sindresorhus / np Goto Github PK

Problem Statement

I've become a convert to using a conventional commit format when squashing commits on my various OSS projects:

• with nyc and yargs I was finding it valuable to (and people requested that I) maintain a CHANGELOG:
  • it's useful for forensic analysis when bugs are released.
  • it helps communicate outwards to the community about the work you're doing.
• unfortunately, I found that CHANGELOG maintenance was a nuisance -- it would add several minutes (at best) to the release cycle while I groomed the file, and collected information for it.

I wanted a CHANGELOG, but I didn't want to put work into maintaining it!

The Solution

• I don't require that contributors to the project use a special commit format.
• I take advantage of GitHub's squash button, and craft a formatted message while I land pull requests (this adds almost no cycles to my workflow).
• I currently use the standard-version tool to cut a release from the git history that has been landed.

Here's what you end up with:

https://github.com/yargs/yargs/blob/master/CHANGELOG.md

Proposal

• it would be great if we could add CHANGELOG support to np.
• rather than requiring this functionality (I understand not everyone will want to craft commit messages) we could add a new option flag --changelog?

Why?

Various folks in the conventional-changelog org have expressed an interest in working together more closely with you (CC: @nexdrew, @Tapppi).

Personally, I'd like to find ways to continue standardizing on commit message format/release management. I'm excited by projects like @boennemann's semantic-release, I've also been talking to the folks at coveralls.io about the idea of creating activity feeds for your coverage history based on parsing this format (CC: @nickmerwin, @anjin).

tldr; there's lots of cool stuff happening around CI/CD right now, and we should try to work together as much as possible.

I want to write more tests but testing this library is a little bit tricky. I see two options here.

1. Mock the execa calls
2. Checkout sindre-playground and run np

The first one doesn't really feel quite ok. Option number 2 looks much better but will create a lot of releases and noise.

Any other suggestions for adding more tests?

I was just wondering, why wasn't it written with node instead? Probably because it started out small. But I was looking into the issues and I think that switching to node would make things easier to implement. Just wanted your opinion, close if you think it doesn't makes sense :).

I release most modules using NPM and Bower but I just realized that the bower package version doesn't get bumped when releasing. Is this by design?

I've been starting to maintain a changelog in some of my projects, and I would have liked to have one single commit for both the changelog update and the release bump (while still using np obviously, it's pretty neat).

Currently, I don't think this is possible with np, except if I missed something.

I generally would like to run np with the --skip-cleanup options, but would not like to pass it to the command every time. Would be useful to have a way to configure this on project level, maybe in a config file.

Per npm/npm#5082 (comment)

Should be fixed in latest npm releases.

Though perhaps, if it's node 6, you should validate the npm version before proceeding.

Running into a tricky situation with our modules that are published to private git repos:

1. Starting with a clean master, run np patch
2. np does dirty checking and everything is legit, moves on
3. As a prerequisite to running the tests we do a build of the module which changes some of the dist files
4. When np gets to the npm version step this step fails because the tree is now dirty

This is an unfortunate side effect of a) having dist files that we only want to update as part of a publish and b) having to commit those dist files to git because we npm install out of git.

I think what we need is to be able to npm version --force which as per the docs will skip the dirty check.

I'm hesitant to set force: true in npmrc or the package.json because:

1. we'd have to do that on every repo we want to publish
2. force applies to more than just the version command

Any thoughts on how we could support this? I'm trying to think how we can avoid adding another flag to np but am struggling to find a better idea. I'm quite happy to contribute the solution, just wanted to gather some input on what that solution should be first 👍

This can occur if the previous np call was aborted.

trash node_modules
np

Error: Command failed: /Users/JM/.nvm/versions/node/v5.3.0/lib/node_modules/np/node_modules/trash/lib/osx-trash
Specify one or more paths

    at ChildProcess.exithandler (child_process.js:213:12)
    at emitTwo (events.js:87:13)
    at ChildProcess.emit (events.js:172:7)
    at maybeClose (internal/child_process.js:818:16)
    at Socket.<anonymous> (internal/child_process.js:319:11)
    at emitOne (events.js:77:13)
    at Socket.emit (events.js:169:7)
    at Pipe._onclose (net.js:469:12)

Because of the npm publish bug, I guess it would be nice to check if the node version is >=6 and if that's the case, fail and suggest to downgrade.

@watson has this awesome package that adds lat and long to the package.json when you update. Would you be interested in a PR to add this to np?

https://github.com/watson/geopkg

I just found this repo through "node weekly" and love the idea. Your README mentions npm lifecycle hooks but seems to describe only a command-line interface? I would like to keep using the command npm publish but add "prepublish" and "postpublish" hooks corresponding to the steps that np performs before and after the actual publishing. Can I use np in those hooks to script only the specific steps? If that's possible, can you provide examples in your documentation? If not, is it on the roadmap?

Really cool module! I would love to start using this since I always forget to run npm publish. The only thing that got me a bit scared was the git pull --rebase.

I guessed that you are using this to make sure that the working tree is clean (git pull errors out otherwise; i think?) and that changes are synced with upstream (in this case I guess; that all remote changes are present locally).

Maybe it would be better to check for the cases specifically and warn the user?

@if test 0 -ne `git status --porcelain | wc -l` ; then \
  echo "Unclean working tree. Commit or stash changes first." >&2 ; \
  exit 128 ; \
  fi

@if test 0 -ne `git fetch ; git status | grep '^# Your branch' | wc -l` ; then \
  echo "Local/Remote history differs. Please push/pull changes." >&2 ; \
  exit 128 ; \
  fi

I found the code in rlidwka/url-unshort, Makefile

Can all the git tasks be executed concurrently? Since [email protected] we can now set the concurrent option to true. Same goes for the prerequisite tasks which should be extracted into a sublist in order to implement #70.

So you make some cool changes and you are excited to release, with np at your side to scratch your trigger finger. Everything goes fine until you realize that you weren't on master at the time. You go to merge in your branch, but there are conflicts or you find out that some things that were supposed to be in the release didn't make it in. Hopefully the test suite has integration tests and the release isn't actually broken. But at the very least, you have to publish again. Hopefully the second release can simply be a patch (master didn't contain any new features or breaking changes), otherwise your dependents are more likely to get something weird.

To protect against this, I propose that np checks whether you are on master before proceeding. That may not be everyone's workflow, so it could be opt-out, but I think it's how the vast majority of np users release.

Happy to do a PR for this if there is interest.

I am writing a chrome extension and i want to update version in manifest.json too with package.json. Maybe an option to pass the path to manifest.json and get it updated will be great.

When I use np, I always get the following message (v1.0.2 --> v1.1.0 here)

v1.1.0
npm ERR! publish Failed PUT 403
npm ERR! Linux 4.2.0-35-generic
npm ERR! argv "/home/jeroen/.nvm/versions/node/v5.9.0/bin/node" "/home/jeroen/.nvm/versions/node/v5.9.0/bin/npm" "publish"
npm ERR! node v5.9.0
npm ERR! npm  v3.7.3
npm ERR! code E403

npm ERR! "You cannot publish over the previously published version 1.1.0." : lib-upgrader
npm ERR! 
npm ERR! If you need help, you may report this error at:
npm ERR!     <https://github.com/npm/npm/issues>

npm ERR! Please include the following file with any support request:
npm ERR!     /home/jeroen/dev/lib-upgrader/npm-debug.log

The previous version did not exist, and it gets published all right, but somehow it attempts to publish the version twice (then crashes and does not push to the remote).

This is useful for the first publish and whenever the version was already changed.

See: #44

Cannot use np. When I try to publish I get the following errors:

↳ np patch
 ✖ Prerequisite check
   Git
   Cleanup
   Installing dependencies
   Running tests
   Bumping version
   Publishing package
   Pushing tags

[email protected] has known issues publishing when running Node.js 6. Please upgrade npm or downgrade Node and publish again. https://github.com/npm/npm/issues/5082

However:

↳ npm --version
3.10.5
↳ which npm
/Users/todd/src/nvm/versions/node/v6.3.0/bin/npm
↳ npm ls -g npm
/Users/todd/src/nvm/versions/node/v6.3.0/lib
└── [email protected]
↳ nvm ls
->       v6.3.0
         system
↳ grep \"version\"  ~/src/nvm/versions/node/v6.3.0/lib/node_modules/npm/package.json
  "version": "3.10.5"

np 0.0.1 fails on Publishing package step.
√ Prerequisite check
√ Git
√ Cleanup
√ Installing dependencies
√ Running tests
√ Bumping version
? Publishing package
Pushing tags

spawn undefined ENOENT

Manual npm publish --access public works ok.
https://docs.npmjs.com/misc/scope#publishing-public-scoped-packages-to-the-public-npm-registry

#64 (comment)

If the Git tag for the version already exists, np will fail, but only after bumping the version in the package.json and pushing a new commit to master.

Hiya - any interesting in adding an option to publish under a given dist-tag? Akin to npm publish --tag beta, etc.

If .travis.yml exists, use the Travis API to verify the build for the latest commit has passed (this should come after ensuring the latest commit has been pulled down).

Same thing if appveyor.yml exits, use the AppVeyor API.

Both API's provide the commit sha, so it should be fairly easy.

If the CI build is pending, it would be really cool if we just awaited the build result (instead of failing). That way you could merge a commit into master and execute np immediately, knowing it will wait for CI to finish before actually publishing.

Since GitHub now supports signed commits and tags, the ability to pass in the -S flag to git would come in handy, IMO.

Sometimes I create a demo and have gh-pages as the default branch instead of master. Could this be worked into the tool? maybe as an option.

I suspect that np hangs when trying to commit the version bump because I have signing required. It does not prompt for my passphrase and just hangs.

execa should honor the inherit option (if not, it should).

It's annoying not to be able to see what is happening.

It looks to be a solid workaround for npm/npm#5082. Should obviously put it in place afterwards.

It'd be great if np could report on what it's doing. With larger packages, it can hang for quite a while on several of the steps, and checking running processes isn't the best UX. I'd be happy to create a PR.

Is there a preferred reporter module? I.e., something that wraps console.log with timestamping, colors, whatever? I checked awesome-nodejs but couldn't find anything exactly for this purpose.

It's probably best if we make index.js export an EventEmitter and make cli.js do the actual reporting.

Full install & attempted run log:

$ npm install -g np                                                                                                                                                                     
/usr/local/bin/np -> /usr/local/lib/node_modules/np/np.sh
npm WARN unmet dependency /usr/local/lib/node_modules/jscs/node_modules/to-double-quotes/node_modules/meow/node_modules/indent-string requires get-stdin@'^4.0.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/jscs/node_modules/to-double-quotes/node_modules/get-stdin,
npm WARN unmet dependency which is version 3.0.2
npm WARN unmet dependency /usr/local/lib/node_modules/jscs/node_modules/to-single-quotes/node_modules/meow/node_modules/indent-string requires get-stdin@'^4.0.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/jscs/node_modules/to-single-quotes/node_modules/get-stdin,
npm WARN unmet dependency which is version 3.0.2
npm WARN unmet dependency /usr/local/lib/node_modules/livedown/node_modules/socket.io/node_modules/engine.io requires debug@'1.0.3' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/livedown/node_modules/socket.io/node_modules/debug,
npm WARN unmet dependency which is version 2.1.0
npm WARN unmet dependency /usr/local/lib/node_modules/livedown/node_modules/socket.io/node_modules/socket.io-parser requires debug@'0.7.4' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/livedown/node_modules/socket.io/node_modules/debug,
npm WARN unmet dependency which is version 2.1.0
npm WARN unmet dependency /usr/local/lib/node_modules/livedown/node_modules/socket.io/node_modules/socket.io-client requires debug@'0.7.4' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/livedown/node_modules/socket.io/node_modules/debug,
npm WARN unmet dependency which is version 2.1.0
npm WARN unmet dependency /usr/local/lib/node_modules/livedown/node_modules/socket.io/node_modules/socket.io-adapter requires debug@'1.0.2' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/livedown/node_modules/socket.io/node_modules/debug,
npm WARN unmet dependency which is version 2.1.0
[email protected] /usr/local/lib/node_modules/np
└── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
$ np                                                                                                                                                                              
Failed to execute process '/usr/local/bin/np'. Reason:
exec: Exec format error
The file '/usr/local/bin/np' is marked as an executable but could not be run by the operating system.

If package.json is at say v1.2.3 but a tag exists for v1.2.4, this is probably a mistake. Could np detect when tags have got ahead of package.json and offer an interactive dialog inviting the user to either remove the tag before publishing or to publish at the next available tag semver?

Surely it's quite dangerous - could lead to a breaking change being released as a patch by mistake. Wouldn't it be better to exit with a message on what the acceptable values are?

Would be cool to have an interactive UI when np is run without arguments. Where you can quickly choose patch, minor, etc, and also have the info about which version you're going from and to.

Similar to this gif: https://raw.githubusercontent.com/bjoerge/cut-release/master/demo.gif

Can easily be done with Inquirer.js.

Pull request welcome :)

Running np --help currently runs thru all the steps, but running npm version --help, found this one out the hard way 😆

I think it would be a great idea to start by validating that $1 is a valid bump specification.

This looks great! Would entertain the option to set the branch name? I like to use release vs master.

Firstly, thank you for this module, it's a great time saver : )

I've noticed that this line that trashes the node_modules directory doesn't seem to do anything. Though, no error is raised I believe because of the stdout redirection to /dev/null.

I've been able to verify this by modifying the global np.sh script by removing the npm install command, the rest of the script still works (the node_modules directory was never trashed).

❯ node -v
v5.1.1

❯ npm -v
3.5.1

Perhaps this broke with the npm@3 release?

Edit: I've tried to work on a patch, too, but seem to have run out of luck getting it to work.

Edit 2: I was able to get it working changing the call to /usr/local/lib/node_modules/np/node_modules/.bin/trash but that feels kinda hacky.

I am thinking it would be an interesting way to allow for manual tests (like AVA's visual tests).

Heya, I've been using the gist version of this for a while. Has anything changed from the gist, or is it just the same script in a repo?

Issue

While executing np major, a git-related error occurs while trying to push to GitHub.

$ np major
[ ... ]
fatal: You didn't specify any refspecs to push, and push.default is "nothing".
 ✖ Exitted with status 128.

Cause

This line does not specify the remote nor the branch, which is mandatory when having this in ~/.gitconfig:

[push]
  default = nothing

Reproduce bug

$ git config --global push.default nothing
$ np major

Possible fix

Make sure the remote and the branch are both specified:

exec('git', ['push', 'origin', 'master', '--follow-tags']);

While doing publishing or some cli based task the following bug happens.
My versions are:

$ npm -v
2.15.5
$ node -v
v4.4.6

Not sure about the name, but a flag to skip reinstalling dependencies. Sometimes I'm on a really slow network and just need to get out a release fast and willing to YOLO.

Meaning, dependencies required/imported in the module, but not defined in dependencies. To ensure I don't publish a release that has the dependency incorrectly in the devDependencies field. Like in the sindresorhus/grunt-concurrent#85 case. Could maybe be a ESLint rule.

I know that this will mess-up the whole idea of:

A better npm publish

but it will be awesome if the npm publish step can be disabled, so it can be used also for local modules/projects. For example by checking the private field of package.json.

My devDependencies take forever to download (Lots of Babel and ESLint packages).

node_modules are ignored by npm internally, and it's very common to .gitignore them too. So this isn't really beneficial in my eyes... It's basically just deleting and then downloading what I already had, and then not publishing them anyways.

It'd be nice if there were a flag to disable it so I didn't have to wait a long while for it to redownload my deps, such as --keep.