npmpackage.info

Gathering detailed insights and metrics for conventional-changelog-aron

Other packages similar to conventional-changelog-aron

aron-conventional-commits

1.6.0

A human-readable set of conventional commits, with version rules and changelog groupings

commitlint-config-aron

1.6.0

Check your commits with Aron's commitlint config

Gathering detailed insights and metrics for conventional-changelog-aron

conventional-changelog-aron - 1.6.0 | npmpackage.info

conventional-changelog-aron

A monorepo ecosystem integrating first-class packages and conventional workflows ✨

1.6.0

MIT

TypeScript

76.45 kB

3.4

Installations

npm install conventional-changelog-aron

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, ESM

Node Version

18.12.1

NPM Version

8.19.3 Pull Requests

Open

0

Total

0

Closed

0

Issues

Open

0

Total

4

Closed

4

Releases

v1.6.0

Updated on Mar 27, 2023

v1.5.2

Updated on Mar 25, 2023

v1.5.1

Updated on Mar 24, 2023

v1.5.0

Updated on Mar 24, 2023

v1.4.7

Updated on Mar 22, 2023

v1.4.6

Updated on Mar 18, 2023

View All 89 releases

Languages

TypeScript

JavaScript

Svelte

CSS

Dockerfile

Shell

TypeScript (81%)

JavaScript (16.51%)

Svelte (1.5%)

CSS (0.67%)

Dockerfile (0.19%)

Shell (0.12%)

Developer

1aron

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

7 Stars

324 Commits

2 Watchers

2 Branches

3 Contributors

Updated on Nov 05, 2023

Maintainers

View All 3 Contributors

Package Meta Information

Latest Version

1.6.0

Package Id

conventional-changelog-aron@1.6.0

Unpacked Size

76.45 kB

Size

12.46 kB

File Count

NPM Version

8.19.3

Node Version

18.12.1

Published on

Mar 27, 2023

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

aron-conventional-commits compare-func dedent

Dev Dependencies

conventional-changelog-core

Beautiful changelog based on Aron's conventional commits

Getting Started

Skip if you have already run npm install aronrepo:

npm install conventional-changelog-aron -D

This package is used with Aron's semantic release.

Generated Example

https://github.com/master-co/css/releases/tag/v2.0.0-beta.77

Commit Header Format

The header has a particular format that includes a Type, a Target, and a Summary:

Type(Target): Summary
  ┊     ┊
  ┊     └─⫸ Target: Workspace, Package or Role
  ┊
  └─⫸ Type: Bump, Feat, New, Perf, Add, Update, Improve, Fix, Depreciate, Drop, Docs, Upgrade, Revert, Example, Test, Refactor, Chore, Misc

For full documentation, check out the Aron's conventional commits

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Security-Policy

Determines if the project has published a security policy.

4

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 4

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commit-check.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/commit-check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commit-check.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/commit-check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request-title-check.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/pull-request-title-check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/type-check.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/type-check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/type-check.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/1aron/aronrepo/type-check.yml/main?enable=pin
Warn: containerImage not pinned by hash: packages/github-actions/Dockerfile:1: pin your Docker image by updating node:19-alpine to node:19-alpine@sha256:8ec543d4795e2e85af924a24f8acb039792ae9fe8a42ad5b4bf4c277ab34b62e
Warn: npmCommand not pinned by hash: packages/github-actions/Dockerfile:4
Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 third-party GitHubAction dependencies pinned
Info: 0 out of 1 containerImage dependencies pinned
Info: 5 out of 6 npmCommand dependencies pinned

0

Maintained

Determines if the project is "actively maintained".

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

SAST

Determines if the project uses static code analysis.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

3.4

/10

Last Scanned on 2025-07-14

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More