Gathering detailed insights and metrics for conventional-commits-filter
Gathering detailed insights and metrics for conventional-commits-filter
Generate changelogs and release notes from a project's commit messages and metadata.
Installations
npm install conventional-commits-filterDeveloper Guide
BETA
Typescript
No
Module System
ESM
Min. Node Version
>=18
Node Version
18.20.2
NPM Version
10.5.0
Score
99.8
Supply Chain
100
Quality
81.7
Maintenance
100
Vulnerability
100
License
Releases
169
conventional-commits-parser: v6.2.0
conventional-commits-parser-v6.2.0
Updated on Jun 09, 2025
conventional-recommended-bump: v11.2.0
conventional-recommended-bump-v11.2.0
Updated on Jun 07, 2025
conventional-changelog: v7.1.0
conventional-changelog-v7.1.0
Updated on Jun 07, 2025
@conventional-changelog/git-client: v2.5.1
git-client-v2.5.1
Updated on Jun 02, 2025
@conventional-changelog/git-client: v2.5.0
git-client-v2.5.0
Updated on Jun 02, 2025
@conventional-changelog/git-client: v2.4.0
git-client-v2.4.0
Updated on May 27, 2025
Languages
3
TypeScript
JavaScript
Handlebars
TypeScript (78.7%)
JavaScript (18.97%)
Handlebars (2.33%)
Developer
conventional-changelog
Download Statistics
Total Downloads
819,139,934
Last Day
348,408
Last Week
5,375,136
Last Month
23,188,393
Last Year
224,275,265
GitHub Statistics
ISC License
8,145 Stars
1,776 Commits
729 Forks
54 Watchers
7 Branches
151 Contributors
Updated on Jul 03, 2025
Maintainers
4
Package Meta Information
Latest Version
5.0.0
Package Id
conventional-commits-filter@5.0.0
Unpacked Size
18.57 kB
Size
5.81 kB
File Count
18
NPM Version
10.5.0
Node Version
18.20.2
Published on
May 03, 2024
Total Downloads
Cumulative downloads
Total Downloads
819,139,934
Last Day
-15.4%
348,408
Compared to previous day
Last Week
-9.4%
5,375,136
Compared to previous week
Last Month
9.6%
23,188,393
Compared to previous month
Last Year
33.9%
224,275,265
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
No dependencies detected.
conventional-commits-filter
Filter out reverted commits parsed by conventional-commits-parser.
Install
1# pnpm 2pnpm add conventional-commits-filter 3# yarn 4yarn add conventional-commits-filter 5# npm 6npm i conventional-commits-filter
Usage
1import { 2 filterRevertedCommitsSync, 3 filterRevertedCommits, 4 filterRevertedCommitsStream 5} from 'conventional-commits-filter' 6import { pipeline } from 'stream/promises' 7import { Readable } from 'stream' 8 9const commits = [{ 10 type: 'revert', 11 scope: null, 12 subject: 'feat(): amazing new module', 13 header: 'revert: feat(): amazing new module\n', 14 body: 'This reverts commit 56185b7356766d2b30cfa2406b257080272e0b7a.\n', 15 footer: null, 16 notes: [], 17 references: [], 18 revert: { 19 header: 'feat(): amazing new module', 20 hash: '56185b7356766d2b30cfa2406b257080272e0b7a', 21 body: null 22 }, 23 hash: '789d898b5f8422d7f65cc25135af2c1a95a125ac\n', 24 raw: { 25 type: 'revert', 26 scope: null, 27 subject: 'feat(): amazing new module', 28 header: 'revert: feat(): amazing new module\n', 29 body: 'This reverts commit 56185b7356766d2b30cfa2406b257080272e0b7a.\n', 30 footer: null, 31 notes: [], 32 references: [], 33 revert: { 34 header: 'feat(): amazing new module', 35 hash: '56185b7356766d2b30cfa2406b257080272e0b7a', 36 body: null 37 }, 38 hash: '789d898b5f8422d7f65cc25135af2c1a95a125ac\n' 39 } 40}, { 41 type: 'Features', 42 scope: null, 43 subject: 'wow', 44 header: 'amazing new module\n', 45 body: null, 46 footer: 'BREAKING CHANGE: Not backward compatible.\n', 47 notes: [], 48 references: [], 49 revert: null, 50 hash: '56185b', 51 raw: { 52 type: 'feat', 53 scope: null, 54 subject: 'amazing new module', 55 header: 'feat(): amazing new module\n', 56 body: null, 57 footer: 'BREAKING CHANGE: Not backward compatible.\n', 58 notes: [], 59 references: [], 60 revert: null, 61 hash: '56185b7356766d2b30cfa2406b257080272e0b7a\n' 62 } 63}, { 64 type: 'What', 65 scope: null, 66 subject: 'new feature', 67 header: 'feat(): new feature\n', 68 body: null, 69 footer: null, 70 notes: [], 71 references: [], 72 revert: null, 73 hash: '815a3f0', 74 raw: { 75 type: 'feat', 76 scope: null, 77 subject: 'new feature', 78 header: 'feat(): new feature\n', 79 body: null, 80 footer: null, 81 notes: [], 82 references: [], 83 revert: null, 84 hash: '815a3f0717bf1dfce007bd076420c609504edcf3\n' 85 } 86}, { 87 type: 'Chores', 88 scope: null, 89 subject: 'first commit', 90 header: 'chore: first commit\n', 91 body: null, 92 footer: null, 93 notes: [], 94 references: [], 95 revert: null, 96 hash: '74a3e4d6d25', 97 raw: { 98 type: 'chore', 99 scope: null, 100 subject: 'first commit', 101 header: 'chore: first commit\n', 102 body: null, 103 footer: null, 104 notes: [], 105 references: [], 106 revert: null, 107 hash: '74a3e4d6d25dee2c0d6483a0a3887417728cbe0a\n' 108 } 109}]; 110 111// to filter reverted commits syncronously: 112for (const commit of filterRevertedCommitsSync(commits)) { 113 console.log(commit) 114} 115 116// to filter reverted commits in async iterables: 117await pipeline( 118 commits, 119 filterRevertedCommits, 120 async function* (filteredCommits) { 121 for await (const commit of filteredCommits) { 122 console.log(commit) 123 } 124 } 125) 126 127// to filter reverted commits in streams: 128Readable.from(commits) 129 .pipe(filterRevertedCommitsStream()) 130 .on('data', commit => console.log(commit))
Output:
1{ 2 type: 'What', 3 scope: null, 4 subject: 'new feature', 5 header: 'feat(): new feature\n', 6 body: null, 7 footer: null, 8 notes: [], 9 references: [], 10 revert: null, 11 hash: '815a3f0', 12 raw: { 13 type: 'feat', 14 scope: null, 15 subject: 'new feature', 16 header: 'feat(): new feature\n', 17 body: null, 18 footer: null, 19 notes: [], 20 references: [], 21 revert: null, 22 hash: '815a3f0717bf1dfce007bd076420c609504edcf3\n' 23 } 24} 25{ 26 type: 'Chores', 27 scope: null, 28 subject: 'first commit', 29 header: 'chore: first commit\n', 30 body: null, 31 footer: null, 32 notes: [], 33 references: [], 34 revert: null, 35 hash: '74a3e4d6d25', 36 raw: { 37 type: 'chore', 38 scope: null, 39 subject: 'first commit', 40 header: 'chore: first commit\n', 41 body: null, 42 footer: null, 43 notes: [], 44 references: [], 45 revert: null, 46 hash: '74a3e4d6d25dee2c0d6483a0a3887417728cbe0a\n' 47 } 48}
License
MIT © Steve Mao
No vulnerabilities found.
Reason
30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: ISC License: LICENSE.md:0
Reason
6 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/checks.yml:1
- Warn: no topLevel permission defined: .github/workflows/commit.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests.yaml:1
- Info: no jobLevel write permissions found
Reason
Found 2/27 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/checks.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/checks.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/checks.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/checks.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/checks.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/checks.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/checks.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commit.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/commit.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/commit.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/commit.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commit.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/commit.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/conventional-changelog/tests.yaml/master?enable=pin
- Info: 0 out of 17 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 14 third-party GitHubAction dependencies pinned
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 6 are checked with a SAST tool
Score
4.2
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More