npmpackage.info

Gathering detailed insights and metrics for @auto-canary/crates

@auto-canary/crates

Generate releases based on semantic version labels on pull requests.

8.1.0-canary.789.10408.0

2,281

MIT

TypeScript

558,688 3.4

Installations

npm install @auto-canary/crates

Pull Requests

Open

37

Total

1,951

Closed

319

Merged

1,595

Issues

Open

109

Total

469

Closed

360

Releases

647

v11.3.0

Published on 25 Oct 2024

v11.2.1

Published on 28 Aug 2024

v11.2.0

Published on 17 Jul 2024

v11.1.6

Published on 04 Apr 2024

v11.1.5

Published on 04 Apr 2024

v11.1.4

Published on 04 Apr 2024

View all 647 releases

Developer

intuit

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

Typescript Support

No

Node Version

8.14.1

NPM Version

lerna/3.19.0/node@v8.14.1+x64 (linux)

Statistics

2,281 Stars

6,355 Commits

205 Forks

17 Watching

49 Branches

100 Contributors

Updated on 26 Nov 2024

Languages

TypeScript (98.9%)

JavaScript (1.01%)

Ruby (0.09%)

Total Downloads

Cumulative downloads

Total Downloads

558,688

Last day

Compared to previous day

Last week

15,650%

630

Compared to previous week

Last month

177.4%

4,147

Compared to previous month

Last year

-82.2%

20,345

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

toml tslib env-ci semver user-home @auto-it/core

Versions

Generate releases based on semantic version labels on pull requests

Automated releases powered by pull request labels. Streamline your release workflow and publish constantly! auto is meant to be run in a continuous integration (CI) environment, but all the commands work locally as well.

Release Features:

Calculate semantic version bumps from PRs
Skip a release with the skip-release label
Publish canary releases from PRs or locally
Generate changelogs with fancy headers, authors, and monorepo package association
Use labels to create new changelog sections
Generate a GitHub release

Pull Request Interaction Features:

Get the labels for a PR
Set the status of a PR
Check that a pull request has a SemVer label
Comment on a PR with markdown
Update the PR body with contextual build metadata

Visit the docs for more information.

:pushpin: Plugins :pushpin:

Auto has an extensive plugin system and wide variety of official plugins. Make a PR to add yours!

Package Managers:

brew - Automate the creation of Homebrew formulae
chrome - Publish code to Chrome Web Store
cocoapods - Version your CocoaPod, and push to your specs repository!
crates - Publish Rust crates
docker - Publish images with Docker
gem - Publish ruby gems
git-tag - Manage your projects version through just a git tag (default when used with binary)
gradle - Publish code with gradle
maven - Publish code with maven
npm - Publish code to npm (default when installed through npm)
sbt - Publish Scala projects with sbt
vscode - Publish code to the VSCode extension marketplace

Extra Functionality:

all-contributors - Automatically add contributors as changelogs are produced using all-contributors-cli
conventional-commits - Parse conventional commit messages for version bumps
exec - Tap into hooks and run scripts on the terminal
first-time-contributor - Thank first time contributors for their work right in your release notes.
gh-pages - Automate publishing to your gh-pages documentation website
jira - Include Jira story links in the changelog
magic-zero - A plugin that closely adheres to semver versioning for 0.0.x and 0.x.y releases
microsoft-teams - Post your release notes to a Microsoft teams channel
omit-commits - Ignore commits base on name, email, subject, labels, and username
omit-release-notes - Ignore release notes in PRs made by certain accounts
pr-body-labels - Allow outside contributors to indicate what semver label should be applied to the Pull Request
released - Add a released label to published PRs, comment with the version it's included in and comment on the issues the PR closes
s3 - Post your built artifacts to amazon s3
slack - Post release notes to slack
twitter - Post release notes to twitter
upload-assets - Add extra assets to the release
protected-branch - Handle Github branch protections and avoid run auto with an admin token

:hammer: Start Developing :hammer:

To get set up, fork and clone the project then run the following command:

1yarn

Build/Typecheck

You must build at least once before running the tests or lint.

1yarn build

In watch mode:

1yarn start

Installing the binary

Install the bundled binary onto your system. This requires the project to be built or in watch mode.

1yarn install-mac

If running this for the first time you may also have to run the following command.

1chmod +x /usr/local/bin/auto

Cleaning

1yarn clean

Linting

1yarn lint

Testing

1yarn test

Run the docs

1yarn docs

Create a new plugin

Get started developing a new plugin in the monorepo in seconds.

The two arguments are:

A spaced name
A description

1yarn create:plugin my-plugin "Do something really cool"

Create a new package

Get started developing a new package in the monorepo in seconds.

The two arguments are:

A spaced name
A description

1yarn create:package my-package "Do something really cool"

:beers: Contributing :beers:

Feel free to make an issue or open a pull request!

Make sure to read our code of conduct.

:rocket: Projects Using `auto` :rocket:

:star: Storybookjs design-system - Storybook's official design system

:star: space-kit - Home base for Apollo's design system

:star: react-glider - A react wrapper for glider.js

:star: reaction - Artsy’s React Components

:star: emission - Artsy’s React Native Components

:star: webpack-inject-plugin - A webpack plugin to dynamically inject code into the bundle.

:star: html-webpack-insert-text-plugin - Insert text into the head or body of your HTML

:star: react-easy-crop - A React component to crop images/videos with easy interactions

:nail_care: `auto` Badge :nail_care:

Does your project use auto? Then use our custom badge!

:art: Prior Art :art:

auto is inspired by some excellent tech that came before it.

github-semantic-version - Automated semantic version releases powered by Github Issues.
lerna-changelog - 📖 PR-based changelog generator with monorepo support

Contributors

Thanks goes to these wonderful people (emoji key):

_{Adam Dierkens} 💻 📖 🤔 ⚠️	_{Andrew Lisowski} 💻 📖 🤔 🚇 ⚠️ 📝	_David 🚇 ⚠️ 💻 📖	_Orta 💻 📖	_{Justin Bennett} 🐛 💻 📖 ⚠️	_{Alec Larson} 💻	_{Tyler Krupicka} 💻
_{Zachary Sherwin} 💻 📖 ⚠️	_bnigh 💻 📖 ⚠️	_su7edja 💻	_{Yogesh Khandelwal} 💻 ⚠️	_{Matt Boulanger} 💻	_{Karen Lo} 📖	_{James Nail} ⚠️ 💻
_rdipika94 📖	_{Brian Muenzenmeyer} 📖 💻	_{Sarah van der Laan} 📖	_{Hannes Güdelhöfer} 💻	_{Eric Clemmons} 💻 📖 ⚠️	_{Jeremiah Zucker} 📖 ⚠️ 💻	_{Brandon Miller} 💻 📖 ⚠️
_{Harris Borawski} 📖 ⚠️ 💻	_{Shelby Cohen} 📖 ⚠️ 💻	_{Kyle Brown} ⚠️ 💻	_{Till Weisser} 📖 ⚠️ 💻	_{G. Richard Bellamy} 📖 💻 ⚠️	_{Kevin Wolf} 📖 ⚠️ 💻	_{Marty Henderson} 📖 ⚠️ 💻
_{Spencer Hamm} 💻	_{Lucas Shadler} 💻 ⚠️	_{David Stone} 📖 ⚠️ 💻	_{Lucas Curti} 💻	_rachana 📖 ⚠️ 💻	_{Richard Simpson} 📖 ⚠️ 💻	_{Arturo Silva} 📖
_{Christy Jacob} 📖	_{Check your git settings!} 📖	_{Kendall Gassner} 📖 ⚠️ 💻	_{Drew Cortright} 📖 ⚠️ 💻	_{Philippe Boyd} 📖	_{Mukul Chaware} 📖 ⚠️ 💻	_{Tim Ottewell} 📖 ⚠️ 💻
_{Andrew Leedham} 📖 ⚠️ 💻	_{Seth Thomas} ⚠️ 💻	_{Evan Lovely} 📖	_{Dorian Marié} 📖	_myndelx 💻	_sentony93 📖 ⚠️ 💻	_{Kelly Harrop} 📖 💻
_{Rogerio Angeliski} 📖 ⚠️ 💻	_{Piotr Monwid-Olechnowicz} 💻 📖	_{John T. Wodder II} 📖	_{Alexey Alekhin} 📖 💻 ⚠️ 🚇	_{Vincent Briglia} 📖 ⚠️ 💻	_{Cameron Yick} ⚠️ 💻 📖 🚇	_{Kelvin Nguyen} 💻
_{Lucas Shadler} 📖 ⚠️ 💻	_{Mathieu Bergeron} 📖 ⚠️ 💻	_{Andreas Weichselbaum} 📖 ⚠️ 💻	_{Torkjel Hongve} 📖 ⚠️ 💻	_{Dalton Scharff} 📖 ⚠️ 💻	_{Corentin Ardeois} 💻	_{Julien Bouyoud} 📖 ⚠️ 💻
_{Valentin Hervieu} 📖 ⚠️ 💻	_{Ikko Ashimine} 📖 ⚠️ 💻	_{Josh Biddick} 📖 💻	_{Anton Karpov} ⚠️ 💻	_{Eric Hayes} 📖 ⚠️ 💻	_{Dominik Moritz} 💻 ⚠️	_{Jason T Brown} 📖 🚇 ⚠️ 💻
_{Bruno Nardini} 📖 🚇 ⚠️ 💻	_{Andrey Bozhko} 💻	_{Adil Malik} 📖 🚇 ⚠️ 💻	_{David Sheldrick} ⚠️ 💻 📖	_{Eskild Diderichsen} 📖 ⚠️ 💻	_ld-codes 📖 💻	_Chris 📖
_{Satish Pokala} 📖	_{Niccolò Olivieri Achille} ⚠️ 💻	_{Jack Westbrook} 📖 ⚠️ 💻	_{Atte Huhtakangas} 📖 ⚠️ 💻	_{Patrick Ruhkopf} ⚠️ 💻	_{Mark Potnick} ⚠️ 💻	_{MichaelRyanWebber} 💻
_{Martin Elias} 💻	_{Ketan Reddy} ⚠️ 💻

This project follows the all-contributors specification, contributions of any kind welcome!

Adding a Contributor

To add a contributor run yarn contributors:add, choose "Add new contributor or edit contribution type" and follow the prompts.

License

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

6

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

4

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

0

Fuzzing

Determines if the project uses fuzzing.

0

Security-Policy

Determines if the project has published a security policy.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

71 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-q8pj-2vqx-8ggc
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-mhxj-85r3-2x55
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
Warn: Project is vulnerable to: GHSA-4wx3-54gh-9fr9
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-vxf5-wxwp-m7g9
Warn: Project is vulnerable to: GHSA-9gr3-7897-pp7m
Warn: Project is vulnerable to: GHSA-25mp-g6fv-mqxx
Warn: Project is vulnerable to: GHSA-fmvm-x8mv-47mj
Warn: Project is vulnerable to: GHSA-c59h-r6p8-q9wc
Warn: Project is vulnerable to: GHSA-g77x-44xx-532m
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-22r3-9w55-cj54
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
Warn: Project is vulnerable to: GHSA-926x-m6m5-3mmp
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc

Score

3.4

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

@auto-canary/crates

Installations

Pull Requests

37

1,951

319

1,595

Issues

109

469

360

Releases

Developer

Developer Guide

CommonJS

No

8.14.1

lerna/3.19.0/node@v8.14.1+x64 (linux)

Statistics

Languages

Total Downloads

558,688

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

:pushpin: Plugins :pushpin:

:hammer: Start Developing :hammer:

Build/Typecheck

Installing the binary

Cleaning

Linting

Testing

Run the docs

Create a new plugin

Create a new package

:beers: Contributing :beers:

:rocket: Projects Using auto :rocket:

:nail_care: auto Badge :nail_care:

:art: Prior Art :art:

Contributors

Adding a Contributor

License

10

10

10

6

4

0

0

0

0

0

0

0

0

3.4

/10

:rocket: Projects Using `auto` :rocket:

:nail_care: `auto` Badge :nail_care: