a Changelog library for Node & Deno
Deno package to parse and generate changelogs following the keepachangelog format.
import { parser } from "keep-a-changelog";
import fs from "fs";
//Parse a changelog file
const changelog = parser(fs.readFileSync("CHANGELOG.md", "UTF-8"));
//Generate the new changelog string
console.log(changelog.toString());
import { parser } from "https://deno.land/x/changelog@v2.2.1/mod.ts";
//Parse a changelog file
const changelog = parser(await Deno.readTextFile("CHANGELOG.md"));
//Generate the new changelog string
console.log(changelog.toString());
import {
Changelog,
Release,
} from "https://deno.land/x/changelog@v2.2.1/mod.ts";
const changelog = new Changelog("My project")
.addRelease(
new Release("0.1.0", "2017-12-06")
.added("New awesome feature")
.added("New other awesome feature")
.fixed("Bug #3")
.removed("Drop support for X"),
)
.addRelease(
new Release("0.2.0", "2017-12-09")
.security("Fixed security vulnerability")
.deprecated("Feature X is deprecated"),
);
console.log(changelog.toString());
By default, the output format of the markdown is "compact", that removes the
space after the headings. You can change it to follow the
markdownlint
rules:
const changelog = new Changelog();
changelog.format = "markdownlint";
By default, the tag names are v
+ version number. For example, the tag for the
version 2.4.9
is v2.4.9
. To change this behavior, set a new
tagNameBuilder
:
const changelog = new Changelog();
changelog.tagNameBuilder = (release) => `version-${release.version}`;
By default and according to the
keepachangelog format, the change types
are Added
, Changed
, Deprecated
, Removed
, Fixed
, and Security
.
In case you'd like add another type, you need to extend the Release
class to
support new types. Additionally, you have to tell the parser
that it should
create instances of your new extended Release
in order to parse your changelog
correctly.
For example, we would like to add a type Maintenance
. Extend the provided
Release
class:
class CustomRelease extends Release {
constructor(version, date, description) {
super(version, date, description);
// add whatever types you want - in lowercase
const newChangeTypes = [
["maintenance", []],
];
this.changes = new Map([...this.changes, ...newChangeTypes]);
}
// for convenience, add a new method to add change of type 'maintanance'
maintenance(change) {
return this.addChange("maintenance", change);
}
}
And once you want to use the parser:
const releaseCreator = (ver, date, desc) => new CustomRelease(ver, date, desc);
const changelog = parser(changelogTextContent, { releaseCreator });
This library provides the changelog
command to normalize the changelog format.
It reads the CHANGELOG.md file and override it with the new format:
Deno:
deno install --allow-read --allow-write --name changelog https://deno.land/x/changelog/bin.ts
Node:
npm install keep-a-changelog -g
Run the script:
changelog
To use other file name:
changelog --file=History.md
To generate an empty new CHANGELOG.md file:
changelog --init
You can release automatically the latest "Unreleased" version:
changelog --release
If your "Unreleased" section has no version, you can specify it as an argument:
changelog --release 2.0.0
And return the latest released version:
changelog --latest-release
> 0.3.1
Available options:
Option | Description |
---|---|
--format | The output format for the generated markdown. It can be markdownlint or compact . The default value is compact . |
--file | The markdown file of the changelog. The default value is CHANGELOG.md . |
--url | The base url used to build the diff urls of the different releases. It is taken from the existing diff urls in the markdown. If no urls are found, try to catch it using the url of the git remote repository. |
--https | Set to false to use http instead https in the url (--https=false ). |
--init | Init a new empty changelog file. |
--latest-release | Print the latest release version. |
--release | Updated the latest unreleased version with the current date. |
--quiet | Do not output error messages |
[2.3.0] - 2023-05-25
--create
, to create unreleased versions [#31].--release
optionFAQs
Node package to parse and generate changelogs following the [keepachangelog](https://keepachangelog.com/) format.
The npm package keep-a-changelog receives a total of 5,227 weekly downloads. As such, keep-a-changelog popularity was classified as popular.
We found that keep-a-changelog demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.