{"id":15497498,"url":"https://github.com/bcomnes/npm-bump","last_synced_at":"2025-04-22T22:14:14.546Z","repository":{"id":43655485,"uuid":"293659846","full_name":"bcomnes/npm-bump","owner":"bcomnes","description":"npm version {major,minor,patch} \u0026\u0026 npm publish as an action.","archived":false,"fork":false,"pushed_at":"2023-12-04T22:38:46.000Z","size":87,"stargazers_count":16,"open_issues_count":1,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-12-25T23:03:30.346Z","etag":null,"topics":["actions","automation","gh-release","github","npm"],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/npm-bump","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bcomnes.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["bcomnes"],"custom":["https://bret.io"]}},"created_at":"2020-09-08T00:22:54.000Z","updated_at":"2024-12-21T03:22:59.000Z","dependencies_parsed_at":"2023-01-04T12:26:12.162Z","dependency_job_id":"4ddda966-ebde-452d-97ac-cd9da52c41f8","html_url":"https://github.com/bcomnes/npm-bump","commit_stats":{"total_commits":63,"total_committers":4,"mean_commits":15.75,"dds":"0.47619047619047616","last_synced_commit":"767c61a586c73dd74497bbdd02183010587159e5"},"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bcomnes%2Fnpm-bump","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bcomnes%2Fnpm-bump/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bcomnes%2Fnpm-bump/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bcomnes%2Fnpm-bump/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bcomnes","download_url":"https://codeload.github.com/bcomnes/npm-bump/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":231521940,"owners_count":18389472,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","automation","gh-release","github","npm"],"created_at":"2024-10-02T08:38:50.675Z","updated_at":"2024-12-27T17:50:29.022Z","avatar_url":"https://github.com/bcomnes.png","language":null,"readme":"# npm-bump\n[![GitHub tag (latest SemVer)](https://img.shields.io/github/v/tag/bcomnes/npm-bump)](https://github.com/bcomnes/npm-bump)\n[![npm bump](https://github.com/bcomnes/npm-bump/actions/workflows/release.yml/badge.svg)](https://github.com/bcomnes/npm-bump/actions/workflows/release.yml)\n[![Marketplace link](https://img.shields.io/badge/github%20marketplace-npm--bump-brightgreen)](https://github.com/marketplace/actions/npm-bump)\n\n`npm version {major,minor,patch}` \u0026\u0026 `npm publish` as an action.  Full [npm lifecycle](https://docs.npmjs.com/misc/scripts) support and [gh-release](https://ghub.io/gh-release) auth support.  Opinionated and has a few assumptions.\n\n## Usage\n\nGenerate a publish token on npm then set it as an action secret (`NPM_TOKEN` in this example).\n\n``` yaml\nname: Version and Release\n\non:\n  workflow_dispatch:\n    inputs:\n      newversion:\n        description: 'Semantic Version Bump Type (major minor patch)'\n        required: true\n\nenv:\n  node_version: lts/*\n  \nconcurrency: # prevent concurrent releases\n  group: npm-bump\n  cancel-in-progress: true\n\njobs:\n  version_and_release:\n    runs-on: ubuntu-latest\n    outputs:\n      tagName: ${{ steps.npm-bump.outputs.release_tag }}\n    steps:\n    - uses: actions/checkout@v3\n      with:\n        # fetch full history so things like auto-changelog work properly\n        fetch-depth: 0\n    - name: Use Node.js ${{ env.node_version }}\n      uses: actions/setup-node@v3\n      with:\n        node-version: ${{ env.node_version }}\n        # setting a registry enables the NODE_AUTH_TOKEN env variable where we can set an npm token.  REQUIRED\n        registry-url: 'https://registry.npmjs.org'\n    - run: npm i\n    - run: npm test\n    - name: Version and publish to npm\n      id: npm-bump\n      uses: bcomnes/npm-bump@v2\n      with:\n        git_email: bcomnes@gmail.com\n        git_username: ${{ github.actor }}\n        newversion: ${{ github.event.inputs.newversion }}\n        push_version_commit: true # if your prePublishOnly step pushes git commits, you can omit this input or set it to false.\n        github_token: ${{ secrets.GITHUB_TOKEN }} # built in actions token.  Passed tp gh-release if in use.\n        npm_token: ${{ secrets.NPM_TOKEN }} # user set secret token generated at npm\n    - run: echo ${{ steps.npm-bump.outputs.release_tag }}\n```\n\nThis will give you a push-button triggered action that runs `npm version {major,minor,patch}`, `git push --follow-tags` and finally `npm publish`.\n\nIt is advisable to set a `prePublishOnly` lifecycle hook that runs, at a minimum, git commit pushing, so that local runs of `npm version \u0026\u0026 npm publish` will push the version commits to git the same way as this action will.\n\n```json\n{\n  \"scripts\": {\n    \"prepublishOnly\": \"git push --follow-tags\"\n  }\n}\n```\n\nWith that lifecycle set, you can omit the `push_version_commit` input, or set it to false.\n\nThe following dependencies and npm lifecycle scripts are recommended for a fully automated release process that includes:\n\n- changelog generation\n- github release creation with changelog contents\n- automated action based package publishing\n- parity with a local release process (you can still run npm version \u0026\u0026 npm publish and get all of the above benefits)\n- See [swyx's](https://dev.to/swyx/semi-automatic-npm-and-github-releases-with-gh-release-and-auto-changelog-4b5a) article for a more in depth description.\n\n```json\n{\n  \"devDependencies\": {\n    \"auto-changelog\": \"^1.16.2\",\n    \"gh-release\": \"^3.5.0\"\n  },\n  \"scripts\": {\n    \"prepublishOnly\": \"git push --follow-tags \u0026\u0026 gh-release -y\",\n    \"version\": \"auto-changelog -p --template keepachangelog auto-changelog --breaking-pattern 'BREAKING CHANGE:' \u0026\u0026 git add CHANGELOG.md\"\n  }\n}\n```\n\nAdditionally, you should run your tests in order to block a release that isn't passing.  Automate only when green.\n\n### Inputs\n\n- `git_email` (**REQUIRED**): The email address used to create the version commit with.\n- `git_username` (**REQUIRED**): The name to use for the version commit. e.g. github.actor\n- `newversion` (**REQUIRED**): The version bump type to perform (e.g. major, minor, path). See npm version docs for more info.  Pass this as an interactive variable.\n- `push_version_commit` (Default: `false`): Run `git push --follow-tags` after running `npm version`.  Enable this if you don't configure a prepublishOnly hook that pushes git commits.\n- `publish_cmd` (Default: `npm publish`): The command to run after npm version.  Useful if you are just using npm to version a package, but not publish to npm (like an action).\n- `github_token`: Pass the secrets.GITHUB_TOKEN to enable gh-release capabilities.\n- `npm_token`: An npm token scoped for publishing.  Required in most cases.  Used to create the release.\n\n### Outputs\n\n- `release_tag`: The name of the created git tag as described by git describe --tags\n\n## FAQ\n\n### I keep getting \"Git working directory not clean\" errors\n\nSomething about your workflow is creating or modifying files before versioning. \n\nThings to check for:\n\n- Is your package-lock.json (or equivalent) getting modified in preparation to versioning? Considder adding these to your `.gitignore` as lock files provide a less [realistic environment](https://github.com/sindresorhus/ama/issues/479#issuecomment-310661514) to work around in modules.\n- Adding a simple `git status` step prior to the npm bump step might reveal which files are blocking the publish.\n- For files that get modified during the version step, you can stage them along side your release in the `version` lifecycle event. \n\n### I'm getting 404/bad auth errors on npm.  Why?\n\nYou must set the `registry-url` input on the `actions/setup-node` action to 'https://registry.npmjs.org' at a minimum.  Github actions does some wacky stuff to `.npmrc` like setting up a `NODE_AUTH_TOKEN` input for the npm token.  `npm-bump` takes advantage of this behavior so its an assumed requirement. See [this article](https://docs.github.com/en/actions/language-and-framework-guides/publishing-nodejs-packages) for more info on this bizarre behavior.   Also if you script modifications to a local `.npmrc`, this can mess up the `actions/setup-node` configuration.\n\n### Can I publish to the github registry?\n\nYes, just pass `secrets.GITHUB_TOKEN` as the `npm_token` input, and set your registry endpoint to `https://npm.pkg.github.com` in the `actions/setup-node` action.\n\n### Can I consume private Github packages from other repos?\n\nYes, but you have to create a new Github machine account, create a Personal Access Token, store it as an action secret, and then use that as the `npm_token`.  Kind of a PITA.\n\n### Can publish to both npm and github?\n\nNo, not right now.  I couldn't think of why this would be a good reason.  Open an issue if you have ideas.\n\n### Do I have to publish to a registry?\n\nNope, you can completely override the `npm publish` command with whatever you want (e.g. `npm run release` which can run whatever you want related to a release.)  This enables you to publish to things like the Github marketplace, create github releases etc.\n\n### Can you offer a major version tag/branch alias?  I want automatic updates!\n\nYes. npm-bump now offers a major version ref you can install with.\n\n### Why isn't npm-bump running tests anymore?\n\nTesting node stuff is usually straight forward (`npm test`).  Sometimes though, its not.  Leaving the test responsibilities to the consumer makes the action file more clear.\n\n### Why isn't npm-bump installing dependencies anymore?\n\nSome projects don't need dependencies to release.  Sometimes install steps require external system dependencies.  It was decided to keep the install step inside the action consumer scope in order to increase clarity around what is happening.\n\n## License\n\nMIT\n","funding_links":["https://github.com/sponsors/bcomnes","https://bret.io"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbcomnes%2Fnpm-bump","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbcomnes%2Fnpm-bump","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbcomnes%2Fnpm-bump/lists"}