npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

semantic-release-npm-github

v5.0.0

Published

Shareable configuration for automated package publication to NPM and GitHub using semantic-release, tailored for OSS projects

Downloads

808

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sinediedsinedied

Keywords

semantic-releasesemantic-release-configchangelogpublishreleasenpmgithubgit

Readme

:robot: semantic-release-npm-github

NPM version Build Status XO code style License

Shareable configuration automated package publication to NPM and GitHub using semantic-release, tailored for OSS projects.

Release workflow

Install

  1. Install semantic-release
npm install --save-dev semantic-release
  1. Install this package:
npm install --save-dev semantic-release-npm-github
  1. Add a semantic release config in your package.json file:
{
  "extends": "semantic-release-npm-github",
  "branch": "main"
}

Usage

Once everything is installed, you can test your config with a dry run:

npx semantic-release --dry-run

What you'll probably want to do next is configure a GitHub workflow to run your tests and publish new versions automatically.

Here's a example workflow configuration that runs your tests and publishes a new version for new commits on main branch:

name: release
on:
  push:
    branches:
      - main

jobs:
  test:
    name: Run tests
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-node@v1
        with:
          node-version: '>=14'
      - run: |
          npm ci
          npm test
        env:
          CI: true

  release:
    name: Publish release
    needs: test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-node@v1
        with:
          node-version: '>=14'
      - run: |
          npm ci
          npm build --if-present
        env:
          CI: true
      - run: npx semantic-release
        if: success()
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

In addition, for this workflow to work correctly you have to generate an NPM authentication token and set it to the NPM_TOKEN secret in your GitHub repository.

Note on GitHub protected branches

If you're releasing a GitHub protected branch you need to change the git commiter to an owner/admin and allow repo admins to bypass the branch protection (make sure "include administrators" is disabled in the branch protection rules.)

If your repo is under an organisation, you can create a bot account and give it admin rights on the repo. If your repo is under a personal account, you have no choice to make the repo owner the commiter for the release.

Either way, you have to create a GitHub personal access token for the commiter account and give it the "repo" access rights. Then set it to the GH_TOKEN secret in your GitHub repository.

Finally, make these two changes to your workflow:

...
    - uses: actions/checkout@v2
      # Add this to commit with a different account than the one
      # used for checkout
      with:
        persist-credentials: false
...
    - run: npx semantic-release
      if: success()
      env:
        # Change the secret used here
        GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
        NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
        # Add this to set the new commiter for the release
        GIT_COMMITTER_NAME: admin-or-owner
        GIT_COMMITTER_EMAIL: [email protected]

Note: GitHub secrets not shared with forks and pull requests, so no one that doesn't have write access to your repo can use of them.