Security News
Inside Lodash’s Security Reset and Maintenance Reboot
Lodash 4.17.23 marks a security reset, with maintainers rebuilding governance and infrastructure to support long-term, sustainable maintenance.
By Sarah Gooding - Jan 31, 2026
Latest Socket ResearchMalicious Chrome Extension Performs Hidden Affiliate Hijacking.Details →
nerdbank-gitversioning
Advanced tools
nerdbank-gitversioning
Stamps your NPM packages with semver 2.0 compliant git commit specific version information.
nerdbank-gitversioning
With this package, and a version.json file to express your version number checked into the root of your git repo:
{
"version": "1.0-beta"
}
Your NPM packages and other builds can be automatically stamped with a version that precisely describes the git commit that built it.
CLI use
Stamp your package.json file with the git-based version:
nbgv-setversion
Reset your package.json file with a version placeholder (suitable for checking in):
nbgv-setversion --reset
Or invoke the nbgv tool directly for many options:
nbgv -?
Pack script
A possible script to pack your NPM package:
yarn nbgv-setversion
yarn pack
yarn nbgv-setversion --reset
Programmatic consumption
import * as nbgv from 'nerdbank-gitversioning'
// Retrieve all sorts of version information. Print just one bit.
const versionInfo = await nbgv.getVersion();
console.log(versionInfo.npmPackageVersion);
// Stamp the package.json file in the current directory with the computed version.
await nbgv.setPackageVersion();
// After packing, reset your package.json file to using a placeholder version number.
await nbgv.resetPackageVersionPlaceholder();
See our product documentation for more information.
Keywords
FAQs
Stamps your NPM packages with semver 2.0 compliant git commit specific version information.
The npm package nerdbank-gitversioning receives a total of 7,192 weekly downloads. As such, nerdbank-gitversioning popularity was classified as popular.
We found that nerdbank-gitversioning demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 05 Nov 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
n8n Tops 2025 JavaScript Rising Stars as Workflow Platforms Gain Momentum
n8n led JavaScript Rising Stars 2025 by a wide margin, with workflow platforms seeing the largest growth across categories.
By Sarah Gooding - Jan 29, 2026
Security News
Federal Government Rescinds Software Supply Chain Mandates, Makes SBOMs Optional
The U.S. government is rolling back software supply chain mandates, shifting from mandatory SBOMs and attestations to a risk-based approach.
By Sarah Gooding - Jan 28, 2026