npmpackage.info

Gathering detailed insights and metrics for @mixmaxhq/semantic-commitlint

@mixmaxhq/semantic-commitlint - 1.0.3 | npmpackage.info

@mixmaxhq/semantic-commitlint

📦🚀 + 📓 A continuous integration build tool to ensure all new commits meet your commit message format! ️️

1.0.3

MIT

JavaScript

9.19 kB

2.1

Installations

npm install @mixmaxhq/semantic-commitlint

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

10.16.0

NPM Version

6.13.0 Score

48.5

Supply Chain

66.6

Quality

78.7

Maintenance

Vulnerability

96.7

License

Pull Requests

Open

0

Total

8

Closed

0

Merged

8

Issues

Open

0

Total

0

Closed

0

Releases

v1.0.3

Updated on Dec 02, 2019

v1.0.2

Updated on Nov 20, 2019

v1.0.1

Updated on Nov 14, 2019

v1.0.0

Updated on Nov 05, 2019

View All 4 releases

Languages

JavaScript

JavaScript (100%)

Developer

mixmaxhq

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

1 Stars

42 Commits

1 Watchers

4 Branches

Updated on Oct 29, 2020

Maintainers

View All 28 Contributors

Package Meta Information

Latest Version

1.0.3

Package Id

@mixmaxhq/semantic-commitlint@1.0.3

Unpacked Size

9.19 kB

Size

3.83 kB

File Count

NPM Version

6.13.0

Node Version

10.16.0

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@babel/runtime @commitlint/cli @commitlint/config-conventional @commitlint/core @semantic-release/error

Dev Dependencies

@babel/cli @babel/core @babel/plugin-transform-modules-commonjs @babel/plugin-transform-runtime @mixmaxhq/commitlint-jenkins @mixmaxhq/prettier-config @mixmaxhq/semantic-release-config cz-conventional-changelog del-cli eslint eslint-config-mixmax prettier semantic-release

Semantic Commitlint

📦🚀 + 📓 A continuous integration build tool to ensure all new commits meet your commit message format!

Problem

📦🚀 semantic-release depends on properly formatted commit messages
📓 commitlint is awesome, but it doesn't know which commits occurred since your last release

Solution

semantic-commitlint fills the gap by providing a hook for semantic-release that asks commitlint to lint new commit messages that have not been included in a previous release

Features

Run in CI on all branches to ensure that only builds with valid commit messages pass
Wraps semantic-release and commitlint for an easy install
No config

Install

1npm install semantic-commitlint --save-dev

Setup

Add the following to your semantic-release release block (e.g. in the release field of your package.json)

1{
2  "verifyRelease": ["semantic-commitlint"]
3}

Setup semantic-release authentication for CI

semantic-commitlint currently only supports @commitlint/config-conventional - please open a PR if you need support for other configurations!

Usage

Simply run semantic-release as normal as part of your CI build process

Skip commits

If there are unreleased commits that shouldn't fail a build, then add them to the SEMANTIC_COMMITLINT_SKIP environment variable as comma-separated GIT SHAs. This should be uncommon, provided your development workflow lints the commits before they get added to the release branch.

1// This is the package.json of the package you're trying to publish.
2// Just add the SEMANTIC_COMMITLINT_SKIP prefix to the semantic-release command!
3{
4  "scripts": {
5    "semantic-release": "SEMANTIC_COMMITLINT_SKIP=a1be371 semantic-release"
6  }
7}

External config

This project just ties together some functionality from two external projects. For all other config options make sure to read through the docs.

Issues

Not all features implemented in semantic-release and commitlint are currently available when using semantic-commtlint. If you have a suggestion, please open an issue. Thanks!

License

semantic-commitlint is licensed under the MIT Open Source license. For more information, see the LICENSE file in this repository.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

80 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-2mj8-pj3j-h362
Warn: Project is vulnerable to: GHSA-gqf6-75v8-vr26
Warn: Project is vulnerable to: GHSA-v45m-2wcp-gg98
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
Warn: Project is vulnerable to: MAL-2023-462
Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-pc5p-h8pf-mvwp
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-h726-x36v-rx45
Warn: Project is vulnerable to: GHSA-779f-wgxg-qr8f
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
Warn: Project is vulnerable to: GHSA-4xcv-9jjx-gfj3
Warn: Project is vulnerable to: GHSA-7wpw-2hjm-89gp
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
Warn: Project is vulnerable to: GHSA-m6cx-g6qm-p2cx
Warn: Project is vulnerable to: GHSA-x8qc-rrcw-4r46
Warn: Project is vulnerable to: GHSA-4328-8hgf-7wjr
Warn: Project is vulnerable to: GHSA-93f3-23rq-pjfp
Warn: Project is vulnerable to: GHSA-jmqm-f2gx-4fjv
Warn: Project is vulnerable to: GHSA-pw54-mh39-w3hc
Warn: Project is vulnerable to: GHSA-xgh6-85xh-479p
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-r2j6-p67h-q639
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp

Score

2.1

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More