standard-version - npm Package Compare versions

Comparing version 7.1.0 to 8.0.0

CHANGELOG.md

@@ -5,2 +5,16 @@ # Changelog
 
+## [8.0.0](https://www.github.com/conventional-changelog/standard-version/compare/v7.1.0...v8.0.0) (2020-05-06)
+
+
+### ⚠ BREAKING CHANGES
+
+* `composer.json` and `composer.lock` will no longer be read from or bumped by default. If you need to obtain a version or write a version to these files, please use `bumpFiles` and/or `packageFiles` options accordingly.
+
+### Bug Fixes
+
+* composer.json and composer.lock have been removed from default package and bump files. ([c934f3a](https://www.github.com/conventional-changelog/standard-version/commit/c934f3a38da4e7234d9dba3b2405f3b7e4dc5aa8)), closes [#495](https://www.github.com/conventional-changelog/standard-version/issues/495) [#394](https://www.github.com/conventional-changelog/standard-version/issues/394)
+* **deps:** update dependency conventional-changelog to v3.1.18 ([#510](https://www.github.com/conventional-changelog/standard-version/issues/510)) ([e6aeb77](https://www.github.com/conventional-changelog/standard-version/commit/e6aeb779fe53ffed2a252e6cfd69cfcb786b9ef9))
+* **deps:** update dependency yargs to v15.1.0 ([#518](https://www.github.com/conventional-changelog/standard-version/issues/518)) ([8f36f9e](https://www.github.com/conventional-changelog/standard-version/commit/8f36f9e073119fcbf5ad843237fb06a4ca42a0f9))
+* **deps:** update dependency yargs to v15.3.1 ([#559](https://www.github.com/conventional-changelog/standard-version/issues/559)) ([d98cd46](https://www.github.com/conventional-changelog/standard-version/commit/d98cd4674b4d074c0b7f4d50d052ae618cf494c6))
+
 ## [7.1.0](https://github.com/conventional-changelog/standard-version/compare/v7.0.1...v7.1.0) (2019-12-08)
@@ -7,0 +21,0 @@

defaults.js

@@ -35,4 +35,3 @@ const spec = require('conventional-changelog-config-spec')
   'bower.json',
-  'manifest.json',
-  'composer.json'
+  'manifest.json'
 ]
@@ -42,6 +41,5 @@
   'package-lock.json',
-  'npm-shrinkwrap.json',
-  'composer.lock'
+  'npm-shrinkwrap.json'
 ])
 
 module.exports = defaults

package.json

 {
   "name": "standard-version",
-  "version": "7.1.0",
+  "version": "8.0.0",
   "description": "replacement for `npm version` with automatic CHANGELOG generation",
@@ -8,3 +8,2 @@ "bin": "bin/cli.js",
     "posttest": "eslint .",
-    "coverage": "nyc report --reporter=text-lcov | coveralls",
     "test": "nyc mocha --timeout=30000 test.js",
@@ -18,6 +17,3 @@ "release": "bin/cli.js"
   },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/conventional-changelog/standard-version.git"
-  },
+  "repository": "conventional-changelog/standard-version",
   "engines": {
@@ -44,3 +40,3 @@ "node": ">=8.0"
     "chalk": "2.4.2",
-    "conventional-changelog": "3.1.15",
+    "conventional-changelog": "3.1.18",
     "conventional-changelog-config-spec": "2.1.0",
@@ -56,5 +52,5 @@ "conventional-changelog-conventionalcommits": "4.2.3",
     "git-semver-tags": "3.0.1",
-    "semver": "6.3.0",
+    "semver": "7.1.1",
     "stringify-package": "1.0.1",
-    "yargs": "15.0.2"
+    "yargs": "15.3.1"
   },
@@ -66,7 +62,7 @@ "devDependencies": {
     "eslint-config-standard": "14.1.0",
-    "eslint-plugin-import": "2.18.2",
+    "eslint-plugin-import": "2.20.0",
     "eslint-plugin-node": "10.0.0",
     "eslint-plugin-promise": "4.2.1",
     "eslint-plugin-standard": "4.0.1",
-    "mocha": "6.2.2",
+    "mocha": "7.0.1",
     "mock-git": "2.0.0",
@@ -73,0 +69,0 @@ "mockery": "2.1.0",

README.md

@@ -21,6 +21,6 @@ # Standard Version
 
-1. Retreive the current version of your repository by looking at `bumpFiles`[1](), falling back to the last `git tag`.
-2. `bump` the version in `bumpFiles`[1]() based on your commits.
-4. Generates a `changelog` based on your commints (uses [conventional-changelog](https://github.com/conventional-changelog/conventional-changelog) under the hood).
-5. Creates a new `commit` including your `bumpFiles`[1]() and updated CHANGELOG.
+1. Retrieve the current version of your repository by looking at `bumpFiles`[[1]](#bumpfiles-packagefiles-and-updaters), falling back to the last `git tag`.
+2. `bump` the version in `bumpFiles`[[1]](#bumpfiles-packagefiles-and-updaters) based on your commits.
+4. Generates a `changelog` based on your commits (uses [conventional-changelog](https://github.com/conventional-changelog/conventional-changelog) under the hood).
+5. Creates a new `commit` including your `bumpFiles`[[1]](#bumpfiles-packagefiles-and-updaters) and updated CHANGELOG.
 6. Creates a new `tag` with the new version number.
@@ -33,3 +33,3 @@
 
-- **`packageFiles`** – User-defined files where versions can be read from _and_ "bumped".
+- **`packageFiles`** – User-defined files where versions can be read from _and_ be "bumped".
   - Examples: `package.json`, `manifest.json`
@@ -195,3 +195,3 @@ - In most cases (including the default), `packageFiles` are a subset of `bumpFiles`.
 
-you will get version `1.1.0` rather than what would be the auto-generated version `1.0.1`.
+You will get version `1.1.0` rather than what would be the auto-generated version `1.0.1`.
 
@@ -357,5 +357,5 @@ > **NOTE:** you can combine `--release-as` and `--prerelease` to generate a release. This is useful when publishing experimental feature(s).
 
-YES! Using `bumpFiles` (and `packageFiles`) configurations you should be able to configure `standard-version` to work for you.
+As of version `7.1.0` you can configure multiple `bumpFiles` and `packageFiles`.
 
-1. Specify a custom `bumpFile` "`file`", this is the path to the file you want to "bump"
+1. Specify a custom `bumpFile` "`filename`", this is the path to the file you want to "bump"
 2. Specify the `bumpFile` "`updater`", this is _how_ the file will be bumped.
@@ -367,3 +367,3 @@
 
-```json
+```js
 // .versionrc
@@ -373,3 +373,3 @@ {
     {
-      "file": "MY_VERSION_TRACKER.txt",
+      "filename": "MY_VERSION_TRACKER.txt",
       // The `plain-text` updater assumes the file contents represents the version.
@@ -379,8 +379,8 @@ "type": "plain-text"
     {
-      "file": "a/deep/package/dot/json/file/package.json",
+      "filename": "a/deep/package/dot/json/file/package.json",
       // The `json` updater assumes the version is available under a `version` key in the provided JSON document.
       "type": "json"
-    }
+    },
     {
-      "file": "VERSION_TRACKER.json",
+      "filename": "VERSION_TRACKER.json",
       //  See "Custom `updater`s" for more details.
@@ -387,0 +387,0 @@ "updater": "standard-version-updater.js"

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

123841

increased by1.83%

Number of package files

38

increased by5.56%

Worsened metrics

Lines of code

1928

decreased by-0.1%

Number of low supply chain risk alerts

11

increased by10%

Number of medium supply chain risk alerts

2

increased by100%

Dependency changes

• + Addedconventional-changelog@3.1.18(transitive)

• + Addedsemver@6.3.17.1.1(transitive)

• + Addedyargs@15.3.1(transitive)

• + Addedyargs-parser@18.1.3(transitive)

• - Removedconventional-changelog@3.1.15(transitive)

• - Removedsemver@6.3.0(transitive)

• - Removedyargs@15.0.2(transitive)

• - Removedyargs-parser@16.1.0(transitive)

• Updatedconventional-changelog@3.1.18

• Updatedsemver@7.1.1

• Updatedyargs@15.3.1