Gathering detailed insights and metrics for git-branch-is
Gathering detailed insights and metrics for git-branch-is
Installations
npm install git-branch-isDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=10.13
Node Version
10.21.0
NPM Version
6.14.7
Score
98
Supply Chain
100
Quality
75.5
Maintenance
100
Vulnerability
100
License
Releases
7
Contributors
2
Unable to fetch Contributors
Languages
3
JavaScript
HTML
Shell
JavaScript (89.78%)
HTML (6.04%)
Shell (4.18%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
kevinoid
Download Statistics
Total Downloads
7,482,894
Last Day
6,104
Last Week
32,314
Last Month
133,183
Last Year
1,599,114
GitHub Statistics
MIT License
96 Stars
558 Commits
9 Forks
2 Watchers
7 Branches
2 Contributors
Updated on Nov 02, 2024
Bundle Size
1.30 kB
Minified
618.00 B
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
4.0.0
Package Id
git-branch-is@4.0.0
Unpacked Size
23.60 kB
Size
7.72 kB
File Count
6
NPM Version
6.14.7
Node Version
10.21.0
Total Downloads
Cumulative downloads
Total Downloads
7,482,894
Last Day
3.5%
6,104
Compared to previous day
Last Week
15.4%
32,314
Compared to previous week
Last Month
22.7%
133,183
Compared to previous month
Last Year
-1.9%
1,599,114
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
git-branch-is
Assert that the name of the current branch of a git repository has a particular value.
Introductory Example
To check that the current branch is named release and print an error if not,
run the following command:
$ git-branch-is release
Error: Current branch is "master", not "release".
$ echo $?
1
This can be useful as part of a preversion
script in package.json:
1{ 2 "name": "super-cool-package", 3 "version": "1.2.3", 4 "scripts": { 5 "preversion": "git-branch-is release && echo Preversion checks passed." 6 } 7}
Installation
This package can be installed using npm, either globally or locally, by running:
1npm install git-branch-is
Command Usage
The command options are intended to be similar to git and are documented in
the --help output:
Usage: git-branch-is [options] <branch name>
Options:
-C <path> run as if started in <path>
--git-arg <arg> additional argument to git (can be repeated) (default: [])
--git-dir <dir> set the path to the repository
--git-path <path> set the path to the git binary
-i, --ignore-case compare/match branch name case-insensitively
-I, --invert-match inverts/negates comparison
--not inverts/negates comparison (same as --invert-match)
-q, --quiet suppress warning message if branch differs
-r, --regex match <branch name> as a regular expression
-v, --verbose print a message if the branch matches
-V, --version output the version number
-h, --help output usage information
Additional Command Examples
Regular Expression Matching
To check that the current branch starts with release/ using a regular
expression:
$ git-branch-is -r "^release/"
Error: Current branch "master" does not match "^release/".
$ echo $?
1
Note: Be careful to quote patterns to avoid shell expansion or special
handling (e.g. POSIX shells expand * and cmd.exe treats ^ specially).
Case-Insensitive Matching
To check that the current branch starts with release/ case-insensitively
using a regular expression:
$ git-branch-is -i -r "^release/"
Error: Current branch "master" does not match "^release/".
$ echo $?
1
Inverted/Negated Matching
To check that the current branch is not master, use -I, --invert-match,
or --not (all functionally equivalent, use whichever you prefer):
$ git-branch-is --not master
Error: Current branch is "master".
$ echo $?
1
API Usage
To use the API with a callback function:
1var gitBranchIs = require('git-branch-is'); 2gitBranchIs('master', function(err, result) { 3 if (err) console.error(err); 4 else console.log(result ? 'On master' : 'Not on master'); 5});
Alternatively, if a callback is not provided, gitBranchIs will return a
Promise:
1var gitBranchIs = require('git-branch-is'); 2gitBranchIs('master').then( 3 function(result) { console.log(result ? 'On master' : 'Not on master'); }, 4 function(err) { console.error(err); } 5);
Additionally, instead of a string, a checking function can be passed to perform arbitrary checking against the branch name:
1var gitBranchIs = require('git-branch-is'); 2gitBranchIs(function(branchName) { /^master$/.test(branchName); }).then( 3 function(result) { console.log(result ? 'On master' : 'Not on master'); }, 4 function(err) { console.error(err); } 5);
API Docs
To use this module as a library, see the API Documentation.
Rationale
What's the value of this command over scripting with git directly? Good
question. The Introductory Example could instead be
approximated with the following:
1{ 2 "name": "super-cool-package", 3 "version": "1.2.3", 4 "scripts": { 5 "preversion": "if [ \"$(git symbolic-ref HEAD)\" = release ] ; then echo Preversion checks passed. ; else echo Error: Not on branch release. ; exit 1 ; fi" 6 } 7}
For packages which are only targeting POSIX systems, this may be a preferable
solution. However, it doesn't work on systems which don't support the POSIX
shell language (e.g. Windows, which runs scripts in cmd.exe). To support
these systems it is necessary to either introduce a dependency on Bash, to
use this script, or code up something else.
Contributing
Contributions are appreciated. Contributors agree to abide by the Contributor Covenant Code of Conduct. If this is your first time contributing to a Free and Open Source Software project, consider reading How to Contribute to Open Source in the Open Source Guides.
If the desired change is large, complex, backwards-incompatible, can have significantly differing implementations, or may not be in scope for this project, opening an issue before writing the code can avoid frustration and save a lot of time and effort.
License
This project is available under the terms of the MIT License. See the summary at TLDRLegal.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0
Reason
0 existing vulnerabilities detected
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/21 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/kevinoid/git-branch-is/node.js.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kevinoid/git-branch-is/node.js.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.js.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/kevinoid/git-branch-is/node.js.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.js.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/kevinoid/git-branch-is/node.js.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/kevinoid/git-branch-is/node.js.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/kevinoid/git-branch-is/node.js.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.js.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/kevinoid/git-branch-is/node.js.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.js.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/kevinoid/git-branch-is/node.js.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/node.js.yml:52
- Warn: npmCommand not pinned by hash: .github/workflows/node.js.yml:108
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 4 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 9 are checked with a SAST tool
Score
3.4
/10
Last Scanned on 2025-02-10
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More