Gathering detailed insights and metrics for changelog-maker
Gathering detailed insights and metrics for changelog-maker
Gathering detailed insights and metrics for changelog-maker
Gathering detailed insights and metrics for changelog-maker
@bengl/changelog-maker
A git log to CHANGELOG.md tool
@agilgur5/changelog-maker
A git log to release changelog tool
@optimex-xyz/market-maker-sdk
> **CHANGELOG (v0.7.1)**: > - **Breaking Changes:** > - Environment key `dev` has been renamed to `staging` - please update your environment configuration accordingly > - Several functions from `routerService` moved to `protocolService` > - **Upgrade
@bscotch/gamemaker-releases
Utility for combining GameMaker release data into a single feed.
npm install changelog-maker
Typescript
Module System
Node Version
NPM Version
67.4
Supply Chain
92.7
Quality
83.4
Maintenance
100
Vulnerability
97
License
JavaScript (100%)
Total Downloads
887,251
Last Day
92
Last Week
2,996
Last Month
14,538
Last Year
181,194
MIT License
234 Stars
237 Commits
40 Forks
14 Watchers
3 Branches
39 Contributors
Updated on Jun 06, 2025
Latest Version
4.4.2
Package Id
changelog-maker@4.4.2
Unpacked Size
55.03 kB
Size
16.41 kB
File Count
18
NPM Version
10.9.2
Node Version
22.14.0
Published on
Apr 15, 2025
Cumulative downloads
Total Downloads
Last Day
-70.7%
92
Compared to previous day
Last Week
-14.3%
2,996
Compared to previous week
Last Month
-2%
14,538
Compared to previous month
Last Year
32.1%
181,194
Compared to previous year
A git log to CHANGELOG.md tool
changelog-maker is a formalisation of the Node.js CHANGELOG.md entry process but flexible enough to be used on other repositories.
changelog-maker will look at the git log of the current directory, pulling entries since the last tag. Commits with just a version number in the summary are removed, as are commits prior to, and including summaries that say working on <version>
(this is an io.js / Node ism).
After collecting the list of commits, any that have PR-URL: <url>
in them are looked up on GitHub and the labels of the pull request are collected, specifically looking for labels that start with semver
(the assumption is that semver-minor
, semver-major
labels are used to indicate non-patch version bumps).
Finally, the list is formatted as Markdown and printed to stdout.
Each commit will come out something like this (on one line):
1* [[`20f8e7f17a`](https://github.com/nodejs/io.js/commit/20f8e7f17a)] - 2 **test**: remove flaky test functionality (Rod Vagg) 3 [#812](https://github.com/nodejs/io.js/pull/812)
Note:
changelog-maker
on the command-line, the default GitHub repo is computed from the package.json
that exists on cwd
, otherwise fallback to nodejs/node
, you can change this by supplying the user/org as the first argument and project as the second. e.g changelog-maker joyent node
.:
, this is treated as a special label and rendered in boldsemver*
labels on the pull request referred to in their PR-URL
have those labels printed out at the start of the summary, in bold, upper cased.PR-URL
data, if it matches the assumed repo (default: nodejs/node) then just a #
followed by the number, if another repo then a full user/project#number
.When printing to a console some special behaviours are invoked:
doc:
are rendered in greysemver*
label on the pull request referred to in their PR-URL
are rendered in bold green1npm i changelog-maker -g
changelog-maker [--plaintext|p] [--markdown|md] [--sha] [--group|-g] [--reverse] [--find-matching-prs] [--commit-url=<url/with/{ref}>] [--start-ref=<ref>] [--end-ref=<ref>] [github-user[, github-project]]
github-user
and github-project
should point to the GitHub repository that can be used to find the PR-URL
data if just an issue number is provided and will also impact how the PR-URL issue numbers are displayed
--format
: dictates what formatting the output will have. Possible options are: simple
, markdown
, plaintext
, messageonly
and sha
. The default is to print a simple
output suitable for stdout.
simple
: don't print full markdown output, good for console printing without the additional fluff.sha
: print only the 10-character truncated commit hashes.plaintext
: a very simple form, without commit details, implies --group
.markdown
: a Markdown formatted from, with links and proper escaping.messageonly
: displays the commit message only, implies --group
--sha
: same as --format=sha
.--plaintext
: same as --format=plaintext
.--markdown
: same as --format=markdown
.--messageonly
: same as --format=messageonly
.--group
: reorder commits so that they are listed in groups where the xyz:
prefix of the commit message defines the group. Commits are listed in original order within group.--reverse
: reverse the order of commits when printed, does not work with --reverse
--commit-url
: pass in a url template which will be used to generate commit URLs for a repository not hosted in Github. {ref}
is the placeholder that will be replaced with the commit, i.e. --commit-url=https://gitlab.com/myUser/myRepo/commit/{ref}
--start-ref=<ref>
: use the given git <ref>
as a starting point rather than the last tag. The <ref>
can be anything commit-ish including a commit sha, tag, branch name. If you specify a --start-ref
argument the commit log will not be pruned so that version commits and working on <version>
commits are left in the list.--end-ref=<ref>
: use the given git <ref>
as a end-point rather than the now. The <ref>
can be anything commit-ish including a commit sha, tag, branch name.--filter-release
: exclude Node-style release commits from the list. e.g. "Working on v1.0.0" or "2015-10-21 Version 2.0.0" and also "npm version X" style commits containing only an x.y.z
semver designator.--find-matching-prs
: use the GitHub API to find the pull requests that match commits that don't have the PR-URL
metadata in their message text. Without metadata, it may be necessary to also pass the org/user and repo name on the commandline (as the github-user
and github-project
arguments as demonstrated above, it may also be necessary to use --find-matching-prs=true
in this case).--quiet
or -q
: do not print to process.stdout
--all
or -a
: process all commits since beginning, instead of last tag.--help
or -h
: show usage and help.Tests require GitHub authentication in order to fetch pull request metadata. ghauth will generate, store and load a personal access token in your local user configuration when changelog-maker is run during normal operation. To run the tests, you will need to ensure that you have a token in place. There are two ways to do this:
Run node ./changelog-maker.js -a
to cause changelog-maker to fetch metadata on a commit with a PR-URL
.
Manually generate a personal access token with public_repo
scope. Then create a config.json file:
1{ 2 "user": "MY_GITHUB_USERNAME", 3 "token": "MY_SECRET_TOKEN" 4}
user
is your username, and token
is the token you generated above. The location of config.json
depends on the OS, please see https://github.com/LinusU/node-application-config#config-location
changelog-maker is Copyright (c) 2015 Rod Vagg @rvagg and licenced under the MIT licence. All rights not explicitly granted in the MIT license are reserved. See the included LICENSE.md file for more details.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
Reason
security policy file detected
Details
Reason
packaging workflow detected
Details
Reason
Found 5/19 approved changesets -- score normalized to 2
Reason
2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More