Gathering detailed insights and metrics for commitlint-plugin-function-rules
Gathering detailed insights and metrics for commitlint-plugin-function-rules
commitlint plugin to use functions as rule value
Installations
npm install commitlint-plugin-function-rulesDeveloper Guide
BETA
Typescript
No
Module System
ESM
Min. Node Version
>=20
Node Version
22.15.0
NPM Version
10.9.2
Score
93.9
Supply Chain
83.6
Quality
81.7
Maintenance
100
Vulnerability
79
License
Releases
65
Languages
2
TypeScript
JavaScript
TypeScript (87.67%)
JavaScript (12.33%)
Developer
vidavidorra
Download Statistics
Total Downloads
6,133,190
Last Day
2,267
Last Week
67,676
Last Month
263,249
Last Year
2,353,549
GitHub Statistics
GPL-3.0 License
44 Stars
1,021 Commits
3 Forks
2 Watchers
1 Branches
3 Contributors
Updated on Jun 09, 2025
Maintainers
1
Package Meta Information
Latest Version
4.0.2
Package Id
commitlint-plugin-function-rules@4.0.2
Unpacked Size
44.09 kB
Size
14.93 kB
File Count
9
NPM Version
10.9.2
Node Version
22.15.0
Published on
May 29, 2025
Total Downloads
Cumulative downloads
Total Downloads
6,133,190
Last Day
-45.1%
2,267
Compared to previous day
Last Week
-0.4%
67,676
Compared to previous week
Last Month
28.5%
263,249
Compared to previous month
Last Year
30.4%
2,353,549
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
1
commitlint plugin function rules
commitlint plugin to use functions as rule value.
- Create custom function,
syncorasync, as rule value. - Create rules that are based on the commit message.
- Write rules with regular expressions.
- Use the same rules that are available in commitlint.
Install
1npm install --save-dev commitlint-plugin-function-rules @commitlint/cli @commitlint/config-conventional
Usage
Use this plugin in your project's commitlint configuration by specifying it as item in the plugins array. All rules have same name as rules that are available in commitlint, but with the function-rules prefix. The example commitlint.config.js, or commitlint.config.cjs if the package is an ES module, shows the usage of a function rule.
Note The available rules are the same as in commitlint, so it is recommended to disable the commitlint rule when specifying a function rule to avoid undefined behaviour.
1module.exports = { 2 extends: ['@commitlint/config-conventional'], 3 plugins: ['commitlint-plugin-function-rules'], 4 rules: { 5 'header-max-length': [0], // level: disabled 6 'function-rules/header-max-length': [ 7 2, // level: error 8 'always', 9 (parsed) => { 10 // Allow longer headers for commits with "deps" scope. 11 if (parsed.scope === 'deps' && parsed.header.length <= 200) { 12 return [true]; 13 } 14 return [false, 'deps header must not be longer than 200 characters']; 15 }, 16 ], 17 }, 18};
Contributing
Please create an issue if you have a bug report or feature proposal, or create a discussion if you have a question. If you like this project, please consider giving it a star ⭐
Refer to the contributing guide for detailed information about other contributions, like pull requests.
Security policy
Please refer to the Security Policy on GitHub for the security policy.
License
This project is licensed under the GPLv3 license.
Copyright © 2020-2025 Jeroen de Bruijn
License notice
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
The full text of the license is available in the LICENSE file in this repository and online.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: GNU General Public License v3.0: LICENSE.md:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/vidavidorra/.github/.github/SECURITY.md:1
- Info: Found linked content: github.com/vidavidorra/.github/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/vidavidorra/.github/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/vidavidorra/.github/.github/SECURITY.md:1
Reason
0 existing vulnerabilities detected
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'
- Warn: branch 'main' does not require approvers
- Warn: codeowners review is not required on branch 'main'
- Warn: 'up-to-date branches' is disabled on branch 'main'
- Info: status check found to merge onto on branch 'main'
- Warn: PRs are not required to make changes on branch 'main'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings
Reason
Found 0/28 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci-cd.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact v4.0.2 not signed: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/221801851
- Warn: release artifact v4.0.1 not signed: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/183422667
- Warn: release artifact v4.0.0 not signed: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/148318635
- Warn: release artifact v4.0.0-beta.2 not signed: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/148316256
- Warn: release artifact v4.0.0-beta.1 not signed: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/146942069
- Warn: release artifact v4.0.2 does not have provenance: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/221801851
- Warn: release artifact v4.0.1 does not have provenance: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/183422667
- Warn: release artifact v4.0.0 does not have provenance: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/148318635
- Warn: release artifact v4.0.0-beta.2 does not have provenance: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/148316256
- Warn: release artifact v4.0.0-beta.1 does not have provenance: https://api.github.com/repos/vidavidorra/commitlint-plugin-function-rules/releases/146942069
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Score
5.1
/10
Last Scanned on 2025-06-02
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More