fabiospampinato / bump Goto Github PK

Bump updates the project's version, updates/creates the changelog, makes the bump commit, tags the bump commit and makes the release to GitHub. Opinionated but configurable.

License: MIT License

TypeScript 92.68% JavaScript 7.32%

bump automation version changelog commit tag release

bump's Introduction

Bump

Bump updates the project's version, updates/creates the changelog, makes the bump commit, tags the bump commit and makes the release to GitHub. Opinionated but configurable.

This tool requires a top-level package.json file to work, and assumes you are using git.

Features

Bump is here to save you time. These are all its commands, which you can also call manually individually:

version: It can update your project's version, either automatically with an increment (e.g. minor) or manually (e.g. v1.2.3).
changelog: It can update the changelog with the latest changes. If you don't have a changelog already it can generate one for you which includes logs about all previous versions too. It can also wait for you to review the updated changelog, so that you can tweak it before making a commit.
commit: It can make the bump commit.
tag: It can tag the bump commit.
release: It can make a release to GitHub, including using the relevant section of the changelog as its description and uploading files.

Some other notable features:

Configurable: Every string and what commands get executed by default can be configured via the settings.
Scripts: Custom scripts can be run before/after any command.

Install

npm install -g @fabiospampinato/bump

Usage

Just run bump from inside your project. If you want to run only a specific command run bump <command> (i.e. bump changelog). If you want to learn more about the supported commands or options check out bump --help and bump <command> --help.

Settings

Bump comes with the following default settings:

{
  "force": false, // If "true" it will not ask the user for confirmation
  "version": {
    "enabled": true // Bump the version number
  },
  "changelog": {
    "enabled": true, // Enable changelog auto-updates
    "create": false, // Create the changelog file if it doesn't exist
    "review": true, // Open the changelog file after bumping, and wait for it to be reviewed
    "path": "CHANGELOG.md", // Path to the changelog file
    "version": "### Version [version]", // Template for the version line
    "commit": "- [message]", // Template for the commit line
  },
  "commit": {
    "enabled": true, // Commit the changes automatically
    "message": "Bumped version to [version]" // Template for the commit message
  },
  "tag": {
    "enabled": true, // Tag the bump commit
    "name": "v[version]" // Template for the name of the tag
  },
  "release": {
    "enabled": false, // Release to any enabled release providers
    "github": {
      "enabled": false, // Make a GitHub release
      "open": true, // Open the release/draft page
      "draft": true, // Mark it as a draft
      "prerelease": false, // Mark it as a prerelease
      "files": [], // Globs of files to attach to the release
      "filesNr": -1, // Number of files expected to match the globs, for validation purposes
      "title": "v[version]", // Template for the release title
      "token": "", // GitHub personal access token with `public_repo` priviledge
      "owner": "", // GitHub repository owner
      "repo": "" // GitHub repository name
    }
  },
  "scripts": {
    "enabled": true, // Enable pre/post scripts
    "prebump": "", // Script to execute before bumping the version
    "postbump": "", // Script to execute after bumping the version
    "prechangelog": "", // Script to execute before updating the changelog
    "postchangelog": "", // Script to execute after updating the changelog
    "precommit": "", // Script to execute before committing
    "postcommit": "", // Script to execute after committing
    "pretag": "", // Script to execute before tagging
    "posttag": "", // Script to execute after tagging
    "prerelease": "", // Script to execute before releasing
    "postrelease": "" // Script to execute after releasing
  }
}

You can override them in multiple ways:

Computer-level settings: Place your computer-level settings inside ~/.bump.json to override the default ones. You should put auth tokens there.
repository-level settings: Place your repository-level settings at the root of your repository in a file named bump.json, these settings also override computer-level settings.
Dynamic settings: You can pass an arbitrary settings object via the --config CLI option, these settings have even higher priority.
Dynamic scripts: Scripts can be provided inline with the command also, like --preversion "do something", these have the highest proprity.
Environment variables: the following environment variable is supported too: BUMP_GITHUB_TOKEN, if you'd like to provide your token that way.

Check out cash's bump.json as an example.

Enabled commands

When running bump without explicitly providing a command all the enabled ones are executed.

If for instance you don't want to tag your bump commits you can disable the related command by setting tag.enabled = false.

All commands except release are enabled by default, I recommed you to check if everything is correct, review the changelog manually as some commits shouldn't be put into the changelog, and then make the release manually with bump release.

Templates & Tokens

Bump uses templates for generating the strings it needs. Inside those templates you can put tokens, which will be replaced with some value.

A token has the following syntax: [token], and it will be replaced with some value.

The following tokens are available for commits messages, tag names, and changelog headers:

Token	Value
`[version]`	Version's number
`[version_date]`	Version's date

The following tokens are available for changelog commits:

Token	Value
`[message]`	Commit's message
`[date]`	Commit's date
`[hash]`	Commit's hash
`[hash4]`	Commit's hash cropped to first 4 characters
`[hash7]`	Commit's hash cropped to first 7 characters
`[hash8]`	Commit's hash cropped to first 8 characters
`[author_name]`	Author's name
`[author_email]`	Author's email

Hints

Commits messages: Spend some extra seconds to write descriptive commits messages, with no extra effort you'll be improving your changelogs as well. If you're already doing this, just enjoy the extra free time!
Changelogs: Changelogs are cool, if your existing project doesn't have one simply run bump changelog to generate it.
Scripts: Scripts can be used for building/testing/deployments/etc. For example: a preversion script could be used for running tests, a postversion script could be used for compiling your project for production, a postcommit script could be used for pushing the commit to origin.

License

MIT © Fabio Spampinato

bump's People

Contributors

Stargazers

Watchers

Forkers

taregnaeem jandaryl jayakrishnanamburu dweedul git-ty-up giupo yougotwill ath0mas deepzima codedchaos artisin intergalacticagency dnicolson

bump's Issues

Support for macOS Ventura

Running bump on macOS Ventura results in the following error:

TypeError: undefined is not iterable (cannot read property Symbol(Symbol.iterator))

This is due to @octokit/rest being pinned at version 16.25.0 and versions of os-name earlier than version 4.0.0 will throw that error if the version of macOS is unknown (macOS 13 was added to macos-release in version 3.1.0).

npm ls macos-release
├─┬ @octokit/[email protected]
│ └─┬ [email protected]
│   └─┬ [email protected]
│     └── [email protected]

Changelog not having all commit messages

Hi, first a big thanks for such great lib ! Really love your works !

I don't know why, sometimes, when I bump from the cli, it says no changes detected, even if there is new commits since previous version. See this screenshot:

Here is my bump.json config:

{
    "version": {
        "initial": "1.0.1",
        "increments": [
            "major",
            "minor",
            "patch"
        ]
    },
    "changelog": {
        "create": true,
        "version": "### v[version]",
        "commit": "[message]",
        "separator": "\n"
    },
    "commit": {
        "enabled": true,
        "message": "Changed version to [version]"
    },
    "scripts": {
        "postchangelog": "",
        "postrelease": "npm publish"
    }
}

Also, the postrelease script never seem to have worked.

Thanks a lot :)

issues with bump.json

I have been using your extension for a while and am trying to transition over to this version now. I cannot get the settings in bump.json to take. No matter what i do it always just goes with the defaults. I have gone through the code as well to see how it is pulling the path but still can't get it to take my settings.

Windows 10 OS, Bump is installed and working with default values.

Tried bump.json in the root directory, tried to use the --config and -c flags at the CLI with various versions of the path to the json file. There is a good bet i am just missing something vital but it's whipping me at the moment to do something that i would think fairly straight forward.

Thanks for your assistance.

Infer version from tag

Sometimes it would be useful to be able to infer the current version from tags. This would enable bump to work on more kinds of projects out of the box.

Group commits

First, thanks @fabiospampinato, i love bump!

I started using it recently, and i really like the level of customization while being easy to use.
The only thing missing for me currently would be an option to group changelogs by category, so we would have something like this :

Bug fixes :
- fix: 1
- fix(scope): 2
- fix(scope): 3

Features :
- feat(scope): 1
- feat: 2
- feat: 3

Configurable regexes could be used to look for categories, then bump would group and sort them accordingly for the current version. For example, here are the parameters that would be needed to group change logs like the result above :

{
  "changelog": {
    "categories": [
      ["^feat(\\(.*\\))?:.*$", "Features"],
      ["^fix(\\(.*\\))?:.*$", "Bug fixes"]
    ]
  },
}

Caporal.js dependency with `git://`

Being behind a corporate proxy, the git:// protocol specified in package.json for Caporal.js is blocked. is switching to https:// a viable option?

Creating an initial changelog can create duplicate version headings

When creating a CHANGELOG, if the commit that increased the version number is not the most recent commit, two version headings can be created. Also, the commit that increased the version number is discarded. when creating an initial release it is probably common to update the package.json file with more than just the version number.

Version 0.1.0

Update remaining files

Version 0.1.0

Initial commit

Add file

To reproduce:

git init
echo '{"version": "0.0.1"}' > package.json
git add .
git commit -m 'Initial commit'
touch file
git add file
git commit -m 'Add file'
echo '{"version": "0.1.0"}' > package.json
echo 'test' > file
git add package.json
git commit -m 'Update package.json'
git add file
git commit -m 'Update remaining files'
bump changelog

Dry-run mode

Hi !

It would be nice to have a dry-run mode to test various options before actually running the command and throwing stuff to the npm registry

Support for version 2 of npm's lockfile

Starting with version 2 of the lockfile, npm is saving the version twice in the package-lock.json but bump only updates the first instance.

Using the npm project as example, version 2 of the lockfile introduced an empty package at the top of the file with the same version metadata. The same applies for version 3 of the lockfile.

opn is deprecated. Replace with open

The package opn (last version 6.0.0, March 2019) is deprecated.
Please replace with open (last version 7.2.1, August 2020)

Fix type errors

After successful npm install with current package.json, trying to compile fails with 7 errors.

It seems dependency "@octokit/rest": "^16.25.0" is currently fetching version 16.43.1 (latest release-16.x) ; compile is fine while forcing version from 16.25.0 to 16.28.9, but errors appear with version ≥ 16.29.0

current compile command logs:

$ npm run clean && npm run compile

> @fabiospampinato/[email protected] clean /path/to/repo/bump
> rimraf dist


> @fabiospampinato/[email protected] compile /path/to/repo/bump
> tsc --skipLibCheck && tstei

src/providers/release/github.ts:24:24 - error TS2351: This expression is not constructable.
  Type 'typeof import("/path/to/repo/bump/node_modules/@octokit/rest/index")' has no construct signatures.

24           github = new octokit ({
                          ~~~~~~~

src/providers/release/github.ts:52:48 - error TS2694: Namespace '"/path/to/repo/bump/node_modules/@octokit/rest/index"' has no exported member 'Response'.

52         const options: UploaderOptions<octokit.Response<octokit.ReposUpdateReleaseAssetResponseUploader>, octokit.Response<octokit.ReposDeleteReleaseAssetResponse>> = {
                                                  ~~~~~~~~

src/providers/release/github.ts:52:65 - error TS2694: Namespace '"/path/to/repo/bump/node_modules/@octokit/rest/index"' has no exported member 'ReposUpdateReleaseAssetResponseUploader'.

52         const options: UploaderOptions<octokit.Response<octokit.ReposUpdateReleaseAssetResponseUploader>, octokit.Response<octokit.ReposDeleteReleaseAssetResponse>> = {
                                                                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

src/providers/release/github.ts:52:115 - error TS2694: Namespace '"/path/to/repo/bump/node_modules/@octokit/rest/index"' has no exported member 'Response'.

52         const options: UploaderOptions<octokit.Response<octokit.ReposUpdateReleaseAssetResponseUploader>, octokit.Response<octokit.ReposDeleteReleaseAssetResponse>> = {
                                                                                                                     ~~~~~~~~

src/providers/release/github.ts:52:132 - error TS2694: Namespace '"/path/to/repo/bump/node_modules/@octokit/rest/index"' has no exported member 'ReposDeleteReleaseAssetResponse'.

52         const options: UploaderOptions<octokit.Response<octokit.ReposUpdateReleaseAssetResponseUploader>, octokit.Response<octokit.ReposDeleteReleaseAssetResponse>> = {
                                                                                                                                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

src/providers/release/github.ts:66:53 - error TS2694: Namespace '"/path/to/repo/bump/node_modules/@octokit/rest/index"' has no exported member 'Response'.

66           cancel ( filePath: string, asset: octokit.Response<octokit.ReposUpdateReleaseAssetResponseUploader> ) {
                                                       ~~~~~~~~

src/providers/release/github.ts:66:70 - error TS2694: Namespace '"/path/to/repo/bump/node_modules/@octokit/rest/index"' has no exported member 'ReposUpdateReleaseAssetResponseUploader'.

66           cancel ( filePath: string, asset: octokit.Response<octokit.ReposUpdateReleaseAssetResponseUploader> ) {
                                                                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Found 7 errors.

Improve git-bash and powershell support

It seems interactive use of bump does not work on Windows.

with git-bash, command stops as soon as interactive prompt is expected to be displayed, showing "Cannot read property 'get' of undefined" and exiting
with powershell, first interactive prompt is displayed, validated, action is applied on project, but command stays like waiting for input not following nor exiting

basic setup:

mkdir bump-foo && cd bump-foo
npm init private && git init && git add . && git commit -m "initial commit"

then trying
bump fails:

                $ npx bump
(git-bash)
                Cannot read property 'get' of undefined
(powershell)
                ? Select an increment: (Use arrow keys)
                  major
                > minor
                  patch
                  premajor
                  preminor
                  prepatch
                  prerelease
                  custom
                ? Select an increment: minor

bump minor fails:

                $ npx bump minor
(git-bash)
                Bumping the version...
                Updating the changelog...
                Cannot read property 'get' of undefined
(powershell)
                ? No changes detected, bump anyway? (Use arrow keys)
                  No
                > Yes
                ? No changes detected, bump anyway? Yes
                Bumping the version...

bump minor --force runs fine 😃:

                $ npx bump minor --force
                Bumping the version...
                Updating the changelog...
                Making the commit...
                Tagging the commit...

environment:

Windows 10
Node 14.2.0 Current / 12.16.3 LTS
NPM 6.14.4

Custom template for release

It would be nice to have the possibility to set a custom template for the release, similarly to the commit message.

`bump changelog` - Invalid option.

I just installed bump and wanted to give it a test run.

I added this global config (~/.bump/json):

{
  "force": false,
  "silent": false,
  "version": {
    "enabled": true,
    "initial": "0.1.0",
    "increments": ["major", "minor", "patch"]
  },
  "changelog": {
    "enabled": true,
    "create": false,
    "open": false,
    "file": "CHANGELOG.md",
    "version": "## [version] ([version_date])",
    "commit": "- [message]",
    "separator": "\n"
  },
  "commit": {
    "enabled": true,
    "message": "[version]"
  },
  "tag": {
    "enabled": true,
    "name": "[version]"
  },
  "release": {
    "enabled": false
  },
  "tokens": {
    "date": {
      "format": "YYYY-MM-DD"
    },
    "version_date": {
      "format": "YYYY-MM-DD"
    }
  }
}

And then I ran:

bump changelog from the root of my project:

$ bump changelog
Invalid option. Choose between major,minor,patch,pre,set,current,file.

I then copied over the .bump.json as both ./bump.json and ./.bump.json, but none of the two worked.

Any ideas?

EDIT: I stripped down most of the config from bump.json file and even removed the file (both local and global) completely. bump changelog still fails with the same error message.

Support atomic bumping

If an error occurs when bumping a version it can be incomplete, in such cases the result can be that the CHANGELOG.md, package.json, and package-lock.json files are updated but no tags are added.

Here is an example of hook throwing an error relating to the Node.js version:

$ bump minor
Bumping the version...
Updating the changelog...
Making the commit...
{ Error: Command failed: git commit -a -m Bump version to 0.9.0
lint-staged requires at least version 12.13.0 of Node, please upgrade
husky - pre-commit hook exited with code 1 (error)


    at makeError (/Users/dave/.asdf/installs/nodejs/10.18.0/.npm/lib/node_modules/@fabiospampinato/bump/node_modules/execa/index.js:174:9)
    at Promise.all.then.arr (/Users/dave/.asdf/installs/nodejs/10.18.0/.npm/lib/node_modules/@fabiospampinato/bump/node_modules/execa/index.js:278:16)
    at process._tickCallback (internal/process/next_tick.js:68:7)
  code: 1,
  stdout: '',
  stderr:
   'lint-staged requires at least version 12.13.0 of Node, please upgrade\nhusky - pre-commit hook exited with code 1 (error)\n',
  failed: true,
  signal: null,
  cmd: 'git commit -a -m Bump version to 0.9.0',
  timedOut: false,
  killed: false }
[commit] An error occurred while making the commit

Comparison with release-it

Some people are using https://github.com/webpro/release-it

What would be the advantages of using bump over release-it?

You must change the version of the package Caporal

git://github.com/fabiospampinato/Caporal.js.git because of this https://itsmycode.com/the-unauthenticated-git-protocol-on-port-9418-is-no-longer-supported/

bump changelog - Cannot read property 'length' of undefined

➜  stdinho git:(master) ✗ bump changelog   
Updating the changelog...

Cannot read property 'length' of undefined

Version 1.2.2 npm broken

Not sure what happened but 20 hours ago the following command no longer works:
npm install @fabiospampinato/[email protected] -g

Error:

npm ERR! code 128
npm ERR! An unknown git error occurred
npm ERR! command git --no-replace-objects ls-remote ssh://[email protected]/fabiospampinato/Caporal.js.git
npm ERR! Warning: Permanently added 'github.com' (ED25519) to the list of known hosts.
npm ERR! [email protected]: Permission denied (publickey).
npm ERR! fatal: Could not read from remote repository.
npm ERR! 
npm ERR! Please make sure you have the correct access rights
npm ERR! and the repository exists.

[version] Unsupported repository

➜  stdinho git:(master) ✗ git tag
0.1
0.2
0.2.1
0.2.3
0.2.4
v0.2.2
➜  stdinho git:(master) ✗ bump
[version] Unsupported repository

project: https://github.com/ostrolucky/stdinho

Commit authors and overall authors

I would love to have by each commit the author's name that committed it. As well as having an (optional) section after all of the commits to specify who where all of the people that contributed to the code for the release.

Package "unexpected end of file"

Hey there,

I'm using bump both locally and on our Jenkins build process and I keep running into an issue where I get an unexpected end of file error on the bump package on version 1.2.2.

Similarly, if you try to download that file manually in your browser, you get a Failed - Network Error: https://registry.yarnpkg.com/@fabiospampinato/bump/-/bump-1.2.2.tgz

Wondering if anyone else has ran into this before. Unsure if there's an issue with the package or if it's for some reason a Yarn issue.

Using yarn v1.17.3

I downgraded to 1.2.1 so far anddd so far so good (knock on wood). Maybe it's a corrupt package in the registry?

Thanks

Support for tokens within `files` setting

I'm building VS Code extension (https://github.com/vfonic/vscode-ada-lightbulb) and would like to use bump to make a release. vsce package creates a file with a version number in its name like such: ada-lightbulb-0.1.2.vsix. I want to add this file to the github release, but I'm having some issues configuring this properly (I don't think it works):

{
  "release": {
    "enabled": true,
    "github": {
      "enabled": true,
      "open": true,
      "draft": false,
      "prerelease": false,
      "files": ["ada-lightbulb-[version].vsix"]
    }
  },
  "scripts": {
    "prebump": "",
    "postbump": "",
    "prechangelog": "",
    "postchangelog": "",
    "precommit": "",
    "postcommit": "",
    "pretag": "",
    "posttag": "",
    "prerelease": "vsce package",
    "postrelease": ""
  }
}

Would this be possible?
How did you solve this?

Thank you!

Updates packages to security alert

Running npm audit inside my project, there are warning about 4 security issues.

Security alert:

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.11                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @fabiospampinato/bump [dev]                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @fabiospampinato/bump >                                      │
│               │ d54603dc80b92820fd07563b9888dca7cbe83e96e7e351990a70dcd8537… │
│               │ > cli-table2 > lodash                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/782                             │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.5                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @fabiospampinato/bump [dev]                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @fabiospampinato/bump >                                      │
│               │ d54603dc80b92820fd07563b9888dca7cbe83e96e7e351990a70dcd8537… │
│               │ > cli-table2 > lodash                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/577                             │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ moment                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=2.19.3                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @fabiospampinato/bump [dev]                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @fabiospampinato/bump > moment                               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/532                             │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ moment                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=2.11.2                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @fabiospampinato/bump [dev]                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @fabiospampinato/bump > moment                               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/55                              │
└───────────────┴──────────────────────────────────────────────────────────────┘

bump version in subfolder

Hi, we've got an Java + React project with this structure:

/src => java files
/typescript => there is the package.json

is there any way to update version in package.json in subfolder?
I tried it with this bump.json on top of project files:

{
  "version": {
    "enabled": true,
    "increments": ["major", "minor", "patch", "premajor", "preminor", "prepatch", "prerelease", "custom"]
  },
  "files": {
    "./typescript/package.json": ["'(?:\"VERSION\": \")(.*)(?:\")'", "[version]", "gi"]
  },
  "changelog": {
    "enabled": true,
    "create": true,
    "open": false,
    "file": "CHANGELOG2.md",
    "version": "### Version [version]",
    "commit": "- [message]",
    "separator": "\n"
  },
  "commit": {
    "enabled": true,
    "message": "Bumped version to [version]"
  },
  "tag": {
    "enabled": true,
    "name": "[version]"
  }
}

on every test it could not find the version from the package.json and will set 0.0.0 as tag, which runs on error:
Error: Command failed: git tag 0.0.0