Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
semantic-release-github-pr
Advanced tools
A `semantic-release` plugin that creates a changelog comment on Github PRs.
Preview the semantic release notes that would result from merging a Github PR.
This set of semantic-release
plugins will post a Github PR comment with a preview of the release that would result from merging.
npm install -D semantic-release@next semantic-release-github-pr
npx semantic-release-github-pr
It helps to think about semantic-releaase-github-pr
as a variation on semantic-release
's default behavior, using the latter's plugin system to modify some behaviors:
If a new release would result from running semantic-release
, instead of publishing a new release of a package to npm
, it posts a comment with the changelog to matching Github PRs.
It posts a static message when there's no release (for clarity).
At the beginning of each run, it cleans up any PR comments it previously made (to keep from flooding PRs or leaving outdated information).
A PR gets a comment if:
The PR's "from" branch matches the current branch (that this command is being run against).
To cover multiple CI scenarios (see below), either of:
git
HEAD.git
HEAD.The PR's base branch matches master
(default) unless the githubPr.branch
configuration option is set.
It is assumed the user is already fully familiar with semantic-release
and its workflow
.
Github authentication must be configured, exactly the same as for semantic-relase
's default @semantic-release/github
plugin.
It's possible to configure the expected base branch when matching a PR.
E.g., package.json
:
{
"release": {
"githubPr": {
"branch": "staging"
}
}
}
Due to limitations in how plugins may be composed, semantic-release-github-pr
must unfortunately hard-code the analyzeCommits
plugin (see discussion here).
Users may still want to define a custom analyzeCommits
plugin, or want to pass options to the default analyzeCommits
plugin. To work around this problem, set the desired analyzeCommits
configuration in the release plugin config inside the githubPr
key instead.
E.g., package.json
:
{
"release": {
"githubPr": {
"analyzeCommits": "myCommitsAnalyzer"
}
}
}
This plugin is best used with a CI build process to fully automate the posting of comments in Github PRs. Ideally, it should run whenever a PR is opened/updated.
To only run when necessary, we use the $TRAVIS_PULL_REQUEST
environment variable to detect whether the build is a "pull request build".
after_success:
- "[[ $TRAVIS_PULL_REQUEST != 'false' ]] && npx semantic-release-github-pr || exit 0"
To run only when necessary, we use the $CI_PULL_REQUEST
environment variable to detect whether the build has a corresponding pull request.
Unfortunately, CircleCI only supports building on push, not when a PR is created. This limits the usefulness of the plugin somewhat, as a build will have to be triggered manually after a PR is opened for the changelog to post.
post:
- "[[ $CI_PULL_REQUEST != '' ]] && npx semantic-release-github-pr || exit 0"
Running semantic-release-github-pr
is equivalent to running semantic-release
with the following configuration (as encapsulated in the semantic-release-github-pr
command):
{
"release": {
"analyzeCommits": "semantic-release-github-pr",
"generateNotes": "semantic-release-github-pr",
"verifyConditions": [
"@semantic-release/github",
"semantic-release-github-pr"
]
}
}
Used as a hook for cleaning up previous changelog PR comments made by the generateNotes
plugin, keeping it from flooding a PR with (eventually stale) changelog comments over time.
It's recommended to pair this package's verifyConditions
with that of @semantic-release/github
.
Used as a hook to create a "no release" comment on a matching PR, if semantic-release
determines that there's no new version. Doesn't actually analyze commits itself, but decorates an analyzeCommits
implementation (@semantic-release/commit-analyzer
by default).
See the Release config
section for how to configure a custom analyzeCommits
plugin and/or set options.
Creates a comment on matching PRs with the changelog for the release that would result from merging.
FAQs
A `semantic-release` plugin that creates a changelog comment on Github PRs.
The npm package semantic-release-github-pr receives a total of 420 weekly downloads. As such, semantic-release-github-pr popularity was classified as not popular.
We found that semantic-release-github-pr demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.