semantic-release - npm Package Compare versions

Comparing version 21.0.7 to 22.0.6

docs/extending/plugins-list.md

@@ -87,2 +87,7 @@ # Plugins list
   - `publish`: Runs `mvn deploy` to deploy to maven central and optionally will update to next snapshot version and merge changes to development branch
+- [maven-semantic-release](https://github.com/terrestris/maven-semantic-release) (alternative version)
+  - `verifyConditions`: Verifies that the `mvn` command exists.
+  - `prepare`: Changes version number in `pom.xml` and optionally in all child modules.
+  - `publish`: Runs one of the mvn targets `deploy`, `package jib:build` or `deploy jib:build`.
+  - `success`: Optionally sets new snapshot version and commits it.
 - [semantic-release-ado](https://github.com/lluchmk/semantic-release-ado)
@@ -111,3 +116,3 @@ - `prepare`: Stores the version number as an Azure DevOps pipeline variable available to downstream steps on the job
   - `addChannel`: Update a Gitea release's pre-release field.
-- [@google/semantic-release-replace-plugin](https://github.com/google/semantic-release-replace-plugin)
+- [semantic-release-replace-plugin](https://github.com/jpoehnelt/semantic-release-replace-plugin)
   - `prepare`: Replace version strings in files using regex and glob.
@@ -179,2 +184,5 @@ - [semantic-release-rubygem](https://github.com/Gusto/semantic-release-rubygem)
   - `publish` add a release tag to Coralogix
+- [semantic-release-jira-notes](https://github.com/iamludal/semantic-release-jira-notes)
+  - `verifyConditions`: Validate the config options.
+  - `generateNotes`: Generate the release notes with links to JIRA issues.
 - [semantic-release-major-tag](https://github.com/doteric/semantic-release-major-tag)
@@ -188,1 +196,5 @@ - `success` Create major version tag, for example `v1`.
   - `publish` Publish to the npm registry.
+- [semantic-release-pub](https://github.com/zeshuaro/semantic-release-pub)
+  - `verifyConditions`: Verify the presence of the `pub.dev` authentication and release configuration
+  - `prepare`: Update the `pubspec.yaml` version
+  - `publish`: Publish the package onto the `pub.dev` registry

docs/recipes/ci-configurations/gitlab-ci.md

@@ -9,2 +9,7 @@ # Using semantic-release with [GitLab CI](https://about.gitlab.com/features/gitlab-ci-cd)
 
+## npm provenance
+
+Since GitLab CI is a [supported provider](https://docs.npmjs.com/generating-provenance-statements#provenance-limitations) for [npm provenance](https://docs.npmjs.com/generating-provenance-statements), it is recommended to enable this to increase supply-chain security for your npm packages.
+Find more detail about configuring npm to publish with provenance through semantic-release [in the documentation for our npm plugin](https://github.com/semantic-release/npm#npm-provenance).
+
 ## Node project configuration
@@ -11,0 +16,0 @@

docs/support/FAQ.md

@@ -198,3 +198,3 @@ # Frequently Asked Questions
 
-This is not supported by **semantic-release** as it's not considered a good practice, mostly because [Semantic Versioning](https://semver.org) rules applies differently to major version zero.
+This is not supported by semantic-release. [Semantic Versioning](https://semver.org/) rules apply differently to major version zero and supporting those differences is out of scope and not one of the goals of the semantic-release project.
 
@@ -201,0 +201,0 @@ If your project is under heavy development, with frequent breaking changes, and is not production ready yet we recommend [publishing pre-releases](../recipes/release-workflow/pre-releases.md#publishing-pre-releases).

docs/usage/configuration.md

@@ -43,2 +43,13 @@ # Configuration
 
+- Via `release.config.cjs` file:
+
+```js
+/**
+ * @type {import('semantic-release').GlobalConfig}
+ */
+module.exports = {
+  branches: ["master", "next"],
+};
+```
+
 - Via CLI argument:
@@ -45,0 +56,0 @@

package.json

 {
   "name": "semantic-release",
   "description": "Automated semver compliant package publishing",
-  "version": "21.0.7",
+  "version": "22.0.6",
   "type": "module",
@@ -9,3 +9,4 @@ "author": "Stephan Bönnemann <stephan@boennemann.me> (http://boennemann.me)",
     "files": [
-      "test/**/*.test.js"
+      "test/**/*.test.js",
+      "!test/integration.test.js"
     ],
@@ -30,13 +31,13 @@ "nodeArguments": [
   "dependencies": {
-    "@semantic-release/commit-analyzer": "^10.0.0",
+    "@semantic-release/commit-analyzer": "^11.0.0",
     "@semantic-release/error": "^4.0.0",
     "@semantic-release/github": "^9.0.0",
-    "@semantic-release/npm": "^10.0.2",
-    "@semantic-release/release-notes-generator": "^11.0.0",
-    "aggregate-error": "^4.0.1",
+    "@semantic-release/npm": "^11.0.0",
+    "@semantic-release/release-notes-generator": "^12.0.0",
+    "aggregate-error": "^5.0.0",
     "cosmiconfig": "^8.0.0",
     "debug": "^4.0.0",
-    "env-ci": "^9.0.0",
-    "execa": "^7.0.0",
-    "figures": "^5.0.0",
+    "env-ci": "^10.0.0",
+    "execa": "^8.0.0",
+    "figures": "^6.0.0",
     "find-versions": "^5.1.0",
@@ -46,6 +47,6 @@ "get-stream": "^6.0.0",
     "hook-std": "^3.0.0",
-    "hosted-git-info": "^6.0.0",
+    "hosted-git-info": "^7.0.0",
     "lodash-es": "^4.17.21",
-    "marked": "^5.0.0",
-    "marked-terminal": "^5.1.1",
+    "marked": "^9.0.0",
+    "marked-terminal": "^6.0.0",
     "micromatch": "^4.0.2",
@@ -63,6 +64,7 @@ "p-each-series": "^3.0.0",
     "ava": "5.3.1",
-    "c8": "8.0.0",
+    "c8": "8.0.1",
     "clear-module": "4.1.2",
     "codecov": "3.8.3",
-    "dockerode": "3.3.5",
+    "cz-conventional-changelog": "3.3.0",
+    "dockerode": "4.0.0",
     "file-url": "4.0.0",
@@ -72,13 +74,17 @@ "fs-extra": "11.1.1",
     "js-yaml": "4.1.0",
+    "lockfile-lint": "4.12.1",
+    "ls-engines": "0.9.0",
     "mockserver-client": "5.15.0",
-    "nock": "13.3.1",
-    "p-retry": "5.1.2",
-    "prettier": "2.8.8",
-    "sinon": "15.2.0",
+    "nock": "13.3.7",
+    "npm-run-all2": "6.1.1",
+    "p-retry": "6.1.0",
+    "prettier": "3.0.3",
+    "publint": "0.2.5",
+    "sinon": "17.0.0",
     "stream-buffers": "3.0.2",
-    "tempy": "3.0.0",
-    "testdouble": "3.18.0"
+    "tempy": "3.1.0",
+    "testdouble": "3.20.0"
   },
   "engines": {
-    "node": ">=18"
+    "node": "^18.17 || >=20.6.1"
   },
@@ -89,2 +95,3 @@ "files": [
     "lib",
+    "index.d.ts",
     "index.js",
@@ -106,3 +113,4 @@ "cli.js"
   "license": "MIT",
-  "main": "index.js",
+  "main": "./index.js",
+  "types": "index.d.ts",
   "c8": {
@@ -121,2 +129,10 @@ "include": [
   },
+  "lockfile-lint": {
+    "path": "package-lock.json",
+    "type": "npm",
+    "validate-https": true,
+    "allowed-hosts": [
+      "npm"
+    ]
+  },
   "prettier": {
@@ -134,10 +150,18 @@ "printWidth": 120,
   },
+  "config": {
+    "commitizen": {
+      "path": "./node_modules/cz-conventional-changelog"
+    }
+  },
   "scripts": {
     "codecov": "codecov -f coverage/coverage-final.json",
-    "lint": "prettier --check \"*.{js,json,md}\" \".github/**/*.{md,yml}\" \"docs/**/*.md\" \"{bin,lib,test}/**/*.js\"",
-    "lint:fix": "prettier --write \"*.{js,json,md}\" \".github/**/*.{md,yml}\" \"docs/**/*.md\" \"{bin,lib,test}/**/*.js\"",
-    "pretest": "npm run lint",
+    "lint:prettier": "prettier --check \"*.{js,json,md}\" \".github/**/*.{md,yml}\" \"docs/**/*.md\" \"{bin,lib,test}/**/*.js\"",
+    "lint:prettier:fix": "prettier --write \"*.{js,json,md}\" \".github/**/*.{md,yml}\" \"docs/**/*.md\" \"{bin,lib,test}/**/*.js\"",
+    "lint:lockfile": "lockfile-lint",
+    "lint:engines": "ls-engines",
+    "lint:publish": "publint --strict",
     "semantic-release": "./bin/semantic-release.js",
-    "test": "c8 ava --verbose",
-    "test:ci": "c8 ava --verbose"
+    "test": "npm-run-all --print-label --parallel lint:* --parallel test:*",
+    "test:unit": "c8 ava --verbose",
+    "test:integration": "ava --verbose test/integration.test.js"
   },
@@ -144,0 +168,0 @@ "renovate": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

283709

increased by8.8%

Number of package files

66

increased by1.54%

Lines of code

2621

increased by31.71%

Worsened metrics

Dev dependency count

22

increased by29.41%

Dependency changes

• + Added@semantic-release/commit-analyzer@11.1.0(transitive)

• + Added@semantic-release/npm@11.0.3(transitive)

• + Added@semantic-release/release-notes-generator@12.1.0(transitive)

• + Added@sindresorhus/is@4.6.0(transitive)

• + Addedany-promise@1.3.0(transitive)

• + Addedchalk@4.1.2(transitive)

• + Addedchar-regex@1.0.2(transitive)

• + Addedcli-highlight@2.1.11(transitive)

• + Addedcliui@7.0.4(transitive)

• + Addedconventional-changelog-angular@7.0.0(transitive)

• + Addedconventional-changelog-writer@7.0.1(transitive)

• + Addedemojilib@2.4.0(transitive)

• + Addedenv-ci@10.0.0(transitive)

• + Addedfigures@6.1.0(transitive)

• + Addedfind-up-simple@1.0.0(transitive)

• + Addedhighlight.js@10.7.3(transitive)

• + Addedimport-from-esm@1.3.4(transitive)

• + Addedimport-meta-resolve@4.1.0(transitive)

• + Addedindex-to-position@0.1.2(transitive)

• + Addedis-unicode-supported@2.1.0(transitive)

• + Addedmarked@9.1.6(transitive)

• + Addedmarked-terminal@6.3.0(transitive)

• + Addedmz@2.7.0(transitive)

• + Addednode-emoji@2.1.3(transitive)

• + Addednpm@10.8.3(transitive)

• + Addedobject-assign@4.1.1(transitive)

• + Addedparse-json@8.1.0(transitive)

• + Addedparse5@5.1.16.0.1(transitive)

• + Addedparse5-htmlparser2-tree-adapter@6.0.1(transitive)

• + Addedread-pkg@9.0.1(transitive)

• + Addedread-pkg-up@11.0.0(transitive)

• + Addedskin-tone@2.0.0(transitive)

• + Addedsupports-hyperlinks@3.1.0(transitive)

• + Addedthenify@3.3.1(transitive)

• + Addedthenify-all@1.6.0(transitive)

• + Addedunicode-emoji-modifier-base@1.0.0(transitive)

• + Addedyargs@16.2.0(transitive)

• - Removed@semantic-release/commit-analyzer@10.0.4(transitive)

• - Removed@semantic-release/npm@10.0.6(transitive)

• - Removed@semantic-release/release-notes-generator@11.0.7(transitive)

• - Removed@types/minimist@1.2.5(transitive)

• - Removedaggregate-error@4.0.1(transitive)

• - Removedansicolors@0.3.2(transitive)

• - Removedarrify@1.0.1(transitive)

• - Removedcamelcase@5.3.1(transitive)

• - Removedcamelcase-keys@6.2.2(transitive)

• - Removedcardinal@2.1.1(transitive)

• - Removedclean-stack@4.2.0(transitive)

• - Removedconventional-changelog-angular@6.0.0(transitive)

• - Removedconventional-changelog-writer@6.0.1(transitive)

• - Removedconventional-commits-filter@3.0.0(transitive)

• - Removeddateformat@3.0.3(transitive)

• - Removeddecamelize@1.2.0(transitive)

• - Removeddecamelize-keys@1.1.1(transitive)

• - Removedenv-ci@9.1.1(transitive)

• - Removedesprima@4.0.1(transitive)

• - Removedexeca@7.2.0(transitive)

• - Removedfigures@5.0.0(transitive)

• - Removedfind-up@4.1.0(transitive)

• - Removedfunction-bind@1.1.2(transitive)

• - Removedhard-rejection@2.1.0(transitive)

• - Removedhasown@2.0.2(transitive)

• - Removedhosted-git-info@2.8.96.1.1(transitive)

• - Removedhuman-signals@4.3.1(transitive)

• - Removedimport-from@4.0.0(transitive)

• - Removedindent-string@4.0.0(transitive)

• - Removedis-core-module@2.15.1(transitive)

• - Removedis-plain-obj@1.1.0(transitive)

• - Removedis-unicode-supported@1.3.0(transitive)

• - Removedkind-of@6.0.3(transitive)

• - Removedlocate-path@5.0.0(transitive)

• - Removedlodash@4.17.21(transitive)

• - Removedlodash.ismatch@4.4.0(transitive)

• - Removedlru-cache@7.18.3(transitive)

• - Removedmap-obj@1.0.14.3.0(transitive)

• - Removedmarked@5.1.2(transitive)

• - Removedmarked-terminal@5.2.0(transitive)

• - Removedmeow@8.1.2(transitive)

• - Removedmin-indent@1.0.1(transitive)

• - Removedminimist-options@4.1.0(transitive)

• - Removedmodify-values@1.0.1(transitive)

• - Removednode-emoji@1.11.0(transitive)

• - Removednormalize-package-data@2.5.0(transitive)

• - Removednpm@9.9.3(transitive)

• - Removedp-limit@2.3.0(transitive)

• - Removedp-locate@4.1.0(transitive)

• - Removedp-try@2.2.0(transitive)

• - Removedpath-exists@4.0.0(transitive)

• - Removedpath-parse@1.0.7(transitive)

• - Removedquick-lru@4.0.1(transitive)

• - Removedread-pkg@5.2.0(transitive)

• - Removedread-pkg-up@7.0.1(transitive)

• - Removedredent@3.0.0(transitive)

• - Removedredeyed@2.1.1(transitive)

• - Removedresolve@1.22.8(transitive)

• - Removedsemver@5.7.2(transitive)

• - Removedsignal-exit@3.0.7(transitive)

• - Removedsplit@1.0.1(transitive)

• - Removedstrip-indent@3.0.0(transitive)

• - Removedsupports-hyperlinks@2.3.0(transitive)

• - Removedsupports-preserve-symlinks-flag@1.0.0(transitive)

• - Removedtrim-newlines@3.0.1(transitive)

• - Removedtype-fest@0.6.00.8.1(transitive)

• Updated@semantic-release/commit-analyzer@^11.0.0

• Updated@semantic-release/npm@^11.0.0

• Updated@semantic-release/release-notes-generator@^12.0.0

• Updatedaggregate-error@^5.0.0

• Updatedenv-ci@^10.0.0

• Updatedexeca@^8.0.0

• Updatedfigures@^6.0.0

• Updatedhosted-git-info@^7.0.0

• Updatedmarked@^9.0.0

• Updatedmarked-terminal@^6.0.0