npmpackage.info

Gathering detailed insights and metrics for @cypress/commit-info

@cypress/commit-info - 2.2.0 | npmpackage.info

@cypress/commit-info

Collects Git commit info using git

2.2.0

JavaScript

50.28 kB

9,406,329 2.9

Installations

npm install @cypress/commit-info

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Min. Node Version

>=6

Node Version

10.16.3

NPM Version

6.9.0 Score

93.5

Supply Chain

99.5

Quality

74.7

Maintenance

Vulnerability

100

License

Pull Requests

Open

2

Total

145

Closed

43

Merged

100

Issues

Open

2

Total

14

Closed

12

Releases

v2.2.0

Updated on Aug 21, 2019

v2.1.4

Updated on May 24, 2019

v2.1.3

Updated on Apr 03, 2019

v2.1.2

Updated on Dec 22, 2018

v2.1.1

Updated on Nov 28, 2018

v2.1.0

Updated on Nov 27, 2018

View All 22 releases

Languages

JavaScript

Shell

Dockerfile

JavaScript (95.96%)

Shell (3.58%)

Dockerfile (0.46%)

Developer

cypress-io

Download Statistics

Total Downloads

9,406,329

Last Day

839

Last Week

35,028

Last Month

170,542

Last Year

1,995,935

GitHub Statistics

18 Stars

151 Commits

7 Forks

13 Watchers

4 Branches

18 Contributors

Updated on Apr 04, 2025

Bundle Size

182.71 kB

Minified

50.28 kB

Minified + Gzipped

Bundlephobia

Maintainers

View All 18 Contributors

Package Meta Information

Latest Version

2.2.0

Package Id

@cypress/commit-info@2.2.0

Unpacked Size

11.59 kB

Size

4.59 kB

File Count

NPM Version

6.9.0

Node Version

10.16.3

Total Downloads

Cumulative downloads

Total Downloads

9,406,329

Last Day

-5%

839

Compared to previous day

Last Week

-7%

35,028

Compared to previous week

Last Month

170,542

Compared to previous month

Last Year

-67%

1,995,935

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

@cypress/commit-info

Collects Git commit info from git CLI

Install

Requires Node version 6 or above.

1npm install --save @cypress/commit-info

Use

1const {commitInfo} = require('@cypress/commit-info')
2// default folder is current working directory
3commitInfo(folder)
4  .then(info => {
5    // info object will have properties
6    // branch
7    // message
8    // email
9    // author
10    // sha
11    // timestamp (in seconds since epoch)
12    // remote
13  })

Notes:

Code assumes there is .git folder and uses Git commands to get each property, like git show -s --pretty=%B, see src/git-api.js. Note: there is fallback to environment variables.
Resolves with Bluebird promise.
Only uses Git commands, see src/git-api.js
If a command fails, returns null for each property
If you need to debug, run with DEBUG=commit-info environment variable.

Fallback environment variables

If getting the commit information using git fails for some reason, you can provide the commit information by setting the environment variables. This module will look at the following environment variables as a fallback

branch: COMMIT_INFO_BRANCH
message: COMMIT_INFO_MESSAGE
email: COMMIT_INFO_EMAIL
author: COMMIT_INFO_AUTHOR
sha: COMMIT_INFO_SHA
timestamp: COMMIT_INFO_TIMESTAMP
remote: COMMIT_INFO_REMOTE

For Docker containers

When running your application inside a Docker container, you should set these environment variables using -e syntax.

1$ docker run \
2  -e COMMIT_INFO_BRANCH=develop \
3  -e COMMIT_INFO_SHA=e5d9eb66474bc0b681da9240aa5a457fe17bc8f3 \
4  <container name>

See docker-example for a full example.

Individual methods

In addition to commitInfo this module also exposes individual promise-returning methods getBranch, getMessage, getEmail, getAuthor, getSha, getTimestamp, getRemoteOrigin. These methods do NOT use fallback environment variables.

For example

1const {getAuthor} = require('@cypress/commit-info')
2getAuthor('path/to/repo')
3  .then(name => ...)

getBranch

Resolves with the current git branch name or null.

1const {getBranch} = require('@cypress/commit-info')
2getBranch()
3  .then(branch => ...)

If this is detached commit (reporting HEAD), returns null

Small print

License: MIT - do anything with the code, but don't blame me if it does not work.

Support: if you find any problems with this module, email / tweet / open issue on Github

MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

3

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

2

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

License

Determines if the project has defined a license.

0

Fuzzing

Determines if the project uses fuzzing.

0

Security-Policy

Determines if the project has published a security policy.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

86 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-c6rq-rjc2-86v2
Warn: Project is vulnerable to: GHSA-257v-vj4p-3w2h
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-62cx-5xj4-wfm4
Warn: Project is vulnerable to: GHSA-pr45-cg4x-ff4m
Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-w5mw-f2hq-5fw8
Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-8g7p-74h8-hg48
Warn: Project is vulnerable to: GHSA-pc5p-h8pf-mvwp
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-4r62-v4vq-hr96
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-446m-mv8f-q348
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-56x4-j7p9-fcf9
Warn: Project is vulnerable to: GHSA-v78c-4p63-2j6c
Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
Warn: Project is vulnerable to: GHSA-4p35-cfcx-8653
Warn: Project is vulnerable to: GHSA-7f3x-x4pr-wqhj
Warn: Project is vulnerable to: GHSA-jpp7-7chh-cf67
Warn: Project is vulnerable to: GHSA-q6wq-5p59-983w
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-mx3x-ghqm-r43h
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-x2pg-mjhr-2m5x
Warn: Project is vulnerable to: GHSA-x6fg-f45m-jf5q
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp

Score

2.9

/10

Last Scanned on 2025-06-30

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

@cypress/commit-info

Installations

Developer Guide

No

CommonJS

>=6

10.16.3

6.9.0

Score

Pull Requests

2

145

43

100

Issues

2

14

12

Releases

Languages

Developer

cypress-io

Download Statistics

GitHub Statistics

Bundle Size

182.71 kB

50.28 kB

Maintainers

Package Meta Information

Total Downloads

9,406,329

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

@cypress/commit-info

Install

Use

Fallback environment variables

For Docker containers

Individual methods

getBranch

Small print

MIT License

10

10

3

2

0

0

0

0

0

0

0

0

2.9

/10