Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
release-assist
Advanced tools
Readme
Small help with new releases of your node.js and frontend projects.
You may consider using it if...
Install it globally:
npm install -g release-assist
Or if you're like me and you don't like any globally installed crap, add it directly to the project:
npm install --save-dev release-assist
And expose the scripts via package.json
file:
{
"scripts": {
"release-start": "release-assist --start",
"release-finish": "release-assist --finish"
}
}
Ok, you've just merged new code to master branch of your project and now are ready to release it as new version. Open terminal in root directory of your project (where package.json
resides) and run command:
release-assist --start
This will:
CHANGELOG.md
with all commit messages since the last release.The changelog state release-assist leaves you with is most probably not final, but now your job of manually editing the changelog to give it the final form is much easier.
After you're done with the changelog run command:
release-assist --finish
This commits the local changes with proper version number as a commit message, so with next release this tool can keep track of everything. Now we're done here, do the real release of your project!
CHANGELOG.md
, if your is called differently you need to change the name (or subit a github issue to see what we can do).CHANGELOG.md
have very specific structure (after all we need to parse this file). See changelog of this project as an example. Parsing script expects release header to be in format # version (YYYY-MM-DD)
below the header everything is treated as release description until next header is spotted.x.x.x
(just the version number) if you have given those commits different messages in the past then release-assist won't be able to find previous release and fill changelog with all commits of your project, but this will happen only once (for the first release done with release-assist), after that everything will be working as intended.Released under the ISC license.
FAQs
Small help with new releases of your node.js and frontend projects
The npm package release-assist receives a total of 141 weekly downloads. As such, release-assist popularity was classified as not popular.
We found that release-assist demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.