release-it - npm Package Compare versions

Comparing version 14.12.1 to 14.12.2

lib/plugin/github/GitHub.js

@@ -40,3 +40,3 @@ const fs = require('fs');
 
-    const { skipChecks, tokenRef, web, update } = this.options;
+    const { skipChecks, tokenRef, web, update, assets } = this.options;
 
@@ -52,2 +52,6 @@ if (!this.token || web) {
 
+    if (web && assets) {
+      this.log.warn('Assets are not included in web-based releases.');
+    }
+
     if (!skipChecks) {
@@ -197,3 +201,3 @@ // If we're running on GitHub Actions, we can skip the authentication and
     const name = format(releaseName, this.config.getContext());
-    const body = autoGenerate ? null : releaseNotes;
+    const body = autoGenerate ? '' : releaseNotes || '';
 
@@ -200,0 +204,0 @@ return Object.assign(options, {

package.json

 {
   "name": "release-it",
-  "version": "14.12.1",
+  "version": "14.12.2",
   "description": "Generic CLI tool to automate versioning and package publishing related tasks.",
@@ -5,0 +5,0 @@ "keywords": [

test/github.js

@@ -18,3 +18,3 @@ const test = require('ava');
 const host = 'github.com';
-const git = { changelog: null };
+const git = { changelog: '' };
 const requestErrorOptions = { request: { url: '', headers: {} }, response: { headers: {} } };
@@ -93,3 +93,3 @@
   interceptCollaborator();
-  interceptCreate({ body: { tag_name: '2.0.2', name: 'Release 2.0.2', body: null, prerelease: true, draft: true } });
+  interceptCreate({ body: { tag_name: '2.0.2', name: 'Release 2.0.2', body: '', prerelease: true, draft: true } });
 
@@ -249,3 +249,3 @@ await runTasks(github);
   interceptCreate(Object.assign({ body: { tag_name: '1.0.1' } }, remote));
-  const options = { git: { pushRepo: 'upstream', changelog: null }, github: { tokenRef, skipChecks: true } };
+  const options = { git: { pushRepo: 'upstream', changelog: '' }, github: { tokenRef, skipChecks: true } };
   const github = factory(GitHub, { options });
@@ -252,0 +252,0 @@ const exec = sinon.stub(github.shell, 'exec').callThrough();

test/stub/github.js

 const nock = require('nock');
 
-const interceptAuthentication = ({ api = 'https://api.github.com', username = 'john' } = {}) =>
+const interceptAuthentication = ({ api = 'https://api.github.com', username = 'john' } = {}) => {
   nock(api).get('/user').reply(200, {
     login: username
   });
+};
 
@@ -13,3 +14,5 @@ const interceptCollaborator = ({
   username = 'john'
-} = {}) => nock(api).get(`/repos/${owner}/${project}/collaborators/${username}`).reply(204);
+} = {}) => {
+  nock(api).get(`/repos/${owner}/${project}/collaborators/${username}`).reply(204);
+};
 
@@ -22,3 +25,3 @@ const interceptListReleases = ({
   tag_name
-} = {}) =>
+} = {}) => {
   nock(api)
@@ -39,2 +42,3 @@ .get(`/repos/${owner}/${project}/releases?per_page=1&page=1`)
     ]);
+};
 
@@ -46,4 +50,4 @@ const interceptCreate = ({
   project = 'repo',
-  body: { tag_name, name = '', body = null, prerelease = false, draft = false, generate_release_notes = false }
-} = {}) =>
+  body: { tag_name, name = '', body = '', prerelease = false, draft = false, generate_release_notes = false }
+} = {}) => {
   nock(api)
@@ -73,2 +77,3 @@ .post(`/repos/${owner}/${project}/releases`, {
     });
+};
 
@@ -80,4 +85,4 @@ const interceptUpdate = ({
   project = 'repo',
-  body: { tag_name, name = '', body = null, prerelease = false, draft = false, generate_release_notes = false }
-} = {}) =>
+  body: { tag_name, name = '', body = '', prerelease = false, draft = false, generate_release_notes = false }
+} = {}) => {
   nock(api)
@@ -96,2 +101,3 @@ .patch(`/repos/${owner}/${project}/releases/1`, { tag_name, name, body, draft, prerelease, generate_release_notes })
     });
+};
 
@@ -105,3 +111,3 @@ const interceptAsset = ({
   body = {}
-} = {}) =>
+} = {}) => {
   nock(`https://uploads.${host}`)
@@ -123,2 +129,3 @@ .post(`/repos/${owner}/${project}/releases/1/assets`, body)
     });
+};
 
@@ -125,0 +132,0 @@ module.exports = {

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

211700

increased by0.06%

Lines of code

5049

increased by0.2%

Number of low supply chain risk alerts

26

decreased by-7.14%

No dependency changes